diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/KeyVaultAccessControlAsyncClient.java b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/KeyVaultAccessControlAsyncClient.java index a6b0ba6cf7d7..30064c54991d 100644 --- a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/KeyVaultAccessControlAsyncClient.java +++ b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/KeyVaultAccessControlAsyncClient.java @@ -18,19 +18,30 @@ import com.azure.core.util.logging.ClientLogger; import com.azure.security.keyvault.administration.implementation.KeyVaultAccessControlClientImpl; import com.azure.security.keyvault.administration.implementation.KeyVaultAccessControlClientImplBuilder; +import com.azure.security.keyvault.administration.implementation.KeyVaultAdministrationUtils; import com.azure.security.keyvault.administration.implementation.KeyVaultErrorCodeStrings; +import com.azure.security.keyvault.administration.implementation.models.DataAction; import com.azure.security.keyvault.administration.implementation.models.Permission; import com.azure.security.keyvault.administration.implementation.models.RoleAssignment; import com.azure.security.keyvault.administration.implementation.models.RoleAssignmentCreateParameters; import com.azure.security.keyvault.administration.implementation.models.RoleAssignmentProperties; import com.azure.security.keyvault.administration.implementation.models.RoleAssignmentPropertiesWithScope; import com.azure.security.keyvault.administration.implementation.models.RoleDefinition; +import com.azure.security.keyvault.administration.implementation.models.RoleDefinitionCreateParameters; +import com.azure.security.keyvault.administration.implementation.models.RoleDefinitionProperties; +import com.azure.security.keyvault.administration.implementation.models.RoleScope; +import com.azure.security.keyvault.administration.implementation.models.RoleType; +import com.azure.security.keyvault.administration.models.KeyVaultDataAction; +import com.azure.security.keyvault.administration.models.KeyVaultAdministrationException; import com.azure.security.keyvault.administration.models.KeyVaultPermission; import com.azure.security.keyvault.administration.models.KeyVaultRoleAssignment; import com.azure.security.keyvault.administration.models.KeyVaultRoleAssignmentProperties; -import com.azure.security.keyvault.administration.models.KeyVaultRoleScope; import com.azure.security.keyvault.administration.models.KeyVaultRoleDefinition; import com.azure.security.keyvault.administration.models.KeyVaultRoleDefinitionProperties; +import com.azure.security.keyvault.administration.models.KeyVaultRoleDefinitionType; +import com.azure.security.keyvault.administration.models.KeyVaultRoleScope; +import com.azure.security.keyvault.administration.models.KeyVaultRoleType; +import com.azure.security.keyvault.administration.options.SetRoleDefinitionOptions; import reactor.core.publisher.Mono; import java.io.IOException; @@ -39,6 +50,7 @@ import java.util.List; import java.util.Objects; import java.util.UUID; +import java.util.stream.Collectors; import static com.azure.core.util.FluxUtil.monoError; import static com.azure.core.util.FluxUtil.withContext; @@ -47,8 +59,7 @@ /** * The {@link KeyVaultAccessControlAsyncClient} provides asynchronous methods to view and manage Role Based Access * for the Azure Key Vault. The client supports creating, listing, updating, and deleting - * {@link KeyVaultRoleAssignment role assignments}. Additionally, the client supports listing - * {@link KeyVaultRoleDefinition role definitions}. + * {@link KeyVaultRoleDefinition role definitions} and {@link KeyVaultRoleAssignment role assignments}. */ @ServiceClient(builder = KeyVaultAccessControlClientBuilder.class, isAsync = true) public final class KeyVaultAccessControlAsyncClient { @@ -84,7 +95,8 @@ public final class KeyVaultAccessControlAsyncClient { /** * Package private constructor to be used by {@link KeyVaultAccessControlClientBuilder}. */ - KeyVaultAccessControlAsyncClient(URL vaultUrl, HttpPipeline httpPipeline, KeyVaultAdministrationServiceVersion serviceVersion) { + KeyVaultAccessControlAsyncClient(URL vaultUrl, HttpPipeline httpPipeline, + KeyVaultAdministrationServiceVersion serviceVersion) { Objects.requireNonNull(vaultUrl, KeyVaultErrorCodeStrings.getErrorString(KeyVaultErrorCodeStrings.VAULT_END_POINT_REQUIRED)); @@ -94,6 +106,7 @@ public final class KeyVaultAccessControlAsyncClient { clientImpl = new KeyVaultAccessControlClientImplBuilder() .pipeline(httpPipeline) + .apiVersion(this.serviceVersion) .buildClient(); } @@ -120,9 +133,12 @@ HttpPipeline getHttpPipeline() { * {@link KeyVaultRoleScope role scope} and above. * * @param roleScope The {@link KeyVaultRoleScope role scope} of the {@link KeyVaultRoleDefinition role definitions}. + * * @return A {@link PagedFlux} containing the {@link KeyVaultRoleDefinition role definitions} for the given * {@link KeyVaultRoleScope role scope}. - * @throws NullPointerException if the {@link KeyVaultRoleScope role scope} is {@code null}. + * + * @throws KeyVaultAdministrationException If the given {@code roleScope} is invalid. + * @throws NullPointerException If the {@link KeyVaultRoleScope role scope} is {@code null}. */ @ServiceMethod(returns = ReturnType.COLLECTION) public PagedFlux listRoleDefinitions(KeyVaultRoleScope roleScope) { @@ -137,9 +153,12 @@ public PagedFlux listRoleDefinitions(KeyVaultRoleScope r * * @param roleScope The {@link KeyVaultRoleScope role scope} of the {@link KeyVaultRoleDefinition role definitions}. * @param context Additional {@link Context} that is passed through the HTTP pipeline during the service call. + * * @return A {@link PagedFlux} containing the {@link KeyVaultRoleDefinition role definitions} for the given * {@link KeyVaultRoleScope role scope}. - * @throws NullPointerException if the {@link KeyVaultRoleScope role scope} is {@code null}. + * + * @throws KeyVaultAdministrationException If the given {@code roleScope} is invalid. + * @throws NullPointerException If the {@link KeyVaultRoleScope role scope} is {@code null}. */ PagedFlux listRoleDefinitions(KeyVaultRoleScope roleScope, Context context) { return new PagedFlux<>( @@ -154,23 +173,30 @@ PagedFlux listRoleDefinitions(KeyVaultRoleScope roleScop * @param vaultUrl The URL for the Key Vault this client is associated with. * @param roleScope The {@link KeyVaultRoleScope role scope} of the {@link KeyVaultRoleDefinition}. * @param context Additional context that is passed through the HTTP pipeline during the service call. + * * @return A {@link Mono} containing a {@link PagedResponse} of {@link KeyVaultRoleDefinition role definitions} * for the given {@link KeyVaultRoleScope role scope} from the first page of results. - * @throws NullPointerException if the {@link KeyVaultRoleScope role scope} is {@code null}. + * + * @throws KeyVaultAdministrationException If the given {@code vaultUrl} or {@code roleScope} are invalid. + * @throws NullPointerException If the {@link KeyVaultRoleScope role scope} is {@code null}. */ - Mono> listRoleDefinitionsFirstPage(String vaultUrl, KeyVaultRoleScope roleScope, Context context) { - Objects.requireNonNull(roleScope, - String.format(KeyVaultErrorCodeStrings.getErrorString(KeyVaultErrorCodeStrings.PARAMETER_REQUIRED), - "'roleScope'")); - + Mono> listRoleDefinitionsFirstPage(String vaultUrl, + KeyVaultRoleScope roleScope, + Context context) { try { + Objects.requireNonNull(roleScope, + String.format(KeyVaultErrorCodeStrings.getErrorString(KeyVaultErrorCodeStrings.PARAMETER_REQUIRED), + "'roleScope'")); + return clientImpl.getRoleDefinitions() .listSinglePageAsync(vaultUrl, roleScope.toString(), null, context.addData(AZ_TRACING_NAMESPACE_KEY, KEYVAULT_TRACING_NAMESPACE_VALUE)) .doOnRequest(ignored -> logger.verbose("Listing role definitions for roleScope - {}", roleScope)) .doOnSuccess(response -> logger.verbose("Listed role definitions for roleScope - {}", roleScope)) - .doOnError(error -> logger.warning(String.format("Failed to list role definitions for roleScope - %s", - roleScope), error)) + .doOnError(error -> + logger.warning(String.format("Failed to list role definitions for roleScope - %s", roleScope), + error)) + .onErrorMap(KeyVaultAdministrationUtils::mapThrowableToKeyVaultAdministrationException) .map(KeyVaultAccessControlAsyncClient::transformRoleDefinitionsPagedResponse); } catch (RuntimeException e) { return monoError(logger, e); @@ -185,32 +211,328 @@ Mono> listRoleDefinitionsFirstPage(String * @param continuationToken The {@link PagedResponse#getContinuationToken() continuationToken} from a previous, * successful call to one of the {@code listKeyVaultRoleDefinitions} operations. * @param context Additional context that is passed through the HTTP pipeline during the service call. + * * @return A {@link Mono} containing a {@link PagedResponse} of {@link KeyVaultRoleDefinition role definitions} * for the given {@link KeyVaultRoleScope role scope} from the next page of results. + * + * @throws KeyVaultAdministrationException If the given {@code continuationToken} is invalid. */ Mono> listRoleDefinitionsNextPage(String continuationToken, Context context) { try { return clientImpl.getRoleDefinitions() - .listNextSinglePageAsync(continuationToken, context.addData(AZ_TRACING_NAMESPACE_KEY, + .listNextSinglePageAsync(continuationToken, vaultUrl, context.addData(AZ_TRACING_NAMESPACE_KEY, KEYVAULT_TRACING_NAMESPACE_VALUE)) - .doOnRequest(ignored -> logger.verbose("Listing next role definitions page - Page {}", continuationToken)) - .doOnSuccess(response -> logger.verbose("Listed next role definitions page - Page {}", continuationToken)) - .doOnError(error -> logger.warning("Failed to list next role definitions page - Page {}", - continuationToken, error)) + .doOnRequest(ignored -> + logger.verbose("Listing next role definitions page - Page {}", continuationToken)) + .doOnSuccess(response -> + logger.verbose("Listed next role definitions page - Page {}", continuationToken)) + .doOnError(error -> + logger.warning("Failed to list next role definitions page - Page {}", continuationToken, error)) + .onErrorMap(KeyVaultAdministrationUtils::mapThrowableToKeyVaultAdministrationException) .map(KeyVaultAccessControlAsyncClient::transformRoleDefinitionsPagedResponse); } catch (RuntimeException e) { return monoError(logger, e); } } + /** + * Creates or updates a {@link KeyVaultRoleDefinition} with a randomly generated {@link String name}. + * + * @param roleScope The {@link KeyVaultRoleScope role scope} of the {@link KeyVaultRoleDefinition}. Managed HSM + * only supports '/'. + * + * @return A {@link Mono} containing the created {@link KeyVaultRoleDefinition}. + * + * @throws KeyVaultAdministrationException If the given {@code roleScope} is invalid. + * @throws NullPointerException If the {@link KeyVaultRoleScope role scope} is {@code null}. + */ + @ServiceMethod(returns = ReturnType.SINGLE) + public Mono setRoleDefinition(KeyVaultRoleScope roleScope) { + return setRoleDefinition(roleScope, UUID.randomUUID().toString()); + } + + /** + * Creates or updates a {@link KeyVaultRoleDefinition}. + * + * @param roleScope The {@link KeyVaultRoleScope role scope} of the {@link KeyVaultRoleDefinition}. Managed HSM only + * supports '/'. + * @param roleDefinitionName The name of the {@link KeyVaultRoleDefinition}. It can be any valid UUID. + * + * @return A {@link Mono} containing the created {@link KeyVaultRoleDefinition}. + * + * @throws KeyVaultAdministrationException If the given {@code roleScope} is invalid. + * @throws NullPointerException If the {@link KeyVaultRoleScope role scope} or {@link String roleDefinitionName} + * are {@code null}. + */ + @ServiceMethod(returns = ReturnType.SINGLE) + public Mono setRoleDefinition(KeyVaultRoleScope roleScope, String roleDefinitionName) { + return setRoleDefinitionWithResponse(new SetRoleDefinitionOptions(roleScope, roleDefinitionName)) + .flatMap(FluxUtil::toMono); + } + + /** + * Creates or updates a {@link KeyVaultRoleDefinition}. + * + * @param options Object representing the configurable options to create or update a + * {@link KeyVaultRoleDefinition role definition}. + * + * @return A {@link Mono} containing a {@link Response} whose {@link Response#getValue() value} contains the + * created or updated {@link KeyVaultRoleDefinition}. + * + * @throws KeyVaultAdministrationException If any parameter in {@code options} is invalid. + * @throws NullPointerException If the {@link KeyVaultRoleScope role scope} or {@link String roleDefinitionName} + * in the {@link SetRoleDefinitionOptions options} object are {@code null}. + */ + @ServiceMethod(returns = ReturnType.SINGLE) + public Mono> setRoleDefinitionWithResponse(SetRoleDefinitionOptions options) { + return withContext(context -> setRoleDefinitionWithResponse(options, context)); + } + + /** + * Creates or updates a {@link KeyVaultRoleDefinition}. + * + * @param options Object representing the configurable options to create or update a + * {@link KeyVaultRoleDefinition role definition}. + * @param context Additional context that is passed through the HTTP pipeline during the service call. + * + * @return A {@link Mono} containing a {@link Response} whose {@link Response#getValue() value} contains the + * created or updated {@link KeyVaultRoleDefinition}. + * + * @throws KeyVaultAdministrationException If any parameter in {@code options} is invalid. + * @throws NullPointerException If the {@link KeyVaultRoleScope role scope} or {@link String roleDefinitionName} + * in the {@link SetRoleDefinitionOptions options} object are {@code null}. + */ + Mono> setRoleDefinitionWithResponse(SetRoleDefinitionOptions options, + Context context) { + try { + Objects.requireNonNull(options, + String.format(KeyVaultErrorCodeStrings.getErrorString(KeyVaultErrorCodeStrings.PARAMETER_REQUIRED), + "'options'")); + Objects.requireNonNull(options.getRoleScope(), + String.format(KeyVaultErrorCodeStrings.getErrorString(KeyVaultErrorCodeStrings.PARAMETER_REQUIRED), + "'options.getRoleScope()'")); + Objects.requireNonNull(options.getRoleDefinitionName(), + String.format(KeyVaultErrorCodeStrings.getErrorString(KeyVaultErrorCodeStrings.PARAMETER_REQUIRED), + "'options.getRoleDefinitionName()'")); + + List assignableScopes = null; + + if (options.getAssignableScopes() != null) { + assignableScopes = options.getAssignableScopes().stream() + .map(keyVaultRoleScope -> RoleScope.fromString(keyVaultRoleScope.toString())) + .collect(Collectors.toList()); + } + + List permissions = null; + + if (options.getPermissions() != null) { + permissions = options.getPermissions().stream() + .map(keyVaultPermission -> new Permission() + .setActions(keyVaultPermission.getActions()) + .setNotActions(keyVaultPermission.getNotActions()) + .setDataActions(keyVaultPermission.getDataActions().stream() + .map(allowedDataAction -> DataAction.fromString(allowedDataAction.toString())) + .collect(Collectors.toList())) + .setNotDataActions(keyVaultPermission.getNotDataActions().stream() + .map(notDataAction -> DataAction.fromString(notDataAction.toString())) + .collect(Collectors.toList()))) + .collect(Collectors.toList()); + } + + RoleDefinitionProperties roleDefinitionProperties = + new RoleDefinitionProperties() + .setRoleName(options.getRoleDefinitionName()) + .setRoleType(RoleType.fromString(options.getRoleType().toString())) + .setAssignableScopes(assignableScopes) + .setDescription(options.getDescription()) + .setPermissions(permissions); + RoleDefinitionCreateParameters parameters = + new RoleDefinitionCreateParameters() + .setProperties(roleDefinitionProperties); + + return clientImpl.getRoleDefinitions() + .createOrUpdateWithResponseAsync(vaultUrl, options.getRoleScope().toString(), + options.getRoleDefinitionName(), parameters, + context.addData(AZ_TRACING_NAMESPACE_KEY, KEYVAULT_TRACING_NAMESPACE_VALUE)) + .doOnRequest(ignored -> + logger.verbose("Creating role assignment - {}", options.getRoleDefinitionName())) + .doOnSuccess(response -> logger.verbose("Created role assignment - {}", response.getValue().getName())) + .doOnError(error -> + logger.warning("Failed to create role assignment - {}", options.getRoleDefinitionName(), error)) + .onErrorMap(KeyVaultAdministrationUtils::mapThrowableToKeyVaultAdministrationException) + .map(KeyVaultAccessControlAsyncClient::transformRoleDefinitionResponse); + } catch (RuntimeException e) { + return monoError(logger, e); + } + } + + /** + * Gets a {@link KeyVaultRoleDefinition}. + * + * @param roleScope The {@link KeyVaultRoleScope role scope} of the {@link KeyVaultRoleDefinition}. + * @param roleDefinitionName The name used of the {@link KeyVaultRoleDefinition}. + * + * @return A {@link Mono} containing the {@link KeyVaultRoleDefinition}. + * + * @throws KeyVaultAdministrationException If a {@link KeyVaultRoleDefinition role definition} with the given name cannot + * be found or if the given {@code roleScope} is invalid. + * @throws NullPointerException If the {@link KeyVaultRoleScope role scope} or {@link String roleDefinitionName} are + * {@code null}. + */ + @ServiceMethod(returns = ReturnType.SINGLE) + public Mono getRoleDefinition(KeyVaultRoleScope roleScope, String roleDefinitionName) { + return getRoleDefinitionWithResponse(roleScope, roleDefinitionName).flatMap(FluxUtil::toMono); + } + + /** + * Gets a {@link KeyVaultRoleDefinition}. + * + * @param roleScope The {@link KeyVaultRoleScope role scope} of the {@link KeyVaultRoleDefinition}. + * @param roleDefinitionName The name of the {@link KeyVaultRoleDefinition}. + * + * @return A {@link Mono} containing a {@link Response} whose {@link Response#getValue() value} contains the + * {@link KeyVaultRoleDefinition}. + * + * @throws KeyVaultAdministrationException If a {@link KeyVaultRoleDefinition role definition} with the given name cannot + * be found or if the given {@code roleScope} is invalid. + * @throws NullPointerException If the {@link KeyVaultRoleScope role scope} or {@link String roleDefinitionName} are + * {@code null}. + */ + @ServiceMethod(returns = ReturnType.SINGLE) + public Mono> getRoleDefinitionWithResponse(KeyVaultRoleScope roleScope, + String roleDefinitionName) { + return withContext(context -> getRoleDefinitionWithResponse(roleScope, roleDefinitionName, context)); + } + + /** + * Gets a {@link KeyVaultRoleDefinition}. + * + * @param roleScope The {@link KeyVaultRoleScope role scope} of the {@link KeyVaultRoleDefinition}. + * @param roleDefinitionName The name of the {@link KeyVaultRoleDefinition}. + * @param context Additional context that is passed through the HTTP pipeline during the service call. + * + * @return A {@link Mono} containing a {@link Response} whose {@link Response#getValue() value} contains the + * {@link KeyVaultRoleDefinition}. + * + * @throws KeyVaultAdministrationException If a {@link KeyVaultRoleDefinition role definition} with the given name cannot + * be found or if the given {@code roleScope} is invalid. + * @throws NullPointerException If the {@link KeyVaultRoleScope role scope} or {@link String roleDefinitionName} are + * {@code null}. + */ + Mono> getRoleDefinitionWithResponse(KeyVaultRoleScope roleScope, + String roleDefinitionName, Context context) { + try { + Objects.requireNonNull(roleScope, + String.format(KeyVaultErrorCodeStrings.getErrorString(KeyVaultErrorCodeStrings.PARAMETER_REQUIRED), + "'roleScope'")); + Objects.requireNonNull(roleDefinitionName, + String.format(KeyVaultErrorCodeStrings.getErrorString(KeyVaultErrorCodeStrings.PARAMETER_REQUIRED), + "'roleDefinitionName'")); + + return clientImpl.getRoleDefinitions() + .getWithResponseAsync(vaultUrl, roleScope.toString(), roleDefinitionName, + context.addData(AZ_TRACING_NAMESPACE_KEY, KEYVAULT_TRACING_NAMESPACE_VALUE)) + .doOnRequest(ignored -> logger.verbose("Retrieving role assignment - {}", roleDefinitionName)) + .doOnSuccess(response -> + logger.verbose("Retrieved role assignment - {}", response.getValue().getName())) + .doOnError(error -> + logger.warning("Failed to retrieved role assignment - {}", roleDefinitionName, error)) + .onErrorMap(KeyVaultAdministrationUtils::mapThrowableToKeyVaultAdministrationException) + .map(KeyVaultAccessControlAsyncClient::transformRoleDefinitionResponse); + } catch (RuntimeException e) { + return monoError(logger, e); + } + } + + /** + * Deletes a {@link KeyVaultRoleDefinition}. + * + * @param roleScope The {@link KeyVaultRoleScope role scope} of the {@link KeyVaultRoleDefinition}. Managed HSM + * only supports '/'. + * @param roleDefinitionName The name of the {@link KeyVaultRoleDefinition}. + * + * @return A {@link Mono} containing the deleted {@link KeyVaultRoleDefinition}. + * + * @throws KeyVaultAdministrationException If a {@link KeyVaultRoleDefinition role definition} with the given name cannot + * be found or if the given {@code roleScope} is invalid. + * @throws NullPointerException If the {@link KeyVaultRoleScope role scope} or {@link String roleDefinitionName} are + * {@code null}. + */ + @ServiceMethod(returns = ReturnType.SINGLE) + public Mono deleteRoleDefinition(KeyVaultRoleScope roleScope, String roleDefinitionName) { + return deleteRoleDefinitionWithResponse(roleScope, roleDefinitionName).flatMap(FluxUtil::toMono); + } + + /** + * Deletes a {@link KeyVaultRoleDefinition}. + * + * @param roleScope The {@link KeyVaultRoleScope role scope} of the {@link KeyVaultRoleDefinition}. + * @param roleDefinitionName The name of the {@link KeyVaultRoleDefinition}. + * + * @return A {@link Mono} containing a {@link Response} whose {@link Response#getValue() value} contains the deleted + * {@link KeyVaultRoleDefinition}. + * + * @throws KeyVaultAdministrationException If a {@link KeyVaultRoleDefinition role definition} with the given name cannot + * be found or if the given {@code roleScope} is invalid. + * @throws NullPointerException If the {@link KeyVaultRoleScope role scope} or {@link String roleDefinitionName} are + * {@code null}. + */ + @ServiceMethod(returns = ReturnType.SINGLE) + public Mono> deleteRoleDefinitionWithResponse(KeyVaultRoleScope roleScope, + String roleDefinitionName) { + return withContext(context -> deleteRoleDefinitionWithResponse(roleScope, roleDefinitionName, context)); + } + + /** + * Deletes a {@link KeyVaultRoleDefinition}. + * + * @param roleScope The {@link KeyVaultRoleScope role scope} of the {@link KeyVaultRoleDefinition}. + * @param roleDefinitionName The name of the {@link KeyVaultRoleDefinition}. + * @param context Additional context that is passed through the HTTP pipeline during the service call. + * + * @return A {@link Mono} containing a {@link Response} whose {@link Response#getValue() value} contains the deleted + * {@link KeyVaultRoleDefinition}. + * + * @throws KeyVaultAdministrationException If a {@link KeyVaultRoleDefinition role definition} with the given name cannot + * be found or if the given {@code roleScope} is invalid. + * @throws NullPointerException If the {@link KeyVaultRoleScope role scope} or {@link String roleDefinitionName} are + * {@code null}. + */ + Mono> deleteRoleDefinitionWithResponse(KeyVaultRoleScope roleScope, + String roleDefinitionName, + Context context) { + try { + Objects.requireNonNull(roleScope, + String.format(KeyVaultErrorCodeStrings.getErrorString(KeyVaultErrorCodeStrings.PARAMETER_REQUIRED), + "'roleScope'")); + Objects.requireNonNull(roleDefinitionName, + String.format(KeyVaultErrorCodeStrings.getErrorString(KeyVaultErrorCodeStrings.PARAMETER_REQUIRED), + "'roleDefinitionName'")); + + return clientImpl.getRoleDefinitions() + .deleteWithResponseAsync(vaultUrl, roleScope.toString(), roleDefinitionName, + context.addData(AZ_TRACING_NAMESPACE_KEY, KEYVAULT_TRACING_NAMESPACE_VALUE)) + .doOnRequest(ignored -> logger.verbose("Deleting role assignment - {}", roleDefinitionName)) + .doOnSuccess(response -> logger.verbose("Deleted role assignment - {}", response.getValue().getName())) + .doOnError(error -> logger.warning("Failed to delete role assignment - {}", roleDefinitionName, error)) + .onErrorMap(KeyVaultAdministrationUtils::mapThrowableToKeyVaultAdministrationException) + .map(KeyVaultAccessControlAsyncClient::transformRoleDefinitionResponse); + } catch (RuntimeException e) { + return monoError(logger, e); + } + } + /** * Lists all {@link KeyVaultRoleAssignment role assignments} that are applicable at the given * {@link KeyVaultRoleScope role scope} and above. * * @param roleScope The {@link KeyVaultRoleScope role scope} of the {@link KeyVaultRoleAssignment}. + * * @return A {@link PagedFlux} containing the {@link KeyVaultRoleAssignment role assignments} for the given * {@link KeyVaultRoleScope role scope}. - * @throws NullPointerException if the {@link KeyVaultRoleScope role scope} is {@code null}. + * + * @throws KeyVaultAdministrationException If the given {@code roleScope} is invalid. + * @throws NullPointerException If the {@link KeyVaultRoleScope role scope} is {@code null}. */ @ServiceMethod(returns = ReturnType.COLLECTION) public PagedFlux listRoleAssignments(KeyVaultRoleScope roleScope) { @@ -225,9 +547,12 @@ public PagedFlux listRoleAssignments(KeyVaultRoleScope r * * @param roleScope The {@link KeyVaultRoleScope role scope} of the {@link KeyVaultRoleAssignment}. * @param context Additional context that is passed through the HTTP pipeline during the service call. + * * @return A {@link PagedFlux} containing the {@link KeyVaultRoleAssignment role assignments} for the given * {@link KeyVaultRoleScope role scope}. - * @throws NullPointerException if the {@link KeyVaultRoleScope role scope} is {@code null}. + * + * @throws KeyVaultAdministrationException If the given {@code roleScope} is invalid. + * @throws NullPointerException If the {@link KeyVaultRoleScope role scope} is {@code null}. */ PagedFlux listRoleAssignments(KeyVaultRoleScope roleScope, Context context) { return new PagedFlux<>( @@ -242,23 +567,30 @@ PagedFlux listRoleAssignments(KeyVaultRoleScope roleScop * @param vaultUrl The URL for the Key Vault this client is associated with. * @param roleScope The {@link KeyVaultRoleScope role scope} of the {@link KeyVaultRoleAssignment}. * @param context Additional context that is passed through the HTTP pipeline during the service call. + * * @return A {@link Mono} containing a {@link PagedResponse} of {@link KeyVaultRoleAssignment role assignments} * in the given {@link KeyVaultRoleScope role scope} from the first page of results. - * @throws NullPointerException if the {@link KeyVaultRoleScope role scope} is {@code null}. + * + * @throws KeyVaultAdministrationException If the given {@code vaultUrl} or {@code roleScope} are invalid. + * @throws NullPointerException If the {@link KeyVaultRoleScope role scope} is {@code null}. */ - Mono> listRoleAssignmentsFirstPage(String vaultUrl, KeyVaultRoleScope roleScope, Context context) { - Objects.requireNonNull(roleScope, - String.format(KeyVaultErrorCodeStrings.getErrorString(KeyVaultErrorCodeStrings.PARAMETER_REQUIRED), - "'roleScope'")); - + Mono> listRoleAssignmentsFirstPage(String vaultUrl, + KeyVaultRoleScope roleScope, + Context context) { try { + Objects.requireNonNull(roleScope, + String.format(KeyVaultErrorCodeStrings.getErrorString(KeyVaultErrorCodeStrings.PARAMETER_REQUIRED), + "'roleScope'")); + return clientImpl.getRoleAssignments() .listForScopeSinglePageAsync(vaultUrl, roleScope.toString(), null, context.addData(AZ_TRACING_NAMESPACE_KEY, KEYVAULT_TRACING_NAMESPACE_VALUE)) .doOnRequest(ignored -> logger.verbose("Listing role assignments for roleScope - {}", roleScope)) .doOnSuccess(response -> logger.verbose("Listed role assignments for roleScope - {}", roleScope)) - .doOnError(error -> logger.warning(String.format("Failed to list role assignments for roleScope - %s", - roleScope), error)) + .doOnError(error -> + logger.warning(String.format("Failed to list role assignments for roleScope - %s", roleScope), + error)) + .onErrorMap(KeyVaultAdministrationUtils::mapThrowableToKeyVaultAdministrationException) .map(KeyVaultAccessControlAsyncClient::transformRoleAssignmentsPagedResponse); } catch (RuntimeException e) { return monoError(logger, e); @@ -272,18 +604,24 @@ Mono> listRoleAssignmentsFirstPage(String * @param continuationToken The {@link PagedResponse#getContinuationToken() continuationToken} from a previous, * successful call to one of the {@code listKeyVaultRoleAssignments} operations. * @param context Additional context that is passed through the HTTP pipeline during the service call. + * * @return A {@link Mono} containing a {@link PagedResponse} of {@link KeyVaultRoleAssignment role assignments} * for the given {@link KeyVaultRoleScope role scope} from the first page of results. + * + * @throws KeyVaultAdministrationException If the given {@code continuationToken} is invalid. */ Mono> listRoleAssignmentsNextPage(String continuationToken, Context context) { try { return clientImpl.getRoleAssignments() - .listForScopeNextSinglePageAsync(continuationToken, context.addData(AZ_TRACING_NAMESPACE_KEY, - KEYVAULT_TRACING_NAMESPACE_VALUE)) - .doOnRequest(ignored -> logger.verbose("Listing next role assignments page - Page {}", continuationToken)) - .doOnSuccess(response -> logger.verbose("Listed next role assignments page - Page {}", continuationToken)) + .listForScopeNextSinglePageAsync(continuationToken, vaultUrl, + context.addData(AZ_TRACING_NAMESPACE_KEY, KEYVAULT_TRACING_NAMESPACE_VALUE)) + .doOnRequest(ignored -> + logger.verbose("Listing next role assignments page - Page {}", continuationToken)) + .doOnSuccess(response -> + logger.verbose("Listed next role assignments page - Page {}", continuationToken)) .doOnError(error -> logger.warning("Failed to list next role assignments page - Page {}", continuationToken, error)) + .onErrorMap(KeyVaultAdministrationUtils::mapThrowableToKeyVaultAdministrationException) .map(KeyVaultAccessControlAsyncClient::transformRoleAssignmentsPagedResponse); } catch (RuntimeException e) { return monoError(logger, e); @@ -296,29 +634,40 @@ Mono> listRoleAssignmentsNextPage(String c * @param roleScope The {@link KeyVaultRoleScope role scope} of the {@link KeyVaultRoleAssignment} to create. * @param roleDefinitionId The {@link KeyVaultRoleDefinition role definition} ID for the role assignment. * @param principalId The principal ID assigned to the role. This maps to the ID inside the Active Directory. + * * @return A {@link Mono} containing the created {@link KeyVaultRoleAssignment}. - * @throws NullPointerException if the {@link KeyVaultRoleScope role scope}, {@link String roleAssignmentName}, + * + * @throws KeyVaultAdministrationException If the given {@code roleScope}, {@code roleDefinitionId} or {@code principalId} + * are invalid. + * @throws NullPointerException If the {@link KeyVaultRoleScope role scope}, {@link String roleAssignmentName}, * {@link String roleDefinitionId} or {@link String principalId} are {@code null}. */ @ServiceMethod(returns = ReturnType.SINGLE) - public Mono createRoleAssignment(KeyVaultRoleScope roleScope, String roleDefinitionId, String principalId) { - return createRoleAssignment(roleScope, UUID.randomUUID().toString(), roleDefinitionId, principalId); + public Mono createRoleAssignment(KeyVaultRoleScope roleScope, String roleDefinitionId, + String principalId) { + return createRoleAssignment(roleScope, roleDefinitionId, principalId, UUID.randomUUID().toString()); } /** * Creates a {@link KeyVaultRoleAssignment}. * * @param roleScope The {@link KeyVaultRoleScope role scope} of the {@link KeyVaultRoleAssignment} to create. - * @param roleAssignmentName The name used to create the {@link KeyVaultRoleAssignment}. It can be any valid UUID. * @param roleDefinitionId The {@link KeyVaultRoleDefinition role definition} ID for the role assignment. * @param principalId The principal ID assigned to the role. This maps to the ID inside the Active Directory. + * @param roleAssignmentName The name used to create the {@link KeyVaultRoleAssignment}. It can be any valid UUID. + * * @return A {@link Mono} containing the created {@link KeyVaultRoleAssignment}. - * @throws NullPointerException if the {@link KeyVaultRoleScope role scope}, {@link String roleAssignmentName}, + * + * @throws KeyVaultAdministrationException If a {@link KeyVaultRoleAssignment role assignment} with the given name already + * exists or if the given {@code roleScope}, {@code roleDefinitionId} or {@code principalId} are invalid. + * @throws NullPointerException If the {@link KeyVaultRoleScope role scope}, {@link String roleAssignmentName}, * {@link String roleDefinitionId} or {@link String principalId} are {@code null}. */ @ServiceMethod(returns = ReturnType.SINGLE) - public Mono createRoleAssignment(KeyVaultRoleScope roleScope, String roleAssignmentName, String roleDefinitionId, String principalId) { - return createRoleAssignmentWithResponse(roleScope, roleAssignmentName, roleDefinitionId, principalId).flatMap(FluxUtil::toMono); + public Mono createRoleAssignment(KeyVaultRoleScope roleScope, String roleDefinitionId, + String principalId, String roleAssignmentName) { + return createRoleAssignmentWithResponse(roleScope, roleDefinitionId, principalId, roleAssignmentName) + .flatMap(FluxUtil::toMono); } /** @@ -328,14 +677,22 @@ public Mono createRoleAssignment(KeyVaultRoleScope roleS * @param roleAssignmentName The name used to create the {@link KeyVaultRoleAssignment}. It can be any valid UUID. * @param roleDefinitionId The {@link KeyVaultRoleDefinition role definition} ID for the role assignment. * @param principalId The principal ID assigned to the role. This maps to the ID inside the Active Directory. + * * @return A {@link Mono} containing a {@link Response} whose {@link Response#getValue() value} contains the created * {@link KeyVaultRoleAssignment}. - * @throws NullPointerException if the {@link KeyVaultRoleScope role scope}, {@link String roleAssignmentName}, + * + * @throws KeyVaultAdministrationException If a {@link KeyVaultRoleAssignment role assignment} with the given name already + * exists or if the given {@code roleScope}, {@code roleDefinitionId} or {@code principalId} are invalid. + * @throws NullPointerException If the {@link KeyVaultRoleScope role scope}, {@link String roleAssignmentName}, * {@link String roleDefinitionId} or {@link String principalId} are {@code null}. */ @ServiceMethod(returns = ReturnType.SINGLE) - public Mono> createRoleAssignmentWithResponse(KeyVaultRoleScope roleScope, String roleAssignmentName, String roleDefinitionId, String principalId) { - return withContext(context -> createRoleAssignmentWithResponse(roleScope, roleAssignmentName, roleDefinitionId, principalId, context)); + public Mono> createRoleAssignmentWithResponse(KeyVaultRoleScope roleScope, + String roleDefinitionId, + String principalId, + String roleAssignmentName) { + return withContext(context -> + createRoleAssignmentWithResponse(roleScope, roleDefinitionId, principalId, roleAssignmentName, context)); } /** @@ -346,39 +703,48 @@ public Mono> createRoleAssignmentWithResponse(K * @param roleDefinitionId The {@link KeyVaultRoleDefinition role definition} ID for the role assignment. * @param principalId The principal ID assigned to the role. This maps to the ID inside the Active Directory. * @param context Additional context that is passed through the HTTP pipeline during the service call. + * * @return A {@link Mono} containing a {@link Response} whose {@link Response#getValue() value} contains the created * {@link KeyVaultRoleAssignment}. - * @throws NullPointerException if the {@link KeyVaultRoleScope role scope}, {@link String roleAssignmentName}, + * + * @throws KeyVaultAdministrationException If a {@link KeyVaultRoleAssignment role assignment} with the given name already + * exists or if the given {@code roleScope}, {@code roleDefinitionId} or {@code principalId} are invalid. + * @throws NullPointerException If the {@link KeyVaultRoleScope role scope}, {@link String roleAssignmentName}, * {@link String roleDefinitionId} or {@link String principalId} are {@code null}. */ - Mono> createRoleAssignmentWithResponse(KeyVaultRoleScope roleScope, String roleAssignmentName, String roleDefinitionId, String principalId, Context context) { - Objects.requireNonNull(roleScope, - String.format(KeyVaultErrorCodeStrings.getErrorString(KeyVaultErrorCodeStrings.PARAMETER_REQUIRED), - "'roleScope'")); - Objects.requireNonNull(roleAssignmentName, - String.format(KeyVaultErrorCodeStrings.getErrorString(KeyVaultErrorCodeStrings.PARAMETER_REQUIRED), - "'roleAssignmentName'")); - Objects.requireNonNull(principalId, - String.format(KeyVaultErrorCodeStrings.getErrorString(KeyVaultErrorCodeStrings.PARAMETER_REQUIRED), - "'principalId'")); - Objects.requireNonNull(roleDefinitionId, - String.format(KeyVaultErrorCodeStrings.getErrorString(KeyVaultErrorCodeStrings.PARAMETER_REQUIRED), - "'roleDefinitionId'")); - - RoleAssignmentProperties roleAssignmentProperties = - new RoleAssignmentProperties() - .setRoleDefinitionId(roleDefinitionId) - .setPrincipalId(principalId); - RoleAssignmentCreateParameters parameters = - new RoleAssignmentCreateParameters() - .setProperties(roleAssignmentProperties); + Mono> createRoleAssignmentWithResponse(KeyVaultRoleScope roleScope, + String roleDefinitionId, String principalId, + String roleAssignmentName, + Context context) { try { + Objects.requireNonNull(roleScope, + String.format(KeyVaultErrorCodeStrings.getErrorString(KeyVaultErrorCodeStrings.PARAMETER_REQUIRED), + "'roleScope'")); + Objects.requireNonNull(roleAssignmentName, + String.format(KeyVaultErrorCodeStrings.getErrorString(KeyVaultErrorCodeStrings.PARAMETER_REQUIRED), + "'roleAssignmentName'")); + Objects.requireNonNull(principalId, + String.format(KeyVaultErrorCodeStrings.getErrorString(KeyVaultErrorCodeStrings.PARAMETER_REQUIRED), + "'principalId'")); + Objects.requireNonNull(roleDefinitionId, + String.format(KeyVaultErrorCodeStrings.getErrorString(KeyVaultErrorCodeStrings.PARAMETER_REQUIRED), + "'roleDefinitionId'")); + + RoleAssignmentProperties roleAssignmentProperties = + new RoleAssignmentProperties() + .setRoleDefinitionId(roleDefinitionId) + .setPrincipalId(principalId); + RoleAssignmentCreateParameters parameters = + new RoleAssignmentCreateParameters() + .setProperties(roleAssignmentProperties); + return clientImpl.getRoleAssignments() .createWithResponseAsync(vaultUrl, roleScope.toString(), roleAssignmentName, parameters, context.addData(AZ_TRACING_NAMESPACE_KEY, KEYVAULT_TRACING_NAMESPACE_VALUE)) .doOnRequest(ignored -> logger.verbose("Creating role assignment - {}", roleAssignmentName)) .doOnSuccess(response -> logger.verbose("Created role assignment - {}", response.getValue().getName())) .doOnError(error -> logger.warning("Failed to create role assignment - {}", roleAssignmentName, error)) + .onErrorMap(KeyVaultAdministrationUtils::mapThrowableToKeyVaultAdministrationException) .map(KeyVaultAccessControlAsyncClient::transformRoleAssignmentResponse); } catch (RuntimeException e) { return monoError(logger, e); @@ -390,8 +756,12 @@ Mono> createRoleAssignmentWithResponse(KeyVault * * @param roleScope The {@link KeyVaultRoleScope role scope} of the {@link KeyVaultRoleAssignment}. * @param roleAssignmentName The name used of the {@link KeyVaultRoleAssignment}. + * * @return A {@link Mono} containing the {@link KeyVaultRoleAssignment}. - * @throws NullPointerException if the {@link KeyVaultRoleScope role scope} or {@link String roleAssignmentName} are + * + * @throws KeyVaultAdministrationException If a {@link KeyVaultRoleAssignment role assignment} with the given name cannot + * be found or if the given {@code roleScope} is invalid. + * @throws NullPointerException If the {@link KeyVaultRoleScope role scope} or {@link String roleAssignmentName} are * {@code null}. */ @ServiceMethod(returns = ReturnType.SINGLE) @@ -404,13 +774,18 @@ public Mono getRoleAssignment(KeyVaultRoleScope roleScop * * @param roleScope The {@link KeyVaultRoleScope role scope} of the {@link KeyVaultRoleAssignment}. * @param roleAssignmentName The name of the {@link KeyVaultRoleAssignment}. + * * @return A {@link Mono} containing a {@link Response} whose {@link Response#getValue() value} contains the * {@link KeyVaultRoleAssignment}. - * @throws NullPointerException if the {@link KeyVaultRoleScope role scope} or {@link String roleAssignmentName} are + * + * @throws KeyVaultAdministrationException If a {@link KeyVaultRoleAssignment role assignment} with the given name cannot + * be found or if the given {@code roleScope} is invalid. + * @throws NullPointerException If the {@link KeyVaultRoleScope role scope} or {@link String roleAssignmentName} are * {@code null}. */ @ServiceMethod(returns = ReturnType.SINGLE) - public Mono> getRoleAssignmentWithResponse(KeyVaultRoleScope roleScope, String roleAssignmentName) { + public Mono> getRoleAssignmentWithResponse(KeyVaultRoleScope roleScope, + String roleAssignmentName) { return withContext(context -> getRoleAssignmentWithResponse(roleScope, roleAssignmentName, context)); } @@ -420,26 +795,34 @@ public Mono> getRoleAssignmentWithResponse(KeyV * @param roleScope The {@link KeyVaultRoleScope role scope} of the {@link KeyVaultRoleAssignment}. * @param roleAssignmentName The name of the {@link KeyVaultRoleAssignment}. * @param context Additional context that is passed through the HTTP pipeline during the service call. + * * @return A {@link Mono} containing a {@link Response} whose {@link Response#getValue() value} contains the * {@link KeyVaultRoleAssignment}. - * @throws NullPointerException if the {@link KeyVaultRoleScope role scope} or {@link String roleAssignmentName} are + * + * @throws KeyVaultAdministrationException If a {@link KeyVaultRoleAssignment role assignment} with the given name cannot + * be found or if the given {@code roleScope} is invalid. + * @throws NullPointerException If the {@link KeyVaultRoleScope role scope} or {@link String roleAssignmentName} are * {@code null}. */ - Mono> getRoleAssignmentWithResponse(KeyVaultRoleScope roleScope, String roleAssignmentName, Context context) { - Objects.requireNonNull(roleScope, - String.format(KeyVaultErrorCodeStrings.getErrorString(KeyVaultErrorCodeStrings.PARAMETER_REQUIRED), - "'roleScope'")); - Objects.requireNonNull(roleAssignmentName, - String.format(KeyVaultErrorCodeStrings.getErrorString(KeyVaultErrorCodeStrings.PARAMETER_REQUIRED), - "'roleAssignmentName'")); - + Mono> getRoleAssignmentWithResponse(KeyVaultRoleScope roleScope, + String roleAssignmentName, Context context) { try { + Objects.requireNonNull(roleScope, + String.format(KeyVaultErrorCodeStrings.getErrorString(KeyVaultErrorCodeStrings.PARAMETER_REQUIRED), + "'roleScope'")); + Objects.requireNonNull(roleAssignmentName, + String.format(KeyVaultErrorCodeStrings.getErrorString(KeyVaultErrorCodeStrings.PARAMETER_REQUIRED), + "'roleAssignmentName'")); + return clientImpl.getRoleAssignments() - .getWithResponseAsync(vaultUrl, roleScope.toString(), roleAssignmentName, context.addData(AZ_TRACING_NAMESPACE_KEY, - KEYVAULT_TRACING_NAMESPACE_VALUE)) + .getWithResponseAsync(vaultUrl, roleScope.toString(), roleAssignmentName, + context.addData(AZ_TRACING_NAMESPACE_KEY, KEYVAULT_TRACING_NAMESPACE_VALUE)) .doOnRequest(ignored -> logger.verbose("Retrieving role assignment - {}", roleAssignmentName)) - .doOnSuccess(response -> logger.verbose("Retrieved role assignment - {}", response.getValue().getName())) - .doOnError(error -> logger.warning("Failed to retrieved role assignment - {}", roleAssignmentName, error)) + .doOnSuccess(response -> + logger.verbose("Retrieved role assignment - {}", response.getValue().getName())) + .doOnError(error -> + logger.warning("Failed to retrieved role assignment - {}", roleAssignmentName, error)) + .onErrorMap(KeyVaultAdministrationUtils::mapThrowableToKeyVaultAdministrationException) .map(KeyVaultAccessControlAsyncClient::transformRoleAssignmentResponse); } catch (RuntimeException e) { return monoError(logger, e); @@ -451,8 +834,12 @@ Mono> getRoleAssignmentWithResponse(KeyVaultRol * * @param roleScope The {@link KeyVaultRoleScope role scope} of the {@link KeyVaultRoleAssignment}. * @param roleAssignmentName The name of the {@link KeyVaultRoleAssignment}. + * * @return A {@link Mono} containing the {@link KeyVaultRoleAssignment}. - * @throws NullPointerException if the {@link KeyVaultRoleScope role scope} or {@link String roleAssignmentName} are + * + * @throws KeyVaultAdministrationException If a {@link KeyVaultRoleAssignment role assignment} with the given name cannot + * be found or if the given {@code roleScope} is invalid. + * @throws NullPointerException If the {@link KeyVaultRoleScope role scope} or {@link String roleAssignmentName} are * {@code null}. */ @ServiceMethod(returns = ReturnType.SINGLE) @@ -465,13 +852,18 @@ public Mono deleteRoleAssignment(KeyVaultRoleScope roleS * * @param roleScope The {@link KeyVaultRoleScope role scope} of the {@link KeyVaultRoleAssignment}. * @param roleAssignmentName The name of the {@link KeyVaultRoleAssignment}. + * * @return A {@link Mono} containing a {@link Response} whose {@link Response#getValue() value} contains the * {@link KeyVaultRoleAssignment}. - * @throws NullPointerException if the {@link KeyVaultRoleScope role scope} or {@link String roleAssignmentName} are + * + * @throws KeyVaultAdministrationException If a {@link KeyVaultRoleAssignment role assignment} with the given name cannot + * be found or if the given {@code roleScope} is invalid. + * @throws NullPointerException If the {@link KeyVaultRoleScope role scope} or {@link String roleAssignmentName} are * {@code null}. */ @ServiceMethod(returns = ReturnType.SINGLE) - public Mono> deleteRoleAssignmentWithResponse(KeyVaultRoleScope roleScope, String roleAssignmentName) { + public Mono> deleteRoleAssignmentWithResponse(KeyVaultRoleScope roleScope, + String roleAssignmentName) { return withContext(context -> deleteRoleAssignmentWithResponse(roleScope, roleAssignmentName, context)); } @@ -481,26 +873,33 @@ public Mono> deleteRoleAssignmentWithResponse(K * @param roleScope The {@link KeyVaultRoleScope role scope} of the {@link KeyVaultRoleAssignment}. * @param roleAssignmentName The name of the {@link KeyVaultRoleAssignment}. * @param context Additional context that is passed through the HTTP pipeline during the service call. + * * @return A {@link Mono} containing a {@link Response} whose {@link Response#getValue() value} contains the * {@link KeyVaultRoleAssignment}. - * @throws NullPointerException if the {@link KeyVaultRoleScope role scope} or {@link String roleAssignmentName} are + * + * @throws KeyVaultAdministrationException If a {@link KeyVaultRoleAssignment role assignment} with the given name cannot + * be found or if the given {@code roleScope} is invalid. + * @throws NullPointerException If the {@link KeyVaultRoleScope role scope} or {@link String roleAssignmentName} are * {@code null}. */ - Mono> deleteRoleAssignmentWithResponse(KeyVaultRoleScope roleScope, String roleAssignmentName, Context context) { - Objects.requireNonNull(roleScope, - String.format(KeyVaultErrorCodeStrings.getErrorString(KeyVaultErrorCodeStrings.PARAMETER_REQUIRED), - "'roleScope'")); - Objects.requireNonNull(roleAssignmentName, - String.format(KeyVaultErrorCodeStrings.getErrorString(KeyVaultErrorCodeStrings.PARAMETER_REQUIRED), - "'roleAssignmentName'")); - + Mono> deleteRoleAssignmentWithResponse(KeyVaultRoleScope roleScope, + String roleAssignmentName, + Context context) { try { + Objects.requireNonNull(roleScope, + String.format(KeyVaultErrorCodeStrings.getErrorString(KeyVaultErrorCodeStrings.PARAMETER_REQUIRED), + "'roleScope'")); + Objects.requireNonNull(roleAssignmentName, + String.format(KeyVaultErrorCodeStrings.getErrorString(KeyVaultErrorCodeStrings.PARAMETER_REQUIRED), + "'roleAssignmentName'")); + return clientImpl.getRoleAssignments() - .deleteWithResponseAsync(vaultUrl, roleScope.toString(), roleAssignmentName, context.addData(AZ_TRACING_NAMESPACE_KEY, - KEYVAULT_TRACING_NAMESPACE_VALUE)) + .deleteWithResponseAsync(vaultUrl, roleScope.toString(), roleAssignmentName, + context.addData(AZ_TRACING_NAMESPACE_KEY, KEYVAULT_TRACING_NAMESPACE_VALUE)) .doOnRequest(ignored -> logger.verbose("Deleting role assignment - {}", roleAssignmentName)) .doOnSuccess(response -> logger.verbose("Deleted role assignment - {}", response.getValue().getName())) .doOnError(error -> logger.warning("Failed to delete role assignment - {}", roleAssignmentName, error)) + .onErrorMap(KeyVaultAdministrationUtils::mapThrowableToKeyVaultAdministrationException) .map(KeyVaultAccessControlAsyncClient::transformRoleAssignmentResponse); } catch (RuntimeException e) { return monoError(logger, e); @@ -508,7 +907,9 @@ Mono> deleteRoleAssignmentWithResponse(KeyVault } @SuppressWarnings("BoundedWildcard") - private static PagedResponse transformRoleDefinitionsPagedResponse(PagedResponse pagedResponse) { + private static PagedResponse transformRoleDefinitionsPagedResponse( + PagedResponse pagedResponse) { + List keyVaultRoleDefinitions = new ArrayList<>(); for (RoleDefinition roleDefinition : pagedResponse.getValue()) { @@ -518,10 +919,10 @@ private static PagedResponse transformRoleDefinitionsPag return new TransformedPagedResponse<>(keyVaultRoleDefinitions, pagedResponse); } - private static Response transformRoleAssignmentResponse(Response response) { - KeyVaultRoleAssignment keyVaultRoleAssignment = roleAssignmentToKeyVaultRoleAssignment(response.getValue()); + private static Response transformRoleDefinitionResponse(Response response) { + KeyVaultRoleDefinition keyVaultRoleDefinition = roleDefinitionToKeyVaultRoleDefinition(response.getValue()); - return new TransformedResponse<>(keyVaultRoleAssignment, response); + return new TransformedResponse<>(keyVaultRoleDefinition, response); } private static KeyVaultRoleDefinition roleDefinitionToKeyVaultRoleDefinition(RoleDefinition roleDefinition) { @@ -529,17 +930,27 @@ private static KeyVaultRoleDefinition roleDefinitionToKeyVaultRoleDefinition(Rol for (Permission permission : roleDefinition.getPermissions()) { keyVaultPermissions.add( - new KeyVaultPermission(permission.getActions(), permission.getDataActions(), - permission.getDataActions(), permission.getNotDataActions())); + new KeyVaultPermission(permission.getActions(), permission.getNotActions(), + permission.getDataActions().stream() + .map(dataAction -> KeyVaultDataAction.fromString(dataAction.toString())) + .collect(Collectors.toList()), + permission.getNotDataActions().stream() + .map(notDataAction -> KeyVaultDataAction.fromString(notDataAction.toString())) + .collect(Collectors.toList()))); } - return new KeyVaultRoleDefinition(roleDefinition.getId(), roleDefinition.getName(), roleDefinition.getType(), - new KeyVaultRoleDefinitionProperties(roleDefinition.getRoleName(), - roleDefinition.getDescription(), roleDefinition.getRoleType(), keyVaultPermissions, - roleDefinition.getAssignableScopes())); + return new KeyVaultRoleDefinition(roleDefinition.getId(), roleDefinition.getName(), + KeyVaultRoleDefinitionType.fromString(roleDefinition.getType().toString()), + new KeyVaultRoleDefinitionProperties(roleDefinition.getRoleName(), roleDefinition.getDescription(), + KeyVaultRoleType.fromString(roleDefinition.getRoleType().toString()), keyVaultPermissions, + roleDefinition.getAssignableScopes().stream() + .map(roleScope -> KeyVaultRoleScope.fromString(roleScope.toString())) + .collect(Collectors.toList()))); } - private static PagedResponse transformRoleAssignmentsPagedResponse(PagedResponse pagedResponse) { + private static PagedResponse transformRoleAssignmentsPagedResponse( + PagedResponse pagedResponse) { + List keyVaultRoleAssignments = new ArrayList<>(); for (RoleAssignment roleAssignment : pagedResponse.getValue()) { @@ -549,12 +960,19 @@ private static PagedResponse transformRoleAssignmentsPag return new TransformedPagedResponse<>(keyVaultRoleAssignments, pagedResponse); } + private static Response transformRoleAssignmentResponse(Response response) { + KeyVaultRoleAssignment keyVaultRoleAssignment = roleAssignmentToKeyVaultRoleAssignment(response.getValue()); + + return new TransformedResponse<>(keyVaultRoleAssignment, response); + } + private static KeyVaultRoleAssignment roleAssignmentToKeyVaultRoleAssignment(RoleAssignment roleAssignment) { RoleAssignmentPropertiesWithScope propertiesWithScope = roleAssignment.getProperties(); return new KeyVaultRoleAssignment(roleAssignment.getId(), roleAssignment.getName(), roleAssignment.getType(), new KeyVaultRoleAssignmentProperties(propertiesWithScope.getRoleDefinitionId(), - propertiesWithScope.getPrincipalId()), KeyVaultRoleScope.fromString(propertiesWithScope.getScope())); + propertiesWithScope.getPrincipalId()), + KeyVaultRoleScope.fromString(propertiesWithScope.getScope().toString())); } private static final class TransformedPagedResponse, T, U> implements PagedResponse { diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/KeyVaultAccessControlClient.java b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/KeyVaultAccessControlClient.java index c8cf21bb97e5..70be5dd7cb7d 100644 --- a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/KeyVaultAccessControlClient.java +++ b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/KeyVaultAccessControlClient.java @@ -9,10 +9,12 @@ import com.azure.core.http.rest.PagedIterable; import com.azure.core.http.rest.Response; import com.azure.core.util.Context; +import com.azure.security.keyvault.administration.models.KeyVaultAdministrationException; import com.azure.security.keyvault.administration.models.KeyVaultRoleAssignment; import com.azure.security.keyvault.administration.models.KeyVaultRoleAssignmentProperties; -import com.azure.security.keyvault.administration.models.KeyVaultRoleScope; import com.azure.security.keyvault.administration.models.KeyVaultRoleDefinition; +import com.azure.security.keyvault.administration.models.KeyVaultRoleScope; +import com.azure.security.keyvault.administration.options.SetRoleDefinitionOptions; import reactor.core.publisher.Mono; import java.util.UUID; @@ -51,8 +53,11 @@ public String getVaultUrl() { * * @param roleScope The {@link KeyVaultRoleScope roleScope} of the {@link KeyVaultRoleDefinition role * definitions}. + * * @return A {@link PagedIterable} containing the {@link KeyVaultRoleDefinition role definitions} for the given * {@link KeyVaultRoleScope roleScope}. + * + * @throws KeyVaultAdministrationException If the given {@code roleScope} is invalid. * @throws NullPointerException if the {@link KeyVaultRoleScope roleScope} is {@code null}. */ @ServiceMethod(returns = ReturnType.COLLECTION) @@ -66,8 +71,11 @@ public PagedIterable listRoleDefinitions(KeyVaultRoleSco * * @param roleScope The {@link KeyVaultRoleScope scope} of the {@link KeyVaultRoleDefinition role definitions}. * @param context Additional {@link Context} that is passed through the HTTP pipeline during the service call. + * * @return A {@link PagedIterable} containing the {@link KeyVaultRoleDefinition role definitions} for the given * {@link KeyVaultRoleScope roleScope}. + * + * @throws KeyVaultAdministrationException If the given {@code roleScope} is invalid. * @throws NullPointerException if the {@link KeyVaultRoleScope roleScope} is {@code null}. */ @ServiceMethod(returns = ReturnType.COLLECTION) @@ -75,13 +83,150 @@ public PagedIterable listRoleDefinitions(KeyVaultRoleSco return new PagedIterable<>(asyncClient.listRoleDefinitions(roleScope, context)); } + /** + * Creates a {@link KeyVaultRoleDefinition} with a randomly generated {@link String name}. + * + * @param roleScope The {@link KeyVaultRoleScope role scope} of the {@link KeyVaultRoleDefinition}. Managed HSM only + * supports '/'. + * + * @return The created {@link KeyVaultRoleDefinition}. + * + * @throws KeyVaultAdministrationException If the given {@code roleScope} is invalid. + * @throws NullPointerException If the {@link KeyVaultRoleScope role scope} is {@code null}. + */ + @ServiceMethod(returns = ReturnType.SINGLE) + public KeyVaultRoleDefinition setRoleDefinition(KeyVaultRoleScope roleScope) { + return asyncClient.setRoleDefinition(roleScope).block(); + } + + /** + * Creates or updates a {@link KeyVaultRoleDefinition}. + * + * @param roleScope The {@link KeyVaultRoleScope role scope} of the {@link KeyVaultRoleDefinition}. Managed HSM + * only supports '/'. + * @param roleDefinitionName The name of the {@link KeyVaultRoleDefinition}. It can be any valid UUID. + * + * @return The created or updated {@link KeyVaultRoleDefinition}. + * + * @throws KeyVaultAdministrationException If the given {@code roleScope} is invalid. + * @throws NullPointerException If the {@link KeyVaultRoleScope role scope} or {@link String roleDefinitionName} + * are {@code null}. + */ + @ServiceMethod(returns = ReturnType.SINGLE) + public KeyVaultRoleDefinition setRoleDefinition(KeyVaultRoleScope roleScope, String roleDefinitionName) { + return asyncClient.setRoleDefinition(roleScope, roleDefinitionName).block(); + } + + /** + * Creates or updates a {@link KeyVaultRoleDefinition}. + * + * @param options Object representing the configurable options to create or update a + * {@link KeyVaultRoleDefinition role definition}. + * @param context Additional context that is passed through the HTTP pipeline during the service call. + * + * @return A {@link Response} whose {@link Response#getValue() value} contains the created or updated + * {@link KeyVaultRoleDefinition}. + * + * @throws KeyVaultAdministrationException If any parameter in {@code options} is invalid. + * @throws NullPointerException If the {@link KeyVaultRoleScope role scope} or {@link String roleDefinitionName} + * in the {@link SetRoleDefinitionOptions options} object are {@code null}. + */ + @ServiceMethod(returns = ReturnType.SINGLE) + public Response setRoleDefinitionWithResponse(SetRoleDefinitionOptions options, + Context context) { + return asyncClient.setRoleDefinitionWithResponse(options, context).block(); + } + + /** + * Gets a {@link KeyVaultRoleDefinition}. + * + * @param roleScope The {@link KeyVaultRoleScope role scope} of the {@link KeyVaultRoleDefinition}. + * @param roleDefinitionName The name used of the {@link KeyVaultRoleDefinition}. + * + * @return The retrieved {@link KeyVaultRoleDefinition}. + * + * @throws KeyVaultAdministrationException If a {@link KeyVaultRoleDefinition role definition} with the given name cannot + * be found or if the given {@code roleScope} is invalid. + * @throws NullPointerException If the {@link KeyVaultRoleScope role scope} or {@link String roleDefinitionName} are + * {@code null}. + */ + @ServiceMethod(returns = ReturnType.SINGLE) + public KeyVaultRoleDefinition getRoleDefinition(KeyVaultRoleScope roleScope, String roleDefinitionName) { + return asyncClient.getRoleDefinition(roleScope, roleDefinitionName).block(); + } + + /** + * Gets a {@link KeyVaultRoleDefinition}. + * + * @param roleScope The {@link KeyVaultRoleScope role scope} of the {@link KeyVaultRoleDefinition}. + * @param roleDefinitionName The name of the {@link KeyVaultRoleDefinition}. + * @param context Additional context that is passed through the HTTP pipeline during the service call. + * + * @return A {@link Response} whose {@link Response#getValue() value} contains the + * retrieved {@link KeyVaultRoleDefinition}. + * + * @throws KeyVaultAdministrationException If a {@link KeyVaultRoleDefinition role definition} with the given name cannot + * be found or if the given {@code roleScope} is invalid. + * @throws NullPointerException If the {@link KeyVaultRoleScope role scope} or {@link String roleDefinitionName} are + * {@code null}. + */ + @ServiceMethod(returns = ReturnType.SINGLE) + public Response getRoleDefinitionWithResponse(KeyVaultRoleScope roleScope, + String roleDefinitionName, Context context) { + return asyncClient.getRoleDefinitionWithResponse(roleScope, roleDefinitionName, context).block(); + } + + /** + * Deletes a {@link KeyVaultRoleDefinition}. + * + * @param roleScope The {@link KeyVaultRoleScope role scope} of the {@link KeyVaultRoleDefinition}. Managed HSM + * only supports '/'. + * @param roleDefinitionName The name of the {@link KeyVaultRoleDefinition}. + * + * @return The deleted {@link KeyVaultRoleDefinition}. + * + * @throws KeyVaultAdministrationException If a {@link KeyVaultRoleDefinition role definition} with the given name cannot + * be found or if the given {@code roleScope} is invalid. + * @throws NullPointerException If the {@link KeyVaultRoleScope role scope} or {@link String roleDefinitionName} are + * {@code null}. + */ + @ServiceMethod(returns = ReturnType.SINGLE) + public KeyVaultRoleDefinition deleteRoleDefinition(KeyVaultRoleScope roleScope, String roleDefinitionName) { + return asyncClient.deleteRoleDefinition(roleScope, roleDefinitionName).block(); + } + + /** + * Deletes a {@link KeyVaultRoleDefinition}. + * + * @param roleScope The {@link KeyVaultRoleScope role scope} of the {@link KeyVaultRoleDefinition}. + * @param roleDefinitionName The name of the {@link KeyVaultRoleDefinition}. + * @param context Additional context that is passed through the HTTP pipeline during the service call. + * + * @return A {@link Response} whose {@link Response#getValue() value} contains the deleted + * {@link KeyVaultRoleDefinition}. + * + * @throws KeyVaultAdministrationException If a {@link KeyVaultRoleDefinition role definition} with the given name cannot + * be found or if the given {@code roleScope} is invalid. + * @throws NullPointerException If the {@link KeyVaultRoleScope role scope} or {@link String roleDefinitionName} are + * {@code null}. + */ + @ServiceMethod(returns = ReturnType.SINGLE) + public Response deleteRoleDefinitionWithResponse(KeyVaultRoleScope roleScope, + String roleDefinitionName, + Context context) { + return asyncClient.deleteRoleDefinitionWithResponse(roleScope, roleDefinitionName, context).block(); + } + /** * Get all {@link KeyVaultRoleAssignment role assignments} that are applicable at the given * {@link KeyVaultRoleScope role scope} and above. * * @param roleScope The {@link KeyVaultRoleScope scope} of the {@link KeyVaultRoleAssignment}. + * * @return A {@link PagedIterable} containing the {@link KeyVaultRoleAssignment role assignments} for the given * {@link KeyVaultRoleScope roleScope}. + * + * @throws KeyVaultAdministrationException If the given {@code roleScope} is invalid. * @throws NullPointerException if the {@link KeyVaultRoleScope roleScope} is {@code null}. */ @ServiceMethod(returns = ReturnType.COLLECTION) @@ -95,8 +240,11 @@ public PagedIterable listRoleAssignments(KeyVaultRoleSco * * @param roleScope The {@link KeyVaultRoleScope scope} of the {@link KeyVaultRoleAssignment}. * @param context Additional context that is passed through the HTTP pipeline during the service call. + * * @return A {@link PagedIterable} containing the {@link KeyVaultRoleAssignment role assignments} for the given * {@link KeyVaultRoleScope roleScope}. + * + * @throws KeyVaultAdministrationException If the given {@code roleScope} is invalid. * @throws NullPointerException if the {@link KeyVaultRoleScope roleScope} is {@code null}. */ @ServiceMethod(returns = ReturnType.COLLECTION) @@ -110,13 +258,18 @@ public PagedIterable listRoleAssignments(KeyVaultRoleSco * @param roleScope The {@link KeyVaultRoleScope role scope} of the {@link KeyVaultRoleAssignment} to create. * @param roleDefinitionId The {@link KeyVaultRoleDefinition role definition} ID for the role assignment. * @param principalId The principal ID assigned to the role. This maps to the ID inside the Active Directory. + * * @return A {@link Mono} containing the created {@link KeyVaultRoleAssignment}. - * @throws NullPointerException if the {@link KeyVaultRoleScope roleScope}, {@link String roleAssignmentName}, - * {@link String roleDefinitionId} or {@link String principalId} are {@code null}. + * + * @throws KeyVaultAdministrationException If the given {@code roleScope}, {@code roleDefinitionId} or {@code principalId} + * are invalid. + * @throws NullPointerException if the {@link KeyVaultRoleScope roleScope}, {@link String roleDefinitionId} or + * {@link String principalId} are {@code null}. */ @ServiceMethod(returns = ReturnType.SINGLE) - public KeyVaultRoleAssignment createRoleAssignment(KeyVaultRoleScope roleScope, String roleDefinitionId, String principalId) { - return createRoleAssignmentWithResponse(roleScope, UUID.randomUUID().toString(), roleDefinitionId, principalId, + public KeyVaultRoleAssignment createRoleAssignment(KeyVaultRoleScope roleScope, String roleDefinitionId, + String principalId) { + return createRoleAssignmentWithResponse(roleScope, roleDefinitionId, principalId, UUID.randomUUID().toString(), Context.NONE).getValue(); } @@ -127,13 +280,18 @@ public KeyVaultRoleAssignment createRoleAssignment(KeyVaultRoleScope roleScope, * @param roleAssignmentName The name used to create the {@link KeyVaultRoleAssignment}. It can be any valid UUID. * @param roleDefinitionId The {@link KeyVaultRoleDefinition role definition} ID for the role assignment. * @param principalId The principal ID assigned to the role. This maps to the ID inside the Active Directory. + * * @return The created {@link KeyVaultRoleAssignment}. + * + * @throws KeyVaultAdministrationException If a {@link KeyVaultRoleAssignment role assignment} with the given name already + * exists or if the given {@code roleScope}, {@code roleDefinitionId} or {@code principalId} are invalid. * @throws NullPointerException if the {@link KeyVaultRoleScope roleScope}, {@link String roleAssignmentName} or * {@link KeyVaultRoleAssignmentProperties properties} are {@code null}. */ @ServiceMethod(returns = ReturnType.SINGLE) - public KeyVaultRoleAssignment createRoleAssignment(KeyVaultRoleScope roleScope, String roleAssignmentName, String roleDefinitionId, String principalId) { - return createRoleAssignmentWithResponse(roleScope, roleAssignmentName, roleDefinitionId, principalId, + public KeyVaultRoleAssignment createRoleAssignment(KeyVaultRoleScope roleScope, String roleDefinitionId, + String principalId, String roleAssignmentName) { + return createRoleAssignmentWithResponse(roleScope, roleDefinitionId, principalId, roleAssignmentName, Context.NONE).getValue(); } @@ -145,15 +303,23 @@ public KeyVaultRoleAssignment createRoleAssignment(KeyVaultRoleScope roleScope, * @param roleDefinitionId The {@link KeyVaultRoleDefinition role definition} ID for the role assignment. * @param principalId The principal ID assigned to the role. This maps to the ID inside the Active Directory. * @param context Additional context that is passed through the HTTP pipeline during the service call. + * * @return A {@link Mono} containing a {@link Response} whose {@link Response#getValue() value} contains the created * {@link KeyVaultRoleAssignment}. + * + * @throws KeyVaultAdministrationException If a {@link KeyVaultRoleAssignment role assignment} with the given name already + * exists or if the given {@code roleScope}, {@code roleDefinitionId} or {@code principalId} are invalid. * @throws NullPointerException if the {@link KeyVaultRoleScope roleScope}, {@link String roleAssignmentName} or * {@link KeyVaultRoleAssignmentProperties properties} are {@code null}. */ @ServiceMethod(returns = ReturnType.SINGLE) - public Response createRoleAssignmentWithResponse(KeyVaultRoleScope roleScope, String roleAssignmentName, String roleDefinitionId, String principalId, Context context) { - return asyncClient.createRoleAssignmentWithResponse(roleScope, roleAssignmentName, roleDefinitionId, - principalId, context).block(); + public Response createRoleAssignmentWithResponse(KeyVaultRoleScope roleScope, + String roleDefinitionId, + String principalId, + String roleAssignmentName, + Context context) { + return asyncClient.createRoleAssignmentWithResponse(roleScope, roleDefinitionId, principalId, + roleAssignmentName, context).block(); } /** @@ -161,7 +327,11 @@ public Response createRoleAssignmentWithResponse(KeyVaul * * @param roleScope The {@link KeyVaultRoleScope role scope} of the {@link KeyVaultRoleAssignment}. * @param roleAssignmentName The name of the {@link KeyVaultRoleAssignment}. + * * @return The {@link KeyVaultRoleAssignment}. + * + * @throws KeyVaultAdministrationException If a {@link KeyVaultRoleAssignment role assignment} with the given name cannot + * be found or if the given {@code roleScope} is invalid. * @throws NullPointerException if the {@link KeyVaultRoleScope roleScope} or {@link String roleAssignmentName} are * {@code null}. */ @@ -176,12 +346,17 @@ public KeyVaultRoleAssignment getRoleAssignment(KeyVaultRoleScope roleScope, Str * @param roleScope The {@link KeyVaultRoleScope role scope} of the {@link KeyVaultRoleAssignment}. * @param roleAssignmentName The name of the {@link KeyVaultRoleAssignment}. * @param context Additional context that is passed through the HTTP pipeline during the service call. + * * @return The {@link KeyVaultRoleAssignment}. + * + * @throws KeyVaultAdministrationException If a {@link KeyVaultRoleAssignment role assignment} with the given name cannot + * be found or if the given {@code roleScope} is invalid. * @throws NullPointerException if the {@link KeyVaultRoleScope roleScope} or {@link String roleAssignmentName} are * {@code null}. */ @ServiceMethod(returns = ReturnType.SINGLE) - public Response getRoleAssignmentWithResponse(KeyVaultRoleScope roleScope, String roleAssignmentName, Context context) { + public Response getRoleAssignmentWithResponse(KeyVaultRoleScope roleScope, + String roleAssignmentName, Context context) { return asyncClient.getRoleAssignmentWithResponse(roleScope, roleAssignmentName, context).block(); } @@ -190,7 +365,11 @@ public Response getRoleAssignmentWithResponse(KeyVaultRo * * @param roleScope The {@link KeyVaultRoleScope role scope} of the {@link KeyVaultRoleAssignment}. * @param roleAssignmentName The name of the {@link KeyVaultRoleAssignment}. + * * @return The {@link KeyVaultRoleAssignment}. + * + * @throws KeyVaultAdministrationException If a {@link KeyVaultRoleAssignment role assignment} with the given name cannot + * be found or if the given {@code roleScope} is invalid. * @throws NullPointerException if the {@link KeyVaultRoleScope roleScope} or {@link String roleAssignmentName} are * {@code null}. */ @@ -205,12 +384,18 @@ public KeyVaultRoleAssignment deleteRoleAssignment(KeyVaultRoleScope roleScope, * @param roleScope The {@link KeyVaultRoleScope role scope} of the {@link KeyVaultRoleAssignment}. * @param roleAssignmentName The name of the {@link KeyVaultRoleAssignment}. * @param context Additional context that is passed through the HTTP pipeline during the service call. + * * @return The {@link KeyVaultRoleAssignment}. + * + * @throws KeyVaultAdministrationException If a {@link KeyVaultRoleAssignment role assignment} with the given name cannot + * be found or if the given {@code roleScope} is invalid. * @throws NullPointerException if the {@link KeyVaultRoleScope roleScope} or {@link String roleAssignmentName} are * {@code null}. */ @ServiceMethod(returns = ReturnType.SINGLE) - public Response deleteRoleAssignmentWithResponse(KeyVaultRoleScope roleScope, String roleAssignmentName, Context context) { + public Response deleteRoleAssignmentWithResponse(KeyVaultRoleScope roleScope, + String roleAssignmentName, + Context context) { return asyncClient.deleteRoleAssignmentWithResponse(roleScope, roleAssignmentName, context).block(); } } diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/KeyVaultBackupAsyncClient.java b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/KeyVaultBackupAsyncClient.java index 8b5b437cfa13..6cec332245f5 100644 --- a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/KeyVaultBackupAsyncClient.java +++ b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/KeyVaultBackupAsyncClient.java @@ -19,7 +19,6 @@ import com.azure.security.keyvault.administration.implementation.KeyVaultBackupClientImpl; import com.azure.security.keyvault.administration.implementation.KeyVaultBackupClientImplBuilder; import com.azure.security.keyvault.administration.implementation.KeyVaultErrorCodeStrings; -import com.azure.security.keyvault.administration.implementation.models.Error; import com.azure.security.keyvault.administration.implementation.models.FullBackupOperation; import com.azure.security.keyvault.administration.implementation.models.RestoreOperation; import com.azure.security.keyvault.administration.implementation.models.RestoreOperationParameters; @@ -27,7 +26,7 @@ import com.azure.security.keyvault.administration.implementation.models.SelectiveKeyRestoreOperation; import com.azure.security.keyvault.administration.implementation.models.SelectiveKeyRestoreOperationParameters; import com.azure.security.keyvault.administration.models.KeyVaultBackupOperation; -import com.azure.security.keyvault.administration.models.KeyVaultError; +import com.azure.security.keyvault.administration.models.KeyVaultAdministrationException; import com.azure.security.keyvault.administration.models.KeyVaultLongRunningOperation; import com.azure.security.keyvault.administration.models.KeyVaultRestoreOperation; import reactor.core.publisher.Mono; @@ -44,6 +43,7 @@ import static com.azure.core.util.FluxUtil.monoError; import static com.azure.core.util.FluxUtil.withContext; import static com.azure.core.util.tracing.Tracer.AZ_TRACING_NAMESPACE_KEY; +import static com.azure.security.keyvault.administration.implementation.KeyVaultAdministrationUtils.createKeyVaultErrorFromError; /** * The {@link KeyVaultBackupAsyncClient} provides asynchronous methods to perform full backup and restore of an Azure @@ -89,7 +89,8 @@ static Duration getDefaultPollingInterval() { /** * Package private constructor to be used by {@link KeyVaultBackupClientBuilder}. */ - KeyVaultBackupAsyncClient(URL vaultUrl, HttpPipeline httpPipeline, KeyVaultAdministrationServiceVersion serviceVersion) { + KeyVaultBackupAsyncClient(URL vaultUrl, HttpPipeline httpPipeline, + KeyVaultAdministrationServiceVersion serviceVersion) { Objects.requireNonNull(vaultUrl, KeyVaultErrorCodeStrings.getErrorString(KeyVaultErrorCodeStrings.VAULT_END_POINT_REQUIRED)); @@ -99,6 +100,7 @@ static Duration getDefaultPollingInterval() { clientImpl = new KeyVaultBackupClientImplBuilder() .pipeline(httpPipeline) + .apiVersion(this.serviceVersion) .buildClient(); } @@ -125,8 +127,11 @@ HttpPipeline getHttpPipeline() { * * @param blobStorageUrl The URL for the Blob Storage resource where the backup will be located. * @param sasToken A Shared Access Signature (SAS) token to authorize access to the blob. + * * @return A {@link PollerFlux} polling on the {@link KeyVaultBackupOperation backup operation} status. - * @throws NullPointerException if the {@code blobStorageUrl} or {@code sasToken} are {@code null}. + * + * @throws KeyVaultAdministrationException If the given {@code blobStorageUrl} or {@code sasToken} are invalid. + * @throws NullPointerException If the {@code blobStorageUrl} or {@code sasToken} are {@code null}. */ @ServiceMethod(returns = ReturnType.LONG_RUNNING_OPERATION) public PollerFlux beginBackup(String blobStorageUrl, String sasToken) { @@ -139,17 +144,26 @@ public PollerFlux beginBackup(String blobStorag * @param blobStorageUrl The URL for the Blob Storage resource where the backup will be located. * @param sasToken A Shared Access Signature (SAS) token to authorize access to the blob. * @param pollingInterval The interval at which the operation status will be polled for. + * * @return A {@link PollerFlux} polling on the {@link KeyVaultBackupOperation backup operation} status. - * @throws NullPointerException if the {@code blobStorageUrl} or {@code sasToken} are {@code null}. + * + * @throws KeyVaultAdministrationException If the given {@code blobStorageUrl} or {@code sasToken} are invalid. + * @throws NullPointerException If the {@code blobStorageUrl} or {@code sasToken} are {@code null}. */ @ServiceMethod(returns = ReturnType.LONG_RUNNING_OPERATION) - public PollerFlux beginBackup(String blobStorageUrl, String sasToken, Duration pollingInterval) { - Objects.requireNonNull(blobStorageUrl, - String.format(KeyVaultErrorCodeStrings.getErrorString(KeyVaultErrorCodeStrings.PARAMETER_REQUIRED), - "'blobStorageUrl'")); - Objects.requireNonNull(sasToken, - String.format(KeyVaultErrorCodeStrings.getErrorString(KeyVaultErrorCodeStrings.PARAMETER_REQUIRED), - "'sasToken'")); + public PollerFlux beginBackup(String blobStorageUrl, String sasToken, + Duration pollingInterval) { + if (blobStorageUrl == null) { + throw logger.logExceptionAsError(new NullPointerException( + String.format(KeyVaultErrorCodeStrings.getErrorString(KeyVaultErrorCodeStrings.PARAMETER_REQUIRED), + "'blobStorageUrl'"))); + } + + if (sasToken == null) { + throw logger.logExceptionAsError(new NullPointerException( + String.format(KeyVaultErrorCodeStrings.getErrorString(KeyVaultErrorCodeStrings.PARAMETER_REQUIRED), + "'sasToken'"))); + } return new PollerFlux<>(pollingInterval, backupActivationOperation(blobStorageUrl, sasToken), @@ -164,9 +178,13 @@ public PollerFlux beginBackup(String blobStorag * @param blobStorageUrl The URL for the Blob Storage resource where the backup will be located. * @param sasToken A Shared Access Signature (SAS) token to authorize access to the blob. * @param context Additional context that is passed through the HTTP pipeline during the service call. + * * @return A {@link PollerFlux} polling on the {@link KeyVaultBackupOperation backup operation} status. + * + * @throws KeyVaultAdministrationException If the given {@code blobStorageUrl} or {@code sasToken} are invalid. */ - Mono> backupWithResponse(String blobStorageUrl, String sasToken, Context context) { + Mono> backupWithResponse(String blobStorageUrl, String sasToken, + Context context) { SASTokenParameter sasTokenParameter = new SASTokenParameter() .setStorageResourceUri(blobStorageUrl) .setToken(sasToken); @@ -187,7 +205,9 @@ Mono> backupWithResponse(String blobStorageUrl } } - private Function, Mono> backupActivationOperation(String blobStorageUrl, String sasToken) { + private Function, Mono> backupActivationOperation( + String blobStorageUrl, String sasToken) { + return (pollingContext) -> { try { return withContext(context -> backupWithResponse(blobStorageUrl, sasToken, context)) @@ -253,7 +273,9 @@ private Function, Mono> backupFe }; } - private static Mono> processBackupOperationResponse(Response response) { + private static Mono> processBackupOperationResponse( + Response response) { + String operationStatus = response.getValue().getStatus().toLowerCase(Locale.US); return Mono.just(new PollResponse<>( @@ -277,40 +299,54 @@ private static LongRunningOperationStatus toLongRunningOperationStatus(String op /** * Initiates a full restore of the Key Vault. * - * @param backupFolderUrl The URL for the Blob Storage resource where the backup is located, including the path to + * @param folderUrl The URL for the Blob Storage resource where the backup is located, including the path to * the blob container where the backup resides. This would be the exact value that is returned as the result of a - * backup operation. An example of such a URL may look like the following: https://contoso.blob.core.windows.net/backup/mhsm-contoso-2020090117323313. + * backup operation. An example of such a URL may look like the following: + * https://contoso.blob.core.windows.net/backup/mhsm-contoso-2020090117323313. * @param sasToken A Shared Access Signature (SAS) token to authorize access to the blob. + * * @return A {@link PollerFlux} polling on the {@link KeyVaultRestoreOperation restore operation} status. - * @throws NullPointerException if the {@code backupFolderUrl} or {@code sasToken} are {@code null}. + * + * @throws KeyVaultAdministrationException If the given {@code folderUrl} or {@code sasToken} are invalid. + * @throws NullPointerException If the {@code folderUrl} or {@code sasToken} are {@code null}. */ @ServiceMethod(returns = ReturnType.LONG_RUNNING_OPERATION) - public PollerFlux beginRestore(String backupFolderUrl, String sasToken) { - return beginRestore(backupFolderUrl, sasToken, getDefaultPollingInterval()); + public PollerFlux beginRestore(String folderUrl, String sasToken) { + return beginRestore(folderUrl, sasToken, getDefaultPollingInterval()); } /** * Initiates a full restore of the Key Vault. * - * @param backupFolderUrl The URL for the Blob Storage resource where the backup is located, including the path to + * @param folderUrl The URL for the Blob Storage resource where the backup is located, including the path to * the blob container where the backup resides. This would be the exact value that is returned as the result of a - * backup operation. An example of such a URL may look like the following: https://contoso.blob.core.windows.net/backup/mhsm-contoso-2020090117323313. + * backup operation. An example of such a URL may look like the following: + * https://contoso.blob.core.windows.net/backup/mhsm-contoso-2020090117323313. * @param sasToken A Shared Access Signature (SAS) token to authorize access to the blob. * @param pollingInterval The interval at which the operation status will be polled for. + * * @return A {@link PollerFlux} polling on the {@link KeyVaultRestoreOperation restore operation} status. - * @throws NullPointerException if the {@code backupFolderUrl} or {@code sasToken} are {@code null}. + * + * @throws KeyVaultAdministrationException If the given {@code folderUrl} or {@code sasToken} are invalid. + * @throws NullPointerException If the {@code folderUrl} or {@code sasToken} are {@code null}. */ @ServiceMethod(returns = ReturnType.LONG_RUNNING_OPERATION) - public PollerFlux beginRestore(String backupFolderUrl, String sasToken, Duration pollingInterval) { - Objects.requireNonNull(backupFolderUrl, - String.format(KeyVaultErrorCodeStrings.getErrorString(KeyVaultErrorCodeStrings.PARAMETER_REQUIRED), - "'backupFolderUrl'")); - Objects.requireNonNull(sasToken, - String.format(KeyVaultErrorCodeStrings.getErrorString(KeyVaultErrorCodeStrings.PARAMETER_REQUIRED), - "'sasToken'")); + public PollerFlux beginRestore(String folderUrl, String sasToken, + Duration pollingInterval) { + if (folderUrl == null) { + throw logger.logExceptionAsError(new NullPointerException( + String.format(KeyVaultErrorCodeStrings.getErrorString(KeyVaultErrorCodeStrings.PARAMETER_REQUIRED), + "'folderUrl'"))); + } + + if (sasToken == null) { + throw logger.logExceptionAsError(new NullPointerException( + String.format(KeyVaultErrorCodeStrings.getErrorString(KeyVaultErrorCodeStrings.PARAMETER_REQUIRED), + "'sasToken'"))); + } return new PollerFlux<>(pollingInterval, - restoreActivationOperation(backupFolderUrl, sasToken), + restoreActivationOperation(folderUrl, sasToken), restorePollOperation(), (pollingContext, firstResponse) -> Mono.empty(), (pollingContext) -> Mono.empty()); @@ -319,17 +355,21 @@ public PollerFlux beginRestore(String backupFold /** * Initiates a full restore of the Key Vault. * - * @param backupFolderUrl The URL for the Blob Storage resource where the backup is located, including the path to + * @param folderUrl The URL for the Blob Storage resource where the backup is located, including the path to * the blob container where the backup resides. This would be the exact value that is returned as the result of a - * backup operation. An example of such a URL may look like the following: https://contoso.blob.core.windows.net/backup/mhsm-contoso-2020090117323313. + * backup operation. An example of such a URL may look like the following: + * https://contoso.blob.core.windows.net/backup/mhsm-contoso-2020090117323313. * @param sasToken A Shared Access Signature (SAS) token to authorize access to the blob. * @param context Additional context that is passed through the HTTP pipeline during the service call. + * * @return A {@link PollerFlux} polling on the {@link KeyVaultRestoreOperation backup operation} status. + * + * @throws KeyVaultAdministrationException If the given {@code folderUrl} or {@code sasToken} are invalid. */ - Mono> restoreWithResponse(String backupFolderUrl, String sasToken, Context context) { - String[] segments = backupFolderUrl.split("/"); + Mono> restoreWithResponse(String folderUrl, String sasToken, Context context) { + String[] segments = folderUrl.split("/"); String folderName = segments[segments.length - 1]; - String containerUrl = backupFolderUrl.substring(0, backupFolderUrl.length() - folderName.length()); + String containerUrl = folderUrl.substring(0, folderUrl.length() - folderName.length()); SASTokenParameter sasTokenParameter = new SASTokenParameter() .setStorageResourceUri(containerUrl) @@ -342,10 +382,10 @@ Mono> restoreWithResponse(String backupFolder try { return clientImpl.fullRestoreOperationWithResponseAsync(vaultUrl, restoreOperationParameters, context.addData(AZ_TRACING_NAMESPACE_KEY, KEYVAULT_TRACING_NAMESPACE_VALUE)) - .doOnRequest(ignored -> logger.verbose("Restoring from location - {}", backupFolderUrl)) - .doOnSuccess(response -> logger.verbose("Restored from location - {}", backupFolderUrl)) + .doOnRequest(ignored -> logger.verbose("Restoring from location - {}", folderUrl)) + .doOnSuccess(response -> logger.verbose("Restored from location - {}", folderUrl)) .doOnError(error -> - logger.warning("Failed to restore from location - {}", backupFolderUrl, error)) + logger.warning("Failed to restore from location - {}", folderUrl, error)) .map(restoreOperationResponse -> new SimpleResponse<>(restoreOperationResponse.getRequest(), restoreOperationResponse.getStatusCode(), @@ -357,10 +397,10 @@ Mono> restoreWithResponse(String backupFolder } } - private Function, Mono> restoreActivationOperation(String backupFolderUrl, String sasToken) { + private Function, Mono> restoreActivationOperation(String folderUrl, String sasToken) { return (pollingContext) -> { try { - return withContext(context -> restoreWithResponse(backupFolderUrl, sasToken, context)) + return withContext(context -> restoreWithResponse(folderUrl, sasToken, context)) .flatMap(restoreResponse -> Mono.just(restoreResponse.getValue())); } catch (RuntimeException e) { return monoError(logger, e); @@ -407,7 +447,9 @@ private Function, Mono> processRestoreOperationResponse(Response response) { + private static Mono> processRestoreOperationResponse( + Response response) { + String operationStatus = response.getValue().getStatus().toLowerCase(Locale.US); return Mono.just(new PollResponse<>( @@ -419,17 +461,23 @@ private static Mono> processRestoreOperat * storage backup folder. * * @param keyName The name of the key to be restored. - * @param backupFolderUrl The URL for the Blob Storage resource where the backup is located, including the path to + * @param folderUrl The URL for the Blob Storage resource where the backup is located, including the path to * the blob container where the backup resides. This would be the exact value that is returned as the result of a - * backup operation. An example of such a URL may look like the following: https://contoso.blob.core.windows.net/backup/mhsm-contoso-2020090117323313. + * backup operation. An example of such a URL may look like the following: + * https://contoso.blob.core.windows.net/backup/mhsm-contoso-2020090117323313. * @param sasToken A Shared Access Signature (SAS) token to authorize access to the blob. + * * @return A {@link PollerFlux} polling on the {@link KeyVaultRestoreOperation restore operation} status. - * @throws NullPointerException if the {@code keyName}, {@code backupFolderUrl} or {@code sasToken} are {@code + * + * @throws KeyVaultAdministrationException If the given {@code keyName}, {@code folderUrl} or {@code sasToken} are + * invalid. + * @throws NullPointerException If the {@code keyName}, {@code folderUrl} or {@code sasToken} are {@code * null}. */ @ServiceMethod(returns = ReturnType.LONG_RUNNING_OPERATION) - public PollerFlux beginSelectiveRestore(String keyName, String backupFolderUrl, String sasToken) { - return beginSelectiveRestore(keyName, backupFolderUrl, sasToken, getDefaultPollingInterval()); + public PollerFlux beginSelectiveRestore(String keyName, String folderUrl, + String sasToken) { + return beginSelectiveRestore(keyName, folderUrl, sasToken, getDefaultPollingInterval()); } /** @@ -437,29 +485,43 @@ public PollerFlux beginSelectiveRestore(String k * storage backup folder. * * @param keyName The name of the key to be restored. - * @param backupFolderUrl The URL for the Blob Storage resource where the backup is located, including the path to + * @param folderUrl The URL for the Blob Storage resource where the backup is located, including the path to * the blob container where the backup resides. This would be the exact value that is returned as the result of a - * backup operation. An example of such a URL may look like the following: https://contoso.blob.core.windows.net/backup/mhsm-contoso-2020090117323313. + * backup operation. An example of such a URL may look like the following: + * https://contoso.blob.core.windows.net/backup/mhsm-contoso-2020090117323313. * @param sasToken A Shared Access Signature (SAS) token to authorize access to the blob. * @param pollingInterval The interval at which the operation status will be polled for. + * * @return A {@link PollerFlux} polling on the {@link KeyVaultRestoreOperation restore operation} status. - * @throws NullPointerException if the {@code keyName}, {@code backupFolderUrl} or {@code sasToken} are {@code + * + * @throws KeyVaultAdministrationException If the given {@code keyName}, {@code folderUrl} or {@code sasToken} are + * invalid. + * @throws NullPointerException If the {@code keyName}, {@code folderUrl} or {@code sasToken} are {@code * null}. */ @ServiceMethod(returns = ReturnType.LONG_RUNNING_OPERATION) - public PollerFlux beginSelectiveRestore(String keyName, String backupFolderUrl, String sasToken, Duration pollingInterval) { - Objects.requireNonNull(keyName, - String.format(KeyVaultErrorCodeStrings.getErrorString(KeyVaultErrorCodeStrings.PARAMETER_REQUIRED), - "'keyName'")); - Objects.requireNonNull(backupFolderUrl, - String.format(KeyVaultErrorCodeStrings.getErrorString(KeyVaultErrorCodeStrings.PARAMETER_REQUIRED), - "'backupFolderUrl'")); - Objects.requireNonNull(sasToken, - String.format(KeyVaultErrorCodeStrings.getErrorString(KeyVaultErrorCodeStrings.PARAMETER_REQUIRED), - "'sasToken'")); + public PollerFlux beginSelectiveRestore(String keyName, String folderUrl, + String sasToken, Duration pollingInterval) { + if (keyName == null) { + throw logger.logExceptionAsError(new NullPointerException( + String.format(KeyVaultErrorCodeStrings.getErrorString(KeyVaultErrorCodeStrings.PARAMETER_REQUIRED), + "'keyName'"))); + } + + if (folderUrl == null) { + throw logger.logExceptionAsError(new NullPointerException( + String.format(KeyVaultErrorCodeStrings.getErrorString(KeyVaultErrorCodeStrings.PARAMETER_REQUIRED), + "'folderUrl'"))); + } + + if (sasToken == null) { + throw logger.logExceptionAsError(new NullPointerException( + String.format(KeyVaultErrorCodeStrings.getErrorString(KeyVaultErrorCodeStrings.PARAMETER_REQUIRED), + "'sasToken'"))); + } return new PollerFlux<>(pollingInterval, - selectiveRestoreActivationOperation(keyName, backupFolderUrl, sasToken), + selectiveRestoreActivationOperation(keyName, folderUrl, sasToken), selectiveRestorePollOperation(), (pollingContext, firstResponse) -> Mono.empty(), (pollingContext) -> Mono.empty()); @@ -470,17 +532,20 @@ public PollerFlux beginSelectiveRestore(String k * storage backup folder. * * @param keyName The name of the key to be restored. - * @param backupFolderUrl The URL for the Blob Storage resource where the backup is located, including the path to + * @param folderUrl The URL for the Blob Storage resource where the backup is located, including the path to * the blob container where the backup resides. This would be the exact value that is returned as the result of a - * backup operation. An example of such a URL may look like the following: https://contoso.blob.core.windows.net/backup/mhsm-contoso-2020090117323313. + * backup operation. An example of such a URL may look like the following: + * https://contoso.blob.core.windows.net/backup/mhsm-contoso-2020090117323313. * @param sasToken A Shared Access Signature (SAS) token to authorize access to the blob. * @param context Additional context that is passed through the HTTP pipeline during the service call. + * * @return A {@link PollerFlux} polling on the {@link KeyVaultRestoreOperation backup operation} status. */ - Mono> selectiveRestoreWithResponse(String keyName, String backupFolderUrl, String sasToken, Context context) { - String[] segments = backupFolderUrl.split("/"); + Mono> selectiveRestoreWithResponse(String keyName, String folderUrl, + String sasToken, Context context) { + String[] segments = folderUrl.split("/"); String folderName = segments[segments.length - 1]; - String containerUrl = backupFolderUrl.substring(0, backupFolderUrl.length() - folderName.length()); + String containerUrl = folderUrl.substring(0, folderUrl.length() - folderName.length()); SASTokenParameter sasTokenParameter = new SASTokenParameter() .setStorageResourceUri(containerUrl) @@ -496,11 +561,11 @@ Mono> selectiveRestoreWithResponse(String key selectiveKeyRestoreOperationParameters, context.addData(AZ_TRACING_NAMESPACE_KEY, KEYVAULT_TRACING_NAMESPACE_VALUE)) .doOnRequest(ignored -> - logger.verbose("Restoring key \"{}\" from location - {}", keyName, backupFolderUrl)) + logger.verbose("Restoring key \"{}\" from location - {}", keyName, folderUrl)) .doOnSuccess(response -> - logger.verbose("Restored key \"{}\" from location - {}", keyName, backupFolderUrl)) + logger.verbose("Restored key \"{}\" from location - {}", keyName, folderUrl)) .doOnError(error -> - logger.warning("Failed to restore key \"{}\" from location - {}", keyName, backupFolderUrl, error)) + logger.warning("Failed to restore key \"{}\" from location - {}", keyName, folderUrl, error)) .map(restoreOperationResponse -> new SimpleResponse<>(restoreOperationResponse.getRequest(), restoreOperationResponse.getStatusCode(), @@ -512,10 +577,10 @@ Mono> selectiveRestoreWithResponse(String key } } - private Function, Mono> selectiveRestoreActivationOperation(String keyName, String backupFolderUrl, String sasToken) { + private Function, Mono> selectiveRestoreActivationOperation(String keyName, String folderUrl, String sasToken) { return (pollingContext) -> { try { - return withContext(context -> selectiveRestoreWithResponse(keyName, backupFolderUrl, sasToken, context)) + return withContext(context -> selectiveRestoreWithResponse(keyName, folderUrl, sasToken, context)) .flatMap(selectiveKeyRestoreResponse -> Mono.just(selectiveKeyRestoreResponse.getValue())); } catch (RuntimeException e) { return monoError(logger, e); @@ -592,15 +657,6 @@ private static KeyVaultLongRunningOperation transformToLongRunningOperation( } } - private static KeyVaultError createKeyVaultErrorFromError(Error error) { - if (error == null) { - return null; - } - - return - new KeyVaultError(error.getCode(), error.getMessage(), createKeyVaultErrorFromError(error.getInnerError())); - } - private static OffsetDateTime longToOffsetDateTime(Long epochInSeconds) { return epochInSeconds == null ? null : OffsetDateTime.ofInstant(Instant.ofEpochSecond(epochInSeconds), ZoneOffset.UTC); diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/KeyVaultBackupClient.java b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/KeyVaultBackupClient.java index 86258c2ca359..f443032c74da 100644 --- a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/KeyVaultBackupClient.java +++ b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/KeyVaultBackupClient.java @@ -8,6 +8,7 @@ import com.azure.core.annotation.ServiceMethod; import com.azure.core.util.polling.SyncPoller; import com.azure.security.keyvault.administration.models.KeyVaultBackupOperation; +import com.azure.security.keyvault.administration.models.KeyVaultAdministrationException; import com.azure.security.keyvault.administration.models.KeyVaultRestoreOperation; import java.time.Duration; @@ -43,8 +44,11 @@ public String getVaultUrl() { * * @param blobStorageUrl The URL for the Blob Storage resource where the backup will be located. * @param sasToken A Shared Access Signature (SAS) token to authorize access to the blob. + * * @return A {@link SyncPoller} polling on the {@link KeyVaultBackupOperation backup operation} status. - * @throws NullPointerException if the {@code blobStorageUrl} or {@code sasToken} are {@code null}. + * + * @throws KeyVaultAdministrationException If the given {@code blobStorageUrl} or {@code sasToken} are invalid. + * @throws NullPointerException If the {@code blobStorageUrl} or {@code sasToken} are {@code null}. */ @ServiceMethod(returns = ReturnType.LONG_RUNNING_OPERATION) public SyncPoller beginBackup(String blobStorageUrl, String sasToken) { @@ -57,43 +61,56 @@ public SyncPoller beginBackup(String blobStorag * @param blobStorageUrl The URL for the Blob Storage resource where the backup will be located. * @param sasToken A Shared Access Signature (SAS) token to authorize access to the blob. * @param pollingInterval The interval at which the operation status will be polled for. + * * @return A {@link SyncPoller} polling on the {@link KeyVaultBackupOperation backup operation} status. - * @throws NullPointerException if the {@code blobStorageUrl} or {@code sasToken} are {@code null}. + * + * @throws KeyVaultAdministrationException If the given {@code blobStorageUrl} or {@code sasToken} are invalid. + * @throws NullPointerException If the {@code blobStorageUrl} or {@code sasToken} are {@code null}. */ @ServiceMethod(returns = ReturnType.LONG_RUNNING_OPERATION) - public SyncPoller beginBackup(String blobStorageUrl, String sasToken, Duration pollingInterval) { + public SyncPoller beginBackup(String blobStorageUrl, String sasToken, + Duration pollingInterval) { return asyncClient.beginBackup(blobStorageUrl, sasToken, pollingInterval).getSyncPoller(); } /** * Initiates a full restore of the Key Vault. * - * @param backupFolderUrl The URL for the Blob Storage resource where the backup is located, including the path to + * @param folderUrl The URL for the Blob Storage resource where the backup is located, including the path to * the blob container where the backup resides. This would be the exact value that is returned as the result of a - * backup operation. An example of such a URL may look like the following: https://contoso.blob.core.windows.net/backup/mhsm-contoso-2020090117323313. + * backup operation. An example of such a URL may look like the following: + * https://contoso.blob.core.windows.net/backup/mhsm-contoso-2020090117323313. * @param sasToken A Shared Access Signature (SAS) token to authorize access to the blob. + * * @return A {@link SyncPoller} to poll on the {@link KeyVaultRestoreOperation restore operation} status. - * @throws NullPointerException if the {@code backupFolderUrl} or {@code sasToken} are {@code null}. + * + * @throws KeyVaultAdministrationException If the given {@code folderUrl} or {@code sasToken} are invalid. + * @throws NullPointerException If the {@code folderUrl} or {@code sasToken} are {@code null}. */ @ServiceMethod(returns = ReturnType.LONG_RUNNING_OPERATION) - public SyncPoller beginRestore(String backupFolderUrl, String sasToken) { - return asyncClient.beginRestore(backupFolderUrl, sasToken).getSyncPoller(); + public SyncPoller beginRestore(String folderUrl, String sasToken) { + return asyncClient.beginRestore(folderUrl, sasToken).getSyncPoller(); } /** * Initiates a full restore of the Key Vault. * - * @param backupFolderUrl The URL for the Blob Storage resource where the backup is located, including the path to + * @param folderUrl The URL for the Blob Storage resource where the backup is located, including the path to * the blob container where the backup resides. This would be the exact value that is returned as the result of a - * backup operation. An example of such a URL may look like the following: https://contoso.blob.core.windows.net/backup/mhsm-contoso-2020090117323313. + * backup operation. An example of such a URL may look like the following: + * https://contoso.blob.core.windows.net/backup/mhsm-contoso-2020090117323313. * @param sasToken A Shared Access Signature (SAS) token to authorize access to the blob. * @param pollingInterval The interval at which the operation status will be polled for. + * * @return A {@link SyncPoller} to poll on the {@link KeyVaultRestoreOperation restore operation} status. - * @throws NullPointerException if the {@code backupFolderUrl} or {@code sasToken} are {@code null}. + * + * @throws KeyVaultAdministrationException If the given {@code folderUrl} or {@code sasToken} are invalid. + * @throws NullPointerException If the {@code folderUrl} or {@code sasToken} are {@code null}. */ @ServiceMethod(returns = ReturnType.LONG_RUNNING_OPERATION) - public SyncPoller beginRestore(String backupFolderUrl, String sasToken, Duration pollingInterval) { - return asyncClient.beginRestore(backupFolderUrl, sasToken, pollingInterval).getSyncPoller(); + public SyncPoller beginRestore(String folderUrl, String sasToken, + Duration pollingInterval) { + return asyncClient.beginRestore(folderUrl, sasToken, pollingInterval).getSyncPoller(); } /** @@ -101,17 +118,22 @@ public SyncPoller beginRestore(String backupFold * storage backup folder. * * @param keyName The name of the key to be restored. - * @param backupFolderUrl The URL for the Blob Storage resource where the backup is located, including the path to + * @param folderUrl The URL for the Blob Storage resource where the backup is located, including the path to * the blob container where the backup resides. This would be the exact value that is returned as the result of a - * backup operation. An example of such a URL may look like the following: https://contoso.blob.core.windows.net/backup/mhsm-contoso-2020090117323313. + * backup operation. An example of such a URL may look like the following: + * https://contoso.blob.core.windows.net/backup/mhsm-contoso-2020090117323313. * @param sasToken A Shared Access Signature (SAS) token to authorize access to the blob. + * * @return A {@link SyncPoller} to poll on the {@link KeyVaultRestoreOperation restore operation} status. - * @throws NullPointerException if the {@code keyName}, {@code backupFolderUrl} or {@code sasToken} are {@code + * + * @throws KeyVaultAdministrationException If the given {@code folderUrl} or {@code sasToken} are invalid. + * @throws NullPointerException If the {@code keyName}, {@code folderUrl} or {@code sasToken} are {@code * null}. */ @ServiceMethod(returns = ReturnType.LONG_RUNNING_OPERATION) - public SyncPoller beginSelectiveRestore(String keyName, String backupFolderUrl, String sasToken) { - return asyncClient.beginSelectiveRestore(keyName, backupFolderUrl, sasToken).getSyncPoller(); + public SyncPoller beginSelectiveRestore(String keyName, String folderUrl, + String sasToken) { + return asyncClient.beginSelectiveRestore(keyName, folderUrl, sasToken).getSyncPoller(); } /** @@ -119,17 +141,22 @@ public SyncPoller beginSelectiveRestore(String k * storage backup folder. * * @param keyName The name of the key to be restored. - * @param backupFolderUrl The URL for the Blob Storage resource where the backup is located, including the path to + * @param folderUrl The URL for the Blob Storage resource where the backup is located, including the path to * the blob container where the backup resides. This would be the exact value that is returned as the result of a - * backup operation. An example of such a URL may look like the following: https://contoso.blob.core.windows.net/backup/mhsm-contoso-2020090117323313. + * backup operation. An example of such a URL may look like the following: + * https://contoso.blob.core.windows.net/backup/mhsm-contoso-2020090117323313. * @param sasToken A Shared Access Signature (SAS) token to authorize access to the blob. * @param pollingInterval The interval at which the operation status will be polled for. + * * @return A {@link SyncPoller} to poll on the {@link KeyVaultRestoreOperation restore operation} status. - * @throws NullPointerException if the {@code keyName}, {@code backupFolderUrl} or {@code sasToken} are {@code + * + * @throws KeyVaultAdministrationException If the given {@code folderUrl} or {@code sasToken} are invalid. + * @throws NullPointerException If the {@code keyName}, {@code folderUrl} or {@code sasToken} are {@code * null}. */ @ServiceMethod(returns = ReturnType.LONG_RUNNING_OPERATION) - public SyncPoller beginSelectiveRestore(String keyName, String backupFolderUrl, String sasToken, Duration pollingInterval) { - return asyncClient.beginSelectiveRestore(keyName, backupFolderUrl, sasToken, pollingInterval).getSyncPoller(); + public SyncPoller beginSelectiveRestore(String keyName, String folderUrl, + String sasToken, Duration pollingInterval) { + return asyncClient.beginSelectiveRestore(keyName, folderUrl, sasToken, pollingInterval).getSyncPoller(); } } diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/KeyVaultAccessControlClientImpl.java b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/KeyVaultAccessControlClientImpl.java index 1eedce941db5..21ec2536c3c0 100644 --- a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/KeyVaultAccessControlClientImpl.java +++ b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/KeyVaultAccessControlClientImpl.java @@ -74,22 +74,28 @@ public RoleAssignmentsImpl getRoleAssignments() { return this.roleAssignments; } - /** Initializes an instance of KeyVaultAccessControlClient client. */ - KeyVaultAccessControlClientImpl() { + /** + * Initializes an instance of KeyVaultAccessControlClient client. + * + * @param apiVersion Api Version. + */ + KeyVaultAccessControlClientImpl(String apiVersion) { this( new HttpPipelineBuilder() .policies(new UserAgentPolicy(), new RetryPolicy(), new CookiePolicy()) .build(), - JacksonAdapter.createDefaultSerializerAdapter()); + JacksonAdapter.createDefaultSerializerAdapter(), + apiVersion); } /** * Initializes an instance of KeyVaultAccessControlClient client. * * @param httpPipeline The HTTP pipeline to send requests through. + * @param apiVersion Api Version. */ - KeyVaultAccessControlClientImpl(HttpPipeline httpPipeline) { - this(httpPipeline, JacksonAdapter.createDefaultSerializerAdapter()); + KeyVaultAccessControlClientImpl(HttpPipeline httpPipeline, String apiVersion) { + this(httpPipeline, JacksonAdapter.createDefaultSerializerAdapter(), apiVersion); } /** @@ -97,11 +103,12 @@ public RoleAssignmentsImpl getRoleAssignments() { * * @param httpPipeline The HTTP pipeline to send requests through. * @param serializerAdapter The serializer to serialize an object into a string. + * @param apiVersion Api Version. */ - KeyVaultAccessControlClientImpl(HttpPipeline httpPipeline, SerializerAdapter serializerAdapter) { + KeyVaultAccessControlClientImpl(HttpPipeline httpPipeline, SerializerAdapter serializerAdapter, String apiVersion) { this.httpPipeline = httpPipeline; this.serializerAdapter = serializerAdapter; - this.apiVersion = "7.2-preview"; + this.apiVersion = apiVersion; this.roleDefinitions = new RoleDefinitionsImpl(this); this.roleAssignments = new RoleAssignmentsImpl(this); } diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/KeyVaultAccessControlClientImplBuilder.java b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/KeyVaultAccessControlClientImplBuilder.java index d135ff4387b1..79c3e6307ac9 100644 --- a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/KeyVaultAccessControlClientImplBuilder.java +++ b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/KeyVaultAccessControlClientImplBuilder.java @@ -5,17 +5,54 @@ package com.azure.security.keyvault.administration.implementation; import com.azure.core.annotation.ServiceClientBuilder; +import com.azure.core.http.HttpClient; import com.azure.core.http.HttpPipeline; import com.azure.core.http.HttpPipelineBuilder; import com.azure.core.http.policy.CookiePolicy; +import com.azure.core.http.policy.HttpLogOptions; +import com.azure.core.http.policy.HttpLoggingPolicy; +import com.azure.core.http.policy.HttpPipelinePolicy; +import com.azure.core.http.policy.HttpPolicyProviders; import com.azure.core.http.policy.RetryPolicy; import com.azure.core.http.policy.UserAgentPolicy; +import com.azure.core.util.Configuration; import com.azure.core.util.serializer.JacksonAdapter; import com.azure.core.util.serializer.SerializerAdapter; +import java.util.ArrayList; +import java.util.HashMap; +import java.util.List; +import java.util.Map; /** A builder for creating a new instance of the KeyVaultAccessControlClient type. */ @ServiceClientBuilder(serviceClients = {KeyVaultAccessControlClientImpl.class}) public final class KeyVaultAccessControlClientImplBuilder { + private static final String SDK_NAME = "name"; + + private static final String SDK_VERSION = "version"; + + private final Map properties = new HashMap<>(); + + /** Create an instance of the KeyVaultAccessControlClientImplBuilder. */ + public KeyVaultAccessControlClientImplBuilder() { + this.pipelinePolicies = new ArrayList<>(); + } + + /* + * Api Version + */ + private String apiVersion; + + /** + * Sets Api Version. + * + * @param apiVersion the apiVersion value. + * @return the KeyVaultAccessControlClientImplBuilder. + */ + public KeyVaultAccessControlClientImplBuilder apiVersion(String apiVersion) { + this.apiVersion = apiVersion; + return this; + } + /* * The HTTP pipeline to send requests through */ @@ -48,22 +85,130 @@ public KeyVaultAccessControlClientImplBuilder serializerAdapter(SerializerAdapte return this; } + /* + * The HTTP client used to send the request. + */ + private HttpClient httpClient; + + /** + * Sets The HTTP client used to send the request. + * + * @param httpClient the httpClient value. + * @return the KeyVaultAccessControlClientImplBuilder. + */ + public KeyVaultAccessControlClientImplBuilder httpClient(HttpClient httpClient) { + this.httpClient = httpClient; + return this; + } + + /* + * The configuration store that is used during construction of the service + * client. + */ + private Configuration configuration; + + /** + * Sets The configuration store that is used during construction of the service client. + * + * @param configuration the configuration value. + * @return the KeyVaultAccessControlClientImplBuilder. + */ + public KeyVaultAccessControlClientImplBuilder configuration(Configuration configuration) { + this.configuration = configuration; + return this; + } + + /* + * The logging configuration for HTTP requests and responses. + */ + private HttpLogOptions httpLogOptions; + + /** + * Sets The logging configuration for HTTP requests and responses. + * + * @param httpLogOptions the httpLogOptions value. + * @return the KeyVaultAccessControlClientImplBuilder. + */ + public KeyVaultAccessControlClientImplBuilder httpLogOptions(HttpLogOptions httpLogOptions) { + this.httpLogOptions = httpLogOptions; + return this; + } + + /* + * The retry policy that will attempt to retry failed requests, if + * applicable. + */ + private RetryPolicy retryPolicy; + + /** + * Sets The retry policy that will attempt to retry failed requests, if applicable. + * + * @param retryPolicy the retryPolicy value. + * @return the KeyVaultAccessControlClientImplBuilder. + */ + public KeyVaultAccessControlClientImplBuilder retryPolicy(RetryPolicy retryPolicy) { + this.retryPolicy = retryPolicy; + return this; + } + + /* + * The list of Http pipeline policies to add. + */ + private final List pipelinePolicies; + + /** + * Adds a custom Http pipeline policy. + * + * @param customPolicy The custom Http pipeline policy to add. + * @return the KeyVaultAccessControlClientImplBuilder. + */ + public KeyVaultAccessControlClientImplBuilder addPolicy(HttpPipelinePolicy customPolicy) { + pipelinePolicies.add(customPolicy); + return this; + } + /** * Builds an instance of KeyVaultAccessControlClientImpl with the provided parameters. * * @return an instance of KeyVaultAccessControlClientImpl. */ public KeyVaultAccessControlClientImpl buildClient() { + if (apiVersion == null) { + this.apiVersion = "7.2"; + } if (pipeline == null) { - this.pipeline = - new HttpPipelineBuilder() - .policies(new UserAgentPolicy(), new RetryPolicy(), new CookiePolicy()) - .build(); + this.pipeline = createHttpPipeline(); } if (serializerAdapter == null) { this.serializerAdapter = JacksonAdapter.createDefaultSerializerAdapter(); } - KeyVaultAccessControlClientImpl client = new KeyVaultAccessControlClientImpl(pipeline, serializerAdapter); + KeyVaultAccessControlClientImpl client = + new KeyVaultAccessControlClientImpl(pipeline, serializerAdapter, apiVersion); return client; } + + private HttpPipeline createHttpPipeline() { + Configuration buildConfiguration = + (configuration == null) ? Configuration.getGlobalConfiguration() : configuration; + if (httpLogOptions == null) { + httpLogOptions = new HttpLogOptions(); + } + List policies = new ArrayList<>(); + String clientName = properties.getOrDefault(SDK_NAME, "UnknownName"); + String clientVersion = properties.getOrDefault(SDK_VERSION, "UnknownVersion"); + policies.add( + new UserAgentPolicy(httpLogOptions.getApplicationId(), clientName, clientVersion, buildConfiguration)); + HttpPolicyProviders.addBeforeRetryPolicies(policies); + policies.add(retryPolicy == null ? new RetryPolicy() : retryPolicy); + policies.add(new CookiePolicy()); + policies.addAll(this.pipelinePolicies); + HttpPolicyProviders.addAfterRetryPolicies(policies); + policies.add(new HttpLoggingPolicy(httpLogOptions)); + HttpPipeline httpPipeline = + new HttpPipelineBuilder() + .policies(policies.toArray(new HttpPipelinePolicy[0])) + .httpClient(httpClient) + .build(); + return httpPipeline; + } } diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/KeyVaultAdministrationUtils.java b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/KeyVaultAdministrationUtils.java new file mode 100644 index 000000000000..e96504b2f116 --- /dev/null +++ b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/KeyVaultAdministrationUtils.java @@ -0,0 +1,97 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +package com.azure.security.keyvault.administration.implementation; + +import com.azure.security.keyvault.administration.implementation.models.Error; +import com.azure.security.keyvault.administration.models.KeyVaultError; +import com.azure.security.keyvault.administration.models.KeyVaultAdministrationException; + +/** + * A class containing utility methods for the Azure Security Key Vault Administration library. + */ +public final class KeyVaultAdministrationUtils { + private KeyVaultAdministrationUtils() { + throw new UnsupportedOperationException("Cannot instantiate KeyVaultAdministrationUtils"); + } + + /** + * Convert an implementation + * {@link com.azure.security.keyvault.administration.implementation.models.KeyVaultErrorException} to a public + * {@link KeyVaultAdministrationException}. + * + * @param exception The implementation + * {@link com.azure.security.keyvault.administration.implementation.models.KeyVaultErrorException}. + * + * @return An instance of the public {@link KeyVaultAdministrationException}. + */ + public static KeyVaultAdministrationException toKeyVaultAdministrationException( + com.azure.security.keyvault.administration.implementation.models.KeyVaultErrorException exception) { + + if (exception == null) { + return null; + } + + return new KeyVaultAdministrationException(exception.getMessage(), exception.getResponse(), + toKeyVaultError(exception.getValue())); + } + + /** + * Convert an implementation {@link com.azure.security.keyvault.administration.implementation.models.KeyVaultError} + * to a public {@link KeyVaultError}. + * + * @param keyVaultError The {@link com.azure.security.keyvault.administration.implementation.models.KeyVaultError} + * returned by the service. + * + * @return An instance of the public {@link KeyVaultError}. + */ + public static KeyVaultError toKeyVaultError( + com.azure.security.keyvault.administration.implementation.models.KeyVaultError keyVaultError) { + + if (keyVaultError == null) { + return null; + } + + return createKeyVaultErrorFromError(keyVaultError.getError()); + } + + /** + * Convert an error {@link Error} internal to an implementation + * {@link com.azure.security.keyvault.administration.implementation.models.KeyVaultError} to a public + * {@link KeyVaultError}. + * + * @param error The {@link Error} internal to an implementation + * {@link com.azure.security.keyvault.administration.implementation.models.KeyVaultError} returned by the service. + * + * @return An instance of the public {@link KeyVaultError}. + */ + public static KeyVaultError createKeyVaultErrorFromError(Error error) { + if (error == null) { + return null; + } + + return new KeyVaultError(error.getCode(), error.getMessage(), + createKeyVaultErrorFromError(error.getInnerError())); + } + + /** + * Maps a {@link Throwable} to {@link KeyVaultAdministrationException} if it's an instance of + * {@link com.azure.security.keyvault.administration.implementation.models.KeyVaultErrorException}, else it returns + * the original throwable. + * + * @param throwable A {@link Throwable}. + * + * @return A {@link Throwable} that is either an instance of the public {@link KeyVaultAdministrationException} or the + * original {@link Throwable}. + */ + public static Throwable mapThrowableToKeyVaultAdministrationException(Throwable throwable) { + if (throwable + instanceof com.azure.security.keyvault.administration.implementation.models.KeyVaultErrorException) { + + return toKeyVaultAdministrationException( + (com.azure.security.keyvault.administration.implementation.models.KeyVaultErrorException) throwable); + } else { + return throwable; + } + } +} diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/KeyVaultBackupClientImpl.java b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/KeyVaultBackupClientImpl.java index 363058bbf721..73e183fd34b3 100644 --- a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/KeyVaultBackupClientImpl.java +++ b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/KeyVaultBackupClientImpl.java @@ -7,6 +7,7 @@ import com.azure.core.annotation.BodyParam; import com.azure.core.annotation.ExpectedResponses; import com.azure.core.annotation.Get; +import com.azure.core.annotation.HeaderParam; import com.azure.core.annotation.Host; import com.azure.core.annotation.HostParam; import com.azure.core.annotation.PathParam; @@ -79,22 +80,28 @@ public SerializerAdapter getSerializerAdapter() { return this.serializerAdapter; } - /** Initializes an instance of KeyVaultBackupClient client. */ - KeyVaultBackupClientImpl() { + /** + * Initializes an instance of KeyVaultBackupClient client. + * + * @param apiVersion Api Version. + */ + KeyVaultBackupClientImpl(String apiVersion) { this( new HttpPipelineBuilder() .policies(new UserAgentPolicy(), new RetryPolicy(), new CookiePolicy()) .build(), - JacksonAdapter.createDefaultSerializerAdapter()); + JacksonAdapter.createDefaultSerializerAdapter(), + apiVersion); } /** * Initializes an instance of KeyVaultBackupClient client. * * @param httpPipeline The HTTP pipeline to send requests through. + * @param apiVersion Api Version. */ - KeyVaultBackupClientImpl(HttpPipeline httpPipeline) { - this(httpPipeline, JacksonAdapter.createDefaultSerializerAdapter()); + KeyVaultBackupClientImpl(HttpPipeline httpPipeline, String apiVersion) { + this(httpPipeline, JacksonAdapter.createDefaultSerializerAdapter(), apiVersion); } /** @@ -102,11 +109,12 @@ public SerializerAdapter getSerializerAdapter() { * * @param httpPipeline The HTTP pipeline to send requests through. * @param serializerAdapter The serializer to serialize an object into a string. + * @param apiVersion Api Version. */ - KeyVaultBackupClientImpl(HttpPipeline httpPipeline, SerializerAdapter serializerAdapter) { + KeyVaultBackupClientImpl(HttpPipeline httpPipeline, SerializerAdapter serializerAdapter, String apiVersion) { this.httpPipeline = httpPipeline; this.serializerAdapter = serializerAdapter; - this.apiVersion = "7.2-preview"; + this.apiVersion = apiVersion; this.service = RestProxy.create(KeyVaultBackupClientService.class, this.httpPipeline, this.getSerializerAdapter()); } @@ -125,6 +133,7 @@ Mono fullBackup( @HostParam("vaultBaseUrl") String vaultBaseUrl, @QueryParam("api-version") String apiVersion, @BodyParam("application/json") SASTokenParameter azureStorageBlobContainerUri, + @HeaderParam("Accept") String accept, Context context); @Get("/backup/{jobId}/pending") @@ -134,6 +143,7 @@ Mono> fullBackupStatus( @HostParam("vaultBaseUrl") String vaultBaseUrl, @PathParam("jobId") String jobId, @QueryParam("api-version") String apiVersion, + @HeaderParam("Accept") String accept, Context context); @Put("/restore") @@ -143,6 +153,7 @@ Mono fullRestoreOperation( @HostParam("vaultBaseUrl") String vaultBaseUrl, @QueryParam("api-version") String apiVersion, @BodyParam("application/json") RestoreOperationParameters restoreBlobDetails, + @HeaderParam("Accept") String accept, Context context); @Get("/restore/{jobId}/pending") @@ -152,6 +163,7 @@ Mono> restoreStatus( @HostParam("vaultBaseUrl") String vaultBaseUrl, @PathParam("jobId") String jobId, @QueryParam("api-version") String apiVersion, + @HeaderParam("Accept") String accept, Context context); @Put("/keys/{keyName}/restore") @@ -162,13 +174,14 @@ Mono selectiveKeyRestoreOperation( @PathParam("keyName") String keyName, @QueryParam("api-version") String apiVersion, @BodyParam("application/json") SelectiveKeyRestoreOperationParameters restoreBlobDetails, + @HeaderParam("Accept") String accept, Context context); } /** * Creates a full backup using a user-provided SAS token to an Azure blob storage container. * - * @param vaultBaseUrl simple string. + * @param vaultBaseUrl The vault name, for example https://myvault.vault.azure.net. * @param azureStorageBlobContainerUri Azure blob shared access signature token pointing to a valid Azure blob * container where full backup needs to be stored. This token needs to be valid for at least next 24 hours from * the time of making this call. @@ -181,13 +194,14 @@ Mono selectiveKeyRestoreOperation( @ServiceMethod(returns = ReturnType.SINGLE) public Mono fullBackupWithResponseAsync( String vaultBaseUrl, SASTokenParameter azureStorageBlobContainerUri, Context context) { - return service.fullBackup(vaultBaseUrl, this.getApiVersion(), azureStorageBlobContainerUri, context); + final String accept = "application/json"; + return service.fullBackup(vaultBaseUrl, this.getApiVersion(), azureStorageBlobContainerUri, accept, context); } /** * Returns the status of full backup operation. * - * @param vaultBaseUrl simple string. + * @param vaultBaseUrl The vault name, for example https://myvault.vault.azure.net. * @param jobId The id returned as part of the backup request. * @param context The context to associate with this operation. * @throws IllegalArgumentException thrown if parameters fail the validation. @@ -198,13 +212,14 @@ public Mono fullBackupWithResponseAsync( @ServiceMethod(returns = ReturnType.SINGLE) public Mono> fullBackupStatusWithResponseAsync( String vaultBaseUrl, String jobId, Context context) { - return service.fullBackupStatus(vaultBaseUrl, jobId, this.getApiVersion(), context); + final String accept = "application/json"; + return service.fullBackupStatus(vaultBaseUrl, jobId, this.getApiVersion(), accept, context); } /** * Restores all key materials using the SAS token pointing to a previously stored Azure Blob storage backup folder. * - * @param vaultBaseUrl simple string. + * @param vaultBaseUrl The vault name, for example https://myvault.vault.azure.net. * @param restoreBlobDetails The Azure blob SAS token pointing to a folder where the previous successful full backup * was stored. * @param context The context to associate with this operation. @@ -216,13 +231,14 @@ public Mono> fullBackupStatusWithResponseAsync( @ServiceMethod(returns = ReturnType.SINGLE) public Mono fullRestoreOperationWithResponseAsync( String vaultBaseUrl, RestoreOperationParameters restoreBlobDetails, Context context) { - return service.fullRestoreOperation(vaultBaseUrl, this.getApiVersion(), restoreBlobDetails, context); + final String accept = "application/json"; + return service.fullRestoreOperation(vaultBaseUrl, this.getApiVersion(), restoreBlobDetails, accept, context); } /** * Returns the status of restore operation. * - * @param vaultBaseUrl simple string. + * @param vaultBaseUrl The vault name, for example https://myvault.vault.azure.net. * @param jobId The Job Id returned part of the restore operation. * @param context The context to associate with this operation. * @throws IllegalArgumentException thrown if parameters fail the validation. @@ -233,14 +249,15 @@ public Mono fullRestoreOperationWithResponseAsync( @ServiceMethod(returns = ReturnType.SINGLE) public Mono> restoreStatusWithResponseAsync( String vaultBaseUrl, String jobId, Context context) { - return service.restoreStatus(vaultBaseUrl, jobId, this.getApiVersion(), context); + final String accept = "application/json"; + return service.restoreStatus(vaultBaseUrl, jobId, this.getApiVersion(), accept, context); } /** * Restores all key versions of a given key using user supplied SAS token pointing to a previously stored Azure Blob * storage backup folder. * - * @param vaultBaseUrl simple string. + * @param vaultBaseUrl The vault name, for example https://myvault.vault.azure.net. * @param keyName The name of the key to be restored from the user supplied backup. * @param restoreBlobDetails The Azure blob SAS token pointing to a folder where the previous successful full backup * was stored. @@ -256,7 +273,8 @@ public Mono selectiveKeyRestoreOperationWi String keyName, SelectiveKeyRestoreOperationParameters restoreBlobDetails, Context context) { + final String accept = "application/json"; return service.selectiveKeyRestoreOperation( - vaultBaseUrl, keyName, this.getApiVersion(), restoreBlobDetails, context); + vaultBaseUrl, keyName, this.getApiVersion(), restoreBlobDetails, accept, context); } } diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/KeyVaultBackupClientImplBuilder.java b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/KeyVaultBackupClientImplBuilder.java index aaa20c763c26..84d7976ee2ce 100644 --- a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/KeyVaultBackupClientImplBuilder.java +++ b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/KeyVaultBackupClientImplBuilder.java @@ -5,17 +5,54 @@ package com.azure.security.keyvault.administration.implementation; import com.azure.core.annotation.ServiceClientBuilder; +import com.azure.core.http.HttpClient; import com.azure.core.http.HttpPipeline; import com.azure.core.http.HttpPipelineBuilder; import com.azure.core.http.policy.CookiePolicy; +import com.azure.core.http.policy.HttpLogOptions; +import com.azure.core.http.policy.HttpLoggingPolicy; +import com.azure.core.http.policy.HttpPipelinePolicy; +import com.azure.core.http.policy.HttpPolicyProviders; import com.azure.core.http.policy.RetryPolicy; import com.azure.core.http.policy.UserAgentPolicy; +import com.azure.core.util.Configuration; import com.azure.core.util.serializer.JacksonAdapter; import com.azure.core.util.serializer.SerializerAdapter; +import java.util.ArrayList; +import java.util.HashMap; +import java.util.List; +import java.util.Map; /** A builder for creating a new instance of the KeyVaultBackupClient type. */ @ServiceClientBuilder(serviceClients = {KeyVaultBackupClientImpl.class}) public final class KeyVaultBackupClientImplBuilder { + private static final String SDK_NAME = "name"; + + private static final String SDK_VERSION = "version"; + + private final Map properties = new HashMap<>(); + + /** Create an instance of the KeyVaultBackupClientImplBuilder. */ + public KeyVaultBackupClientImplBuilder() { + this.pipelinePolicies = new ArrayList<>(); + } + + /* + * Api Version + */ + private String apiVersion; + + /** + * Sets Api Version. + * + * @param apiVersion the apiVersion value. + * @return the KeyVaultBackupClientImplBuilder. + */ + public KeyVaultBackupClientImplBuilder apiVersion(String apiVersion) { + this.apiVersion = apiVersion; + return this; + } + /* * The HTTP pipeline to send requests through */ @@ -48,22 +85,129 @@ public KeyVaultBackupClientImplBuilder serializerAdapter(SerializerAdapter seria return this; } + /* + * The HTTP client used to send the request. + */ + private HttpClient httpClient; + + /** + * Sets The HTTP client used to send the request. + * + * @param httpClient the httpClient value. + * @return the KeyVaultBackupClientImplBuilder. + */ + public KeyVaultBackupClientImplBuilder httpClient(HttpClient httpClient) { + this.httpClient = httpClient; + return this; + } + + /* + * The configuration store that is used during construction of the service + * client. + */ + private Configuration configuration; + + /** + * Sets The configuration store that is used during construction of the service client. + * + * @param configuration the configuration value. + * @return the KeyVaultBackupClientImplBuilder. + */ + public KeyVaultBackupClientImplBuilder configuration(Configuration configuration) { + this.configuration = configuration; + return this; + } + + /* + * The logging configuration for HTTP requests and responses. + */ + private HttpLogOptions httpLogOptions; + + /** + * Sets The logging configuration for HTTP requests and responses. + * + * @param httpLogOptions the httpLogOptions value. + * @return the KeyVaultBackupClientImplBuilder. + */ + public KeyVaultBackupClientImplBuilder httpLogOptions(HttpLogOptions httpLogOptions) { + this.httpLogOptions = httpLogOptions; + return this; + } + + /* + * The retry policy that will attempt to retry failed requests, if + * applicable. + */ + private RetryPolicy retryPolicy; + + /** + * Sets The retry policy that will attempt to retry failed requests, if applicable. + * + * @param retryPolicy the retryPolicy value. + * @return the KeyVaultBackupClientImplBuilder. + */ + public KeyVaultBackupClientImplBuilder retryPolicy(RetryPolicy retryPolicy) { + this.retryPolicy = retryPolicy; + return this; + } + + /* + * The list of Http pipeline policies to add. + */ + private final List pipelinePolicies; + + /** + * Adds a custom Http pipeline policy. + * + * @param customPolicy The custom Http pipeline policy to add. + * @return the KeyVaultBackupClientImplBuilder. + */ + public KeyVaultBackupClientImplBuilder addPolicy(HttpPipelinePolicy customPolicy) { + pipelinePolicies.add(customPolicy); + return this; + } + /** * Builds an instance of KeyVaultBackupClientImpl with the provided parameters. * * @return an instance of KeyVaultBackupClientImpl. */ public KeyVaultBackupClientImpl buildClient() { + if (apiVersion == null) { + this.apiVersion = "7.2"; + } if (pipeline == null) { - this.pipeline = - new HttpPipelineBuilder() - .policies(new UserAgentPolicy(), new RetryPolicy(), new CookiePolicy()) - .build(); + this.pipeline = createHttpPipeline(); } if (serializerAdapter == null) { this.serializerAdapter = JacksonAdapter.createDefaultSerializerAdapter(); } - KeyVaultBackupClientImpl client = new KeyVaultBackupClientImpl(pipeline, serializerAdapter); + KeyVaultBackupClientImpl client = new KeyVaultBackupClientImpl(pipeline, serializerAdapter, apiVersion); return client; } + + private HttpPipeline createHttpPipeline() { + Configuration buildConfiguration = + (configuration == null) ? Configuration.getGlobalConfiguration() : configuration; + if (httpLogOptions == null) { + httpLogOptions = new HttpLogOptions(); + } + List policies = new ArrayList<>(); + String clientName = properties.getOrDefault(SDK_NAME, "UnknownName"); + String clientVersion = properties.getOrDefault(SDK_VERSION, "UnknownVersion"); + policies.add( + new UserAgentPolicy(httpLogOptions.getApplicationId(), clientName, clientVersion, buildConfiguration)); + HttpPolicyProviders.addBeforeRetryPolicies(policies); + policies.add(retryPolicy == null ? new RetryPolicy() : retryPolicy); + policies.add(new CookiePolicy()); + policies.addAll(this.pipelinePolicies); + HttpPolicyProviders.addAfterRetryPolicies(policies); + policies.add(new HttpLoggingPolicy(httpLogOptions)); + HttpPipeline httpPipeline = + new HttpPipelineBuilder() + .policies(policies.toArray(new HttpPipelinePolicy[0])) + .httpClient(httpClient) + .build(); + return httpPipeline; + } } diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/RoleAssignmentsImpl.java b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/RoleAssignmentsImpl.java index ef7d31d6b48b..8287c175add9 100644 --- a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/RoleAssignmentsImpl.java +++ b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/RoleAssignmentsImpl.java @@ -8,6 +8,7 @@ import com.azure.core.annotation.Delete; import com.azure.core.annotation.ExpectedResponses; import com.azure.core.annotation.Get; +import com.azure.core.annotation.HeaderParam; import com.azure.core.annotation.Host; import com.azure.core.annotation.HostParam; import com.azure.core.annotation.PathParam; @@ -62,6 +63,7 @@ Mono> delete( @PathParam(value = "scope", encoded = true) String scope, @PathParam("roleAssignmentName") String roleAssignmentName, @QueryParam("api-version") String apiVersion, + @HeaderParam("Accept") String accept, Context context); @Put("/{scope}/providers/Microsoft.Authorization/roleAssignments/{roleAssignmentName}") @@ -73,6 +75,7 @@ Mono> create( @PathParam("roleAssignmentName") String roleAssignmentName, @QueryParam("api-version") String apiVersion, @BodyParam("application/json") RoleAssignmentCreateParameters parameters, + @HeaderParam("Accept") String accept, Context context); @Get("/{scope}/providers/Microsoft.Authorization/roleAssignments/{roleAssignmentName}") @@ -83,6 +86,7 @@ Mono> get( @PathParam(value = "scope", encoded = true) String scope, @PathParam("roleAssignmentName") String roleAssignmentName, @QueryParam("api-version") String apiVersion, + @HeaderParam("Accept") String accept, Context context); @Get("/{scope}/providers/Microsoft.Authorization/roleAssignments") @@ -93,19 +97,23 @@ Mono> listForScope( @PathParam(value = "scope", encoded = true) String scope, @QueryParam("$filter") String filter, @QueryParam("api-version") String apiVersion, + @HeaderParam("Accept") String accept, Context context); @Get("{nextLink}") @ExpectedResponses({200}) @UnexpectedResponseExceptionType(KeyVaultErrorException.class) Mono> listForScopeNext( - @PathParam(value = "nextLink", encoded = true) String nextLink, Context context); + @PathParam(value = "nextLink", encoded = true) String nextLink, + @HostParam("vaultBaseUrl") String vaultBaseUrl, + @HeaderParam("Accept") String accept, + Context context); } /** * Deletes a role assignment. * - * @param vaultBaseUrl simple string. + * @param vaultBaseUrl The vault name, for example https://myvault.vault.azure.net. * @param scope The scope of the role assignment to delete. * @param roleAssignmentName The name of the role assignment to delete. * @param context The context to associate with this operation. @@ -117,16 +125,17 @@ Mono> listForScopeNext( @ServiceMethod(returns = ReturnType.SINGLE) public Mono> deleteWithResponseAsync( String vaultBaseUrl, String scope, String roleAssignmentName, Context context) { - return service.delete(vaultBaseUrl, scope, roleAssignmentName, this.client.getApiVersion(), context); + final String accept = "application/json"; + return service.delete(vaultBaseUrl, scope, roleAssignmentName, this.client.getApiVersion(), accept, context); } /** * Creates a role assignment. * - * @param vaultBaseUrl simple string. + * @param vaultBaseUrl The vault name, for example https://myvault.vault.azure.net. * @param scope The scope of the role assignment to create. * @param roleAssignmentName The name of the role assignment to create. It can be any valid GUID. - * @param parameters Role assignment create parameters. + * @param parameters Parameters for the role assignment. * @param context The context to associate with this operation. * @throws IllegalArgumentException thrown if parameters fail the validation. * @throws KeyVaultErrorException thrown if the request is rejected by server. @@ -140,14 +149,15 @@ public Mono> createWithResponseAsync( String roleAssignmentName, RoleAssignmentCreateParameters parameters, Context context) { + final String accept = "application/json"; return service.create( - vaultBaseUrl, scope, roleAssignmentName, this.client.getApiVersion(), parameters, context); + vaultBaseUrl, scope, roleAssignmentName, this.client.getApiVersion(), parameters, accept, context); } /** * Get the specified role assignment. * - * @param vaultBaseUrl simple string. + * @param vaultBaseUrl The vault name, for example https://myvault.vault.azure.net. * @param scope The scope of the role assignment. * @param roleAssignmentName The name of the role assignment to get. * @param context The context to associate with this operation. @@ -159,13 +169,14 @@ public Mono> createWithResponseAsync( @ServiceMethod(returns = ReturnType.SINGLE) public Mono> getWithResponseAsync( String vaultBaseUrl, String scope, String roleAssignmentName, Context context) { - return service.get(vaultBaseUrl, scope, roleAssignmentName, this.client.getApiVersion(), context); + final String accept = "application/json"; + return service.get(vaultBaseUrl, scope, roleAssignmentName, this.client.getApiVersion(), accept, context); } /** * Gets role assignments for a scope. * - * @param vaultBaseUrl simple string. + * @param vaultBaseUrl The vault name, for example https://myvault.vault.azure.net. * @param scope The scope of the role assignments. * @param filter The filter to apply on the operation. Use $filter=atScope() to return all role assignments at or * above the scope. Use $filter=principalId eq {id} to return all role assignments at, above or below the scope @@ -179,7 +190,8 @@ public Mono> getWithResponseAsync( @ServiceMethod(returns = ReturnType.SINGLE) public Mono> listForScopeSinglePageAsync( String vaultBaseUrl, String scope, String filter, Context context) { - return service.listForScope(vaultBaseUrl, scope, filter, this.client.getApiVersion(), context) + final String accept = "application/json"; + return service.listForScope(vaultBaseUrl, scope, filter, this.client.getApiVersion(), accept, context) .map( res -> new PagedResponseBase<>( @@ -195,6 +207,7 @@ public Mono> listForScopeSinglePageAsync( * Get the next page of items. * * @param nextLink The nextLink parameter. + * @param vaultBaseUrl The vault name, for example https://myvault.vault.azure.net. * @param context The context to associate with this operation. * @throws IllegalArgumentException thrown if parameters fail the validation. * @throws KeyVaultErrorException thrown if the request is rejected by server. @@ -202,8 +215,10 @@ public Mono> listForScopeSinglePageAsync( * @return role assignment list operation result. */ @ServiceMethod(returns = ReturnType.SINGLE) - public Mono> listForScopeNextSinglePageAsync(String nextLink, Context context) { - return service.listForScopeNext(nextLink, context) + public Mono> listForScopeNextSinglePageAsync( + String nextLink, String vaultBaseUrl, Context context) { + final String accept = "application/json"; + return service.listForScopeNext(nextLink, vaultBaseUrl, accept, context) .map( res -> new PagedResponseBase<>( diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/RoleDefinitionsImpl.java b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/RoleDefinitionsImpl.java index 0bb245c326f4..03ac9ced4604 100644 --- a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/RoleDefinitionsImpl.java +++ b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/RoleDefinitionsImpl.java @@ -4,11 +4,15 @@ package com.azure.security.keyvault.administration.implementation; +import com.azure.core.annotation.BodyParam; +import com.azure.core.annotation.Delete; import com.azure.core.annotation.ExpectedResponses; import com.azure.core.annotation.Get; +import com.azure.core.annotation.HeaderParam; import com.azure.core.annotation.Host; import com.azure.core.annotation.HostParam; import com.azure.core.annotation.PathParam; +import com.azure.core.annotation.Put; import com.azure.core.annotation.QueryParam; import com.azure.core.annotation.ReturnType; import com.azure.core.annotation.ServiceInterface; @@ -21,6 +25,7 @@ import com.azure.core.util.Context; import com.azure.security.keyvault.administration.implementation.models.KeyVaultErrorException; import com.azure.security.keyvault.administration.implementation.models.RoleDefinition; +import com.azure.security.keyvault.administration.implementation.models.RoleDefinitionCreateParameters; import com.azure.security.keyvault.administration.implementation.models.RoleDefinitionListResult; import reactor.core.publisher.Mono; @@ -50,6 +55,40 @@ public final class RoleDefinitionsImpl { @Host("{vaultBaseUrl}") @ServiceInterface(name = "KeyVaultAccessContro") private interface RoleDefinitionsService { + @Delete("/{scope}/providers/Microsoft.Authorization/roleDefinitions/{roleDefinitionName}") + @ExpectedResponses({200}) + @UnexpectedResponseExceptionType(KeyVaultErrorException.class) + Mono> delete( + @HostParam("vaultBaseUrl") String vaultBaseUrl, + @PathParam(value = "scope", encoded = true) String scope, + @PathParam("roleDefinitionName") String roleDefinitionName, + @QueryParam("api-version") String apiVersion, + @HeaderParam("Accept") String accept, + Context context); + + @Put("/{scope}/providers/Microsoft.Authorization/roleDefinitions/{roleDefinitionName}") + @ExpectedResponses({201}) + @UnexpectedResponseExceptionType(KeyVaultErrorException.class) + Mono> createOrUpdate( + @HostParam("vaultBaseUrl") String vaultBaseUrl, + @PathParam(value = "scope", encoded = true) String scope, + @PathParam("roleDefinitionName") String roleDefinitionName, + @QueryParam("api-version") String apiVersion, + @BodyParam("application/json") RoleDefinitionCreateParameters parameters, + @HeaderParam("Accept") String accept, + Context context); + + @Get("/{scope}/providers/Microsoft.Authorization/roleDefinitions/{roleDefinitionName}") + @ExpectedResponses({200}) + @UnexpectedResponseExceptionType(KeyVaultErrorException.class) + Mono> get( + @HostParam("vaultBaseUrl") String vaultBaseUrl, + @PathParam(value = "scope", encoded = true) String scope, + @PathParam("roleDefinitionName") String roleDefinitionName, + @QueryParam("api-version") String apiVersion, + @HeaderParam("Accept") String accept, + Context context); + @Get("/{scope}/providers/Microsoft.Authorization/roleDefinitions") @ExpectedResponses({200}) @UnexpectedResponseExceptionType(KeyVaultErrorException.class) @@ -58,19 +97,86 @@ Mono> list( @PathParam(value = "scope", encoded = true) String scope, @QueryParam("$filter") String filter, @QueryParam("api-version") String apiVersion, + @HeaderParam("Accept") String accept, Context context); @Get("{nextLink}") @ExpectedResponses({200}) @UnexpectedResponseExceptionType(KeyVaultErrorException.class) Mono> listNext( - @PathParam(value = "nextLink", encoded = true) String nextLink, Context context); + @PathParam(value = "nextLink", encoded = true) String nextLink, + @HostParam("vaultBaseUrl") String vaultBaseUrl, + @HeaderParam("Accept") String accept, + Context context); + } + + /** + * Deletes a custom role definition. + * + * @param vaultBaseUrl The vault name, for example https://myvault.vault.azure.net. + * @param scope The scope of the role definition to delete. Managed HSM only supports '/'. + * @param roleDefinitionName The name (GUID) of the role definition to delete. + * @param context The context to associate with this operation. + * @throws IllegalArgumentException thrown if parameters fail the validation. + * @throws KeyVaultErrorException thrown if the request is rejected by server. + * @throws RuntimeException all other wrapped checked exceptions if the request fails to be sent. + * @return role definition. + */ + @ServiceMethod(returns = ReturnType.SINGLE) + public Mono> deleteWithResponseAsync( + String vaultBaseUrl, String scope, String roleDefinitionName, Context context) { + final String accept = "application/json"; + return service.delete(vaultBaseUrl, scope, roleDefinitionName, this.client.getApiVersion(), accept, context); + } + + /** + * Creates or updates a custom role definition. + * + * @param vaultBaseUrl The vault name, for example https://myvault.vault.azure.net. + * @param scope The scope of the role definition to create or update. Managed HSM only supports '/'. + * @param roleDefinitionName The name of the role definition to create or update. It can be any valid GUID. + * @param parameters Parameters for the role definition. + * @param context The context to associate with this operation. + * @throws IllegalArgumentException thrown if parameters fail the validation. + * @throws KeyVaultErrorException thrown if the request is rejected by server. + * @throws RuntimeException all other wrapped checked exceptions if the request fails to be sent. + * @return role definition. + */ + @ServiceMethod(returns = ReturnType.SINGLE) + public Mono> createOrUpdateWithResponseAsync( + String vaultBaseUrl, + String scope, + String roleDefinitionName, + RoleDefinitionCreateParameters parameters, + Context context) { + final String accept = "application/json"; + return service.createOrUpdate( + vaultBaseUrl, scope, roleDefinitionName, this.client.getApiVersion(), parameters, accept, context); + } + + /** + * Get the specified role definition. + * + * @param vaultBaseUrl The vault name, for example https://myvault.vault.azure.net. + * @param scope The scope of the role definition to get. Managed HSM only supports '/'. + * @param roleDefinitionName The name of the role definition to get. + * @param context The context to associate with this operation. + * @throws IllegalArgumentException thrown if parameters fail the validation. + * @throws KeyVaultErrorException thrown if the request is rejected by server. + * @throws RuntimeException all other wrapped checked exceptions if the request fails to be sent. + * @return the specified role definition. + */ + @ServiceMethod(returns = ReturnType.SINGLE) + public Mono> getWithResponseAsync( + String vaultBaseUrl, String scope, String roleDefinitionName, Context context) { + final String accept = "application/json"; + return service.get(vaultBaseUrl, scope, roleDefinitionName, this.client.getApiVersion(), accept, context); } /** * Get all role definitions that are applicable at scope and above. * - * @param vaultBaseUrl simple string. + * @param vaultBaseUrl The vault name, for example https://myvault.vault.azure.net. * @param scope The scope of the role definition. * @param filter The filter to apply on the operation. Use atScopeAndBelow filter to search below the given scope as * well. @@ -83,7 +189,8 @@ Mono> listNext( @ServiceMethod(returns = ReturnType.SINGLE) public Mono> listSinglePageAsync( String vaultBaseUrl, String scope, String filter, Context context) { - return service.list(vaultBaseUrl, scope, filter, this.client.getApiVersion(), context) + final String accept = "application/json"; + return service.list(vaultBaseUrl, scope, filter, this.client.getApiVersion(), accept, context) .map( res -> new PagedResponseBase<>( @@ -99,6 +206,7 @@ public Mono> listSinglePageAsync( * Get the next page of items. * * @param nextLink The nextLink parameter. + * @param vaultBaseUrl The vault name, for example https://myvault.vault.azure.net. * @param context The context to associate with this operation. * @throws IllegalArgumentException thrown if parameters fail the validation. * @throws KeyVaultErrorException thrown if the request is rejected by server. @@ -106,8 +214,10 @@ public Mono> listSinglePageAsync( * @return role definition list operation result. */ @ServiceMethod(returns = ReturnType.SINGLE) - public Mono> listNextSinglePageAsync(String nextLink, Context context) { - return service.listNext(nextLink, context) + public Mono> listNextSinglePageAsync( + String nextLink, String vaultBaseUrl, Context context) { + final String accept = "application/json"; + return service.listNext(nextLink, vaultBaseUrl, accept, context) .map( res -> new PagedResponseBase<>( diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/DataAction.java b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/DataAction.java new file mode 100644 index 000000000000..4ebb81c904b3 --- /dev/null +++ b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/DataAction.java @@ -0,0 +1,128 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. +// Code generated by Microsoft (R) AutoRest Code Generator. + +package com.azure.security.keyvault.administration.implementation.models; + +import com.azure.core.util.ExpandableStringEnum; +import com.fasterxml.jackson.annotation.JsonCreator; +import java.util.Collection; + +/** Defines values for DataAction. */ +public final class DataAction extends ExpandableStringEnum { + /** Static value Microsoft.KeyVault/managedHsm/keys/read/action for DataAction. */ + public static final DataAction READ_HSM_KEY = fromString("Microsoft.KeyVault/managedHsm/keys/read/action"); + + /** Static value Microsoft.KeyVault/managedHsm/keys/write/action for DataAction. */ + public static final DataAction WRITE_HSM_KEY = fromString("Microsoft.KeyVault/managedHsm/keys/write/action"); + + /** Static value Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action for DataAction. */ + public static final DataAction READ_DELETED_HSM_KEY = + fromString("Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action"); + + /** Static value Microsoft.KeyVault/managedHsm/keys/deletedKeys/recover/action for DataAction. */ + public static final DataAction RECOVER_DELETED_HSM_KEY = + fromString("Microsoft.KeyVault/managedHsm/keys/deletedKeys/recover/action"); + + /** Static value Microsoft.KeyVault/managedHsm/keys/backup/action for DataAction. */ + public static final DataAction BACKUP_HSM_KEYS = fromString("Microsoft.KeyVault/managedHsm/keys/backup/action"); + + /** Static value Microsoft.KeyVault/managedHsm/keys/restore/action for DataAction. */ + public static final DataAction RESTORE_HSM_KEYS = fromString("Microsoft.KeyVault/managedHsm/keys/restore/action"); + + /** Static value Microsoft.KeyVault/managedHsm/roleAssignments/delete/action for DataAction. */ + public static final DataAction DELETE_ROLE_ASSIGNMENT = + fromString("Microsoft.KeyVault/managedHsm/roleAssignments/delete/action"); + + /** Static value Microsoft.KeyVault/managedHsm/roleAssignments/read/action for DataAction. */ + public static final DataAction GET_ROLE_ASSIGNMENT = + fromString("Microsoft.KeyVault/managedHsm/roleAssignments/read/action"); + + /** Static value Microsoft.KeyVault/managedHsm/roleAssignments/write/action for DataAction. */ + public static final DataAction WRITE_ROLE_ASSIGNMENT = + fromString("Microsoft.KeyVault/managedHsm/roleAssignments/write/action"); + + /** Static value Microsoft.KeyVault/managedHsm/roleDefinitions/read/action for DataAction. */ + public static final DataAction READ_ROLE_DEFINITION = + fromString("Microsoft.KeyVault/managedHsm/roleDefinitions/read/action"); + + /** Static value Microsoft.KeyVault/managedHsm/keys/encrypt/action for DataAction. */ + public static final DataAction ENCRYPT_HSM_KEY = fromString("Microsoft.KeyVault/managedHsm/keys/encrypt/action"); + + /** Static value Microsoft.KeyVault/managedHsm/keys/decrypt/action for DataAction. */ + public static final DataAction DECRYPT_HSM_KEY = fromString("Microsoft.KeyVault/managedHsm/keys/decrypt/action"); + + /** Static value Microsoft.KeyVault/managedHsm/keys/wrap/action for DataAction. */ + public static final DataAction WRAP_HSM_KEY = fromString("Microsoft.KeyVault/managedHsm/keys/wrap/action"); + + /** Static value Microsoft.KeyVault/managedHsm/keys/unwrap/action for DataAction. */ + public static final DataAction UNWRAP_HSM_KEY = fromString("Microsoft.KeyVault/managedHsm/keys/unwrap/action"); + + /** Static value Microsoft.KeyVault/managedHsm/keys/sign/action for DataAction. */ + public static final DataAction SIGN_HSM_KEY = fromString("Microsoft.KeyVault/managedHsm/keys/sign/action"); + + /** Static value Microsoft.KeyVault/managedHsm/keys/verify/action for DataAction. */ + public static final DataAction VERIFY_HSM_KEY = fromString("Microsoft.KeyVault/managedHsm/keys/verify/action"); + + /** Static value Microsoft.KeyVault/managedHsm/keys/create for DataAction. */ + public static final DataAction CREATE_HSM_KEY = fromString("Microsoft.KeyVault/managedHsm/keys/create"); + + /** Static value Microsoft.KeyVault/managedHsm/keys/delete for DataAction. */ + public static final DataAction DELETE_HSM_KEY = fromString("Microsoft.KeyVault/managedHsm/keys/delete"); + + /** Static value Microsoft.KeyVault/managedHsm/keys/export/action for DataAction. */ + public static final DataAction EXPORT_HSM_KEY = fromString("Microsoft.KeyVault/managedHsm/keys/export/action"); + + /** Static value Microsoft.KeyVault/managedHsm/keys/import/action for DataAction. */ + public static final DataAction IMPORT_HSM_KEY = fromString("Microsoft.KeyVault/managedHsm/keys/import/action"); + + /** Static value Microsoft.KeyVault/managedHsm/keys/deletedKeys/delete for DataAction. */ + public static final DataAction PURGE_DELETED_HSM_KEY = + fromString("Microsoft.KeyVault/managedHsm/keys/deletedKeys/delete"); + + /** Static value Microsoft.KeyVault/managedHsm/securitydomain/download/action for DataAction. */ + public static final DataAction DOWNLOAD_HSM_SECURITY_DOMAIN = + fromString("Microsoft.KeyVault/managedHsm/securitydomain/download/action"); + + /** Static value Microsoft.KeyVault/managedHsm/securitydomain/upload/action for DataAction. */ + public static final DataAction UPLOAD_HSM_SECURITY_DOMAIN = + fromString("Microsoft.KeyVault/managedHsm/securitydomain/upload/action"); + + /** Static value Microsoft.KeyVault/managedHsm/securitydomain/upload/read for DataAction. */ + public static final DataAction READ_HSM_SECURITY_DOMAIN_STATUS = + fromString("Microsoft.KeyVault/managedHsm/securitydomain/upload/read"); + + /** Static value Microsoft.KeyVault/managedHsm/securitydomain/transferkey/read for DataAction. */ + public static final DataAction READ_HSM_SECURITY_DOMAIN_TRANSFER_KEY = + fromString("Microsoft.KeyVault/managedHsm/securitydomain/transferkey/read"); + + /** Static value Microsoft.KeyVault/managedHsm/backup/start/action for DataAction. */ + public static final DataAction START_HSM_BACKUP = fromString("Microsoft.KeyVault/managedHsm/backup/start/action"); + + /** Static value Microsoft.KeyVault/managedHsm/restore/start/action for DataAction. */ + public static final DataAction START_HSM_RESTORE = fromString("Microsoft.KeyVault/managedHsm/restore/start/action"); + + /** Static value Microsoft.KeyVault/managedHsm/backup/status/action for DataAction. */ + public static final DataAction READ_HSM_BACKUP_STATUS = + fromString("Microsoft.KeyVault/managedHsm/backup/status/action"); + + /** Static value Microsoft.KeyVault/managedHsm/restore/status/action for DataAction. */ + public static final DataAction READ_HSM_RESTORE_STATUS = + fromString("Microsoft.KeyVault/managedHsm/restore/status/action"); + + /** + * Creates or finds a DataAction from its string representation. + * + * @param name a name to look for. + * @return the corresponding DataAction. + */ + @JsonCreator + public static DataAction fromString(String name) { + return fromString(name, DataAction.class); + } + + /** @return known DataAction values. */ + public static Collection values() { + return values(DataAction.class); + } +} diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/Error.java b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/Error.java index 7d7efb8e170e..ca8046fbc6eb 100644 --- a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/Error.java +++ b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/Error.java @@ -7,7 +7,7 @@ import com.azure.core.annotation.Immutable; import com.fasterxml.jackson.annotation.JsonProperty; -/** The Error model. */ +/** The key vault server error. */ @Immutable public final class Error { /* diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/FullBackupOperation.java b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/FullBackupOperation.java index cea344daf582..cc96e2041f9b 100644 --- a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/FullBackupOperation.java +++ b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/FullBackupOperation.java @@ -7,7 +7,7 @@ import com.azure.core.annotation.Fluent; import com.fasterxml.jackson.annotation.JsonProperty; -/** The FullBackupOperation model. */ +/** Full backup operation. */ @Fluent public final class FullBackupOperation { /* diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/KeyVaultError.java b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/KeyVaultError.java index e7a84828d10c..2d08c6827982 100644 --- a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/KeyVaultError.java +++ b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/KeyVaultError.java @@ -7,7 +7,7 @@ import com.azure.core.annotation.Immutable; import com.fasterxml.jackson.annotation.JsonProperty; -/** The KeyVaultError model. */ +/** The key vault error exception. */ @Immutable public final class KeyVaultError { /* diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/Permission.java b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/Permission.java index d1feaf6d24e4..bde54a4f21ab 100644 --- a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/Permission.java +++ b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/Permission.java @@ -8,35 +8,37 @@ import com.fasterxml.jackson.annotation.JsonProperty; import java.util.List; -/** The Permission model. */ +/** Role definition permissions. */ @Fluent public final class Permission { /* - * Allowed actions. + * Action permissions that are granted. */ @JsonProperty(value = "actions") private List actions; /* - * Denied actions. + * Action permissions that are excluded but not denied. They may be granted + * by other role definitions assigned to a principal. */ @JsonProperty(value = "notActions") private List notActions; /* - * Allowed Data actions. + * Data action permissions that are granted. */ @JsonProperty(value = "dataActions") - private List dataActions; + private List dataActions; /* - * Denied Data actions. + * Data action permissions that are excluded but not denied. They may be + * granted by other role definitions assigned to a principal. */ @JsonProperty(value = "notDataActions") - private List notDataActions; + private List notDataActions; /** - * Get the actions property: Allowed actions. + * Get the actions property: Action permissions that are granted. * * @return the actions value. */ @@ -45,7 +47,7 @@ public List getActions() { } /** - * Set the actions property: Allowed actions. + * Set the actions property: Action permissions that are granted. * * @param actions the actions value to set. * @return the Permission object itself. @@ -56,7 +58,8 @@ public Permission setActions(List actions) { } /** - * Get the notActions property: Denied actions. + * Get the notActions property: Action permissions that are excluded but not denied. They may be granted by other + * role definitions assigned to a principal. * * @return the notActions value. */ @@ -65,7 +68,8 @@ public List getNotActions() { } /** - * Set the notActions property: Denied actions. + * Set the notActions property: Action permissions that are excluded but not denied. They may be granted by other + * role definitions assigned to a principal. * * @param notActions the notActions value to set. * @return the Permission object itself. @@ -76,41 +80,43 @@ public Permission setNotActions(List notActions) { } /** - * Get the dataActions property: Allowed Data actions. + * Get the dataActions property: Data action permissions that are granted. * * @return the dataActions value. */ - public List getDataActions() { + public List getDataActions() { return this.dataActions; } /** - * Set the dataActions property: Allowed Data actions. + * Set the dataActions property: Data action permissions that are granted. * * @param dataActions the dataActions value to set. * @return the Permission object itself. */ - public Permission setDataActions(List dataActions) { + public Permission setDataActions(List dataActions) { this.dataActions = dataActions; return this; } /** - * Get the notDataActions property: Denied Data actions. + * Get the notDataActions property: Data action permissions that are excluded but not denied. They may be granted by + * other role definitions assigned to a principal. * * @return the notDataActions value. */ - public List getNotDataActions() { + public List getNotDataActions() { return this.notDataActions; } /** - * Set the notDataActions property: Denied Data actions. + * Set the notDataActions property: Data action permissions that are excluded but not denied. They may be granted by + * other role definitions assigned to a principal. * * @param notDataActions the notDataActions value to set. * @return the Permission object itself. */ - public Permission setNotDataActions(List notDataActions) { + public Permission setNotDataActions(List notDataActions) { this.notDataActions = notDataActions; return this; } diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RestoreOperation.java b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RestoreOperation.java index 0e31d72ee4aa..8c12d0cfd8a4 100644 --- a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RestoreOperation.java +++ b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RestoreOperation.java @@ -7,7 +7,7 @@ import com.azure.core.annotation.Fluent; import com.fasterxml.jackson.annotation.JsonProperty; -/** The RestoreOperation model. */ +/** Restore operation. */ @Fluent public final class RestoreOperation { /* diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RestoreOperationParameters.java b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RestoreOperationParameters.java index 4048b51aa2b4..6e227d151f29 100644 --- a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RestoreOperationParameters.java +++ b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RestoreOperationParameters.java @@ -11,7 +11,8 @@ @Fluent public final class RestoreOperationParameters { /* - * The sasTokenParameters property. + * SAS token parameter object containing Azure storage resourceUri and + * token */ @JsonProperty(value = "sasTokenParameters", required = true) private SASTokenParameter sasTokenParameters; @@ -24,7 +25,7 @@ public final class RestoreOperationParameters { private String folderToRestore; /** - * Get the sasTokenParameters property: The sasTokenParameters property. + * Get the sasTokenParameters property: SAS token parameter object containing Azure storage resourceUri and token. * * @return the sasTokenParameters value. */ @@ -33,7 +34,7 @@ public SASTokenParameter getSasTokenParameters() { } /** - * Set the sasTokenParameters property: The sasTokenParameters property. + * Set the sasTokenParameters property: SAS token parameter object containing Azure storage resourceUri and token. * * @param sasTokenParameters the sasTokenParameters value to set. * @return the RestoreOperationParameters object itself. diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleAssignment.java b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleAssignment.java index 1d06ce14088f..0379dc7eaf48 100644 --- a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleAssignment.java +++ b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleAssignment.java @@ -7,7 +7,7 @@ import com.azure.core.annotation.Fluent; import com.fasterxml.jackson.annotation.JsonProperty; -/** The RoleAssignment model. */ +/** Role Assignments. */ @Fluent public final class RoleAssignment { /* diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleAssignmentCreateParameters.java b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleAssignmentCreateParameters.java index 56d16b847a06..08f2052b7b33 100644 --- a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleAssignmentCreateParameters.java +++ b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleAssignmentCreateParameters.java @@ -7,7 +7,7 @@ import com.azure.core.annotation.Fluent; import com.fasterxml.jackson.annotation.JsonProperty; -/** The RoleAssignmentCreateParameters model. */ +/** Role assignment create parameters. */ @Fluent public final class RoleAssignmentCreateParameters { /* diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleAssignmentFilter.java b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleAssignmentFilter.java index c04d69f36bd9..458671cf8604 100644 --- a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleAssignmentFilter.java +++ b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleAssignmentFilter.java @@ -7,7 +7,7 @@ import com.azure.core.annotation.Fluent; import com.fasterxml.jackson.annotation.JsonProperty; -/** The RoleAssignmentFilter model. */ +/** Role Assignments filter. */ @Fluent public final class RoleAssignmentFilter { /* diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleAssignmentListResult.java b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleAssignmentListResult.java index 72a6eb8440a6..29096bd35f17 100644 --- a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleAssignmentListResult.java +++ b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleAssignmentListResult.java @@ -8,7 +8,7 @@ import com.fasterxml.jackson.annotation.JsonProperty; import java.util.List; -/** The RoleAssignmentListResult model. */ +/** Role assignment list operation result. */ @Fluent public final class RoleAssignmentListResult { /* diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleAssignmentProperties.java b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleAssignmentProperties.java index 0ab892817a1e..46d3c7ff6263 100644 --- a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleAssignmentProperties.java +++ b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleAssignmentProperties.java @@ -7,7 +7,7 @@ import com.azure.core.annotation.Fluent; import com.fasterxml.jackson.annotation.JsonProperty; -/** The RoleAssignmentProperties model. */ +/** Role assignment properties. */ @Fluent public final class RoleAssignmentProperties { /* diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleAssignmentPropertiesWithScope.java b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleAssignmentPropertiesWithScope.java index ff50c91dc2ae..9c607bc7c46e 100644 --- a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleAssignmentPropertiesWithScope.java +++ b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleAssignmentPropertiesWithScope.java @@ -7,14 +7,14 @@ import com.azure.core.annotation.Fluent; import com.fasterxml.jackson.annotation.JsonProperty; -/** The RoleAssignmentPropertiesWithScope model. */ +/** Role assignment properties with scope. */ @Fluent public final class RoleAssignmentPropertiesWithScope { /* - * The role assignment scope. + * The role scope. */ @JsonProperty(value = "scope") - private String scope; + private RoleScope scope; /* * The role definition ID. @@ -29,21 +29,21 @@ public final class RoleAssignmentPropertiesWithScope { private String principalId; /** - * Get the scope property: The role assignment scope. + * Get the scope property: The role scope. * * @return the scope value. */ - public String getScope() { + public RoleScope getScope() { return this.scope; } /** - * Set the scope property: The role assignment scope. + * Set the scope property: The role scope. * * @param scope the scope value to set. * @return the RoleAssignmentPropertiesWithScope object itself. */ - public RoleAssignmentPropertiesWithScope setScope(String scope) { + public RoleAssignmentPropertiesWithScope setScope(RoleScope scope) { this.scope = scope; return this; } diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleDefinition.java b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleDefinition.java index 5383e4acbb8a..8c2b0b98414d 100644 --- a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleDefinition.java +++ b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleDefinition.java @@ -9,7 +9,7 @@ import com.fasterxml.jackson.annotation.JsonProperty; import java.util.List; -/** The RoleDefinition model. */ +/** Role definition. */ @JsonFlatten @Fluent public class RoleDefinition { @@ -29,7 +29,7 @@ public class RoleDefinition { * The role definition type. */ @JsonProperty(value = "type", access = JsonProperty.Access.WRITE_ONLY) - private String type; + private RoleDefinitionType type; /* * The role name. @@ -47,7 +47,7 @@ public class RoleDefinition { * The role type. */ @JsonProperty(value = "properties.type") - private String roleType; + private RoleType roleType; /* * Role definition permissions. @@ -59,7 +59,7 @@ public class RoleDefinition { * Role definition assignable scopes. */ @JsonProperty(value = "properties.assignableScopes") - private List assignableScopes; + private List assignableScopes; /** * Get the id property: The role definition ID. @@ -84,7 +84,7 @@ public String getName() { * * @return the type value. */ - public String getType() { + public RoleDefinitionType getType() { return this.type; } @@ -133,7 +133,7 @@ public RoleDefinition setDescription(String description) { * * @return the roleType value. */ - public String getRoleType() { + public RoleType getRoleType() { return this.roleType; } @@ -143,7 +143,7 @@ public String getRoleType() { * @param roleType the roleType value to set. * @return the RoleDefinition object itself. */ - public RoleDefinition setRoleType(String roleType) { + public RoleDefinition setRoleType(RoleType roleType) { this.roleType = roleType; return this; } @@ -173,7 +173,7 @@ public RoleDefinition setPermissions(List permissions) { * * @return the assignableScopes value. */ - public List getAssignableScopes() { + public List getAssignableScopes() { return this.assignableScopes; } @@ -183,7 +183,7 @@ public List getAssignableScopes() { * @param assignableScopes the assignableScopes value to set. * @return the RoleDefinition object itself. */ - public RoleDefinition setAssignableScopes(List assignableScopes) { + public RoleDefinition setAssignableScopes(List assignableScopes) { this.assignableScopes = assignableScopes; return this; } diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleDefinitionCreateParameters.java b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleDefinitionCreateParameters.java new file mode 100644 index 000000000000..3ed961b756bd --- /dev/null +++ b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleDefinitionCreateParameters.java @@ -0,0 +1,38 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. +// Code generated by Microsoft (R) AutoRest Code Generator. + +package com.azure.security.keyvault.administration.implementation.models; + +import com.azure.core.annotation.Fluent; +import com.fasterxml.jackson.annotation.JsonProperty; + +/** Role definition create parameters. */ +@Fluent +public final class RoleDefinitionCreateParameters { + /* + * Role definition properties. + */ + @JsonProperty(value = "properties", required = true) + private RoleDefinitionProperties properties; + + /** + * Get the properties property: Role definition properties. + * + * @return the properties value. + */ + public RoleDefinitionProperties getProperties() { + return this.properties; + } + + /** + * Set the properties property: Role definition properties. + * + * @param properties the properties value to set. + * @return the RoleDefinitionCreateParameters object itself. + */ + public RoleDefinitionCreateParameters setProperties(RoleDefinitionProperties properties) { + this.properties = properties; + return this; + } +} diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleDefinitionFilter.java b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleDefinitionFilter.java index ce01792ed37f..30260424862d 100644 --- a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleDefinitionFilter.java +++ b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleDefinitionFilter.java @@ -7,7 +7,7 @@ import com.azure.core.annotation.Fluent; import com.fasterxml.jackson.annotation.JsonProperty; -/** The RoleDefinitionFilter model. */ +/** Role Definitions filter. */ @Fluent public final class RoleDefinitionFilter { /* diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleDefinitionListResult.java b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleDefinitionListResult.java index fa52f012f154..1bbaeff80b5a 100644 --- a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleDefinitionListResult.java +++ b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleDefinitionListResult.java @@ -8,7 +8,7 @@ import com.fasterxml.jackson.annotation.JsonProperty; import java.util.List; -/** The RoleDefinitionListResult model. */ +/** Role definition list operation result. */ @Fluent public final class RoleDefinitionListResult { /* diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleDefinitionProperties.java b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleDefinitionProperties.java new file mode 100644 index 000000000000..2456dceba1e1 --- /dev/null +++ b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleDefinitionProperties.java @@ -0,0 +1,143 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. +// Code generated by Microsoft (R) AutoRest Code Generator. + +package com.azure.security.keyvault.administration.implementation.models; + +import com.azure.core.annotation.Fluent; +import com.fasterxml.jackson.annotation.JsonProperty; +import java.util.List; + +/** Role definition properties. */ +@Fluent +public final class RoleDefinitionProperties { + /* + * The role name. + */ + @JsonProperty(value = "roleName") + private String roleName; + + /* + * The role definition description. + */ + @JsonProperty(value = "description") + private String description; + + /* + * The role type. + */ + @JsonProperty(value = "type") + private RoleType roleType; + + /* + * Role definition permissions. + */ + @JsonProperty(value = "permissions") + private List permissions; + + /* + * Role definition assignable scopes. + */ + @JsonProperty(value = "assignableScopes") + private List assignableScopes; + + /** + * Get the roleName property: The role name. + * + * @return the roleName value. + */ + public String getRoleName() { + return this.roleName; + } + + /** + * Set the roleName property: The role name. + * + * @param roleName the roleName value to set. + * @return the RoleDefinitionProperties object itself. + */ + public RoleDefinitionProperties setRoleName(String roleName) { + this.roleName = roleName; + return this; + } + + /** + * Get the description property: The role definition description. + * + * @return the description value. + */ + public String getDescription() { + return this.description; + } + + /** + * Set the description property: The role definition description. + * + * @param description the description value to set. + * @return the RoleDefinitionProperties object itself. + */ + public RoleDefinitionProperties setDescription(String description) { + this.description = description; + return this; + } + + /** + * Get the roleType property: The role type. + * + * @return the roleType value. + */ + public RoleType getRoleType() { + return this.roleType; + } + + /** + * Set the roleType property: The role type. + * + * @param roleType the roleType value to set. + * @return the RoleDefinitionProperties object itself. + */ + public RoleDefinitionProperties setRoleType(RoleType roleType) { + this.roleType = roleType; + return this; + } + + /** + * Get the permissions property: Role definition permissions. + * + * @return the permissions value. + */ + public List getPermissions() { + return this.permissions; + } + + /** + * Set the permissions property: Role definition permissions. + * + * @param permissions the permissions value to set. + * @return the RoleDefinitionProperties object itself. + */ + public RoleDefinitionProperties setPermissions(List permissions) { + this.permissions = permissions; + return this; + } + + /** + * Get the assignableScopes property: Role definition assignable scopes. + * + * @return the assignableScopes value. + */ + public List getAssignableScopes() { + return this.assignableScopes; + } + + /** + * Set the assignableScopes property: Role definition assignable scopes. + * + * @param assignableScopes the assignableScopes value to set. + * @return the RoleDefinitionProperties object itself. + */ + public RoleDefinitionProperties setAssignableScopes(List assignableScopes) { + this.assignableScopes = assignableScopes; + return this; + } +} diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleDefinitionType.java b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleDefinitionType.java new file mode 100644 index 000000000000..671b83e32c7b --- /dev/null +++ b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleDefinitionType.java @@ -0,0 +1,32 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. +// Code generated by Microsoft (R) AutoRest Code Generator. + +package com.azure.security.keyvault.administration.implementation.models; + +import com.azure.core.util.ExpandableStringEnum; +import com.fasterxml.jackson.annotation.JsonCreator; +import java.util.Collection; + +/** Defines values for RoleDefinitionType. */ +public final class RoleDefinitionType extends ExpandableStringEnum { + /** Static value Microsoft.Authorization/roleDefinitions for RoleDefinitionType. */ + public static final RoleDefinitionType MICROSOFT_AUTHORIZATION_ROLE_DEFINITIONS = + fromString("Microsoft.Authorization/roleDefinitions"); + + /** + * Creates or finds a RoleDefinitionType from its string representation. + * + * @param name a name to look for. + * @return the corresponding RoleDefinitionType. + */ + @JsonCreator + public static RoleDefinitionType fromString(String name) { + return fromString(name, RoleDefinitionType.class); + } + + /** @return known RoleDefinitionType values. */ + public static Collection values() { + return values(RoleDefinitionType.class); + } +} diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleScope.java b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleScope.java new file mode 100644 index 000000000000..8952e5d385f8 --- /dev/null +++ b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleScope.java @@ -0,0 +1,34 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. +// Code generated by Microsoft (R) AutoRest Code Generator. + +package com.azure.security.keyvault.administration.implementation.models; + +import com.azure.core.util.ExpandableStringEnum; +import com.fasterxml.jackson.annotation.JsonCreator; +import java.util.Collection; + +/** Defines values for RoleScope. */ +public final class RoleScope extends ExpandableStringEnum { + /** Static value / for RoleScope. */ + public static final RoleScope GLOBAL = fromString("/"); + + /** Static value /keys for RoleScope. */ + public static final RoleScope KEYS = fromString("/keys"); + + /** + * Creates or finds a RoleScope from its string representation. + * + * @param name a name to look for. + * @return the corresponding RoleScope. + */ + @JsonCreator + public static RoleScope fromString(String name) { + return fromString(name, RoleScope.class); + } + + /** @return known RoleScope values. */ + public static Collection values() { + return values(RoleScope.class); + } +} diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleType.java b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleType.java new file mode 100644 index 000000000000..52f22567508e --- /dev/null +++ b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleType.java @@ -0,0 +1,34 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. +// Code generated by Microsoft (R) AutoRest Code Generator. + +package com.azure.security.keyvault.administration.implementation.models; + +import com.azure.core.util.ExpandableStringEnum; +import com.fasterxml.jackson.annotation.JsonCreator; +import java.util.Collection; + +/** Defines values for RoleType. */ +public final class RoleType extends ExpandableStringEnum { + /** Static value AKVBuiltInRole for RoleType. */ + public static final RoleType BUILT_IN_ROLE = fromString("AKVBuiltInRole"); + + /** Static value CustomRole for RoleType. */ + public static final RoleType CUSTOM_ROLE = fromString("CustomRole"); + + /** + * Creates or finds a RoleType from its string representation. + * + * @param name a name to look for. + * @return the corresponding RoleType. + */ + @JsonCreator + public static RoleType fromString(String name) { + return fromString(name, RoleType.class); + } + + /** @return known RoleType values. */ + public static Collection values() { + return values(RoleType.class); + } +} diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/SelectiveKeyRestoreOperation.java b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/SelectiveKeyRestoreOperation.java index a182cef2629b..0615db4e2969 100644 --- a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/SelectiveKeyRestoreOperation.java +++ b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/SelectiveKeyRestoreOperation.java @@ -7,7 +7,7 @@ import com.azure.core.annotation.Fluent; import com.fasterxml.jackson.annotation.JsonProperty; -/** The SelectiveKeyRestoreOperation model. */ +/** Selective Key Restore operation. */ @Fluent public final class SelectiveKeyRestoreOperation { /* diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/SelectiveKeyRestoreOperationParameters.java b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/SelectiveKeyRestoreOperationParameters.java index 9c5e86c53299..197c4e5794a4 100644 --- a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/SelectiveKeyRestoreOperationParameters.java +++ b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/SelectiveKeyRestoreOperationParameters.java @@ -11,7 +11,8 @@ @Fluent public final class SelectiveKeyRestoreOperationParameters { /* - * The sasTokenParameters property. + * SAS token parameter object containing Azure storage resourceUri and + * token */ @JsonProperty(value = "sasTokenParameters", required = true) private SASTokenParameter sasTokenParameters; @@ -24,7 +25,7 @@ public final class SelectiveKeyRestoreOperationParameters { private String folder; /** - * Get the sasTokenParameters property: The sasTokenParameters property. + * Get the sasTokenParameters property: SAS token parameter object containing Azure storage resourceUri and token. * * @return the sasTokenParameters value. */ @@ -33,7 +34,7 @@ public SASTokenParameter getSasTokenParameters() { } /** - * Set the sasTokenParameters property: The sasTokenParameters property. + * Set the sasTokenParameters property: SAS token parameter object containing Azure storage resourceUri and token. * * @param sasTokenParameters the sasTokenParameters value to set. * @return the SelectiveKeyRestoreOperationParameters object itself. diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/package-info.java b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/package-info.java index 6b89e34ff9e4..1b4e3c41171c 100644 --- a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/package-info.java +++ b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/package-info.java @@ -3,7 +3,7 @@ // Code generated by Microsoft (R) AutoRest Code Generator. /** - * Package containing the implementations and inner classes for KeyVaultAccessControlClient and KeyVaultBackupClient. - * The key vault client performs cryptographic key operations and vault operations against the Key Vault service. + * Package containing the implementations for KeyVaultAccessControlClient. The key vault client performs cryptographic + * key operations and vault operations against the Key Vault service. */ package com.azure.security.keyvault.administration.implementation; diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/models/KeyVaultAdministrationException.java b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/models/KeyVaultAdministrationException.java new file mode 100644 index 000000000000..6bc7ccf1b775 --- /dev/null +++ b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/models/KeyVaultAdministrationException.java @@ -0,0 +1,38 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +package com.azure.security.keyvault.administration.models; + +import com.azure.core.exception.HttpResponseException; +import com.azure.core.http.HttpResponse; + +/** + * Exception thrown for an invalid response with {@link KeyVaultError} information. + */ +public final class KeyVaultAdministrationException extends HttpResponseException { + /** + * Creates a new instance of the {@link KeyVaultAdministrationException} class. + * + * @param message The exception message or the response content if a message is not available. + * @param response The HTTP response. + */ + public KeyVaultAdministrationException(String message, HttpResponse response) { + super(message, response); + } + + /** + * Creates a new instance of {@link KeyVaultAdministrationException}. + * + * @param message The exception message or the response content if a message is not available. + * @param response The HTTP response. + * @param value The deserialized response value. + */ + public KeyVaultAdministrationException(String message, HttpResponse response, KeyVaultError value) { + super(message, response, value); + } + + @Override + public KeyVaultError getValue() { + return (KeyVaultError) super.getValue(); + } +} diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/models/KeyVaultDataAction.java b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/models/KeyVaultDataAction.java new file mode 100644 index 000000000000..3dc7d5abbb64 --- /dev/null +++ b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/models/KeyVaultDataAction.java @@ -0,0 +1,182 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +package com.azure.security.keyvault.administration.models; + +import com.azure.core.util.ExpandableStringEnum; +import com.fasterxml.jackson.annotation.JsonCreator; + +/** + * Defines values for {@link KeyVaultDataAction}. + */ +public class KeyVaultDataAction extends ExpandableStringEnum { + /** + * Static value Microsoft.KeyVault/managedHsm/keys/read/action for {@link KeyVaultDataAction}. + */ + public static final KeyVaultDataAction READ_HSM_KEY = fromString("Microsoft.KeyVault/managedHsm/keys/read/action"); + + /** + * Static value Microsoft.KeyVault/managedHsm/keys/write/action for {@link KeyVaultDataAction}. + */ + public static final KeyVaultDataAction WRITE_HSM_KEY = fromString("Microsoft.KeyVault/managedHsm/keys/write/action"); + + /** + * Static value Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action for {@link KeyVaultDataAction}. + */ + public static final KeyVaultDataAction READ_DELETED_HSM_KEY = + fromString("Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action"); + + /** + * Static value Microsoft.KeyVault/managedHsm/keys/deletedKeys/recover/action for {@link KeyVaultDataAction}. + */ + public static final KeyVaultDataAction RECOVER_DELETED_HSM_KEY = + fromString("Microsoft.KeyVault/managedHsm/keys/deletedKeys/recover/action"); + + /** + * Static value Microsoft.KeyVault/managedHsm/keys/backup/action for {@link KeyVaultDataAction}. + */ + public static final KeyVaultDataAction BACKUP_HSM_KEYS = fromString("Microsoft.KeyVault/managedHsm/keys/backup/action"); + + /** + * Static value Microsoft.KeyVault/managedHsm/keys/restore/action for {@link KeyVaultDataAction}. + */ + public static final KeyVaultDataAction RESTORE_HSM_KEYS = fromString("Microsoft.KeyVault/managedHsm/keys/restore/action"); + + /** + * Static value Microsoft.KeyVault/managedHsm/roleAssignments/delete/action for {@link KeyVaultDataAction}. + */ + public static final KeyVaultDataAction DELETE_ROLE_ASSIGNMENT = + fromString("Microsoft.KeyVault/managedHsm/roleAssignments/delete/action"); + + /** + * Static value Microsoft.KeyVault/managedHsm/roleAssignments/read/action for {@link KeyVaultDataAction}. + */ + public static final KeyVaultDataAction GET_ROLE_ASSIGNMENT = + fromString("Microsoft.KeyVault/managedHsm/roleAssignments/read/action"); + + /** + * Static value Microsoft.KeyVault/managedHsm/roleAssignments/write/action for {@link KeyVaultDataAction}. + */ + public static final KeyVaultDataAction WRITE_ROLE_ASSIGNMENT = + fromString("Microsoft.KeyVault/managedHsm/roleAssignments/write/action"); + + /** + * Static value Microsoft.KeyVault/managedHsm/roleDefinitions/read/action for {@link KeyVaultDataAction}. + */ + public static final KeyVaultDataAction READ_ROLE_DEFINITION = + fromString("Microsoft.KeyVault/managedHsm/roleDefinitions/read/action"); + + /** + * Static value Microsoft.KeyVault/managedHsm/keys/encrypt/action for {@link KeyVaultDataAction}. + */ + public static final KeyVaultDataAction ENCRYPT_HSM_KEY = fromString("Microsoft.KeyVault/managedHsm/keys/encrypt/action"); + + /** + * Static value Microsoft.KeyVault/managedHsm/keys/decrypt/action for {@link KeyVaultDataAction}. + */ + public static final KeyVaultDataAction DECRYPT_HSM_KEY = fromString("Microsoft.KeyVault/managedHsm/keys/decrypt/action"); + + /** + * Static value Microsoft.KeyVault/managedHsm/keys/wrap/action for {@link KeyVaultDataAction}. + */ + public static final KeyVaultDataAction WRAP_HSM_KEY = fromString("Microsoft.KeyVault/managedHsm/keys/wrap/action"); + + /** + * Static value Microsoft.KeyVault/managedHsm/keys/unwrap/action for {@link KeyVaultDataAction}. + */ + public static final KeyVaultDataAction UNWRAP_HSM_KEY = fromString("Microsoft.KeyVault/managedHsm/keys/unwrap/action"); + + /** + * Static value Microsoft.KeyVault/managedHsm/keys/sign/action for {@link KeyVaultDataAction}. + */ + public static final KeyVaultDataAction SIGN_HSM_KEY = fromString("Microsoft.KeyVault/managedHsm/keys/sign/action"); + + /** + * Static value Microsoft.KeyVault/managedHsm/keys/verify/action for {@link KeyVaultDataAction}. + */ + public static final KeyVaultDataAction VERIFY_HSM_KEY = fromString("Microsoft.KeyVault/managedHsm/keys/verify/action"); + + /** + * Static value Microsoft.KeyVault/managedHsm/keys/create for {@link KeyVaultDataAction}. + */ + public static final KeyVaultDataAction CREATE_HSM_KEY = fromString("Microsoft.KeyVault/managedHsm/keys/create"); + + /** + * Static value Microsoft.KeyVault/managedHsm/keys/delete for {@link KeyVaultDataAction}. + */ + public static final KeyVaultDataAction DELETE_HSM_KEY = fromString("Microsoft.KeyVault/managedHsm/keys/delete"); + + /** + * Static value Microsoft.KeyVault/managedHsm/keys/export/action for {@link KeyVaultDataAction}. + */ + public static final KeyVaultDataAction EXPORT_HSM_KEY = fromString("Microsoft.KeyVault/managedHsm/keys/export/action"); + + /** + * Static value Microsoft.KeyVault/managedHsm/keys/import/action for {@link KeyVaultDataAction}. + */ + public static final KeyVaultDataAction IMPORT_HSM_KEY = fromString("Microsoft.KeyVault/managedHsm/keys/import/action"); + + /** + * Static value Microsoft.KeyVault/managedHsm/keys/deletedKeys/delete for {@link KeyVaultDataAction}. + */ + public static final KeyVaultDataAction PURGE_DELETED_HSM_KEY = + fromString("Microsoft.KeyVault/managedHsm/keys/deletedKeys/delete"); + + /** + * Static value Microsoft.KeyVault/managedHsm/securitydomain/download/action for {@link KeyVaultDataAction}. + */ + public static final KeyVaultDataAction DOWNLOAD_HSM_SECURITY_DOMAIN = + fromString("Microsoft.KeyVault/managedHsm/securitydomain/download/action"); + + /** + * Static value Microsoft.KeyVault/managedHsm/securitydomain/upload/action for {@link KeyVaultDataAction}. + */ + public static final KeyVaultDataAction UPLOAD_HSM_SECURITY_DOMAIN = + fromString("Microsoft.KeyVault/managedHsm/securitydomain/upload/action"); + + /** + * Static value Microsoft.KeyVault/managedHsm/securitydomain/upload/read for {@link KeyVaultDataAction}. + */ + public static final KeyVaultDataAction READ_HSM_SECURITY_DOMAIN_STATUS = + fromString("Microsoft.KeyVault/managedHsm/securitydomain/upload/read"); + + /** + * Static value Microsoft.KeyVault/managedHsm/securitydomain/transferkey/read for {@link KeyVaultDataAction}. + */ + public static final KeyVaultDataAction READ_HSM_SECURITY_DOMAIN_TRANSFER_KEY = + fromString("Microsoft.KeyVault/managedHsm/securitydomain/transferkey/read"); + + /** + * Static value Microsoft.KeyVault/managedHsm/backup/start/action for {@link KeyVaultDataAction}. + */ + public static final KeyVaultDataAction START_HSM_BACKUP = fromString("Microsoft.KeyVault/managedHsm/backup/start/action"); + + /** + * Static value Microsoft.KeyVault/managedHsm/restore/start/action for {@link KeyVaultDataAction}. + */ + public static final KeyVaultDataAction START_HSM_RESTORE = fromString("Microsoft.KeyVault/managedHsm/restore/start/action"); + + /** + * Static value Microsoft.KeyVault/managedHsm/backup/status/action for {@link KeyVaultDataAction}. + */ + public static final KeyVaultDataAction READ_HSM_BACKUP_STATUS = + fromString("Microsoft.KeyVault/managedHsm/backup/status/action"); + + /** + * Static value Microsoft.KeyVault/managedHsm/restore/status/action for {@link KeyVaultDataAction}. + */ + public static final KeyVaultDataAction READ_HSM_RESTORE_STATUS = + fromString("Microsoft.KeyVault/managedHsm/restore/status/action"); + + /** + * Creates or finds a {@link KeyVaultDataAction} from its string representation. + * + * @param name A name to look for. + * + * @return The corresponding {@link KeyVaultDataAction}. + */ + @JsonCreator + public static KeyVaultDataAction fromString(String name) { + return fromString(name, KeyVaultDataAction.class); + } +} diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/models/KeyVaultPermission.java b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/models/KeyVaultPermission.java index 7bcae4cdb6f3..b722f5e2106e 100644 --- a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/models/KeyVaultPermission.java +++ b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/models/KeyVaultPermission.java @@ -8,63 +8,67 @@ import java.util.List; /** - * A class describing allowed and denied actions and data actions of a {@link KeyVaultRoleDefinition}. + * A class describing allowed and forbidden actions and data actions of a {@link KeyVaultRoleDefinition}. */ @Immutable public final class KeyVaultPermission { - private final List allowedActions; - private final List deniedActions; - private final List allowedDataActions; - private final List deniedDataActions; + private final List actions; + private final List notActions; + private final List dataActions; + private final List notDataActions; /** - * Creates a new {@link KeyVaultPermission} with the specified allowed and denied actions and data actions. + * Creates a new {@link KeyVaultPermission} with the specified allowed and forbidden actions and data actions. * - * @param allowedActions The actions this {@link KeyVaultPermission permission} allows. - * @param deniedActions The actions this {@link KeyVaultPermission permission} denies. - * @param allowedDataActions The data actions this {@link KeyVaultPermission permission} allows. - * @param deniedDataActions The data actions this {@link KeyVaultPermission permission} denies. + * @param actions Action permissions that are granted. + * @param notActions Action permissions that are excluded but not denied. They may be granted by other role + * definitions assigned to a principal. + * @param dataActions Data action permissions that are granted. + * @param notDataActions Data action permissions that are excluded but not denied. They may be granted by other role + * definitions assigned to a principal. */ - public KeyVaultPermission(List allowedActions, List deniedActions, List allowedDataActions, List deniedDataActions) { - this.allowedActions = allowedActions; - this.deniedActions = deniedActions; - this.allowedDataActions = allowedDataActions; - this.deniedDataActions = deniedDataActions; + public KeyVaultPermission(List actions, List notActions, List dataActions, + List notDataActions) { + this.actions = actions; + this.notActions = notActions; + this.dataActions = dataActions; + this.notDataActions = notDataActions; } /** - * Get the actions this {@link KeyVaultPermission permission} allows. + * Get the action permissions that are granted. * - * @return The allowed actions. + * @return The action permissions that are granted. */ - public List getAllowedActions() { - return allowedActions; + public List getActions() { + return actions; } /** - * Get the actions this {@link KeyVaultPermission permission} denies. + * Get the action permissions that are excluded but not denied. They may be granted by other role definitions + * assigned to a principal * - * @return The denied actions. + * @return The action permissions that are excluded but not denied. */ - public List getDeniedActions() { - return deniedActions; + public List getNotActions() { + return notActions; } /** - * Get the data actions this {@link KeyVaultPermission permission} allows. + * Get the data action permissions that are granted. * - * @return The allowed data actions. + * @return The data action permissions that are granted. */ - public List getAllowedDataActions() { - return allowedDataActions; + public List getDataActions() { + return dataActions; } /** - * Get the data actions this {@link KeyVaultPermission permission} denies. + * Get the data action permissions that are excluded but not denied. * - * @return The denied data actions. + * @return The data action permissions that are excluded but not denied. */ - public List getDeniedDataActions() { - return deniedDataActions; + public List getNotDataActions() { + return notDataActions; } } diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/models/KeyVaultRoleDefinition.java b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/models/KeyVaultRoleDefinition.java index 8e5ff31250ad..4e1d8a3dd190 100644 --- a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/models/KeyVaultRoleDefinition.java +++ b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/models/KeyVaultRoleDefinition.java @@ -12,7 +12,7 @@ public final class KeyVaultRoleDefinition { private final String id; private final String name; - private final String type; + private final KeyVaultRoleDefinitionType type; private final KeyVaultRoleDefinitionProperties properties; /** @@ -20,11 +20,12 @@ public final class KeyVaultRoleDefinition { * * @param id The ID for this {@link KeyVaultRoleDefinition role definition}. * @param name The name for this {@link KeyVaultRoleDefinition role definition}. - * @param type The type for this {@link KeyVaultRoleDefinition role definition}. + * @param type The type of this {@link KeyVaultRoleDefinition role definition}. * @param properties {@link KeyVaultRoleDefinitionProperties properties} of this {@link KeyVaultRoleDefinition * role definition}. */ - public KeyVaultRoleDefinition(String id, String name, String type, KeyVaultRoleDefinitionProperties properties) { + public KeyVaultRoleDefinition(String id, String name, KeyVaultRoleDefinitionType type, + KeyVaultRoleDefinitionProperties properties) { this.id = id; this.name = name; this.type = type; @@ -50,18 +51,18 @@ public String getName() { } /** - * Get the {@link KeyVaultRoleDefinition role definition} type. + * Get the {@link KeyVaultRoleDefinitionType role definition type}. * - * @return The {@link KeyVaultRoleDefinition role definition} type. + * @return The {@link KeyVaultRoleDefinitionType role definition type}. */ - public String getType() { + public KeyVaultRoleDefinitionType getType() { return type; } /** - * Get the {@link KeyVaultRoleDefinition role definition} {@link KeyVaultRoleDefinitionProperties properties}. + * Get the {@link KeyVaultRoleDefinitionProperties role definition properties}. * - * @return The {@link KeyVaultRoleDefinition role definition} {@link KeyVaultRoleDefinitionProperties properties}. + * @return The {@link KeyVaultRoleDefinitionProperties role definition properties}. */ public KeyVaultRoleDefinitionProperties getProperties() { return properties; diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/models/KeyVaultRoleDefinitionProperties.java b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/models/KeyVaultRoleDefinitionProperties.java index 219e35cd60fc..b04ef0b14b4f 100644 --- a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/models/KeyVaultRoleDefinitionProperties.java +++ b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/models/KeyVaultRoleDefinitionProperties.java @@ -14,9 +14,9 @@ public final class KeyVaultRoleDefinitionProperties { private final String roleName; private final String description; - private final String roleType; + private final KeyVaultRoleType roleType; private final List permissions; - private final List assignableScopes; + private final List assignableScopes; /** * Creates a new {@link KeyVaultRoleDefinitionProperties role definition properties} object with the specified @@ -29,7 +29,9 @@ public final class KeyVaultRoleDefinitionProperties { * has. * @param assignableScopes The assignable scopes of the {@link KeyVaultRoleDefinition role definition}. */ - public KeyVaultRoleDefinitionProperties(String roleName, String roleDescription, String roleType, List permissions, List assignableScopes) { + public KeyVaultRoleDefinitionProperties(String roleName, String roleDescription, KeyVaultRoleType roleType, + List permissions, + List assignableScopes) { this.roleName = roleName; this.description = roleDescription; this.roleType = roleType; @@ -60,7 +62,7 @@ public String getDescription() { * * @return The role type. */ - public String getRoleType() { + public KeyVaultRoleType getRoleType() { return roleType; } @@ -78,7 +80,7 @@ public List getPermissions() { * * @return The {@link KeyVaultRoleDefinition role definition}'s assignable scopes. */ - public List getAssignableScopes() { + public List getAssignableScopes() { return assignableScopes; } } diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/models/KeyVaultRoleDefinitionType.java b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/models/KeyVaultRoleDefinitionType.java new file mode 100644 index 000000000000..64d795937723 --- /dev/null +++ b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/models/KeyVaultRoleDefinitionType.java @@ -0,0 +1,30 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +package com.azure.security.keyvault.administration.models; + +import com.azure.core.util.ExpandableStringEnum; +import com.fasterxml.jackson.annotation.JsonCreator; + +/** + * Defines values for {@link KeyVaultRoleDefinitionType}. + */ +public class KeyVaultRoleDefinitionType extends ExpandableStringEnum { + /** + * Static value Microsoft.Authorization/roleDefinitions for {@link KeyVaultRoleDefinitionType}. + */ + public static final KeyVaultRoleDefinitionType MICROSOFT_AUTHORIZATION_ROLE_DEFINITIONS = + fromString("Microsoft.Authorization/roleDefinitions"); + + /** + * Creates or finds a {@link KeyVaultRoleDefinitionType} from its string representation. + * + * @param name A name to look for. + * + * @return The corresponding {@link KeyVaultRoleDefinitionType}. + */ + @JsonCreator + public static KeyVaultRoleDefinitionType fromString(String name) { + return fromString(name, KeyVaultRoleDefinitionType.class); + } +} diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/models/KeyVaultRoleType.java b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/models/KeyVaultRoleType.java new file mode 100644 index 000000000000..8240edf1bd5a --- /dev/null +++ b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/models/KeyVaultRoleType.java @@ -0,0 +1,34 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +package com.azure.security.keyvault.administration.models; + +import com.azure.core.util.ExpandableStringEnum; +import com.fasterxml.jackson.annotation.JsonCreator; + +/** + * Defines values for {@link KeyVaultRoleType}. + */ +public class KeyVaultRoleType extends ExpandableStringEnum { + /** + * Static value AKVBuiltInRole for {@link KeyVaultRoleType}. + */ + public static final KeyVaultRoleType BUILT_IN_ROLE = fromString("AKVBuiltInRole"); + + /** + * Static value CustomRole for {@link KeyVaultRoleType}. + */ + public static final KeyVaultRoleType CUSTOM_ROLE = fromString("CustomRole"); + + /** + * Creates or finds a {@link KeyVaultRoleType} from its string representation. + * + * @param name A name to look for. + * + * @return The corresponding {@link KeyVaultRoleType}. + */ + @JsonCreator + public static KeyVaultRoleType fromString(String name) { + return fromString(name, KeyVaultRoleType.class); + } +} diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/options/SetRoleDefinitionOptions.java b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/options/SetRoleDefinitionOptions.java new file mode 100644 index 000000000000..d74890dadd50 --- /dev/null +++ b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/options/SetRoleDefinitionOptions.java @@ -0,0 +1,166 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +package com.azure.security.keyvault.administration.options; + +import com.azure.core.annotation.Fluent; +import com.azure.security.keyvault.administration.models.KeyVaultPermission; +import com.azure.security.keyvault.administration.models.KeyVaultRoleDefinition; +import com.azure.security.keyvault.administration.models.KeyVaultRoleScope; +import com.azure.security.keyvault.administration.models.KeyVaultRoleType; + +import java.util.List; +import java.util.UUID; + +/** + * Represents the configurable options to create or update a {@link KeyVaultRoleDefinition role definition}. + */ +@Fluent +public class SetRoleDefinitionOptions { + private final KeyVaultRoleScope roleScope; + private final String roleDefinitionName; + private final KeyVaultRoleType roleType; + private String roleName; + private String description; + private List permissions; + private List assignableScopes; + + /** + * Creates an instance of {@link SetRoleDefinitionOptions} with an automatically generated name. + * + * @param roleScope The {@link KeyVaultRoleScope role scope} of the {@link KeyVaultRoleDefinition} to create. + * Managed HSM only supports '/'. + */ + public SetRoleDefinitionOptions(KeyVaultRoleScope roleScope) { + this(roleScope, UUID.randomUUID().toString()); + } + + /** + * Creates an instance of {@link SetRoleDefinitionOptions}. + * + * @param roleScope The {@link KeyVaultRoleScope role scope} of the {@link KeyVaultRoleDefinition} to create. + * Managed HSM only supports '/'. + * @param roleDefinitionName The name of the {@link KeyVaultRoleDefinition}. It can be any valid UUID. + */ + public SetRoleDefinitionOptions(KeyVaultRoleScope roleScope, String roleDefinitionName) { + this.roleScope = roleScope; + this.roleDefinitionName = roleDefinitionName; + this.roleType = KeyVaultRoleType.CUSTOM_ROLE; + } + + /** + * Get the {@link KeyVaultRoleScope role scope} of the {@link KeyVaultRoleDefinition} to create or update. + * + * @return The {@link KeyVaultRoleScope role scope} of the {@link KeyVaultRoleDefinition}. + */ + public KeyVaultRoleScope getRoleScope() { + return roleScope; + } + + /** + * Get the name of the {@link KeyVaultRoleDefinition} to create or update. + * + * @return The name of the {@link KeyVaultRoleDefinition}. + */ + public String getRoleDefinitionName() { + return roleDefinitionName; + } + + /** + * Get the role type. + * + * @return The role type. + */ + public KeyVaultRoleType getRoleType() { + return roleType; + } + + /** + * Get the role name. + * + * @return The role name. + */ + public String getRoleName() { + return roleName; + } + + /** + * Set the role name. + * + * @param roleName The role name to set. + * + * @return The updated {@link SetRoleDefinitionOptions} object. + */ + public SetRoleDefinitionOptions setRoleName(String roleName) { + this.roleName = roleName; + + return this; + } + + /** + * Get the role description. + * + * @return The role description. + */ + public String getDescription() { + return description; + } + + /** + * Set the role description. + * + * @param description The role description to set. + * + * @return The updated {@link SetRoleDefinitionOptions} object. + */ + public SetRoleDefinitionOptions setDescription(String description) { + this.description = description; + + return this; + } + + /** + * Get the {@link KeyVaultRoleDefinition role definition}'s {@link KeyVaultPermission permissions}. + * + * @return The {@link KeyVaultRoleDefinition role definition}'s {@link KeyVaultPermission permissions}. + */ + public List getPermissions() { + return permissions; + } + + /** + * Set the {@link KeyVaultRoleDefinition role definition}'s {@link KeyVaultPermission permissions}. + * + * @param permissions The {@link KeyVaultRoleDefinition role definition}'s {@link KeyVaultPermission permissions} + * to set. + * + * @return The updated {@link SetRoleDefinitionOptions} object. + */ + public SetRoleDefinitionOptions setPermissions(List permissions) { + this.permissions = permissions; + + return this; + } + + /** + * Get the {@link KeyVaultRoleDefinition role definition}'s assignable scopes. + * + * @return The {@link KeyVaultRoleDefinition role definition}'s assignable scopes. + */ + public List getAssignableScopes() { + return assignableScopes; + } + + /** + * Set the {@link KeyVaultRoleDefinition role definition}'s assignable scopes. + * + * @param assignableScopes The {@link KeyVaultRoleDefinition role definition}'s assignable scopes to set. + * + * @return The updated {@link SetRoleDefinitionOptions} object. + */ + public SetRoleDefinitionOptions setAssignableScopes(List assignableScopes) { + this.assignableScopes = assignableScopes; + + return this; + } +} diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/options/package-info.java b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/options/package-info.java new file mode 100644 index 000000000000..1a7bdeead57c --- /dev/null +++ b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/options/package-info.java @@ -0,0 +1,12 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +/** + * Package containing options classes for access control operations performed by + * {@link com.azure.security.keyvault.administration.KeyVaultAccessControlAsyncClient} and + * {@link com.azure.security.keyvault.administration.KeyVaultAccessControlClient}, as well as backup and restore + * operations for Azure Key Vault keys performed by + * {@link com.azure.security.keyvault.administration.KeyVaultBackupAsyncClient} and + * {@link com.azure.security.keyvault.administration.KeyVaultBackupClient}. + */ +package com.azure.security.keyvault.administration.options; diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/module-info.java b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/module-info.java index 580cb9dabee7..2f64ab84c320 100644 --- a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/module-info.java +++ b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/module-info.java @@ -6,9 +6,11 @@ exports com.azure.security.keyvault.administration; exports com.azure.security.keyvault.administration.models; + exports com.azure.security.keyvault.administration.options; opens com.azure.security.keyvault.administration to com.fasterxml.jackson.databind; opens com.azure.security.keyvault.administration.models to com.fasterxml.jackson.databind; opens com.azure.security.keyvault.administration.implementation to com.fasterxml.jackson.databind; opens com.azure.security.keyvault.administration.implementation.models to com.azure.core, com.fasterxml.jackson.databind; + opens com.azure.security.keyvault.administration.options to com.fasterxml.jackson.databind; } diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/test/java/com/azure/security/keyvault/administration/KeyVaultAccessControlAsyncClientTest.java b/sdk/keyvault/azure-security-keyvault-administration/src/test/java/com/azure/security/keyvault/administration/KeyVaultAccessControlAsyncClientTest.java index 3b552f831dde..8fc9fe79a2c7 100644 --- a/sdk/keyvault/azure-security-keyvault-administration/src/test/java/com/azure/security/keyvault/administration/KeyVaultAccessControlAsyncClientTest.java +++ b/sdk/keyvault/azure-security-keyvault-administration/src/test/java/com/azure/security/keyvault/administration/KeyVaultAccessControlAsyncClientTest.java @@ -5,11 +5,14 @@ import com.azure.core.http.HttpClient; import com.azure.core.test.TestMode; +import com.azure.security.keyvault.administration.models.KeyVaultAdministrationException; import com.azure.security.keyvault.administration.models.KeyVaultRoleAssignment; import com.azure.security.keyvault.administration.models.KeyVaultRoleAssignmentProperties; -import com.azure.security.keyvault.administration.models.KeyVaultRoleScope; import com.azure.security.keyvault.administration.models.KeyVaultRoleDefinition; import com.azure.security.keyvault.administration.models.KeyVaultRoleDefinitionProperties; +import com.azure.security.keyvault.administration.models.KeyVaultRoleDefinitionType; +import com.azure.security.keyvault.administration.models.KeyVaultRoleScope; +import com.azure.security.keyvault.administration.models.KeyVaultRoleType; import org.junit.jupiter.params.ParameterizedTest; import org.junit.jupiter.params.provider.MethodSource; @@ -17,8 +20,9 @@ import java.util.List; import static org.junit.jupiter.api.Assertions.assertEquals; -import static org.junit.jupiter.api.Assertions.assertNotEquals; +import static org.junit.jupiter.api.Assertions.assertFalse; import static org.junit.jupiter.api.Assertions.assertNotNull; +import static org.junit.jupiter.api.Assertions.assertThrows; import static org.junit.jupiter.api.Assertions.assertTrue; public class KeyVaultAccessControlAsyncClientTest extends KeyVaultAccessControlClientTestBase { @@ -43,34 +47,117 @@ public void listRoleDefinitions(HttpClient httpClient) { asyncClient = getClientBuilder(httpClient, false).buildAsyncClient(); - List roleDefinitions = new ArrayList<>(); + asyncClient.listRoleDefinitions(KeyVaultRoleScope.GLOBAL) + .subscribe(roleDefinition -> { + assertNotNull(roleDefinition.getId()); + assertNotNull(roleDefinition.getName()); + assertNotNull(roleDefinition.getType()); - asyncClient.listRoleDefinitions(KeyVaultRoleScope.GLOBAL).subscribe(roleDefinitions::add); + KeyVaultRoleDefinitionProperties properties = roleDefinition.getProperties(); + + assertNotNull(properties); + assertNotNull(properties.getRoleName()); + assertNotNull(properties.getDescription()); + assertNotNull(properties.getRoleType()); + assertFalse(properties.getAssignableScopes().isEmpty()); + assertFalse(properties.getPermissions().isEmpty()); + }); + + sleepIfRunningAgainstService(5000); + } + + /** + * Tests that a {@link KeyVaultRoleDefinition role definition} can be created in the Key Vault. + */ + @ParameterizedTest(name = DISPLAY_NAME) + @MethodSource("com.azure.security.keyvault.administration.KeyVaultAdministrationClientTestBase#createHttpClients") + public void setRoleDefinition(HttpClient httpClient) { + if (getTestMode() != TestMode.PLAYBACK) { + // Currently there is no test cloud environment for Managed HSM. + // TODO: Remove once there is a proper cloud environment available. + return; + } + + asyncClient = getClientBuilder(httpClient, false).buildAsyncClient(); + + String roleDefinitionName = "91d62511-feb2-456f-80a0-5b17bbaa50ec"; + + // Create a role definition. + asyncClient.setRoleDefinition(KeyVaultRoleScope.GLOBAL, roleDefinitionName) + .subscribe(roleDefinition -> { + assertNotNull(roleDefinition); + assertNotNull(roleDefinition.getId()); + assertEquals(roleDefinitionName, roleDefinition.getName()); + assertEquals(KeyVaultRoleDefinitionType.MICROSOFT_AUTHORIZATION_ROLE_DEFINITIONS, + roleDefinition.getType()); + + KeyVaultRoleDefinitionProperties properties = roleDefinition.getProperties(); + + assertNotNull(properties); + assertTrue(properties.getAssignableScopes().contains(KeyVaultRoleScope.GLOBAL)); + assertEquals(KeyVaultRoleType.CUSTOM_ROLE, properties.getRoleType()); + assertEquals(roleDefinitionName, properties.getRoleName()); + + // Clean up the role definition. + KeyVaultAccessControlAsyncClient cleanupClient = + getClientBuilder(httpClient, true).buildAsyncClient(); + + cleanupClient.deleteRoleDefinition(KeyVaultRoleScope.GLOBAL, roleDefinitionName); + }); + + sleepIfRunningAgainstService(2000); + } + + /** + * Tests that an existing {@link KeyVaultRoleDefinition role definition} can be retrieved from the Key Vault. + */ + @ParameterizedTest(name = DISPLAY_NAME) + @MethodSource("com.azure.security.keyvault.administration.KeyVaultAdministrationClientTestBase#createHttpClients") + public void getRoleDefinition(HttpClient httpClient) { + if (getTestMode() != TestMode.PLAYBACK) { + // Currently there is no test cloud environment for Managed HSM. + // TODO: Remove once there is a proper cloud environment available. + return; + } + + asyncClient = getClientBuilder(httpClient, false).buildAsyncClient(); - assertTrue(roleDefinitions.iterator().hasNext()); + String roleDefinitionName = "69dd1d15-b9c3-4252-be2e-e5ce7cbed1d5"; + KeyVaultRoleDefinition createdRoleDefinition = null; - for (KeyVaultRoleDefinition roleDefinition : roleDefinitions) { - assertNotNull(roleDefinition.getId()); - assertNotNull(roleDefinition.getName()); - assertNotNull(roleDefinition.getType()); + try { + List assignableScopes = new ArrayList<>(); + assignableScopes.add(KeyVaultRoleScope.GLOBAL); + assignableScopes.add(KeyVaultRoleScope.KEYS); + + // Create a role definition to retrieve. + createdRoleDefinition = asyncClient.setRoleDefinition(KeyVaultRoleScope.GLOBAL, roleDefinitionName).block(); + + assertNotNull(createdRoleDefinition); + + // Get the role assignment. + KeyVaultRoleDefinition retrievedRoleDefinition = + asyncClient.getRoleDefinition(KeyVaultRoleScope.GLOBAL, roleDefinitionName) + .block(); - KeyVaultRoleDefinitionProperties properties = roleDefinition.getProperties(); + assertNotNull(retrievedRoleDefinition); + assertRoleDefinitionEquals(createdRoleDefinition, retrievedRoleDefinition); + } finally { + if (getTestMode() != TestMode.PLAYBACK && createdRoleDefinition != null) { + // Clean up the role definition. + KeyVaultAccessControlAsyncClient cleanupClient = getClientBuilder(httpClient, true).buildAsyncClient(); - assertNotNull(properties); - assertNotNull(properties.getRoleName()); - assertNotNull(properties.getDescription()); - assertNotNull(properties.getRoleType()); - assertNotEquals(0, properties.getAssignableScopes().size()); - assertNotEquals(0, properties.getPermissions().size()); + cleanupClient.deleteRoleDefinition(KeyVaultRoleScope.GLOBAL, roleDefinitionName).block(); + } } } /** - * Tests that existing {@link KeyVaultRoleAssignment role assignments} can be retrieved from the Key Vault. + * Tests that an existing {@link KeyVaultRoleDefinition role definition} can be deleted from the Key Vault. */ @ParameterizedTest(name = DISPLAY_NAME) @MethodSource("com.azure.security.keyvault.administration.KeyVaultAdministrationClientTestBase#createHttpClients") - public void listRoleAssignments(HttpClient httpClient) { + public void deleteRoleDefinition(HttpClient httpClient) { if (getTestMode() != TestMode.PLAYBACK) { // Currently there is no test cloud environment for Managed HSM. // TODO: Remove once there is a proper cloud environment available. @@ -79,22 +166,72 @@ public void listRoleAssignments(HttpClient httpClient) { asyncClient = getClientBuilder(httpClient, false).buildAsyncClient(); - List roleAssignments = new ArrayList<>(); + String roleDefinitionName = "6adc4e1b-ff4f-43a7-92ad-6e4ca58d354f"; + + // Create a role definition to delete. + KeyVaultRoleDefinition createdRoleDefinition = + asyncClient.setRoleDefinition(KeyVaultRoleScope.GLOBAL, roleDefinitionName).block(); - asyncClient.listRoleAssignments(KeyVaultRoleScope.GLOBAL).subscribe(roleAssignments::add); - sleepInLiveOrRecordMode(5000); + assertNotNull(createdRoleDefinition); - for (KeyVaultRoleAssignment roleAssignment : roleAssignments) { - assertNotNull(roleAssignment.getId()); - assertNotNull(roleAssignment.getName()); - assertNotNull(roleAssignment.getType()); + // Delete the role definition. + KeyVaultRoleDefinition deletedRoleDefinition = + asyncClient.deleteRoleDefinition(KeyVaultRoleScope.GLOBAL, roleDefinitionName).block(); - KeyVaultRoleAssignmentProperties properties = roleAssignment.getProperties(); + assertNotNull(deletedRoleDefinition); + assertRoleDefinitionEquals(createdRoleDefinition, deletedRoleDefinition); + } - assertNotNull(properties); - assertNotNull(properties.getRoleDefinitionId()); - assertNotNull(properties.getPrincipalId()); + /** + * Tests that an exception is thrown when trying to delete a non-existent + * {@link KeyVaultRoleDefinition role definition} from the Key Vault. + */ + @ParameterizedTest(name = DISPLAY_NAME) + @MethodSource("com.azure.security.keyvault.administration.KeyVaultAdministrationClientTestBase#createHttpClients") + public void deleteNonExistingRoleDefinitionThrows(HttpClient httpClient) { + if (getTestMode() != TestMode.PLAYBACK) { + // Currently there is no test cloud environment for Managed HSM. + // TODO: Remove once there is a proper cloud environment available. + return; } + + asyncClient = getClientBuilder(httpClient, false).buildAsyncClient(); + + String roleDefinitionName = "475ed505-5835-48ce-b257-cdb8fa153e67"; + + // Try to delete a non-existent role definition. + assertThrows(KeyVaultAdministrationException.class, + () -> asyncClient.deleteRoleDefinition(KeyVaultRoleScope.GLOBAL, roleDefinitionName).block()); + } + + /** + * Tests that existing {@link KeyVaultRoleAssignment role assignments} can be retrieved from the Key Vault. + */ + @ParameterizedTest(name = DISPLAY_NAME) + @MethodSource("com.azure.security.keyvault.administration.KeyVaultAdministrationClientTestBase#createHttpClients") + public void listRoleAssignments(HttpClient httpClient) { + if (getTestMode() != TestMode.PLAYBACK) { + // Currently there is no test cloud environment for Managed HSM. + // TODO: Remove once there is a proper cloud environment available. + return; + } + + asyncClient = getClientBuilder(httpClient, false).buildAsyncClient(); + + asyncClient.listRoleAssignments(KeyVaultRoleScope.GLOBAL) + .subscribe(roleAssignment -> { + assertNotNull(roleAssignment.getId()); + assertNotNull(roleAssignment.getName()); + assertNotNull(roleAssignment.getType()); + + KeyVaultRoleAssignmentProperties properties = roleAssignment.getProperties(); + + assertNotNull(properties); + assertNotNull(properties.getRoleDefinitionId()); + assertNotNull(properties.getPrincipalId()); + }); + + sleepIfRunningAgainstService(5000); } /** @@ -114,13 +251,17 @@ public void createRoleAssignment(HttpClient httpClient) { List roleDefinitions = new ArrayList<>(); asyncClient.listRoleDefinitions(KeyVaultRoleScope.GLOBAL).subscribe(roleDefinitions::add); - sleepInLiveOrRecordMode(5000); + sleepIfRunningAgainstService(5000); + + assertFalse(roleDefinitions.isEmpty()); KeyVaultRoleDefinition roleDefinition = null; for (KeyVaultRoleDefinition currentRoleDefinition : roleDefinitions) { if (currentRoleDefinition.getProperties().getRoleName().equals(ROLE_NAME)) { roleDefinition = currentRoleDefinition; + + break; } } @@ -128,29 +269,83 @@ public void createRoleAssignment(HttpClient httpClient) { String roleAssignmentName = "d0bedeb4-7431-407d-81cd-278929c98218"; + // Create a role assignment. + KeyVaultRoleDefinition finalRoleDefinition = roleDefinition; + + asyncClient.createRoleAssignment(KeyVaultRoleScope.GLOBAL, roleDefinition.getId(), servicePrincipalId, + roleAssignmentName).subscribe(roleAssignment -> { + assertNotNull(roleAssignment); + assertNotNull(roleAssignment.getId()); + assertEquals(roleAssignmentName, roleAssignment.getName()); + assertNotNull(roleAssignment.getType()); + assertNotNull(roleAssignment.getRoleScope()); + + KeyVaultRoleAssignmentProperties properties = roleAssignment.getProperties(); + + assertNotNull(properties); + assertEquals(servicePrincipalId, properties.getPrincipalId()); + assertEquals(finalRoleDefinition.getId(), properties.getRoleDefinitionId()); + + // Clean up the role assignment. + KeyVaultAccessControlAsyncClient cleanupClient = getClientBuilder(httpClient, true).buildAsyncClient(); + + cleanupClient.deleteRoleAssignment(KeyVaultRoleScope.GLOBAL, roleAssignmentName).block(); + }); + } + + /** + * Tests that a {@link KeyVaultRoleAssignment role assignment} that already exists in the Key Vault cannot be + * created again. + */ + @ParameterizedTest(name = DISPLAY_NAME) + @MethodSource("com.azure.security.keyvault.administration.KeyVaultAdministrationClientTestBase#createHttpClients") + public void createExistingRoleAssignmentThrows(HttpClient httpClient) { + if (getTestMode() != TestMode.PLAYBACK) { + // Currently there is no test cloud environment for Managed HSM. + // TODO: Remove once there is a proper cloud environment available. + return; + } + + asyncClient = getClientBuilder(httpClient, false).buildAsyncClient(); + + List roleDefinitions = new ArrayList<>(); + + asyncClient.listRoleDefinitions(KeyVaultRoleScope.GLOBAL).subscribe(roleDefinitions::add); + sleepIfRunningAgainstService(5000); + + KeyVaultRoleDefinition roleDefinition = null; + + for (KeyVaultRoleDefinition currentRoleDefinition : roleDefinitions) { + if (currentRoleDefinition.getProperties().getRoleName().equals(ROLE_NAME)) { + roleDefinition = currentRoleDefinition; + + break; + } + } + + assertNotNull(roleDefinition); + + String roleAssignmentName = "9412ec53-56f1-4cd8-ab3e-cbbd38253f08"; + KeyVaultRoleAssignment roleAssignment = null; + try { // Create a role assignment. - KeyVaultRoleAssignment roleAssignment = - asyncClient.createRoleAssignment(KeyVaultRoleScope.GLOBAL, roleAssignmentName, roleDefinition.getId(), - clientId).block(); + roleAssignment = + asyncClient.createRoleAssignment(KeyVaultRoleScope.GLOBAL, roleDefinition.getId(), servicePrincipalId, + roleAssignmentName).block(); - assertNotNull(roleAssignment); - assertNotNull(roleAssignment.getId()); - assertEquals(roleAssignment.getName(), roleAssignmentName); - assertNotNull(roleAssignment.getType()); - assertNotNull(roleAssignment.getRoleScope()); + KeyVaultRoleDefinition finalRoleDefinition = roleDefinition; - KeyVaultRoleAssignmentProperties properties = roleAssignment.getProperties(); - - assertNotNull(properties); - assertEquals(clientId, properties.getPrincipalId()); - assertEquals(roleDefinition.getId(), properties.getRoleDefinitionId()); + // Attempt to create a role assignment with the same roe scope, name, role definition ID and principal ID. + assertThrows(KeyVaultAdministrationException.class, + () -> asyncClient.createRoleAssignment(KeyVaultRoleScope.GLOBAL, finalRoleDefinition.getId(), + servicePrincipalId, roleAssignmentName).block()); } finally { - if (getTestMode() != TestMode.PLAYBACK) { + if (getTestMode() != TestMode.PLAYBACK && roleAssignment != null) { // Clean up the role assignment. KeyVaultAccessControlAsyncClient cleanupClient = getClientBuilder(httpClient, true).buildAsyncClient(); - cleanupClient.deleteRoleAssignment(KeyVaultRoleScope.GLOBAL, roleAssignmentName); + cleanupClient.deleteRoleAssignment(KeyVaultRoleScope.GLOBAL, roleAssignmentName).block(); } } } @@ -172,50 +367,43 @@ public void getRoleAssignment(HttpClient httpClient) { List roleDefinitions = new ArrayList<>(); asyncClient.listRoleDefinitions(KeyVaultRoleScope.GLOBAL).subscribe(roleDefinitions::add); - sleepInLiveOrRecordMode(5000); + sleepIfRunningAgainstService(5000); KeyVaultRoleDefinition roleDefinition = null; for (KeyVaultRoleDefinition currentRoleDefinition : roleDefinitions) { if (currentRoleDefinition.getProperties().getRoleName().equals(ROLE_NAME)) { roleDefinition = currentRoleDefinition; + + break; } } assertNotNull(roleDefinition); String roleAssignmentName = "658d6c14-98c2-4a53-a523-be8609eb7f8b"; + KeyVaultRoleAssignment createdRoleAssignment = null; try { // Create a role assignment to retrieve. - KeyVaultRoleAssignment createdRoleAssignment = - asyncClient.createRoleAssignment(KeyVaultRoleScope.GLOBAL, roleAssignmentName, roleDefinition.getId(), - clientId).block(); + createdRoleAssignment = + asyncClient.createRoleAssignment(KeyVaultRoleScope.GLOBAL, roleDefinition.getId(), servicePrincipalId, + roleAssignmentName).block(); assertNotNull(createdRoleAssignment); // Get the role assignment. KeyVaultRoleAssignment retrievedRoleAssignment = - asyncClient.getRoleAssignment(KeyVaultRoleScope.GLOBAL, roleAssignmentName) - .block(); + asyncClient.getRoleAssignment(KeyVaultRoleScope.GLOBAL, roleAssignmentName).block(); assertNotNull(retrievedRoleAssignment); - assertEquals(createdRoleAssignment.getId(), retrievedRoleAssignment.getId()); - assertEquals(createdRoleAssignment.getName(), retrievedRoleAssignment.getName()); - assertEquals(createdRoleAssignment.getType(), retrievedRoleAssignment.getType()); - assertEquals(createdRoleAssignment.getRoleScope(), retrievedRoleAssignment.getRoleScope()); - - KeyVaultRoleAssignmentProperties retrievedProperties = retrievedRoleAssignment.getProperties(); - - assertNotNull(retrievedProperties); - assertEquals(clientId, retrievedProperties.getPrincipalId()); - assertEquals(roleDefinition.getId(), retrievedProperties.getRoleDefinitionId()); + assertRoleAssignmentEquals(createdRoleAssignment, retrievedRoleAssignment); } finally { - if (getTestMode() != TestMode.PLAYBACK) { + if (getTestMode() != TestMode.PLAYBACK && createdRoleAssignment != null) { // Clean up the role assignment. KeyVaultAccessControlAsyncClient cleanupClient = getClientBuilder(httpClient, true).buildAsyncClient(); - cleanupClient.deleteRoleAssignment(KeyVaultRoleScope.GLOBAL, roleAssignmentName); + cleanupClient.deleteRoleAssignment(KeyVaultRoleScope.GLOBAL, roleAssignmentName).block(); } } } @@ -237,13 +425,15 @@ public void deleteRoleAssignment(HttpClient httpClient) { List roleDefinitions = new ArrayList<>(); asyncClient.listRoleDefinitions(KeyVaultRoleScope.GLOBAL).subscribe(roleDefinitions::add); - sleepInLiveOrRecordMode(5000); + sleepIfRunningAgainstService(5000); KeyVaultRoleDefinition roleDefinition = null; for (KeyVaultRoleDefinition currentRoleDefinition : roleDefinitions) { if (currentRoleDefinition.getProperties().getRoleName().equals(ROLE_NAME)) { roleDefinition = currentRoleDefinition; + + break; } } @@ -253,8 +443,8 @@ public void deleteRoleAssignment(HttpClient httpClient) { // Create a role assignment to delete. KeyVaultRoleAssignment createdRoleAssignment = - asyncClient.createRoleAssignment(KeyVaultRoleScope.GLOBAL, roleAssignmentName, roleDefinition.getId(), - clientId).block(); + asyncClient.createRoleAssignment(KeyVaultRoleScope.GLOBAL, roleDefinition.getId(), servicePrincipalId, + roleAssignmentName).block(); assertNotNull(createdRoleAssignment); @@ -263,15 +453,45 @@ public void deleteRoleAssignment(HttpClient httpClient) { asyncClient.deleteRoleAssignment(KeyVaultRoleScope.GLOBAL, roleAssignmentName).block(); assertNotNull(deletedRoleAssignment); - assertEquals(createdRoleAssignment.getId(), deletedRoleAssignment.getId()); - assertEquals(createdRoleAssignment.getName(), deletedRoleAssignment.getName()); - assertEquals(createdRoleAssignment.getType(), deletedRoleAssignment.getType()); - assertEquals(createdRoleAssignment.getRoleScope(), deletedRoleAssignment.getRoleScope()); + assertRoleAssignmentEquals(createdRoleAssignment, deletedRoleAssignment); + } + + /** + * Tests that an exception is thrown when trying to delete a non-existent + * {@link KeyVaultRoleAssignment role assignment} from the Key Vault. + */ + @ParameterizedTest(name = DISPLAY_NAME) + @MethodSource("com.azure.security.keyvault.administration.KeyVaultAdministrationClientTestBase#createHttpClients") + public void deleteNonExistingRoleAssignmentThrows(HttpClient httpClient) { + if (getTestMode() != TestMode.PLAYBACK) { + // Currently there is no test cloud environment for Managed HSM. + // TODO: Remove once there is a proper cloud environment available. + return; + } + + asyncClient = getClientBuilder(httpClient, false).buildAsyncClient(); + + List roleDefinitions = new ArrayList<>(); + + asyncClient.listRoleDefinitions(KeyVaultRoleScope.GLOBAL).subscribe(roleDefinitions::add); + sleepIfRunningAgainstService(5000); + + KeyVaultRoleDefinition roleDefinition = null; + + for (KeyVaultRoleDefinition currentRoleDefinition : roleDefinitions) { + if (currentRoleDefinition.getProperties().getRoleName().equals(ROLE_NAME)) { + roleDefinition = currentRoleDefinition; + + break; + } + } + + assertNotNull(roleDefinition); - KeyVaultRoleAssignmentProperties retrievedProperties = deletedRoleAssignment.getProperties(); + String roleAssignmentName = "ee830d79-e3dc-4ac5-8581-b6f650aa7831"; - assertNotNull(retrievedProperties); - assertEquals(clientId, retrievedProperties.getPrincipalId()); - assertEquals(roleDefinition.getId(), retrievedProperties.getRoleDefinitionId()); + // Try to delete a non-existent role assignment. + assertThrows(KeyVaultAdministrationException.class, + () -> asyncClient.deleteRoleAssignment(KeyVaultRoleScope.GLOBAL, roleAssignmentName).block()); } } diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/test/java/com/azure/security/keyvault/administration/KeyVaultAccessControlClientTest.java b/sdk/keyvault/azure-security-keyvault-administration/src/test/java/com/azure/security/keyvault/administration/KeyVaultAccessControlClientTest.java index c05c1b8081a3..7c289603d1ca 100644 --- a/sdk/keyvault/azure-security-keyvault-administration/src/test/java/com/azure/security/keyvault/administration/KeyVaultAccessControlClientTest.java +++ b/sdk/keyvault/azure-security-keyvault-administration/src/test/java/com/azure/security/keyvault/administration/KeyVaultAccessControlClientTest.java @@ -6,17 +6,21 @@ import com.azure.core.http.HttpClient; import com.azure.core.http.rest.PagedIterable; import com.azure.core.test.TestMode; +import com.azure.security.keyvault.administration.models.KeyVaultAdministrationException; import com.azure.security.keyvault.administration.models.KeyVaultRoleAssignment; import com.azure.security.keyvault.administration.models.KeyVaultRoleAssignmentProperties; -import com.azure.security.keyvault.administration.models.KeyVaultRoleScope; import com.azure.security.keyvault.administration.models.KeyVaultRoleDefinition; import com.azure.security.keyvault.administration.models.KeyVaultRoleDefinitionProperties; +import com.azure.security.keyvault.administration.models.KeyVaultRoleDefinitionType; +import com.azure.security.keyvault.administration.models.KeyVaultRoleScope; +import com.azure.security.keyvault.administration.models.KeyVaultRoleType; import org.junit.jupiter.params.ParameterizedTest; import org.junit.jupiter.params.provider.MethodSource; import static org.junit.jupiter.api.Assertions.assertEquals; -import static org.junit.jupiter.api.Assertions.assertNotEquals; +import static org.junit.jupiter.api.Assertions.assertFalse; import static org.junit.jupiter.api.Assertions.assertNotNull; +import static org.junit.jupiter.api.Assertions.assertThrows; import static org.junit.jupiter.api.Assertions.assertTrue; public class KeyVaultAccessControlClientTest extends KeyVaultAccessControlClientTestBase { @@ -40,9 +44,7 @@ public void listRoleDefinitions(HttpClient httpClient) { } client = getClientBuilder(httpClient, false).buildClient(); - - PagedIterable roleDefinitions = - client.listRoleDefinitions(KeyVaultRoleScope.GLOBAL); + PagedIterable roleDefinitions = client.listRoleDefinitions(KeyVaultRoleScope.GLOBAL); assertTrue(roleDefinitions.iterator().hasNext()); @@ -57,9 +59,143 @@ public void listRoleDefinitions(HttpClient httpClient) { assertNotNull(properties.getRoleName()); assertNotNull(properties.getDescription()); assertNotNull(properties.getRoleType()); - assertNotEquals(0, properties.getAssignableScopes().size()); - assertNotEquals(0, properties.getPermissions().size()); + assertFalse(properties.getAssignableScopes().isEmpty()); + assertFalse(properties.getPermissions().isEmpty()); + } + } + + /** + * Tests that a {@link KeyVaultRoleDefinition role definition} can be created in the Key Vault. + */ + @ParameterizedTest(name = DISPLAY_NAME) + @MethodSource("com.azure.security.keyvault.administration.KeyVaultAdministrationClientTestBase#createHttpClients") + public void setRoleDefinition(HttpClient httpClient) { + if (getTestMode() != TestMode.PLAYBACK) { + // Currently there is no test cloud environment for Managed HSM. + // TODO: Remove once there is a proper cloud environment available. + return; + } + + client = getClientBuilder(httpClient, false).buildClient(); + + String roleDefinitionName = "91d62511-feb2-456f-80a0-5b17bbaa50ec"; + KeyVaultRoleDefinition roleDefinition = null; + + try { + // Create a role definition. + roleDefinition = client.setRoleDefinition(KeyVaultRoleScope.GLOBAL, roleDefinitionName); + + assertNotNull(roleDefinition); + assertNotNull(roleDefinition.getId()); + assertEquals(roleDefinitionName, roleDefinition.getName()); + assertEquals(KeyVaultRoleDefinitionType.MICROSOFT_AUTHORIZATION_ROLE_DEFINITIONS, + roleDefinition.getType()); + + KeyVaultRoleDefinitionProperties properties = roleDefinition.getProperties(); + + assertNotNull(properties); + assertTrue(properties.getAssignableScopes().contains(KeyVaultRoleScope.GLOBAL)); + assertEquals(KeyVaultRoleType.CUSTOM_ROLE, properties.getRoleType()); + assertEquals(roleDefinitionName, properties.getRoleName()); + } finally { + if (getTestMode() != TestMode.PLAYBACK && roleDefinition != null) { + // Clean up the role assignment. + KeyVaultAccessControlClient cleanupClient = getClientBuilder(httpClient, true).buildClient(); + + cleanupClient.deleteRoleDefinition(KeyVaultRoleScope.GLOBAL, roleDefinitionName); + } + } + } + + /** + * Tests that an existing {@link KeyVaultRoleDefinition role definition} can be retrieved from the Key Vault. + */ + @ParameterizedTest(name = DISPLAY_NAME) + @MethodSource("com.azure.security.keyvault.administration.KeyVaultAdministrationClientTestBase#createHttpClients") + public void getRoleDefinition(HttpClient httpClient) { + if (getTestMode() != TestMode.PLAYBACK) { + // Currently there is no test cloud environment for Managed HSM. + // TODO: Remove once there is a proper cloud environment available. + return; + } + + client = getClientBuilder(httpClient, false).buildClient(); + + String roleDefinitionName = "69dd1d15-b9c3-4252-be2e-e5ce7cbed1d5"; + KeyVaultRoleDefinition createdRoleDefinition = null; + + try { + // Create a role definition to retrieve. + createdRoleDefinition = client.setRoleDefinition(KeyVaultRoleScope.GLOBAL, roleDefinitionName); + + assertNotNull(createdRoleDefinition); + + // Get the role assignment. + KeyVaultRoleDefinition retrievedRoleDefinition = + client.getRoleDefinition(KeyVaultRoleScope.GLOBAL, roleDefinitionName); + + assertNotNull(retrievedRoleDefinition); + assertRoleDefinitionEquals(createdRoleDefinition, retrievedRoleDefinition); + } finally { + if (getTestMode() != TestMode.PLAYBACK && createdRoleDefinition != null) { + // Clean up the role assignment. + KeyVaultAccessControlClient cleanupClient = getClientBuilder(httpClient, true).buildClient(); + + cleanupClient.deleteRoleDefinition(KeyVaultRoleScope.GLOBAL, roleDefinitionName); + } + } + } + + /** + * Tests that an existing {@link KeyVaultRoleDefinition role definition} can be deleted from the Key Vault. + */ + @ParameterizedTest(name = DISPLAY_NAME) + @MethodSource("com.azure.security.keyvault.administration.KeyVaultAdministrationClientTestBase#createHttpClients") + public void deleteRoleDefinition(HttpClient httpClient) { + if (getTestMode() != TestMode.PLAYBACK) { + // Currently there is no test cloud environment for Managed HSM. + // TODO: Remove once there is a proper cloud environment available. + return; + } + + client = getClientBuilder(httpClient, false).buildClient(); + + String roleDefinitionName = "6adc4e1b-ff4f-43a7-92ad-6e4ca58d354f"; + + // Create a role definition to delete. + KeyVaultRoleDefinition createdRoleDefinition = + client.setRoleDefinition(KeyVaultRoleScope.GLOBAL, roleDefinitionName); + + assertNotNull(createdRoleDefinition); + + // Delete the role definition. + KeyVaultRoleDefinition deletedRoleDefinition = + client.deleteRoleDefinition(KeyVaultRoleScope.GLOBAL, roleDefinitionName); + + assertNotNull(deletedRoleDefinition); + assertRoleDefinitionEquals(createdRoleDefinition, deletedRoleDefinition); + } + + /** + * Tests that an exception is thrown when trying to delete a non-existent + * {@link KeyVaultRoleDefinition role definition} from the Key Vault. + */ + @ParameterizedTest(name = DISPLAY_NAME) + @MethodSource("com.azure.security.keyvault.administration.KeyVaultAdministrationClientTestBase#createHttpClients") + public void deleteNonExistingRoleDefinitionThrows(HttpClient httpClient) { + if (getTestMode() != TestMode.PLAYBACK) { + // Currently there is no test cloud environment for Managed HSM. + // TODO: Remove once there is a proper cloud environment available. + return; } + + client = getClientBuilder(httpClient, false).buildClient(); + + String roleDefinitionName = "475ed505-5835-48ce-b257-cdb8fa153e67"; + + // Try to delete a non-existent role definition. + assertThrows(KeyVaultAdministrationException.class, + () -> client.deleteRoleDefinition(KeyVaultRoleScope.GLOBAL, roleDefinitionName)); } /** @@ -76,8 +212,7 @@ public void listRoleAssignments(HttpClient httpClient) { client = getClientBuilder(httpClient, false).buildClient(); - PagedIterable roleAssignments = - client.listRoleAssignments(KeyVaultRoleScope.GLOBAL); + PagedIterable roleAssignments = client.listRoleAssignments(KeyVaultRoleScope.GLOBAL); assertTrue(roleAssignments.iterator().hasNext()); @@ -108,14 +243,14 @@ public void createRoleAssignment(HttpClient httpClient) { client = getClientBuilder(httpClient, false).buildClient(); - PagedIterable roleDefinitions = - client.listRoleDefinitions(KeyVaultRoleScope.GLOBAL); + PagedIterable roleDefinitions = client.listRoleDefinitions(KeyVaultRoleScope.GLOBAL); KeyVaultRoleDefinition roleDefinition = null; for (KeyVaultRoleDefinition currentRoleDefinition : roleDefinitions) { if (currentRoleDefinition.getProperties().getRoleName().equals(ROLE_NAME)) { roleDefinition = currentRoleDefinition; + break; } } @@ -127,19 +262,19 @@ public void createRoleAssignment(HttpClient httpClient) { try { // Create a role assignment. KeyVaultRoleAssignment createdRoleAssignment = - client.createRoleAssignment(KeyVaultRoleScope.GLOBAL, roleAssignmentName, roleDefinition.getId(), - clientId); + client.createRoleAssignment(KeyVaultRoleScope.GLOBAL, roleDefinition.getId(), servicePrincipalId, + roleAssignmentName); assertNotNull(createdRoleAssignment); assertNotNull(createdRoleAssignment.getId()); - assertEquals(createdRoleAssignment.getName(), roleAssignmentName); + assertEquals(roleAssignmentName, createdRoleAssignment.getName()); assertNotNull(createdRoleAssignment.getType()); assertNotNull(createdRoleAssignment.getRoleScope()); KeyVaultRoleAssignmentProperties properties = createdRoleAssignment.getProperties(); assertNotNull(properties); - assertEquals(clientId, properties.getPrincipalId()); + assertEquals(servicePrincipalId, properties.getPrincipalId()); assertEquals(roleDefinition.getId(), properties.getRoleDefinitionId()); } finally { if (getTestMode() != TestMode.PLAYBACK) { @@ -151,6 +286,60 @@ public void createRoleAssignment(HttpClient httpClient) { } } + /** + * Tests that a {@link KeyVaultRoleAssignment role assignment} that already exists in the Key Vault cannot be + * created again. + */ + @ParameterizedTest(name = DISPLAY_NAME) + @MethodSource("com.azure.security.keyvault.administration.KeyVaultAdministrationClientTestBase#createHttpClients") + public void createExistingRoleAssignmentThrows(HttpClient httpClient) { + if (getTestMode() != TestMode.PLAYBACK) { + // Currently there is no test cloud environment for Managed HSM. + // TODO: Remove once there is a proper cloud environment available. + return; + } + + client = getClientBuilder(httpClient, false).buildClient(); + + PagedIterable roleDefinitions = client.listRoleDefinitions(KeyVaultRoleScope.GLOBAL); + + KeyVaultRoleDefinition roleDefinition = null; + + for (KeyVaultRoleDefinition currentRoleDefinition : roleDefinitions) { + if (currentRoleDefinition.getProperties().getRoleName().equals(ROLE_NAME)) { + roleDefinition = currentRoleDefinition; + + break; + } + } + + assertNotNull(roleDefinition); + + String roleAssignmentName = "9412ec53-56f1-4cd8-ab3e-cbbd38253f08"; + KeyVaultRoleAssignment roleAssignment = null; + + try { + // Create a role assignment. + roleAssignment = + client.createRoleAssignment(KeyVaultRoleScope.GLOBAL, roleDefinition.getId(), servicePrincipalId, + roleAssignmentName); + + KeyVaultRoleDefinition finalRoleDefinition = roleDefinition; + + // Attempt to create a role assignment with the same name and scope. + assertThrows(KeyVaultAdministrationException.class, + () -> client.createRoleAssignment(KeyVaultRoleScope.GLOBAL, finalRoleDefinition.getId(), + servicePrincipalId, roleAssignmentName)); + } finally { + if (getTestMode() != TestMode.PLAYBACK && roleAssignment != null) { + // Clean up the role assignment. + KeyVaultAccessControlClient cleanupClient = getClientBuilder(httpClient, true).buildClient(); + + cleanupClient.deleteRoleAssignment(KeyVaultRoleScope.GLOBAL, roleAssignmentName); + } + } + } + /** * Tests that an existing {@link KeyVaultRoleAssignment role assignment} can be retrieved from the Key Vault. */ @@ -183,24 +372,17 @@ public void getRoleAssignment(HttpClient httpClient) { try { // Create a role assignment to retrieve. KeyVaultRoleAssignment createdRoleAssignment = - client.createRoleAssignment(KeyVaultRoleScope.GLOBAL, roleAssignmentName, roleDefinition.getId(), - clientId); + client.createRoleAssignment(KeyVaultRoleScope.GLOBAL, roleDefinition.getId(), servicePrincipalId, + roleAssignmentName); + + assertNotNull(createdRoleAssignment); // Get the role assignment. KeyVaultRoleAssignment retrievedRoleAssignment = client.getRoleAssignment(KeyVaultRoleScope.GLOBAL, roleAssignmentName); assertNotNull(retrievedRoleAssignment); - assertEquals(createdRoleAssignment.getId(), retrievedRoleAssignment.getId()); - assertEquals(createdRoleAssignment.getName(), retrievedRoleAssignment.getName()); - assertEquals(createdRoleAssignment.getType(), retrievedRoleAssignment.getType()); - assertEquals(createdRoleAssignment.getRoleScope(), retrievedRoleAssignment.getRoleScope()); - - KeyVaultRoleAssignmentProperties retrievedProperties = retrievedRoleAssignment.getProperties(); - - assertNotNull(retrievedProperties); - assertEquals(clientId, retrievedProperties.getPrincipalId()); - assertEquals(roleDefinition.getId(), retrievedProperties.getRoleDefinitionId()); + assertRoleAssignmentEquals(createdRoleAssignment, retrievedRoleAssignment); } finally { if (getTestMode() != TestMode.PLAYBACK) { // Clean up the role assignment. @@ -242,22 +424,51 @@ public void deleteRoleAssignment(HttpClient httpClient) { // Create a role assignment to delete. KeyVaultRoleAssignment createdRoleAssignment = - client.createRoleAssignment(KeyVaultRoleScope.GLOBAL, roleAssignmentName, roleDefinition.getId(), clientId); + client.createRoleAssignment(KeyVaultRoleScope.GLOBAL, roleDefinition.getId(), servicePrincipalId, + roleAssignmentName); + + assertNotNull(createdRoleAssignment); // Delete the role assignment. KeyVaultRoleAssignment deletedRoleAssignment = client.deleteRoleAssignment(KeyVaultRoleScope.GLOBAL, roleAssignmentName); assertNotNull(deletedRoleAssignment); - assertEquals(createdRoleAssignment.getId(), deletedRoleAssignment.getId()); - assertEquals(createdRoleAssignment.getName(), deletedRoleAssignment.getName()); - assertEquals(createdRoleAssignment.getType(), deletedRoleAssignment.getType()); - assertEquals(createdRoleAssignment.getRoleScope(), deletedRoleAssignment.getRoleScope()); + assertRoleAssignmentEquals(createdRoleAssignment, deletedRoleAssignment); + } + + /** + * Tests that an exception is thrown when trying to delete a non-existent + * {@link KeyVaultRoleAssignment role assignment} from the Key Vault. + */ + @ParameterizedTest(name = DISPLAY_NAME) + @MethodSource("com.azure.security.keyvault.administration.KeyVaultAdministrationClientTestBase#createHttpClients") + public void deleteNonExistingRoleAssignmentThrows(HttpClient httpClient) { + if (getTestMode() != TestMode.PLAYBACK) { + // Currently there is no test cloud environment for Managed HSM. + // TODO: Remove once there is a proper cloud environment available. + return; + } + + client = getClientBuilder(httpClient, false).buildClient(); + + PagedIterable roleDefinitions = + client.listRoleDefinitions(KeyVaultRoleScope.GLOBAL); + + KeyVaultRoleDefinition roleDefinition = null; + + for (KeyVaultRoleDefinition currentRoleDefinition : roleDefinitions) { + if (currentRoleDefinition.getProperties().getRoleName().equals(ROLE_NAME)) { + roleDefinition = currentRoleDefinition; + } + } + + assertNotNull(roleDefinition); - KeyVaultRoleAssignmentProperties retrievedProperties = deletedRoleAssignment.getProperties(); + String roleAssignmentName = "ee830d79-e3dc-4ac5-8581-b6f650aa7831"; - assertNotNull(retrievedProperties); - assertEquals(clientId, retrievedProperties.getPrincipalId()); - assertEquals(roleDefinition.getId(), retrievedProperties.getRoleDefinitionId()); + // Try to delete a non-existent role assignment. + assertThrows(KeyVaultAdministrationException.class, + () -> client.deleteRoleAssignment(KeyVaultRoleScope.GLOBAL, roleAssignmentName)); } } diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/test/java/com/azure/security/keyvault/administration/KeyVaultAccessControlClientTestBase.java b/sdk/keyvault/azure-security-keyvault-administration/src/test/java/com/azure/security/keyvault/administration/KeyVaultAccessControlClientTestBase.java index 70e14ea6cbc1..7b1f3ab58b5f 100644 --- a/sdk/keyvault/azure-security-keyvault-administration/src/test/java/com/azure/security/keyvault/administration/KeyVaultAccessControlClientTestBase.java +++ b/sdk/keyvault/azure-security-keyvault-administration/src/test/java/com/azure/security/keyvault/administration/KeyVaultAccessControlClientTestBase.java @@ -8,13 +8,23 @@ import com.azure.core.http.HttpPipelineBuilder; import com.azure.core.http.policy.HttpPipelinePolicy; import com.azure.core.test.TestMode; +import com.azure.security.keyvault.administration.models.KeyVaultPermission; +import com.azure.security.keyvault.administration.models.KeyVaultRoleAssignment; +import com.azure.security.keyvault.administration.models.KeyVaultRoleAssignmentProperties; +import com.azure.security.keyvault.administration.models.KeyVaultRoleDefinition; +import com.azure.security.keyvault.administration.models.KeyVaultRoleDefinitionProperties; +import com.azure.security.keyvault.administration.models.KeyVaultRoleScope; import org.junit.jupiter.api.Test; import java.util.List; +import static org.junit.jupiter.api.Assertions.assertEquals; +import static org.junit.jupiter.api.Assertions.assertNotNull; +import static org.junit.jupiter.api.Assertions.assertTrue; + public abstract class KeyVaultAccessControlClientTestBase extends KeyVaultAdministrationClientTestBase { - protected static final String ROLE_NAME = "Managed HSM Crypto User"; - String clientId = "49acc88b-8f9e-4619-9856-16691db66767"; + protected static final String ROLE_NAME = "Managed HSM Crypto Officer"; + String servicePrincipalId = "49acc88b-8f9e-4619-9856-16691db66767"; protected KeyVaultAccessControlClientBuilder getClientBuilder(HttpClient httpClient, boolean forCleanup) { List policies = getPolicies(); @@ -36,15 +46,98 @@ protected KeyVaultAccessControlClientBuilder getClientBuilder(HttpClient httpCli @Test public abstract void listRoleDefinitions(HttpClient httpClient); + @Test + public abstract void setRoleDefinition(HttpClient httpClient); + + @Test + public abstract void getRoleDefinition(HttpClient httpClient); + + @Test + public abstract void deleteRoleDefinition(HttpClient httpClient); + + @Test + public abstract void deleteNonExistingRoleDefinitionThrows(HttpClient httpClient); + @Test public abstract void listRoleAssignments(HttpClient httpClient); @Test public abstract void createRoleAssignment(HttpClient httpClient); + @Test + public abstract void createExistingRoleAssignmentThrows(HttpClient httpClient); + @Test public abstract void getRoleAssignment(HttpClient httpClient); @Test public abstract void deleteRoleAssignment(HttpClient httpClient); + + @Test + public abstract void deleteNonExistingRoleAssignmentThrows(HttpClient httpClient); + + static void assertRoleAssignmentEquals(KeyVaultRoleAssignment roleAssignment1, + KeyVaultRoleAssignment roleAssignment2) { + assertEquals(roleAssignment1.getId(), roleAssignment2.getId()); + assertEquals(roleAssignment1.getName(), roleAssignment2.getName()); + assertEquals(roleAssignment1.getType(), roleAssignment2.getType()); + assertEquals(roleAssignment1.getRoleScope(), roleAssignment2.getRoleScope()); + + KeyVaultRoleAssignmentProperties properties1 = roleAssignment1.getProperties(); + KeyVaultRoleAssignmentProperties properties2 = roleAssignment2.getProperties(); + + if (properties1 == null && properties2 == null) { + return; + } + + assertNotNull(properties1); + assertNotNull(properties2); + assertEquals(properties1.getPrincipalId(), properties2.getPrincipalId()); + assertEquals(properties1.getRoleDefinitionId(), properties2.getRoleDefinitionId()); + } + + static void assertRoleDefinitionEquals(KeyVaultRoleDefinition roleDefinition1, + KeyVaultRoleDefinition roleDefinition2) { + assertEquals(roleDefinition1.getId(), roleDefinition2.getId()); + assertEquals(roleDefinition1.getName(), roleDefinition2.getName()); + assertEquals(roleDefinition1.getType(), roleDefinition2.getType()); + + KeyVaultRoleDefinitionProperties properties1 = roleDefinition1.getProperties(); + KeyVaultRoleDefinitionProperties properties2 = roleDefinition2.getProperties(); + + if (properties1 == null && properties2 == null) { + return; + } + + assertNotNull(properties1); + assertNotNull(properties2); + assertEquals(properties1.getRoleName(), properties2.getRoleName()); + assertEquals(properties1.getRoleType(), properties2.getRoleType()); + assertEquals(properties1.getDescription(), properties2.getDescription()); + + List assignableScopes1 = properties1.getAssignableScopes(); + List assignableScopes2 = properties2.getAssignableScopes(); + + if (assignableScopes1 == null && assignableScopes2 == null) { + return; + } + + assertNotNull(assignableScopes1); + assertNotNull(assignableScopes2); + + assertEquals(assignableScopes1.size(), assignableScopes2.size()); + assertTrue(assignableScopes1.containsAll(assignableScopes2)); + + List permissions1 = properties1.getPermissions(); + List permissions2 = properties2.getPermissions(); + + if (permissions1 == null && permissions2 == null) { + return; + } + + assertNotNull(permissions1); + assertNotNull(permissions2); + + assertEquals(permissions1.size(), permissions2.size()); + } } diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/test/java/com/azure/security/keyvault/administration/KeyVaultAdministrationClientTestBase.java b/sdk/keyvault/azure-security-keyvault-administration/src/test/java/com/azure/security/keyvault/administration/KeyVaultAdministrationClientTestBase.java index 963200be557a..a62649653862 100644 --- a/sdk/keyvault/azure-security-keyvault-administration/src/test/java/com/azure/security/keyvault/administration/KeyVaultAdministrationClientTestBase.java +++ b/sdk/keyvault/azure-security-keyvault-administration/src/test/java/com/azure/security/keyvault/administration/KeyVaultAdministrationClientTestBase.java @@ -16,7 +16,7 @@ import com.azure.core.http.policy.UserAgentPolicy; import com.azure.core.test.TestBase; import com.azure.core.util.Configuration; -import com.azure.identity.AzureCliCredentialBuilder; +import com.azure.identity.ClientSecretCredentialBuilder; import com.azure.security.keyvault.administration.implementation.KeyVaultCredentialPolicy; import org.junit.jupiter.params.provider.Arguments; @@ -43,7 +43,19 @@ protected List getPolicies() { TokenCredential credential = null; if (!interceptorManager.isPlaybackMode()) { - credential = new AzureCliCredentialBuilder().build(); + String clientId = System.getenv("ARM_CLIENTID"); + String clientKey = System.getenv("ARM_CLIENTKEY"); + String tenantId = System.getenv("AZURE_TENANT_ID"); + + Objects.requireNonNull(clientId, "The client id cannot be null"); + Objects.requireNonNull(clientKey, "The client key cannot be null"); + Objects.requireNonNull(tenantId, "The tenant id cannot be null"); + + credential = new ClientSecretCredentialBuilder() + .clientSecret(clientKey) + .clientId(clientId) + .tenantId(tenantId) + .build(); } // Closest to API goes first, closest to wire goes last. @@ -81,16 +93,4 @@ public String getEndpoint() { static Stream createHttpClients() { return TestBase.getHttpClients().map(Arguments::of); } - - public void sleepInLiveOrRecordMode(long millis) { - if (interceptorManager.isPlaybackMode()) { - return; - } - - try { - Thread.sleep(millis); - } catch (InterruptedException e) { - e.printStackTrace(); - } - } } diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/test/java/com/azure/security/keyvault/administration/KeyVaultBackupAsyncClientTest.java b/sdk/keyvault/azure-security-keyvault-administration/src/test/java/com/azure/security/keyvault/administration/KeyVaultBackupAsyncClientTest.java index 0787eb497e37..09db2d92e57b 100644 --- a/sdk/keyvault/azure-security-keyvault-administration/src/test/java/com/azure/security/keyvault/administration/KeyVaultBackupAsyncClientTest.java +++ b/sdk/keyvault/azure-security-keyvault-administration/src/test/java/com/azure/security/keyvault/administration/KeyVaultBackupAsyncClientTest.java @@ -28,7 +28,7 @@ protected void beforeTest() { } /** - * Tests that a Key Vault can be backed up. + * Tests that a Key Vault or MHSM can be backed up. */ @SuppressWarnings("ConstantConditions") @ParameterizedTest(name = DISPLAY_NAME) diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/test/java/com/azure/security/keyvault/administration/KeyVaultBackupClientTest.java b/sdk/keyvault/azure-security-keyvault-administration/src/test/java/com/azure/security/keyvault/administration/KeyVaultBackupClientTest.java index c31cdd96a4a9..c3f2baae29ea 100644 --- a/sdk/keyvault/azure-security-keyvault-administration/src/test/java/com/azure/security/keyvault/administration/KeyVaultBackupClientTest.java +++ b/sdk/keyvault/azure-security-keyvault-administration/src/test/java/com/azure/security/keyvault/administration/KeyVaultBackupClientTest.java @@ -106,15 +106,9 @@ public void beginSelectiveRestore(HttpClient httpClient) { SyncPoller selectiveRestorePoller = client.beginSelectiveRestore("testKey", backupFolderUrl, sasToken); - PollResponse response = selectiveRestorePoller.poll(); - - assertNotNull(response); - assertEquals(LongRunningOperationStatus.IN_PROGRESS, response.getStatus()); - assertNotNull(response.getValue()); - selectiveRestorePoller.waitForCompletion(); - response = selectiveRestorePoller.poll(); + PollResponse response = selectiveRestorePoller.poll(); assertEquals(LongRunningOperationStatus.SUCCESSFULLY_COMPLETED, response.getStatus()); } diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlAsyncClientTest.createExistingRoleAssignmentThrows[1].json b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlAsyncClientTest.createExistingRoleAssignmentThrows[1].json new file mode 100644 index 000000000000..df9ab4054cd2 --- /dev/null +++ b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlAsyncClientTest.createExistingRoleAssignmentThrows[1].json @@ -0,0 +1,74 @@ +{ + "networkCallRecords" : [ { + "Method" : "GET", + "Uri" : "https://REDACTED.managedhsm.azure.net///providers/Microsoft.Authorization/roleDefinitions?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" + }, + "Response" : { + "content-length" : "6944", + "x-frame-options" : "SAMEORIGIN", + "x-ms-build-version" : "1.0.20210407-3-27236ed1-develop", + "retry-after" : "0", + "StatusCode" : "200", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "1", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-region" : "westus", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "a4e41264-aecd-11eb-8eeb-000d3a31c437", + "Body" : "{\"value\":[{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8\",\"name\":\"7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/backup/start/action\",\"Microsoft.KeyVault/managedHsm/backup/status/action\",\"Microsoft.KeyVault/managedHsm/keys/backup/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Backup\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/33413926-3206-4cdd-b39a-83574fe37a17\",\"name\":\"33413926-3206-4cdd-b39a-83574fe37a17\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/wrap/action\",\"Microsoft.KeyVault/managedHsm/keys/unwrap/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Service Encryption\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625c\",\"name\":\"21dbd100-6940-42c2-9190-5d6cb909625c\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/release/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Service Release\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/2c18b078-7c48-4d3a-af88-5a3a1b3f82b3\",\"name\":\"2c18b078-7c48-4d3a-af88-5a3a1b3f82b3\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Auditor\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/4bd23610-cdcf-4971-bdee-bdc562cc28e4\",\"name\":\"4bd23610-cdcf-4971-bdee-bdc562cc28e4\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/delete/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Policy Administrator\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625b\",\"name\":\"21dbd100-6940-42c2-9190-5d6cb909625b\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/write/action\",\"Microsoft.KeyVault/managedHsm/keys/delete\",\"Microsoft.KeyVault/managedHsm/keys/create\",\"Microsoft.KeyVault/managedHsm/keys/import/action\",\"Microsoft.KeyVault/managedHsm/keys/release/action\",\"Microsoft.KeyVault/managedHsm/keys/backup/action\",\"Microsoft.KeyVault/managedHsm/keys/restore/action\",\"Microsoft.KeyVault/managedHsm/keys/encrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/decrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/wrap/action\",\"Microsoft.KeyVault/managedHsm/keys/unwrap/action\",\"Microsoft.KeyVault/managedHsm/keys/sign/action\",\"Microsoft.KeyVault/managedHsm/keys/verify/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto User\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"name\":\"515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/delete/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/delete\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/recover/action\",\"Microsoft.KeyVault/managedHsm/keys/export/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Officer\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/a290e904-7015-4bba-90c8-60543313cdb4\",\"name\":\"a290e904-7015-4bba-90c8-60543313cdb4\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/delete/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/download/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/download/read\",\"Microsoft.KeyVault/managedHsm/securitydomain/upload/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/upload/read\",\"Microsoft.KeyVault/managedHsm/securitydomain/transferkey/read\",\"Microsoft.KeyVault/managedHsm/backup/start/action\",\"Microsoft.KeyVault/managedHsm/restore/start/action\",\"Microsoft.KeyVault/managedHsm/backup/status/action\",\"Microsoft.KeyVault/managedHsm/restore/status/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Administrator\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/91d62511-feb2-456f-80a0-5b17bbaa50ec\",\"name\":\"91d62511-feb2-456f-80a0-5b17bbaa50ec\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[],\"roleName\":\"91d62511-feb2-456f-80a0-5b17bbaa50ec\",\"type\":\"CustomRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"}]}" + }, + "Exception" : null + }, { + "Method" : "PUT", + "Uri" : "https://REDACTED.managedhsm.azure.net///providers/Microsoft.Authorization/roleAssignments/9412ec53-56f1-4cd8-ab3e-cbbd38253f08?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)", + "Content-Type" : "application/json" + }, + "Response" : { + "content-length" : "398", + "x-frame-options" : "SAMEORIGIN", + "retry-after" : "0", + "StatusCode" : "201", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "80", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-region" : "westus", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "a70ffecc-aecd-11eb-a764-000d3a3b7b4c", + "Body" : "{\"id\":\"/providers/Microsoft.Authorization/roleAssignments/9412ec53-56f1-4cd8-ab3e-cbbd38253f08\",\"name\":\"9412ec53-56f1-4cd8-ab3e-cbbd38253f08\",\"properties\":{\"principalId\":\"49acc88b-8f9e-4619-9856-16691db66767\",\"roleDefinitionId\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"scope\":\"/\"},\"type\":\"Microsoft.Authorization/roleAssignments\"}" + }, + "Exception" : null + }, { + "Method" : "PUT", + "Uri" : "https://REDACTED.managedhsm.azure.net///providers/Microsoft.Authorization/roleAssignments/9412ec53-56f1-4cd8-ab3e-cbbd38253f08?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)", + "Content-Type" : "application/json" + }, + "Response" : { + "content-length" : "141", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "x-frame-options" : "SAMEORIGIN", + "content-type" : "application/json; charset=utf-8", + "retry-after" : "0", + "cache-control" : "no-cache", + "StatusCode" : "400", + "x-ms-request-id" : "a734027c-aecd-11eb-a764-000d3a3b7b4c", + "Body" : "{\"error\":{\"code\":\"RoleAssignmentExists\",\"message\":\"The role assignment already exists. (Activity ID: a734027c-aecd-11eb-a764-000d3a3b7b4c)\"}}", + "x-ms-server-latency" : "1", + "strict-transport-security" : "max-age=31536000; includeSubDomains" + }, + "Exception" : null + } ], + "variables" : [ ] +} \ No newline at end of file diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlAsyncClientTest.createRoleAssignment[1].json b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlAsyncClientTest.createRoleAssignment[1].json new file mode 100644 index 000000000000..f939e52f7995 --- /dev/null +++ b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlAsyncClientTest.createRoleAssignment[1].json @@ -0,0 +1,28 @@ +{ + "networkCallRecords" : [ { + "Method" : "GET", + "Uri" : "https://REDACTED.managedhsm.azure.net///providers/Microsoft.Authorization/roleDefinitions?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" + }, + "Response" : { + "content-length" : "6944", + "x-frame-options" : "SAMEORIGIN", + "x-ms-build-version" : "1.0.20210407-3-27236ed1-develop", + "retry-after" : "0", + "StatusCode" : "200", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "0", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-region" : "westus", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "9a0581de-aecd-11eb-a15d-000d3a59ae40", + "Body" : "{\"value\":[{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8\",\"name\":\"7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/backup/start/action\",\"Microsoft.KeyVault/managedHsm/backup/status/action\",\"Microsoft.KeyVault/managedHsm/keys/backup/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Backup\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/33413926-3206-4cdd-b39a-83574fe37a17\",\"name\":\"33413926-3206-4cdd-b39a-83574fe37a17\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/wrap/action\",\"Microsoft.KeyVault/managedHsm/keys/unwrap/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Service Encryption\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625c\",\"name\":\"21dbd100-6940-42c2-9190-5d6cb909625c\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/release/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Service Release\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/2c18b078-7c48-4d3a-af88-5a3a1b3f82b3\",\"name\":\"2c18b078-7c48-4d3a-af88-5a3a1b3f82b3\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Auditor\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/4bd23610-cdcf-4971-bdee-bdc562cc28e4\",\"name\":\"4bd23610-cdcf-4971-bdee-bdc562cc28e4\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/delete/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Policy Administrator\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625b\",\"name\":\"21dbd100-6940-42c2-9190-5d6cb909625b\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/write/action\",\"Microsoft.KeyVault/managedHsm/keys/delete\",\"Microsoft.KeyVault/managedHsm/keys/create\",\"Microsoft.KeyVault/managedHsm/keys/import/action\",\"Microsoft.KeyVault/managedHsm/keys/release/action\",\"Microsoft.KeyVault/managedHsm/keys/backup/action\",\"Microsoft.KeyVault/managedHsm/keys/restore/action\",\"Microsoft.KeyVault/managedHsm/keys/encrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/decrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/wrap/action\",\"Microsoft.KeyVault/managedHsm/keys/unwrap/action\",\"Microsoft.KeyVault/managedHsm/keys/sign/action\",\"Microsoft.KeyVault/managedHsm/keys/verify/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto User\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"name\":\"515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/delete/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/delete\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/recover/action\",\"Microsoft.KeyVault/managedHsm/keys/export/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Officer\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/a290e904-7015-4bba-90c8-60543313cdb4\",\"name\":\"a290e904-7015-4bba-90c8-60543313cdb4\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/delete/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/download/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/download/read\",\"Microsoft.KeyVault/managedHsm/securitydomain/upload/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/upload/read\",\"Microsoft.KeyVault/managedHsm/securitydomain/transferkey/read\",\"Microsoft.KeyVault/managedHsm/backup/start/action\",\"Microsoft.KeyVault/managedHsm/restore/start/action\",\"Microsoft.KeyVault/managedHsm/backup/status/action\",\"Microsoft.KeyVault/managedHsm/restore/status/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Administrator\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/91d62511-feb2-456f-80a0-5b17bbaa50ec\",\"name\":\"91d62511-feb2-456f-80a0-5b17bbaa50ec\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[],\"roleName\":\"91d62511-feb2-456f-80a0-5b17bbaa50ec\",\"type\":\"CustomRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"}]}" + }, + "Exception" : null + } ], + "variables" : [ ] +} \ No newline at end of file diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlAsyncClientTest.deleteNonExistingRoleAssignmentThrows[1].json b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlAsyncClientTest.deleteNonExistingRoleAssignmentThrows[1].json new file mode 100644 index 000000000000..de257c201636 --- /dev/null +++ b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlAsyncClientTest.deleteNonExistingRoleAssignmentThrows[1].json @@ -0,0 +1,49 @@ +{ + "networkCallRecords" : [ { + "Method" : "GET", + "Uri" : "https://REDACTED.managedhsm.azure.net///providers/Microsoft.Authorization/roleDefinitions?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" + }, + "Response" : { + "content-length" : "6944", + "x-frame-options" : "SAMEORIGIN", + "x-ms-build-version" : "1.0.20210407-3-27236ed1-develop", + "retry-after" : "0", + "StatusCode" : "200", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "0", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-region" : "westus", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "c1d8cf22-aecd-11eb-bc09-000d3a3b7b4c", + "Body" : "{\"value\":[{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8\",\"name\":\"7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/backup/start/action\",\"Microsoft.KeyVault/managedHsm/backup/status/action\",\"Microsoft.KeyVault/managedHsm/keys/backup/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Backup\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/33413926-3206-4cdd-b39a-83574fe37a17\",\"name\":\"33413926-3206-4cdd-b39a-83574fe37a17\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/wrap/action\",\"Microsoft.KeyVault/managedHsm/keys/unwrap/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Service Encryption\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625c\",\"name\":\"21dbd100-6940-42c2-9190-5d6cb909625c\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/release/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Service Release\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/2c18b078-7c48-4d3a-af88-5a3a1b3f82b3\",\"name\":\"2c18b078-7c48-4d3a-af88-5a3a1b3f82b3\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Auditor\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/4bd23610-cdcf-4971-bdee-bdc562cc28e4\",\"name\":\"4bd23610-cdcf-4971-bdee-bdc562cc28e4\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/delete/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Policy Administrator\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625b\",\"name\":\"21dbd100-6940-42c2-9190-5d6cb909625b\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/write/action\",\"Microsoft.KeyVault/managedHsm/keys/delete\",\"Microsoft.KeyVault/managedHsm/keys/create\",\"Microsoft.KeyVault/managedHsm/keys/import/action\",\"Microsoft.KeyVault/managedHsm/keys/release/action\",\"Microsoft.KeyVault/managedHsm/keys/backup/action\",\"Microsoft.KeyVault/managedHsm/keys/restore/action\",\"Microsoft.KeyVault/managedHsm/keys/encrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/decrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/wrap/action\",\"Microsoft.KeyVault/managedHsm/keys/unwrap/action\",\"Microsoft.KeyVault/managedHsm/keys/sign/action\",\"Microsoft.KeyVault/managedHsm/keys/verify/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto User\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"name\":\"515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/delete/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/delete\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/recover/action\",\"Microsoft.KeyVault/managedHsm/keys/export/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Officer\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/a290e904-7015-4bba-90c8-60543313cdb4\",\"name\":\"a290e904-7015-4bba-90c8-60543313cdb4\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/delete/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/download/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/download/read\",\"Microsoft.KeyVault/managedHsm/securitydomain/upload/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/upload/read\",\"Microsoft.KeyVault/managedHsm/securitydomain/transferkey/read\",\"Microsoft.KeyVault/managedHsm/backup/start/action\",\"Microsoft.KeyVault/managedHsm/restore/start/action\",\"Microsoft.KeyVault/managedHsm/backup/status/action\",\"Microsoft.KeyVault/managedHsm/restore/status/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Administrator\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/91d62511-feb2-456f-80a0-5b17bbaa50ec\",\"name\":\"91d62511-feb2-456f-80a0-5b17bbaa50ec\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[],\"roleName\":\"91d62511-feb2-456f-80a0-5b17bbaa50ec\",\"type\":\"CustomRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"}]}" + }, + "Exception" : null + }, { + "Method" : "DELETE", + "Uri" : "https://REDACTED.managedhsm.azure.net///providers/Microsoft.Authorization/roleAssignments/ee830d79-e3dc-4ac5-8581-b6f650aa7831?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" + }, + "Response" : { + "content-length" : "143", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "x-frame-options" : "SAMEORIGIN", + "content-type" : "application/json; charset=utf-8", + "retry-after" : "0", + "cache-control" : "no-cache", + "StatusCode" : "404", + "x-ms-request-id" : "c451257e-aecd-11eb-a15d-000d3a59ae40", + "Body" : "{\"error\":{\"code\":\"RoleAssignmentNotFound\",\"message\":\"Requested role assignment not found (Activity ID: c451257e-aecd-11eb-a15d-000d3a59ae40)\"}}", + "x-ms-server-latency" : "1", + "strict-transport-security" : "max-age=31536000; includeSubDomains" + }, + "Exception" : null + } ], + "variables" : [ ] +} \ No newline at end of file diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlAsyncClientTest.deleteNonExistingRoleDefinitionThrows[1].json b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlAsyncClientTest.deleteNonExistingRoleDefinitionThrows[1].json new file mode 100644 index 000000000000..bc448e270b56 --- /dev/null +++ b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlAsyncClientTest.deleteNonExistingRoleDefinitionThrows[1].json @@ -0,0 +1,25 @@ +{ + "networkCallRecords" : [ { + "Method" : "DELETE", + "Uri" : "https://REDACTED.managedhsm.azure.net///providers/Microsoft.Authorization/roleDefinitions/475ed505-5835-48ce-b257-cdb8fa153e67?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" + }, + "Response" : { + "content-length" : "143", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "x-frame-options" : "SAMEORIGIN", + "content-type" : "application/json; charset=utf-8", + "retry-after" : "0", + "cache-control" : "no-cache", + "StatusCode" : "404", + "x-ms-request-id" : "7ece1070-aecd-11eb-8fdc-000d3a31c437", + "Body" : "{\"error\":{\"code\":\"RoleDefinitionNotFound\",\"message\":\"Requested role definition not found (Activity ID: 7ece1070-aecd-11eb-8fdc-000d3a31c437)\"}}", + "x-ms-server-latency" : "0", + "strict-transport-security" : "max-age=31536000; includeSubDomains" + }, + "Exception" : null + } ], + "variables" : [ ] +} \ No newline at end of file diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlAsyncClientTest.deleteRoleAssignment[1].json b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlAsyncClientTest.deleteRoleAssignment[1].json new file mode 100644 index 000000000000..ccc9002ab50d --- /dev/null +++ b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlAsyncClientTest.deleteRoleAssignment[1].json @@ -0,0 +1,75 @@ +{ + "networkCallRecords" : [ { + "Method" : "GET", + "Uri" : "https://REDACTED.managedhsm.azure.net///providers/Microsoft.Authorization/roleDefinitions?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" + }, + "Response" : { + "content-length" : "6944", + "x-frame-options" : "SAMEORIGIN", + "x-ms-build-version" : "1.0.20210407-3-27236ed1-develop", + "retry-after" : "0", + "StatusCode" : "200", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "1", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-region" : "westus", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "ba551562-aecd-11eb-8e60-000d3a31c437", + "Body" : "{\"value\":[{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8\",\"name\":\"7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/backup/start/action\",\"Microsoft.KeyVault/managedHsm/backup/status/action\",\"Microsoft.KeyVault/managedHsm/keys/backup/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Backup\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/33413926-3206-4cdd-b39a-83574fe37a17\",\"name\":\"33413926-3206-4cdd-b39a-83574fe37a17\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/wrap/action\",\"Microsoft.KeyVault/managedHsm/keys/unwrap/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Service Encryption\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625c\",\"name\":\"21dbd100-6940-42c2-9190-5d6cb909625c\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/release/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Service Release\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/2c18b078-7c48-4d3a-af88-5a3a1b3f82b3\",\"name\":\"2c18b078-7c48-4d3a-af88-5a3a1b3f82b3\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Auditor\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/4bd23610-cdcf-4971-bdee-bdc562cc28e4\",\"name\":\"4bd23610-cdcf-4971-bdee-bdc562cc28e4\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/delete/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Policy Administrator\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625b\",\"name\":\"21dbd100-6940-42c2-9190-5d6cb909625b\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/write/action\",\"Microsoft.KeyVault/managedHsm/keys/delete\",\"Microsoft.KeyVault/managedHsm/keys/create\",\"Microsoft.KeyVault/managedHsm/keys/import/action\",\"Microsoft.KeyVault/managedHsm/keys/release/action\",\"Microsoft.KeyVault/managedHsm/keys/backup/action\",\"Microsoft.KeyVault/managedHsm/keys/restore/action\",\"Microsoft.KeyVault/managedHsm/keys/encrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/decrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/wrap/action\",\"Microsoft.KeyVault/managedHsm/keys/unwrap/action\",\"Microsoft.KeyVault/managedHsm/keys/sign/action\",\"Microsoft.KeyVault/managedHsm/keys/verify/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto User\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"name\":\"515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/delete/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/delete\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/recover/action\",\"Microsoft.KeyVault/managedHsm/keys/export/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Officer\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/a290e904-7015-4bba-90c8-60543313cdb4\",\"name\":\"a290e904-7015-4bba-90c8-60543313cdb4\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/delete/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/download/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/download/read\",\"Microsoft.KeyVault/managedHsm/securitydomain/upload/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/upload/read\",\"Microsoft.KeyVault/managedHsm/securitydomain/transferkey/read\",\"Microsoft.KeyVault/managedHsm/backup/start/action\",\"Microsoft.KeyVault/managedHsm/restore/start/action\",\"Microsoft.KeyVault/managedHsm/backup/status/action\",\"Microsoft.KeyVault/managedHsm/restore/status/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Administrator\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/91d62511-feb2-456f-80a0-5b17bbaa50ec\",\"name\":\"91d62511-feb2-456f-80a0-5b17bbaa50ec\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[],\"roleName\":\"91d62511-feb2-456f-80a0-5b17bbaa50ec\",\"type\":\"CustomRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"}]}" + }, + "Exception" : null + }, { + "Method" : "PUT", + "Uri" : "https://REDACTED.managedhsm.azure.net///providers/Microsoft.Authorization/roleAssignments/33785c35-4196-46b5-9d99-d5bcb2b9ca1d?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)", + "Content-Type" : "application/json" + }, + "Response" : { + "content-length" : "398", + "x-frame-options" : "SAMEORIGIN", + "retry-after" : "0", + "StatusCode" : "201", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "44", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-region" : "westus", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "bb07fc18-aecd-11eb-a76a-000d3a31c437", + "Body" : "{\"id\":\"/providers/Microsoft.Authorization/roleAssignments/33785c35-4196-46b5-9d99-d5bcb2b9ca1d\",\"name\":\"33785c35-4196-46b5-9d99-d5bcb2b9ca1d\",\"properties\":{\"principalId\":\"49acc88b-8f9e-4619-9856-16691db66767\",\"roleDefinitionId\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"scope\":\"/\"},\"type\":\"Microsoft.Authorization/roleAssignments\"}" + }, + "Exception" : null + }, { + "Method" : "DELETE", + "Uri" : "https://REDACTED.managedhsm.azure.net///providers/Microsoft.Authorization/roleAssignments/33785c35-4196-46b5-9d99-d5bcb2b9ca1d?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" + }, + "Response" : { + "content-length" : "398", + "x-frame-options" : "SAMEORIGIN", + "retry-after" : "0", + "StatusCode" : "200", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "55", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-region" : "westus", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "bb2853f0-aecd-11eb-a76a-000d3a31c437", + "Body" : "{\"id\":\"/providers/Microsoft.Authorization/roleAssignments/33785c35-4196-46b5-9d99-d5bcb2b9ca1d\",\"name\":\"33785c35-4196-46b5-9d99-d5bcb2b9ca1d\",\"properties\":{\"principalId\":\"49acc88b-8f9e-4619-9856-16691db66767\",\"roleDefinitionId\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"scope\":\"/\"},\"type\":\"Microsoft.Authorization/roleAssignments\"}" + }, + "Exception" : null + } ], + "variables" : [ ] +} \ No newline at end of file diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlAsyncClientTest.deleteRoleDefinition[1].json b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlAsyncClientTest.deleteRoleDefinition[1].json new file mode 100644 index 000000000000..a254f9bc9de6 --- /dev/null +++ b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlAsyncClientTest.deleteRoleDefinition[1].json @@ -0,0 +1,51 @@ +{ + "networkCallRecords" : [ { + "Method" : "PUT", + "Uri" : "https://REDACTED.managedhsm.azure.net///providers/Microsoft.Authorization/roleDefinitions/6adc4e1b-ff4f-43a7-92ad-6e4ca58d354f?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)", + "Content-Type" : "application/json" + }, + "Response" : { + "content-length" : "353", + "x-frame-options" : "SAMEORIGIN", + "retry-after" : "0", + "StatusCode" : "201", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "57", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-region" : "westus", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "663112c4-aecd-11eb-a15d-000d3a59ae40", + "Body" : "{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/6adc4e1b-ff4f-43a7-92ad-6e4ca58d354f\",\"name\":\"6adc4e1b-ff4f-43a7-92ad-6e4ca58d354f\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[],\"roleName\":\"6adc4e1b-ff4f-43a7-92ad-6e4ca58d354f\",\"type\":\"CustomRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"}" + }, + "Exception" : null + }, { + "Method" : "DELETE", + "Uri" : "https://REDACTED.managedhsm.azure.net///providers/Microsoft.Authorization/roleDefinitions/6adc4e1b-ff4f-43a7-92ad-6e4ca58d354f?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" + }, + "Response" : { + "content-length" : "353", + "x-frame-options" : "SAMEORIGIN", + "retry-after" : "0", + "StatusCode" : "200", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "44", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-region" : "westus", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "66964360-aecd-11eb-b0c9-000d3a31c437", + "Body" : "{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/6adc4e1b-ff4f-43a7-92ad-6e4ca58d354f\",\"name\":\"6adc4e1b-ff4f-43a7-92ad-6e4ca58d354f\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[],\"roleName\":\"6adc4e1b-ff4f-43a7-92ad-6e4ca58d354f\",\"type\":\"CustomRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"}" + }, + "Exception" : null + } ], + "variables" : [ ] +} \ No newline at end of file diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlAsyncClientTest.getRoleAssignment[1].json b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlAsyncClientTest.getRoleAssignment[1].json new file mode 100644 index 000000000000..731c88b4d3aa --- /dev/null +++ b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlAsyncClientTest.getRoleAssignment[1].json @@ -0,0 +1,76 @@ +{ + "networkCallRecords" : [ { + "Method" : "GET", + "Uri" : "https://REDACTED.managedhsm.azure.net///providers/Microsoft.Authorization/roleDefinitions?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" + }, + "Response" : { + "content-length" : "6944", + "x-frame-options" : "SAMEORIGIN", + "x-ms-build-version" : "1.0.20210407-3-27236ed1-develop", + "retry-after" : "0", + "StatusCode" : "200", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "1", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-region" : "westus", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "ae761f98-aecd-11eb-8e60-000d3a31c437", + "Body" : "{\"value\":[{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8\",\"name\":\"7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/backup/start/action\",\"Microsoft.KeyVault/managedHsm/backup/status/action\",\"Microsoft.KeyVault/managedHsm/keys/backup/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Backup\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/33413926-3206-4cdd-b39a-83574fe37a17\",\"name\":\"33413926-3206-4cdd-b39a-83574fe37a17\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/wrap/action\",\"Microsoft.KeyVault/managedHsm/keys/unwrap/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Service Encryption\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625c\",\"name\":\"21dbd100-6940-42c2-9190-5d6cb909625c\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/release/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Service Release\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/2c18b078-7c48-4d3a-af88-5a3a1b3f82b3\",\"name\":\"2c18b078-7c48-4d3a-af88-5a3a1b3f82b3\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Auditor\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/4bd23610-cdcf-4971-bdee-bdc562cc28e4\",\"name\":\"4bd23610-cdcf-4971-bdee-bdc562cc28e4\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/delete/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Policy Administrator\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625b\",\"name\":\"21dbd100-6940-42c2-9190-5d6cb909625b\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/write/action\",\"Microsoft.KeyVault/managedHsm/keys/delete\",\"Microsoft.KeyVault/managedHsm/keys/create\",\"Microsoft.KeyVault/managedHsm/keys/import/action\",\"Microsoft.KeyVault/managedHsm/keys/release/action\",\"Microsoft.KeyVault/managedHsm/keys/backup/action\",\"Microsoft.KeyVault/managedHsm/keys/restore/action\",\"Microsoft.KeyVault/managedHsm/keys/encrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/decrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/wrap/action\",\"Microsoft.KeyVault/managedHsm/keys/unwrap/action\",\"Microsoft.KeyVault/managedHsm/keys/sign/action\",\"Microsoft.KeyVault/managedHsm/keys/verify/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto User\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"name\":\"515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/delete/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/delete\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/recover/action\",\"Microsoft.KeyVault/managedHsm/keys/export/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Officer\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/a290e904-7015-4bba-90c8-60543313cdb4\",\"name\":\"a290e904-7015-4bba-90c8-60543313cdb4\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/delete/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/download/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/download/read\",\"Microsoft.KeyVault/managedHsm/securitydomain/upload/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/upload/read\",\"Microsoft.KeyVault/managedHsm/securitydomain/transferkey/read\",\"Microsoft.KeyVault/managedHsm/backup/start/action\",\"Microsoft.KeyVault/managedHsm/restore/start/action\",\"Microsoft.KeyVault/managedHsm/backup/status/action\",\"Microsoft.KeyVault/managedHsm/restore/status/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Administrator\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/91d62511-feb2-456f-80a0-5b17bbaa50ec\",\"name\":\"91d62511-feb2-456f-80a0-5b17bbaa50ec\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[],\"roleName\":\"91d62511-feb2-456f-80a0-5b17bbaa50ec\",\"type\":\"CustomRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"}]}" + }, + "Exception" : null + }, { + "Method" : "PUT", + "Uri" : "https://REDACTED.managedhsm.azure.net///providers/Microsoft.Authorization/roleAssignments/658d6c14-98c2-4a53-a523-be8609eb7f8b?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)", + "Content-Type" : "application/json" + }, + "Response" : { + "content-length" : "398", + "x-frame-options" : "SAMEORIGIN", + "retry-after" : "0", + "StatusCode" : "201", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "51", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-region" : "westus", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "b0ff365a-aecd-11eb-8eeb-000d3a31c437", + "Body" : "{\"id\":\"/providers/Microsoft.Authorization/roleAssignments/658d6c14-98c2-4a53-a523-be8609eb7f8b\",\"name\":\"658d6c14-98c2-4a53-a523-be8609eb7f8b\",\"properties\":{\"principalId\":\"49acc88b-8f9e-4619-9856-16691db66767\",\"roleDefinitionId\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"scope\":\"/\"},\"type\":\"Microsoft.Authorization/roleAssignments\"}" + }, + "Exception" : null + }, { + "Method" : "GET", + "Uri" : "https://REDACTED.managedhsm.azure.net///providers/Microsoft.Authorization/roleAssignments/658d6c14-98c2-4a53-a523-be8609eb7f8b?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" + }, + "Response" : { + "content-length" : "398", + "x-frame-options" : "SAMEORIGIN", + "x-ms-build-version" : "1.0.20210407-3-27236ed1-develop", + "retry-after" : "0", + "StatusCode" : "200", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "1", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-region" : "westus", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "b11fe7a6-aecd-11eb-8eeb-000d3a31c437", + "Body" : "{\"id\":\"/providers/Microsoft.Authorization/roleAssignments/658d6c14-98c2-4a53-a523-be8609eb7f8b\",\"name\":\"658d6c14-98c2-4a53-a523-be8609eb7f8b\",\"properties\":{\"principalId\":\"49acc88b-8f9e-4619-9856-16691db66767\",\"roleDefinitionId\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"scope\":\"/\"},\"type\":\"Microsoft.Authorization/roleAssignments\"}" + }, + "Exception" : null + } ], + "variables" : [ ] +} \ No newline at end of file diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlAsyncClientTest.getRoleDefinition[1].json b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlAsyncClientTest.getRoleDefinition[1].json new file mode 100644 index 000000000000..793eb1cdbc13 --- /dev/null +++ b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlAsyncClientTest.getRoleDefinition[1].json @@ -0,0 +1,52 @@ +{ + "networkCallRecords" : [ { + "Method" : "PUT", + "Uri" : "https://REDACTED.managedhsm.azure.net///providers/Microsoft.Authorization/roleDefinitions/69dd1d15-b9c3-4252-be2e-e5ce7cbed1d5?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)", + "Content-Type" : "application/json" + }, + "Response" : { + "content-length" : "353", + "x-frame-options" : "SAMEORIGIN", + "retry-after" : "0", + "StatusCode" : "201", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "65", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-region" : "westus", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "5aa48ea4-aecd-11eb-a2cd-000d3a31c437", + "Body" : "{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/69dd1d15-b9c3-4252-be2e-e5ce7cbed1d5\",\"name\":\"69dd1d15-b9c3-4252-be2e-e5ce7cbed1d5\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[],\"roleName\":\"69dd1d15-b9c3-4252-be2e-e5ce7cbed1d5\",\"type\":\"CustomRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"}" + }, + "Exception" : null + }, { + "Method" : "GET", + "Uri" : "https://REDACTED.managedhsm.azure.net///providers/Microsoft.Authorization/roleDefinitions/69dd1d15-b9c3-4252-be2e-e5ce7cbed1d5?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" + }, + "Response" : { + "content-length" : "353", + "x-frame-options" : "SAMEORIGIN", + "x-ms-build-version" : "1.0.20210407-3-27236ed1-develop", + "retry-after" : "0", + "StatusCode" : "200", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "0", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-region" : "westus", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "5b09f834-aecd-11eb-b2e9-000d3a3b7b4c", + "Body" : "{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/69dd1d15-b9c3-4252-be2e-e5ce7cbed1d5\",\"name\":\"69dd1d15-b9c3-4252-be2e-e5ce7cbed1d5\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[],\"roleName\":\"69dd1d15-b9c3-4252-be2e-e5ce7cbed1d5\",\"type\":\"CustomRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"}" + }, + "Exception" : null + } ], + "variables" : [ ] +} \ No newline at end of file diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlAsyncClientTest.listRoleAssignments[1].json b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlAsyncClientTest.listRoleAssignments[1].json new file mode 100644 index 000000000000..654bb1019bae --- /dev/null +++ b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlAsyncClientTest.listRoleAssignments[1].json @@ -0,0 +1,28 @@ +{ + "networkCallRecords" : [ { + "Method" : "GET", + "Uri" : "https://REDACTED.managedhsm.azure.net///providers/Microsoft.Authorization/roleAssignments?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" + }, + "Response" : { + "content-length" : "809", + "x-frame-options" : "SAMEORIGIN", + "x-ms-build-version" : "1.0.20210407-3-27236ed1-develop", + "retry-after" : "0", + "StatusCode" : "200", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "1", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-region" : "westus", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "8cdd315a-aecd-11eb-9509-000d3a59ae40", + "Body" : "{\"value\":[{\"id\":\"/providers/Microsoft.Authorization/roleAssignments/d11629b0-e3d5-4fe7-01e3-a87029e0ca39\",\"name\":\"d11629b0-e3d5-4fe7-01e3-a87029e0ca39\",\"properties\":{\"principalId\":\"f84ae8f9-c979-4750-a2fe-b350a00bebff\",\"roleDefinitionId\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/a290e904-7015-4bba-90c8-60543313cdb4\",\"scope\":\"/\"},\"type\":\"Microsoft.Authorization/roleAssignments\"},{\"id\":\"/providers/Microsoft.Authorization/roleAssignments/1ee3281c-3854-46f8-b75a-ecda480081dc\",\"name\":\"1ee3281c-3854-46f8-b75a-ecda480081dc\",\"properties\":{\"principalId\":\"e2a5509f-bad0-4a8c-863d-48942ecf3344\",\"roleDefinitionId\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/a290e904-7015-4bba-90c8-60543313cdb4\",\"scope\":\"/\"},\"type\":\"Microsoft.Authorization/roleAssignments\"}]}" + }, + "Exception" : null + } ], + "variables" : [ ] +} \ No newline at end of file diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlAsyncClientTest.listRoleDefinitions[1].json b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlAsyncClientTest.listRoleDefinitions[1].json new file mode 100644 index 000000000000..6e0242fa41c6 --- /dev/null +++ b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlAsyncClientTest.listRoleDefinitions[1].json @@ -0,0 +1,28 @@ +{ + "networkCallRecords" : [ { + "Method" : "GET", + "Uri" : "https://REDACTED.managedhsm.azure.net///providers/Microsoft.Authorization/roleDefinitions?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" + }, + "Response" : { + "content-length" : "6590", + "x-frame-options" : "SAMEORIGIN", + "x-ms-build-version" : "1.0.20210407-3-27236ed1-develop", + "retry-after" : "0", + "StatusCode" : "200", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "1", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-region" : "westus", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "3be0a3a4-aecd-11eb-8fdc-000d3a31c437", + "Body" : "{\"value\":[{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8\",\"name\":\"7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/backup/start/action\",\"Microsoft.KeyVault/managedHsm/backup/status/action\",\"Microsoft.KeyVault/managedHsm/keys/backup/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Backup\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/33413926-3206-4cdd-b39a-83574fe37a17\",\"name\":\"33413926-3206-4cdd-b39a-83574fe37a17\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/wrap/action\",\"Microsoft.KeyVault/managedHsm/keys/unwrap/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Service Encryption\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625c\",\"name\":\"21dbd100-6940-42c2-9190-5d6cb909625c\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/release/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Service Release\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/2c18b078-7c48-4d3a-af88-5a3a1b3f82b3\",\"name\":\"2c18b078-7c48-4d3a-af88-5a3a1b3f82b3\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Auditor\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/4bd23610-cdcf-4971-bdee-bdc562cc28e4\",\"name\":\"4bd23610-cdcf-4971-bdee-bdc562cc28e4\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/delete/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Policy Administrator\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625b\",\"name\":\"21dbd100-6940-42c2-9190-5d6cb909625b\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/write/action\",\"Microsoft.KeyVault/managedHsm/keys/delete\",\"Microsoft.KeyVault/managedHsm/keys/create\",\"Microsoft.KeyVault/managedHsm/keys/import/action\",\"Microsoft.KeyVault/managedHsm/keys/release/action\",\"Microsoft.KeyVault/managedHsm/keys/backup/action\",\"Microsoft.KeyVault/managedHsm/keys/restore/action\",\"Microsoft.KeyVault/managedHsm/keys/encrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/decrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/wrap/action\",\"Microsoft.KeyVault/managedHsm/keys/unwrap/action\",\"Microsoft.KeyVault/managedHsm/keys/sign/action\",\"Microsoft.KeyVault/managedHsm/keys/verify/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto User\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"name\":\"515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/delete/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/delete\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/recover/action\",\"Microsoft.KeyVault/managedHsm/keys/export/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Officer\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/a290e904-7015-4bba-90c8-60543313cdb4\",\"name\":\"a290e904-7015-4bba-90c8-60543313cdb4\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/delete/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/download/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/download/read\",\"Microsoft.KeyVault/managedHsm/securitydomain/upload/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/upload/read\",\"Microsoft.KeyVault/managedHsm/securitydomain/transferkey/read\",\"Microsoft.KeyVault/managedHsm/backup/start/action\",\"Microsoft.KeyVault/managedHsm/restore/start/action\",\"Microsoft.KeyVault/managedHsm/backup/status/action\",\"Microsoft.KeyVault/managedHsm/restore/status/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Administrator\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"}]}" + }, + "Exception" : null + } ], + "variables" : [ ] +} \ No newline at end of file diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlAsyncClientTest.setRoleDefinition[1].json b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlAsyncClientTest.setRoleDefinition[1].json new file mode 100644 index 000000000000..1aabf210ab7e --- /dev/null +++ b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlAsyncClientTest.setRoleDefinition[1].json @@ -0,0 +1,28 @@ +{ + "networkCallRecords" : [ { + "Method" : "PUT", + "Uri" : "https://REDACTED.managedhsm.azure.net///providers/Microsoft.Authorization/roleDefinitions/91d62511-feb2-456f-80a0-5b17bbaa50ec?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)", + "Content-Type" : "application/json" + }, + "Response" : { + "content-length" : "353", + "x-frame-options" : "SAMEORIGIN", + "retry-after" : "0", + "StatusCode" : "201", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "110", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-region" : "westus", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "4f3fccf4-aecd-11eb-9c19-000d3a3b7b4c", + "Body" : "{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/91d62511-feb2-456f-80a0-5b17bbaa50ec\",\"name\":\"91d62511-feb2-456f-80a0-5b17bbaa50ec\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[],\"roleName\":\"91d62511-feb2-456f-80a0-5b17bbaa50ec\",\"type\":\"CustomRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"}" + }, + "Exception" : null + } ], + "variables" : [ ] +} \ No newline at end of file diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlClientTest.createExistingRoleAssignmentThrows[1].json b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlClientTest.createExistingRoleAssignmentThrows[1].json new file mode 100644 index 000000000000..cdc9356b556a --- /dev/null +++ b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlClientTest.createExistingRoleAssignmentThrows[1].json @@ -0,0 +1,74 @@ +{ + "networkCallRecords" : [ { + "Method" : "GET", + "Uri" : "https://REDACTED.managedhsm.azure.net///providers/Microsoft.Authorization/roleDefinitions?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" + }, + "Response" : { + "content-length" : "6590", + "x-frame-options" : "SAMEORIGIN", + "x-ms-build-version" : "1.0.20210407-3-27236ed1-develop", + "retry-after" : "0", + "StatusCode" : "200", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "1", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-region" : "westus", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "52f82de2-aec2-11eb-8fdc-000d3a31c437", + "Body" : "{\"value\":[{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8\",\"name\":\"7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/backup/start/action\",\"Microsoft.KeyVault/managedHsm/backup/status/action\",\"Microsoft.KeyVault/managedHsm/keys/backup/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Backup\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/33413926-3206-4cdd-b39a-83574fe37a17\",\"name\":\"33413926-3206-4cdd-b39a-83574fe37a17\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/wrap/action\",\"Microsoft.KeyVault/managedHsm/keys/unwrap/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Service Encryption\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625c\",\"name\":\"21dbd100-6940-42c2-9190-5d6cb909625c\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/release/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Service Release\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/2c18b078-7c48-4d3a-af88-5a3a1b3f82b3\",\"name\":\"2c18b078-7c48-4d3a-af88-5a3a1b3f82b3\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Auditor\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/4bd23610-cdcf-4971-bdee-bdc562cc28e4\",\"name\":\"4bd23610-cdcf-4971-bdee-bdc562cc28e4\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/delete/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Policy Administrator\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625b\",\"name\":\"21dbd100-6940-42c2-9190-5d6cb909625b\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/write/action\",\"Microsoft.KeyVault/managedHsm/keys/delete\",\"Microsoft.KeyVault/managedHsm/keys/create\",\"Microsoft.KeyVault/managedHsm/keys/import/action\",\"Microsoft.KeyVault/managedHsm/keys/release/action\",\"Microsoft.KeyVault/managedHsm/keys/backup/action\",\"Microsoft.KeyVault/managedHsm/keys/restore/action\",\"Microsoft.KeyVault/managedHsm/keys/encrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/decrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/wrap/action\",\"Microsoft.KeyVault/managedHsm/keys/unwrap/action\",\"Microsoft.KeyVault/managedHsm/keys/sign/action\",\"Microsoft.KeyVault/managedHsm/keys/verify/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto User\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"name\":\"515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/delete/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/delete\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/recover/action\",\"Microsoft.KeyVault/managedHsm/keys/export/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Officer\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/a290e904-7015-4bba-90c8-60543313cdb4\",\"name\":\"a290e904-7015-4bba-90c8-60543313cdb4\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/delete/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/download/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/download/read\",\"Microsoft.KeyVault/managedHsm/securitydomain/upload/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/upload/read\",\"Microsoft.KeyVault/managedHsm/securitydomain/transferkey/read\",\"Microsoft.KeyVault/managedHsm/backup/start/action\",\"Microsoft.KeyVault/managedHsm/restore/start/action\",\"Microsoft.KeyVault/managedHsm/backup/status/action\",\"Microsoft.KeyVault/managedHsm/restore/status/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Administrator\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"}]}" + }, + "Exception" : null + }, { + "Method" : "PUT", + "Uri" : "https://REDACTED.managedhsm.azure.net///providers/Microsoft.Authorization/roleAssignments/9412ec53-56f1-4cd8-ab3e-cbbd38253f08?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)", + "Content-Type" : "application/json" + }, + "Response" : { + "content-length" : "398", + "x-frame-options" : "SAMEORIGIN", + "retry-after" : "0", + "StatusCode" : "201", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "70", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-region" : "westus", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "535b6204-aec2-11eb-b32c-000d3a3b7b4c", + "Body" : "{\"id\":\"/providers/Microsoft.Authorization/roleAssignments/9412ec53-56f1-4cd8-ab3e-cbbd38253f08\",\"name\":\"9412ec53-56f1-4cd8-ab3e-cbbd38253f08\",\"properties\":{\"principalId\":\"49acc88b-8f9e-4619-9856-16691db66767\",\"roleDefinitionId\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"scope\":\"/\"},\"type\":\"Microsoft.Authorization/roleAssignments\"}" + }, + "Exception" : null + }, { + "Method" : "PUT", + "Uri" : "https://REDACTED.managedhsm.azure.net///providers/Microsoft.Authorization/roleAssignments/9412ec53-56f1-4cd8-ab3e-cbbd38253f08?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)", + "Content-Type" : "application/json" + }, + "Response" : { + "content-length" : "141", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "x-frame-options" : "SAMEORIGIN", + "content-type" : "application/json; charset=utf-8", + "retry-after" : "0", + "cache-control" : "no-cache", + "StatusCode" : "400", + "x-ms-request-id" : "537e9828-aec2-11eb-b32c-000d3a3b7b4c", + "Body" : "{\"error\":{\"code\":\"RoleAssignmentExists\",\"message\":\"The role assignment already exists. (Activity ID: 537e9828-aec2-11eb-b32c-000d3a3b7b4c)\"}}", + "x-ms-server-latency" : "1", + "strict-transport-security" : "max-age=31536000; includeSubDomains" + }, + "Exception" : null + } ], + "variables" : [ ] +} \ No newline at end of file diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlClientTest.createRoleAssignment[1].json b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlClientTest.createRoleAssignment[1].json new file mode 100644 index 000000000000..0e79e7fa679b --- /dev/null +++ b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlClientTest.createRoleAssignment[1].json @@ -0,0 +1,52 @@ +{ + "networkCallRecords" : [ { + "Method" : "GET", + "Uri" : "https://REDACTED.managedhsm.azure.net///providers/Microsoft.Authorization/roleDefinitions?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" + }, + "Response" : { + "content-length" : "6590", + "x-frame-options" : "SAMEORIGIN", + "x-ms-build-version" : "1.0.20210407-3-27236ed1-develop", + "retry-after" : "0", + "StatusCode" : "200", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "0", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-region" : "westus", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "13e73b66-aec2-11eb-a7d0-000d3a31c437", + "Body" : "{\"value\":[{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8\",\"name\":\"7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/backup/start/action\",\"Microsoft.KeyVault/managedHsm/backup/status/action\",\"Microsoft.KeyVault/managedHsm/keys/backup/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Backup\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/33413926-3206-4cdd-b39a-83574fe37a17\",\"name\":\"33413926-3206-4cdd-b39a-83574fe37a17\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/wrap/action\",\"Microsoft.KeyVault/managedHsm/keys/unwrap/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Service Encryption\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625c\",\"name\":\"21dbd100-6940-42c2-9190-5d6cb909625c\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/release/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Service Release\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/2c18b078-7c48-4d3a-af88-5a3a1b3f82b3\",\"name\":\"2c18b078-7c48-4d3a-af88-5a3a1b3f82b3\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Auditor\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/4bd23610-cdcf-4971-bdee-bdc562cc28e4\",\"name\":\"4bd23610-cdcf-4971-bdee-bdc562cc28e4\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/delete/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Policy Administrator\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625b\",\"name\":\"21dbd100-6940-42c2-9190-5d6cb909625b\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/write/action\",\"Microsoft.KeyVault/managedHsm/keys/delete\",\"Microsoft.KeyVault/managedHsm/keys/create\",\"Microsoft.KeyVault/managedHsm/keys/import/action\",\"Microsoft.KeyVault/managedHsm/keys/release/action\",\"Microsoft.KeyVault/managedHsm/keys/backup/action\",\"Microsoft.KeyVault/managedHsm/keys/restore/action\",\"Microsoft.KeyVault/managedHsm/keys/encrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/decrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/wrap/action\",\"Microsoft.KeyVault/managedHsm/keys/unwrap/action\",\"Microsoft.KeyVault/managedHsm/keys/sign/action\",\"Microsoft.KeyVault/managedHsm/keys/verify/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto User\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"name\":\"515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/delete/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/delete\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/recover/action\",\"Microsoft.KeyVault/managedHsm/keys/export/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Officer\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/a290e904-7015-4bba-90c8-60543313cdb4\",\"name\":\"a290e904-7015-4bba-90c8-60543313cdb4\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/delete/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/download/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/download/read\",\"Microsoft.KeyVault/managedHsm/securitydomain/upload/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/upload/read\",\"Microsoft.KeyVault/managedHsm/securitydomain/transferkey/read\",\"Microsoft.KeyVault/managedHsm/backup/start/action\",\"Microsoft.KeyVault/managedHsm/restore/start/action\",\"Microsoft.KeyVault/managedHsm/backup/status/action\",\"Microsoft.KeyVault/managedHsm/restore/status/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Administrator\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"}]}" + }, + "Exception" : null + }, { + "Method" : "PUT", + "Uri" : "https://REDACTED.managedhsm.azure.net///providers/Microsoft.Authorization/roleAssignments/d0bedeb4-7431-407d-81cd-278929c98218?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)", + "Content-Type" : "application/json" + }, + "Response" : { + "content-length" : "398", + "x-frame-options" : "SAMEORIGIN", + "retry-after" : "0", + "StatusCode" : "201", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "66", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-region" : "westus", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "144c0f46-aec2-11eb-b2e9-000d3a3b7b4c", + "Body" : "{\"id\":\"/providers/Microsoft.Authorization/roleAssignments/d0bedeb4-7431-407d-81cd-278929c98218\",\"name\":\"d0bedeb4-7431-407d-81cd-278929c98218\",\"properties\":{\"principalId\":\"49acc88b-8f9e-4619-9856-16691db66767\",\"roleDefinitionId\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"scope\":\"/\"},\"type\":\"Microsoft.Authorization/roleAssignments\"}" + }, + "Exception" : null + } ], + "variables" : [ ] +} \ No newline at end of file diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlClientTest.deleteNonExistingRoleAssignmentThrows[1].json b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlClientTest.deleteNonExistingRoleAssignmentThrows[1].json new file mode 100644 index 000000000000..c453526119d5 --- /dev/null +++ b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlClientTest.deleteNonExistingRoleAssignmentThrows[1].json @@ -0,0 +1,49 @@ +{ + "networkCallRecords" : [ { + "Method" : "GET", + "Uri" : "https://REDACTED.managedhsm.azure.net///providers/Microsoft.Authorization/roleDefinitions?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" + }, + "Response" : { + "content-length" : "6590", + "x-frame-options" : "SAMEORIGIN", + "x-ms-build-version" : "1.0.20210407-3-27236ed1-develop", + "retry-after" : "0", + "StatusCode" : "200", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "1", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-region" : "westus", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "019a2a62-aec3-11eb-97f3-000d3a59ae40", + "Body" : "{\"value\":[{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8\",\"name\":\"7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/backup/start/action\",\"Microsoft.KeyVault/managedHsm/backup/status/action\",\"Microsoft.KeyVault/managedHsm/keys/backup/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Backup\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/33413926-3206-4cdd-b39a-83574fe37a17\",\"name\":\"33413926-3206-4cdd-b39a-83574fe37a17\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/wrap/action\",\"Microsoft.KeyVault/managedHsm/keys/unwrap/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Service Encryption\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625c\",\"name\":\"21dbd100-6940-42c2-9190-5d6cb909625c\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/release/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Service Release\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/2c18b078-7c48-4d3a-af88-5a3a1b3f82b3\",\"name\":\"2c18b078-7c48-4d3a-af88-5a3a1b3f82b3\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Auditor\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/4bd23610-cdcf-4971-bdee-bdc562cc28e4\",\"name\":\"4bd23610-cdcf-4971-bdee-bdc562cc28e4\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/delete/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Policy Administrator\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625b\",\"name\":\"21dbd100-6940-42c2-9190-5d6cb909625b\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/write/action\",\"Microsoft.KeyVault/managedHsm/keys/delete\",\"Microsoft.KeyVault/managedHsm/keys/create\",\"Microsoft.KeyVault/managedHsm/keys/import/action\",\"Microsoft.KeyVault/managedHsm/keys/release/action\",\"Microsoft.KeyVault/managedHsm/keys/backup/action\",\"Microsoft.KeyVault/managedHsm/keys/restore/action\",\"Microsoft.KeyVault/managedHsm/keys/encrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/decrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/wrap/action\",\"Microsoft.KeyVault/managedHsm/keys/unwrap/action\",\"Microsoft.KeyVault/managedHsm/keys/sign/action\",\"Microsoft.KeyVault/managedHsm/keys/verify/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto User\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"name\":\"515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/delete/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/delete\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/recover/action\",\"Microsoft.KeyVault/managedHsm/keys/export/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Officer\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/a290e904-7015-4bba-90c8-60543313cdb4\",\"name\":\"a290e904-7015-4bba-90c8-60543313cdb4\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/delete/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/download/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/download/read\",\"Microsoft.KeyVault/managedHsm/securitydomain/upload/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/upload/read\",\"Microsoft.KeyVault/managedHsm/securitydomain/transferkey/read\",\"Microsoft.KeyVault/managedHsm/backup/start/action\",\"Microsoft.KeyVault/managedHsm/restore/start/action\",\"Microsoft.KeyVault/managedHsm/backup/status/action\",\"Microsoft.KeyVault/managedHsm/restore/status/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Administrator\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"}]}" + }, + "Exception" : null + }, { + "Method" : "DELETE", + "Uri" : "https://REDACTED.managedhsm.azure.net///providers/Microsoft.Authorization/roleAssignments/ee830d79-e3dc-4ac5-8581-b6f650aa7831?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" + }, + "Response" : { + "content-length" : "143", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "x-frame-options" : "SAMEORIGIN", + "content-type" : "application/json; charset=utf-8", + "retry-after" : "0", + "cache-control" : "no-cache", + "StatusCode" : "404", + "x-ms-request-id" : "01f9a85c-aec3-11eb-a430-000d3a59ae40", + "Body" : "{\"error\":{\"code\":\"RoleAssignmentNotFound\",\"message\":\"Requested role assignment not found (Activity ID: 01f9a85c-aec3-11eb-a430-000d3a59ae40)\"}}", + "x-ms-server-latency" : "0", + "strict-transport-security" : "max-age=31536000; includeSubDomains" + }, + "Exception" : null + } ], + "variables" : [ ] +} \ No newline at end of file diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlClientTest.deleteNonExistingRoleDefinitionThrows[1].json b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlClientTest.deleteNonExistingRoleDefinitionThrows[1].json new file mode 100644 index 000000000000..f2363a981514 --- /dev/null +++ b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlClientTest.deleteNonExistingRoleDefinitionThrows[1].json @@ -0,0 +1,25 @@ +{ + "networkCallRecords" : [ { + "Method" : "DELETE", + "Uri" : "https://REDACTED.managedhsm.azure.net///providers/Microsoft.Authorization/roleDefinitions/475ed505-5835-48ce-b257-cdb8fa153e67?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" + }, + "Response" : { + "content-length" : "143", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "x-frame-options" : "SAMEORIGIN", + "content-type" : "application/json; charset=utf-8", + "retry-after" : "0", + "cache-control" : "no-cache", + "StatusCode" : "404", + "x-ms-request-id" : "ae14f644-aec0-11eb-b929-000d3a31c437", + "Body" : "{\"error\":{\"code\":\"RoleDefinitionNotFound\",\"message\":\"Requested role definition not found (Activity ID: ae14f644-aec0-11eb-b929-000d3a31c437)\"}}", + "x-ms-server-latency" : "0", + "strict-transport-security" : "max-age=31536000; includeSubDomains" + }, + "Exception" : null + } ], + "variables" : [ ] +} \ No newline at end of file diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlClientTest.deleteRoleAssignment[1].json b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlClientTest.deleteRoleAssignment[1].json new file mode 100644 index 000000000000..3f5f2a585853 --- /dev/null +++ b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlClientTest.deleteRoleAssignment[1].json @@ -0,0 +1,75 @@ +{ + "networkCallRecords" : [ { + "Method" : "GET", + "Uri" : "https://REDACTED.managedhsm.azure.net///providers/Microsoft.Authorization/roleDefinitions?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" + }, + "Response" : { + "content-length" : "6590", + "x-frame-options" : "SAMEORIGIN", + "x-ms-build-version" : "1.0.20210407-3-27236ed1-develop", + "retry-after" : "0", + "StatusCode" : "200", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "1", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-region" : "westus", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "ed28fd4c-aec2-11eb-9023-000d3a59ae40", + "Body" : "{\"value\":[{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8\",\"name\":\"7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/backup/start/action\",\"Microsoft.KeyVault/managedHsm/backup/status/action\",\"Microsoft.KeyVault/managedHsm/keys/backup/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Backup\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/33413926-3206-4cdd-b39a-83574fe37a17\",\"name\":\"33413926-3206-4cdd-b39a-83574fe37a17\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/wrap/action\",\"Microsoft.KeyVault/managedHsm/keys/unwrap/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Service Encryption\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625c\",\"name\":\"21dbd100-6940-42c2-9190-5d6cb909625c\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/release/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Service Release\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/2c18b078-7c48-4d3a-af88-5a3a1b3f82b3\",\"name\":\"2c18b078-7c48-4d3a-af88-5a3a1b3f82b3\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Auditor\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/4bd23610-cdcf-4971-bdee-bdc562cc28e4\",\"name\":\"4bd23610-cdcf-4971-bdee-bdc562cc28e4\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/delete/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Policy Administrator\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625b\",\"name\":\"21dbd100-6940-42c2-9190-5d6cb909625b\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/write/action\",\"Microsoft.KeyVault/managedHsm/keys/delete\",\"Microsoft.KeyVault/managedHsm/keys/create\",\"Microsoft.KeyVault/managedHsm/keys/import/action\",\"Microsoft.KeyVault/managedHsm/keys/release/action\",\"Microsoft.KeyVault/managedHsm/keys/backup/action\",\"Microsoft.KeyVault/managedHsm/keys/restore/action\",\"Microsoft.KeyVault/managedHsm/keys/encrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/decrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/wrap/action\",\"Microsoft.KeyVault/managedHsm/keys/unwrap/action\",\"Microsoft.KeyVault/managedHsm/keys/sign/action\",\"Microsoft.KeyVault/managedHsm/keys/verify/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto User\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"name\":\"515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/delete/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/delete\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/recover/action\",\"Microsoft.KeyVault/managedHsm/keys/export/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Officer\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/a290e904-7015-4bba-90c8-60543313cdb4\",\"name\":\"a290e904-7015-4bba-90c8-60543313cdb4\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/delete/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/download/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/download/read\",\"Microsoft.KeyVault/managedHsm/securitydomain/upload/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/upload/read\",\"Microsoft.KeyVault/managedHsm/securitydomain/transferkey/read\",\"Microsoft.KeyVault/managedHsm/backup/start/action\",\"Microsoft.KeyVault/managedHsm/restore/start/action\",\"Microsoft.KeyVault/managedHsm/backup/status/action\",\"Microsoft.KeyVault/managedHsm/restore/status/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Administrator\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"}]}" + }, + "Exception" : null + }, { + "Method" : "PUT", + "Uri" : "https://REDACTED.managedhsm.azure.net///providers/Microsoft.Authorization/roleAssignments/33785c35-4196-46b5-9d99-d5bcb2b9ca1d?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)", + "Content-Type" : "application/json" + }, + "Response" : { + "content-length" : "398", + "x-frame-options" : "SAMEORIGIN", + "retry-after" : "0", + "StatusCode" : "201", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "104", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-region" : "westus", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "ed8e264a-aec2-11eb-9ab0-000d3a59ae40", + "Body" : "{\"id\":\"/providers/Microsoft.Authorization/roleAssignments/33785c35-4196-46b5-9d99-d5bcb2b9ca1d\",\"name\":\"33785c35-4196-46b5-9d99-d5bcb2b9ca1d\",\"properties\":{\"principalId\":\"49acc88b-8f9e-4619-9856-16691db66767\",\"roleDefinitionId\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"scope\":\"/\"},\"type\":\"Microsoft.Authorization/roleAssignments\"}" + }, + "Exception" : null + }, { + "Method" : "DELETE", + "Uri" : "https://REDACTED.managedhsm.azure.net///providers/Microsoft.Authorization/roleAssignments/33785c35-4196-46b5-9d99-d5bcb2b9ca1d?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" + }, + "Response" : { + "content-length" : "398", + "x-frame-options" : "SAMEORIGIN", + "retry-after" : "0", + "StatusCode" : "200", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "42", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-region" : "westus", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "edb6454e-aec2-11eb-9ab0-000d3a59ae40", + "Body" : "{\"id\":\"/providers/Microsoft.Authorization/roleAssignments/33785c35-4196-46b5-9d99-d5bcb2b9ca1d\",\"name\":\"33785c35-4196-46b5-9d99-d5bcb2b9ca1d\",\"properties\":{\"principalId\":\"49acc88b-8f9e-4619-9856-16691db66767\",\"roleDefinitionId\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"scope\":\"/\"},\"type\":\"Microsoft.Authorization/roleAssignments\"}" + }, + "Exception" : null + } ], + "variables" : [ ] +} \ No newline at end of file diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlClientTest.deleteRoleDefinition[1].json b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlClientTest.deleteRoleDefinition[1].json new file mode 100644 index 000000000000..084fbe37e91a --- /dev/null +++ b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlClientTest.deleteRoleDefinition[1].json @@ -0,0 +1,51 @@ +{ + "networkCallRecords" : [ { + "Method" : "PUT", + "Uri" : "https://REDACTED.managedhsm.azure.net///providers/Microsoft.Authorization/roleDefinitions/6adc4e1b-ff4f-43a7-92ad-6e4ca58d354f?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)", + "Content-Type" : "application/json" + }, + "Response" : { + "content-length" : "353", + "x-frame-options" : "SAMEORIGIN", + "retry-after" : "0", + "StatusCode" : "201", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "69", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-region" : "westus", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "70bfd8ae-aec0-11eb-9c19-000d3a3b7b4c", + "Body" : "{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/6adc4e1b-ff4f-43a7-92ad-6e4ca58d354f\",\"name\":\"6adc4e1b-ff4f-43a7-92ad-6e4ca58d354f\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[],\"roleName\":\"6adc4e1b-ff4f-43a7-92ad-6e4ca58d354f\",\"type\":\"CustomRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"}" + }, + "Exception" : null + }, { + "Method" : "DELETE", + "Uri" : "https://REDACTED.managedhsm.azure.net///providers/Microsoft.Authorization/roleDefinitions/6adc4e1b-ff4f-43a7-92ad-6e4ca58d354f?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" + }, + "Response" : { + "content-length" : "353", + "x-frame-options" : "SAMEORIGIN", + "retry-after" : "0", + "StatusCode" : "200", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "41", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-region" : "westus", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "713eadf0-aec0-11eb-a750-000d3a59ae40", + "Body" : "{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/6adc4e1b-ff4f-43a7-92ad-6e4ca58d354f\",\"name\":\"6adc4e1b-ff4f-43a7-92ad-6e4ca58d354f\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[],\"roleName\":\"6adc4e1b-ff4f-43a7-92ad-6e4ca58d354f\",\"type\":\"CustomRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"}" + }, + "Exception" : null + } ], + "variables" : [ ] +} \ No newline at end of file diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlClientTest.getRoleAssignment[1].json b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlClientTest.getRoleAssignment[1].json new file mode 100644 index 000000000000..bb5621b4c17c --- /dev/null +++ b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlClientTest.getRoleAssignment[1].json @@ -0,0 +1,76 @@ +{ + "networkCallRecords" : [ { + "Method" : "GET", + "Uri" : "https://REDACTED.managedhsm.azure.net///providers/Microsoft.Authorization/roleDefinitions?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" + }, + "Response" : { + "content-length" : "6590", + "x-frame-options" : "SAMEORIGIN", + "x-ms-build-version" : "1.0.20210407-3-27236ed1-develop", + "retry-after" : "0", + "StatusCode" : "200", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "0", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-region" : "westus", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "dbd30d12-aec2-11eb-9509-000d3a59ae40", + "Body" : "{\"value\":[{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8\",\"name\":\"7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/backup/start/action\",\"Microsoft.KeyVault/managedHsm/backup/status/action\",\"Microsoft.KeyVault/managedHsm/keys/backup/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Backup\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/33413926-3206-4cdd-b39a-83574fe37a17\",\"name\":\"33413926-3206-4cdd-b39a-83574fe37a17\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/wrap/action\",\"Microsoft.KeyVault/managedHsm/keys/unwrap/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Service Encryption\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625c\",\"name\":\"21dbd100-6940-42c2-9190-5d6cb909625c\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/release/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Service Release\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/2c18b078-7c48-4d3a-af88-5a3a1b3f82b3\",\"name\":\"2c18b078-7c48-4d3a-af88-5a3a1b3f82b3\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Auditor\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/4bd23610-cdcf-4971-bdee-bdc562cc28e4\",\"name\":\"4bd23610-cdcf-4971-bdee-bdc562cc28e4\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/delete/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Policy Administrator\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625b\",\"name\":\"21dbd100-6940-42c2-9190-5d6cb909625b\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/write/action\",\"Microsoft.KeyVault/managedHsm/keys/delete\",\"Microsoft.KeyVault/managedHsm/keys/create\",\"Microsoft.KeyVault/managedHsm/keys/import/action\",\"Microsoft.KeyVault/managedHsm/keys/release/action\",\"Microsoft.KeyVault/managedHsm/keys/backup/action\",\"Microsoft.KeyVault/managedHsm/keys/restore/action\",\"Microsoft.KeyVault/managedHsm/keys/encrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/decrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/wrap/action\",\"Microsoft.KeyVault/managedHsm/keys/unwrap/action\",\"Microsoft.KeyVault/managedHsm/keys/sign/action\",\"Microsoft.KeyVault/managedHsm/keys/verify/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto User\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"name\":\"515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/delete/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/delete\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/recover/action\",\"Microsoft.KeyVault/managedHsm/keys/export/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Officer\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/a290e904-7015-4bba-90c8-60543313cdb4\",\"name\":\"a290e904-7015-4bba-90c8-60543313cdb4\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/delete/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/download/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/download/read\",\"Microsoft.KeyVault/managedHsm/securitydomain/upload/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/upload/read\",\"Microsoft.KeyVault/managedHsm/securitydomain/transferkey/read\",\"Microsoft.KeyVault/managedHsm/backup/start/action\",\"Microsoft.KeyVault/managedHsm/restore/start/action\",\"Microsoft.KeyVault/managedHsm/backup/status/action\",\"Microsoft.KeyVault/managedHsm/restore/status/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Administrator\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"}]}" + }, + "Exception" : null + }, { + "Method" : "PUT", + "Uri" : "https://REDACTED.managedhsm.azure.net///providers/Microsoft.Authorization/roleAssignments/658d6c14-98c2-4a53-a523-be8609eb7f8b?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)", + "Content-Type" : "application/json" + }, + "Response" : { + "content-length" : "398", + "x-frame-options" : "SAMEORIGIN", + "retry-after" : "0", + "StatusCode" : "201", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "99", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-region" : "westus", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "dc35d4c4-aec2-11eb-996c-000d3a31c437", + "Body" : "{\"id\":\"/providers/Microsoft.Authorization/roleAssignments/658d6c14-98c2-4a53-a523-be8609eb7f8b\",\"name\":\"658d6c14-98c2-4a53-a523-be8609eb7f8b\",\"properties\":{\"principalId\":\"49acc88b-8f9e-4619-9856-16691db66767\",\"roleDefinitionId\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"scope\":\"/\"},\"type\":\"Microsoft.Authorization/roleAssignments\"}" + }, + "Exception" : null + }, { + "Method" : "GET", + "Uri" : "https://REDACTED.managedhsm.azure.net///providers/Microsoft.Authorization/roleAssignments/658d6c14-98c2-4a53-a523-be8609eb7f8b?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" + }, + "Response" : { + "content-length" : "398", + "x-frame-options" : "SAMEORIGIN", + "x-ms-build-version" : "1.0.20210407-3-27236ed1-develop", + "retry-after" : "0", + "StatusCode" : "200", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "1", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-region" : "westus", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "dc5d4130-aec2-11eb-996c-000d3a31c437", + "Body" : "{\"id\":\"/providers/Microsoft.Authorization/roleAssignments/658d6c14-98c2-4a53-a523-be8609eb7f8b\",\"name\":\"658d6c14-98c2-4a53-a523-be8609eb7f8b\",\"properties\":{\"principalId\":\"49acc88b-8f9e-4619-9856-16691db66767\",\"roleDefinitionId\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"scope\":\"/\"},\"type\":\"Microsoft.Authorization/roleAssignments\"}" + }, + "Exception" : null + } ], + "variables" : [ ] +} \ No newline at end of file diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlClientTest.getRoleDefinition[1].json b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlClientTest.getRoleDefinition[1].json new file mode 100644 index 000000000000..6f43f112d7af --- /dev/null +++ b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlClientTest.getRoleDefinition[1].json @@ -0,0 +1,52 @@ +{ + "networkCallRecords" : [ { + "Method" : "PUT", + "Uri" : "https://REDACTED.managedhsm.azure.net///providers/Microsoft.Authorization/roleDefinitions/69dd1d15-b9c3-4252-be2e-e5ce7cbed1d5?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)", + "Content-Type" : "application/json" + }, + "Response" : { + "content-length" : "353", + "x-frame-options" : "SAMEORIGIN", + "retry-after" : "0", + "StatusCode" : "201", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "73", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-region" : "westus", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "4d80ab84-aec0-11eb-8fdc-000d3a31c437", + "Body" : "{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/69dd1d15-b9c3-4252-be2e-e5ce7cbed1d5\",\"name\":\"69dd1d15-b9c3-4252-be2e-e5ce7cbed1d5\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[],\"roleName\":\"69dd1d15-b9c3-4252-be2e-e5ce7cbed1d5\",\"type\":\"CustomRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"}" + }, + "Exception" : null + }, { + "Method" : "GET", + "Uri" : "https://REDACTED.managedhsm.azure.net///providers/Microsoft.Authorization/roleDefinitions/69dd1d15-b9c3-4252-be2e-e5ce7cbed1d5?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" + }, + "Response" : { + "content-length" : "353", + "x-frame-options" : "SAMEORIGIN", + "x-ms-build-version" : "1.0.20210407-3-27236ed1-develop", + "retry-after" : "0", + "StatusCode" : "200", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "1", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-region" : "westus", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "4de71d56-aec0-11eb-a9c6-000d3a31c437", + "Body" : "{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/69dd1d15-b9c3-4252-be2e-e5ce7cbed1d5\",\"name\":\"69dd1d15-b9c3-4252-be2e-e5ce7cbed1d5\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[],\"roleName\":\"69dd1d15-b9c3-4252-be2e-e5ce7cbed1d5\",\"type\":\"CustomRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"}" + }, + "Exception" : null + } ], + "variables" : [ ] +} \ No newline at end of file diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlClientTest.listRoleAssignments[1].json b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlClientTest.listRoleAssignments[1].json new file mode 100644 index 000000000000..7c265b47074b --- /dev/null +++ b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlClientTest.listRoleAssignments[1].json @@ -0,0 +1,52 @@ +{ + "networkCallRecords" : [ { + "Method" : "GET", + "Uri" : "https://REDACTED.managedhsm.azure.net///providers/Microsoft.Authorization/roleAssignments?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" + }, + "Response" : { + "content-length" : "809", + "x-frame-options" : "SAMEORIGIN", + "x-ms-build-version" : "1.0.20210407-3-27236ed1-develop", + "retry-after" : "0", + "StatusCode" : "200", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "1", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-region" : "westus", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "52123acc-aec1-11eb-8e60-000d3a31c437", + "Body" : "{\"value\":[{\"id\":\"/providers/Microsoft.Authorization/roleAssignments/d11629b0-e3d5-4fe7-01e3-a87029e0ca39\",\"name\":\"d11629b0-e3d5-4fe7-01e3-a87029e0ca39\",\"properties\":{\"principalId\":\"f84ae8f9-c979-4750-a2fe-b350a00bebff\",\"roleDefinitionId\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/a290e904-7015-4bba-90c8-60543313cdb4\",\"scope\":\"/\"},\"type\":\"Microsoft.Authorization/roleAssignments\"},{\"id\":\"/providers/Microsoft.Authorization/roleAssignments/1ee3281c-3854-46f8-b75a-ecda480081dc\",\"name\":\"1ee3281c-3854-46f8-b75a-ecda480081dc\",\"properties\":{\"principalId\":\"e2a5509f-bad0-4a8c-863d-48942ecf3344\",\"roleDefinitionId\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/a290e904-7015-4bba-90c8-60543313cdb4\",\"scope\":\"/\"},\"type\":\"Microsoft.Authorization/roleAssignments\"}]}" + }, + "Exception" : null + }, { + "Method" : "GET", + "Uri" : "https://REDACTED.managedhsm.azure.net///providers/Microsoft.Authorization/roleAssignments?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" + }, + "Response" : { + "content-length" : "809", + "x-frame-options" : "SAMEORIGIN", + "x-ms-build-version" : "1.0.20210407-3-27236ed1-develop", + "retry-after" : "0", + "StatusCode" : "200", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "1", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-region" : "westus", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "526b94d2-aec1-11eb-a764-000d3a3b7b4c", + "Body" : "{\"value\":[{\"id\":\"/providers/Microsoft.Authorization/roleAssignments/d11629b0-e3d5-4fe7-01e3-a87029e0ca39\",\"name\":\"d11629b0-e3d5-4fe7-01e3-a87029e0ca39\",\"properties\":{\"principalId\":\"f84ae8f9-c979-4750-a2fe-b350a00bebff\",\"roleDefinitionId\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/a290e904-7015-4bba-90c8-60543313cdb4\",\"scope\":\"/\"},\"type\":\"Microsoft.Authorization/roleAssignments\"},{\"id\":\"/providers/Microsoft.Authorization/roleAssignments/1ee3281c-3854-46f8-b75a-ecda480081dc\",\"name\":\"1ee3281c-3854-46f8-b75a-ecda480081dc\",\"properties\":{\"principalId\":\"e2a5509f-bad0-4a8c-863d-48942ecf3344\",\"roleDefinitionId\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/a290e904-7015-4bba-90c8-60543313cdb4\",\"scope\":\"/\"},\"type\":\"Microsoft.Authorization/roleAssignments\"}]}" + }, + "Exception" : null + } ], + "variables" : [ ] +} \ No newline at end of file diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlClientTest.listRoleDefinitions[1].json b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlClientTest.listRoleDefinitions[1].json new file mode 100644 index 000000000000..e998cbe660e3 --- /dev/null +++ b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlClientTest.listRoleDefinitions[1].json @@ -0,0 +1,52 @@ +{ + "networkCallRecords" : [ { + "Method" : "GET", + "Uri" : "https://REDACTED.managedhsm.azure.net///providers/Microsoft.Authorization/roleDefinitions?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" + }, + "Response" : { + "content-length" : "6590", + "x-frame-options" : "SAMEORIGIN", + "x-ms-build-version" : "1.0.20210407-3-27236ed1-develop", + "retry-after" : "0", + "StatusCode" : "200", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "1", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-region" : "westus", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "428c4ac2-aeb5-11eb-aea6-000d3a3b7b4c", + "Body" : "{\"value\":[{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8\",\"name\":\"7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/backup/start/action\",\"Microsoft.KeyVault/managedHsm/backup/status/action\",\"Microsoft.KeyVault/managedHsm/keys/backup/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Backup\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/33413926-3206-4cdd-b39a-83574fe37a17\",\"name\":\"33413926-3206-4cdd-b39a-83574fe37a17\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/wrap/action\",\"Microsoft.KeyVault/managedHsm/keys/unwrap/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Service Encryption\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625c\",\"name\":\"21dbd100-6940-42c2-9190-5d6cb909625c\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/release/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Service Release\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/2c18b078-7c48-4d3a-af88-5a3a1b3f82b3\",\"name\":\"2c18b078-7c48-4d3a-af88-5a3a1b3f82b3\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Auditor\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/4bd23610-cdcf-4971-bdee-bdc562cc28e4\",\"name\":\"4bd23610-cdcf-4971-bdee-bdc562cc28e4\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/delete/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Policy Administrator\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625b\",\"name\":\"21dbd100-6940-42c2-9190-5d6cb909625b\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/write/action\",\"Microsoft.KeyVault/managedHsm/keys/delete\",\"Microsoft.KeyVault/managedHsm/keys/create\",\"Microsoft.KeyVault/managedHsm/keys/import/action\",\"Microsoft.KeyVault/managedHsm/keys/release/action\",\"Microsoft.KeyVault/managedHsm/keys/backup/action\",\"Microsoft.KeyVault/managedHsm/keys/restore/action\",\"Microsoft.KeyVault/managedHsm/keys/encrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/decrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/wrap/action\",\"Microsoft.KeyVault/managedHsm/keys/unwrap/action\",\"Microsoft.KeyVault/managedHsm/keys/sign/action\",\"Microsoft.KeyVault/managedHsm/keys/verify/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto User\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"name\":\"515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/delete/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/delete\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/recover/action\",\"Microsoft.KeyVault/managedHsm/keys/export/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Officer\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/a290e904-7015-4bba-90c8-60543313cdb4\",\"name\":\"a290e904-7015-4bba-90c8-60543313cdb4\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/delete/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/download/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/download/read\",\"Microsoft.KeyVault/managedHsm/securitydomain/upload/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/upload/read\",\"Microsoft.KeyVault/managedHsm/securitydomain/transferkey/read\",\"Microsoft.KeyVault/managedHsm/backup/start/action\",\"Microsoft.KeyVault/managedHsm/restore/start/action\",\"Microsoft.KeyVault/managedHsm/backup/status/action\",\"Microsoft.KeyVault/managedHsm/restore/status/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Administrator\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"}]}" + }, + "Exception" : null + }, { + "Method" : "GET", + "Uri" : "https://REDACTED.managedhsm.azure.net///providers/Microsoft.Authorization/roleDefinitions?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" + }, + "Response" : { + "content-length" : "6590", + "x-frame-options" : "SAMEORIGIN", + "x-ms-build-version" : "1.0.20210407-3-27236ed1-develop", + "retry-after" : "0", + "StatusCode" : "200", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "0", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-region" : "westus", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "42ee172a-aeb5-11eb-8f2a-000d3a3b7b4c", + "Body" : "{\"value\":[{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8\",\"name\":\"7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/backup/start/action\",\"Microsoft.KeyVault/managedHsm/backup/status/action\",\"Microsoft.KeyVault/managedHsm/keys/backup/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Backup\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/33413926-3206-4cdd-b39a-83574fe37a17\",\"name\":\"33413926-3206-4cdd-b39a-83574fe37a17\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/wrap/action\",\"Microsoft.KeyVault/managedHsm/keys/unwrap/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Service Encryption\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625c\",\"name\":\"21dbd100-6940-42c2-9190-5d6cb909625c\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/release/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Service Release\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/2c18b078-7c48-4d3a-af88-5a3a1b3f82b3\",\"name\":\"2c18b078-7c48-4d3a-af88-5a3a1b3f82b3\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Auditor\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/4bd23610-cdcf-4971-bdee-bdc562cc28e4\",\"name\":\"4bd23610-cdcf-4971-bdee-bdc562cc28e4\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/delete/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Policy Administrator\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625b\",\"name\":\"21dbd100-6940-42c2-9190-5d6cb909625b\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/write/action\",\"Microsoft.KeyVault/managedHsm/keys/delete\",\"Microsoft.KeyVault/managedHsm/keys/create\",\"Microsoft.KeyVault/managedHsm/keys/import/action\",\"Microsoft.KeyVault/managedHsm/keys/release/action\",\"Microsoft.KeyVault/managedHsm/keys/backup/action\",\"Microsoft.KeyVault/managedHsm/keys/restore/action\",\"Microsoft.KeyVault/managedHsm/keys/encrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/decrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/wrap/action\",\"Microsoft.KeyVault/managedHsm/keys/unwrap/action\",\"Microsoft.KeyVault/managedHsm/keys/sign/action\",\"Microsoft.KeyVault/managedHsm/keys/verify/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto User\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"name\":\"515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/delete/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/delete\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/recover/action\",\"Microsoft.KeyVault/managedHsm/keys/export/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Officer\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/a290e904-7015-4bba-90c8-60543313cdb4\",\"name\":\"a290e904-7015-4bba-90c8-60543313cdb4\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/delete/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/download/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/download/read\",\"Microsoft.KeyVault/managedHsm/securitydomain/upload/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/upload/read\",\"Microsoft.KeyVault/managedHsm/securitydomain/transferkey/read\",\"Microsoft.KeyVault/managedHsm/backup/start/action\",\"Microsoft.KeyVault/managedHsm/restore/start/action\",\"Microsoft.KeyVault/managedHsm/backup/status/action\",\"Microsoft.KeyVault/managedHsm/restore/status/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Administrator\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"}]}" + }, + "Exception" : null + } ], + "variables" : [ ] +} \ No newline at end of file diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlClientTest.setRoleDefinition[1].json b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlClientTest.setRoleDefinition[1].json new file mode 100644 index 000000000000..b63435593e36 --- /dev/null +++ b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlClientTest.setRoleDefinition[1].json @@ -0,0 +1,28 @@ +{ + "networkCallRecords" : [ { + "Method" : "PUT", + "Uri" : "https://REDACTED.managedhsm.azure.net///providers/Microsoft.Authorization/roleDefinitions/91d62511-feb2-456f-80a0-5b17bbaa50ec?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)", + "Content-Type" : "application/json" + }, + "Response" : { + "content-length" : "353", + "x-frame-options" : "SAMEORIGIN", + "retry-after" : "0", + "StatusCode" : "201", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "46", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-region" : "westus", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "88c49cba-aebf-11eb-8b15-000d3a31c437", + "Body" : "{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/91d62511-feb2-456f-80a0-5b17bbaa50ec\",\"name\":\"91d62511-feb2-456f-80a0-5b17bbaa50ec\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[],\"roleName\":\"91d62511-feb2-456f-80a0-5b17bbaa50ec\",\"type\":\"CustomRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"}" + }, + "Exception" : null + } ], + "variables" : [ ] +} \ No newline at end of file diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/beginBackup.json b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultBackupAsyncClientTest.beginBackup[1].json similarity index 53% rename from sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/beginBackup.json rename to sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultBackupAsyncClientTest.beginBackup[1].json index 82bf7b7f2ad8..5824625282cd 100644 --- a/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/beginBackup.json +++ b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultBackupAsyncClientTest.beginBackup[1].json @@ -1,83 +1,83 @@ { "networkCallRecords" : [ { "Method" : "POST", - "Uri" : "https://REDACTED.chriss-eu2.managedhsm-int.azure-int.net/backup?api-version=7.2-preview", + "Uri" : "https://REDACTED.managedhsm.azure.net/backup?api-version=7.2", "Headers" : { "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)", "Content-Type" : "application/json" }, "Response" : { - "date" : "Sat, 05 Sep 2020 01:44:06 GMT", + "date" : "Fri, 07 May 2021 01:51:07 GMT", "server" : "Kestrel", "content-length" : "216", "x-frame-options" : "SAMEORIGIN", "retry-after" : "0", "StatusCode" : "202", - "x-ms-server-latency" : "4663", + "x-ms-server-latency" : "4296", "strict-transport-security" : "max-age=31536000; includeSubDomains", "content-security-policy" : "default-src 'self'", "x-content-type-options" : "nosniff", - "x-ms-keyvault-region" : "EASTUS", + "x-ms-keyvault-region" : "westus", "content-type" : "application/json; charset=utf-8", - "x-ms-keyvault-network-info" : "addr=174.127.169.154", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", "cache-control" : "no-cache", - "x-ms-request-id" : "5a8f20bc-eee5-11ea-bf6e-0242ac120003", - "Body" : "{\"status\":\"InProgress\",\"statusDetails\":null,\"error\":{\"code\":null,\"message\":null,\"innererror\":null},\"startTime\":1599270244,\"endTime\":null,\"jobId\":\"bff4961da63f44e0ae9cdf6924b37243\",\"azureStorageBlobContainerUri\":null}", - "azure-asyncoperation" : "https://eastus2.chriss-eu2.managedhsm-int.azure-int.net/backup/bff4961da63f44e0ae9cdf6924b37243/pending" + "x-ms-request-id" : "ae9333d6-aed6-11eb-9ab0-000d3a59ae40", + "Body" : "{\"status\":\"InProgress\",\"statusDetails\":null,\"error\":{\"code\":null,\"message\":null,\"innererror\":null},\"startTime\":1620352268,\"endTime\":null,\"jobId\":\"8dc2fec887814b6ab5a1807277d81d05\",\"azureStorageBlobContainerUri\":null}", + "azure-asyncoperation" : "https://REDACTED.managedhsm.azure.net/backup/8dc2fec887814b6ab5a1807277d81d05/pending" }, "Exception" : null }, { "Method" : "GET", - "Uri" : "https://REDACTED.chriss-eu2.managedhsm-int.azure-int.net/backup/bff4961da63f44e0ae9cdf6924b37243/pending?api-version=7.2-preview", + "Uri" : "https://REDACTED.managedhsm.azure.net/backup/8dc2fec887814b6ab5a1807277d81d05/pending?api-version=7.2", "Headers" : { "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" }, "Response" : { - "date" : "Sat, 05 Sep 2020 01:44:07 GMT", + "date" : "Fri, 07 May 2021 01:51:10 GMT", "server" : "Kestrel", "content-length" : "216", "x-frame-options" : "SAMEORIGIN", - "x-ms-build-version" : "1.0.20200904-1-42b8eab8-develop", + "x-ms-build-version" : "1.0.20210407-3-27236ed1-develop", "retry-after" : "0", "StatusCode" : "200", "strict-transport-security" : "max-age=31536000; includeSubDomains", - "x-ms-server-latency" : "580", + "x-ms-server-latency" : "1336", "content-security-policy" : "default-src 'self'", "x-content-type-options" : "nosniff", - "x-ms-keyvault-region" : "EASTUS", + "x-ms-keyvault-region" : "westus", "content-type" : "application/json; charset=utf-8", - "x-ms-keyvault-network-info" : "addr=174.127.169.154", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", "cache-control" : "no-cache", - "x-ms-request-id" : "5a8f20bc-eee5-11ea-bf6e-0242ac120003", - "Body" : "{\"azureStorageBlobContainerUri\":null,\"endTime\":null,\"error\":{\"code\":null,\"innererror\":null,\"message\":null},\"jobId\":\"bff4961da63f44e0ae9cdf6924b37243\",\"startTime\":1599270244,\"status\":\"InProgress\",\"statusDetails\":null}" + "x-ms-request-id" : "b21a12fe-aed6-11eb-a2cd-000d3a31c437", + "Body" : "{\"azureStorageBlobContainerUri\":null,\"endTime\":null,\"error\":{\"code\":null,\"innererror\":null,\"message\":null},\"jobId\":\"8dc2fec887814b6ab5a1807277d81d05\",\"startTime\":1620352268,\"status\":\"InProgress\",\"statusDetails\":null}" }, "Exception" : null }, { "Method" : "GET", - "Uri" : "https://REDACTED.chriss-eu2.managedhsm-int.azure-int.net/backup/bff4961da63f44e0ae9cdf6924b37243/pending?api-version=7.2-preview", + "Uri" : "https://REDACTED.managedhsm.azure.net/backup/8dc2fec887814b6ab5a1807277d81d05/pending?api-version=7.2", "Headers" : { "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" }, "Response" : { - "date" : "Sat, 05 Sep 2020 01:44:19 GMT", + "date" : "Fri, 07 May 2021 01:51:15 GMT", "server" : "Kestrel", - "content-length" : "263", + "content-length" : "271", "x-frame-options" : "SAMEORIGIN", - "x-ms-build-version" : "1.0.20200904-1-42b8eab8-develop", + "x-ms-build-version" : "1.0.20210407-3-27236ed1-develop", "retry-after" : "0", "StatusCode" : "200", "strict-transport-security" : "max-age=31536000; includeSubDomains", - "x-ms-server-latency" : "461", + "x-ms-server-latency" : "1292", "content-security-policy" : "default-src 'self'", "x-content-type-options" : "nosniff", - "x-ms-keyvault-region" : "EASTUS", + "x-ms-keyvault-region" : "westus", "content-type" : "application/json; charset=utf-8", - "x-ms-keyvault-network-info" : "addr=174.127.169.154", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", "cache-control" : "no-cache", - "x-ms-request-id" : "5a8f20bc-eee5-11ea-bf6e-0242ac120003", - "Body" : "{\"azureStorageBlobContainerUri\":\"https://testaccount.blob.core.windows.net/backup/testKeyVault\",\"endTime\":1599270258,\"error\":null,\"jobId\":\"bff4961da63f44e0ae9cdf6924b37243\",\"startTime\":1599270244,\"status\":\"Succeeded\",\"statusDetails\":null}" + "x-ms-request-id" : "b528dcd2-aed6-11eb-a2cd-000d3a31c437", + "Body" : "{\"azureStorageBlobContainerUri\":\"https://testaccount.blob.core.windows.net/backup/REDACTED-2021050701510807\",\"endTime\":1620352276,\"error\":null,\"jobId\":\"8dc2fec887814b6ab5a1807277d81d05\",\"startTime\":1620352268,\"status\":\"Succeeded\",\"statusDetails\":null}" }, "Exception" : null } ], "variables" : [ ] -} +} \ No newline at end of file diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/beginRestore.json b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultBackupAsyncClientTest.beginRestore[1].json similarity index 53% rename from sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/beginRestore.json rename to sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultBackupAsyncClientTest.beginRestore[1].json index 1f6962d4d98e..77ca93d99d3c 100644 --- a/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/beginRestore.json +++ b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultBackupAsyncClientTest.beginRestore[1].json @@ -1,188 +1,188 @@ { "networkCallRecords" : [ { "Method" : "POST", - "Uri" : "https://REDACTED.chriss-eu2.managedhsm-int.azure-int.net/backup?api-version=7.2-preview", + "Uri" : "https://REDACTED.managedhsm.azure.net/backup?api-version=7.2", "Headers" : { "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)", "Content-Type" : "application/json" }, "Response" : { - "date" : "Sat, 05 Sep 2020 02:10:42 GMT", + "date" : "Fri, 07 May 2021 01:59:21 GMT", "server" : "Kestrel", "content-length" : "216", "x-frame-options" : "SAMEORIGIN", "retry-after" : "0", "StatusCode" : "202", - "x-ms-server-latency" : "956", + "x-ms-server-latency" : "1588", "strict-transport-security" : "max-age=31536000; includeSubDomains", "content-security-policy" : "default-src 'self'", "x-content-type-options" : "nosniff", - "x-ms-keyvault-region" : "EASTUS", + "x-ms-keyvault-region" : "westus", "content-type" : "application/json; charset=utf-8", - "x-ms-keyvault-network-info" : "addr=174.127.169.154", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", "cache-control" : "no-cache", - "x-ms-request-id" : "0a92d500-eeee-11ea-ad45-0242ac120005", - "Body" : "{\"status\":\"InProgress\",\"statusDetails\":null,\"error\":{\"code\":null,\"message\":null,\"innererror\":null},\"startTime\":1599271842,\"endTime\":null,\"jobId\":\"41b6e77196cb46f8a1eafe715312d672\",\"azureStorageBlobContainerUri\":null}", - "azure-asyncoperation" : "https://eastus2.chriss-eu2.managedhsm-int.azure-int.net/backup/41b6e77196cb46f8a1eafe715312d672/pending" + "x-ms-request-id" : "d64faa20-aed7-11eb-bc0f-000d3a59ae40", + "Body" : "{\"status\":\"InProgress\",\"statusDetails\":null,\"error\":{\"code\":null,\"message\":null,\"innererror\":null},\"startTime\":1620352761,\"endTime\":null,\"jobId\":\"55bb480d6c6b4fd9ae302696f35c3f5e\",\"azureStorageBlobContainerUri\":null}", + "azure-asyncoperation" : "https://REDACTED.managedhsm.azure.net/backup/55bb480d6c6b4fd9ae302696f35c3f5e/pending" }, "Exception" : null }, { "Method" : "GET", - "Uri" : "https://REDACTED.chriss-eu2.managedhsm-int.azure-int.net/backup/41b6e77196cb46f8a1eafe715312d672/pending?api-version=7.2-preview", + "Uri" : "https://REDACTED.managedhsm.azure.net/backup/55bb480d6c6b4fd9ae302696f35c3f5e/pending?api-version=7.2", "Headers" : { "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" }, "Response" : { - "date" : "Sat, 05 Sep 2020 02:10:43 GMT", + "date" : "Fri, 07 May 2021 01:59:23 GMT", "server" : "Kestrel", "content-length" : "216", "x-frame-options" : "SAMEORIGIN", - "x-ms-build-version" : "1.0.20200904-1-42b8eab8-develop", + "x-ms-build-version" : "1.0.20210407-3-27236ed1-develop", "retry-after" : "0", "StatusCode" : "200", "strict-transport-security" : "max-age=31536000; includeSubDomains", - "x-ms-server-latency" : "669", + "x-ms-server-latency" : "1502", "content-security-policy" : "default-src 'self'", "x-content-type-options" : "nosniff", - "x-ms-keyvault-region" : "EASTUS", + "x-ms-keyvault-region" : "westus", "content-type" : "application/json; charset=utf-8", - "x-ms-keyvault-network-info" : "addr=174.127.169.154", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", "cache-control" : "no-cache", - "x-ms-request-id" : "0a92d500-eeee-11ea-ad45-0242ac120005", - "Body" : "{\"azureStorageBlobContainerUri\":null,\"endTime\":null,\"error\":{\"code\":null,\"innererror\":null,\"message\":null},\"jobId\":\"41b6e77196cb46f8a1eafe715312d672\",\"startTime\":1599271842,\"status\":\"InProgress\",\"statusDetails\":null}" + "x-ms-request-id" : "d8372b6a-aed7-11eb-a15d-000d3a59ae40", + "Body" : "{\"azureStorageBlobContainerUri\":null,\"endTime\":null,\"error\":{\"code\":null,\"innererror\":null,\"message\":null},\"jobId\":\"55bb480d6c6b4fd9ae302696f35c3f5e\",\"startTime\":1620352761,\"status\":\"InProgress\",\"statusDetails\":null}" }, "Exception" : null }, { "Method" : "GET", - "Uri" : "https://REDACTED.chriss-eu2.managedhsm-int.azure-int.net/backup/41b6e77196cb46f8a1eafe715312d672/pending?api-version=7.2-preview", + "Uri" : "https://REDACTED.managedhsm.azure.net/backup/55bb480d6c6b4fd9ae302696f35c3f5e/pending?api-version=7.2", "Headers" : { "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" }, "Response" : { - "date" : "Sat, 05 Sep 2020 02:10:52 GMT", + "date" : "Fri, 07 May 2021 01:59:29 GMT", "server" : "Kestrel", - "content-length" : "263", + "content-length" : "271", "x-frame-options" : "SAMEORIGIN", - "x-ms-build-version" : "1.0.20200904-1-42b8eab8-develop", + "x-ms-build-version" : "1.0.20210407-3-27236ed1-develop", "retry-after" : "0", "StatusCode" : "200", "strict-transport-security" : "max-age=31536000; includeSubDomains", - "x-ms-server-latency" : "586", + "x-ms-server-latency" : "1296", "content-security-policy" : "default-src 'self'", "x-content-type-options" : "nosniff", - "x-ms-keyvault-region" : "EASTUS", + "x-ms-keyvault-region" : "westus", "content-type" : "application/json; charset=utf-8", - "x-ms-keyvault-network-info" : "addr=174.127.169.154", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", "cache-control" : "no-cache", - "x-ms-request-id" : "0a92d500-eeee-11ea-ad45-0242ac120005", - "Body" : "{\"azureStorageBlobContainerUri\":\"https://testaccount.blob.core.windows.net/backup/testKeyVault\",\"endTime\":1599271853,\"error\":null,\"jobId\":\"41b6e77196cb46f8a1eafe715312d672\",\"startTime\":1599271842,\"status\":\"Succeeded\",\"statusDetails\":null}" + "x-ms-request-id" : "db3806e0-aed7-11eb-a15d-000d3a59ae40", + "Body" : "{\"azureStorageBlobContainerUri\":\"https://testaccount.blob.core.windows.net/backup/REDACTED-2021050701592162\",\"endTime\":1620352769,\"error\":null,\"jobId\":\"55bb480d6c6b4fd9ae302696f35c3f5e\",\"startTime\":1620352761,\"status\":\"Succeeded\",\"statusDetails\":null}" }, "Exception" : null }, { "Method" : "PUT", - "Uri" : "https://REDACTED.chriss-eu2.managedhsm-int.azure-int.net/restore?api-version=7.2-preview", + "Uri" : "https://REDACTED.managedhsm.azure.net/restore?api-version=7.2", "Headers" : { "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)", "Content-Type" : "application/json" }, "Response" : { - "date" : "Sat, 05 Sep 2020 02:11:04 GMT", + "date" : "Fri, 07 May 2021 01:59:34 GMT", "server" : "Kestrel", "content-length" : "180", "x-frame-options" : "SAMEORIGIN", "retry-after" : "0", "StatusCode" : "202", - "x-ms-server-latency" : "722", + "x-ms-server-latency" : "4289", "strict-transport-security" : "max-age=31536000; includeSubDomains", "content-security-policy" : "default-src 'self'", "x-content-type-options" : "nosniff", - "x-ms-keyvault-region" : "EASTUS", + "x-ms-keyvault-region" : "westus", "content-type" : "application/json; charset=utf-8", - "x-ms-keyvault-network-info" : "addr=174.127.169.154", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", "cache-control" : "no-cache", - "x-ms-request-id" : "0a92d500-eeee-11ea-ad45-0242ac120005", - "Body" : "{\"endTime\":null,\"error\":{\"code\":null,\"innererror\":null,\"message\":null},\"jobId\":\"39009818fe314387916f1513179d12cd\",\"startTime\":1599271865,\"status\":\"InProgress\",\"statusDetails\":null}", - "azure-asyncoperation" : "https://eastus2.chriss-eu2.managedhsm-int.azure-int.net/restore/39009818fe314387916f1513179d12cd/pending" + "x-ms-request-id" : "dc1821d0-aed7-11eb-a15d-000d3a59ae40", + "Body" : "{\"endTime\":null,\"error\":{\"code\":null,\"innererror\":null,\"message\":null},\"jobId\":\"a5ebd32dce1b44308029a0711bd6d5ea\",\"startTime\":1620352771,\"status\":\"InProgress\",\"statusDetails\":null}", + "azure-asyncoperation" : "https://REDACTED.managedhsm.azure.net/restore/a5ebd32dce1b44308029a0711bd6d5ea/pending" }, "Exception" : null }, { "Method" : "GET", - "Uri" : "https://REDACTED.chriss-eu2.managedhsm-int.azure-int.net/restore/39009818fe314387916f1513179d12cd/pending?api-version=7.2-preview", + "Uri" : "https://REDACTED.managedhsm.azure.net/restore/a5ebd32dce1b44308029a0711bd6d5ea/pending?api-version=7.2", "Headers" : { "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" }, "Response" : { - "date" : "Sat, 05 Sep 2020 02:11:06 GMT", + "date" : "Fri, 07 May 2021 01:59:47 GMT", "server" : "Kestrel", "content-length" : "180", "x-frame-options" : "SAMEORIGIN", - "x-ms-build-version" : "1.0.20200904-1-42b8eab8-develop", + "x-ms-build-version" : "1.0.20210407-3-27236ed1-develop", "retry-after" : "0", "StatusCode" : "200", "strict-transport-security" : "max-age=31536000; includeSubDomains", - "x-ms-server-latency" : "600", + "x-ms-server-latency" : "1211", "content-security-policy" : "default-src 'self'", "x-content-type-options" : "nosniff", - "x-ms-keyvault-region" : "EASTUS", + "x-ms-keyvault-region" : "westus", "content-type" : "application/json; charset=utf-8", - "x-ms-keyvault-network-info" : "addr=174.127.169.154", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", "cache-control" : "no-cache", - "x-ms-request-id" : "0a92d500-eeee-11ea-ad45-0242ac120005", - "Body" : "{\"endTime\":null,\"error\":{\"code\":null,\"innererror\":null,\"message\":null},\"jobId\":\"39009818fe314387916f1513179d12cd\",\"startTime\":1599271865,\"status\":\"InProgress\",\"statusDetails\":null}" + "x-ms-request-id" : "e6ab9bae-aed7-11eb-a15d-000d3a59ae40", + "Body" : "{\"endTime\":null,\"error\":{\"code\":null,\"innererror\":null,\"message\":null},\"jobId\":\"a5ebd32dce1b44308029a0711bd6d5ea\",\"startTime\":1620352771,\"status\":\"InProgress\",\"statusDetails\":null}" }, "Exception" : null }, { "Method" : "GET", - "Uri" : "https://REDACTED.chriss-eu2.managedhsm-int.azure-int.net/restore/39009818fe314387916f1513179d12cd/pending?api-version=7.2-preview", + "Uri" : "https://REDACTED.managedhsm.azure.net/restore/a5ebd32dce1b44308029a0711bd6d5ea/pending?api-version=7.2", "Headers" : { "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" }, "Response" : { - "date" : "Sat, 05 Sep 2020 02:11:23 GMT", + "date" : "Fri, 07 May 2021 01:59:50 GMT", "server" : "Kestrel", "content-length" : "143", "x-frame-options" : "SAMEORIGIN", - "x-ms-build-version" : "1.0.20200904-1-42b8eab8-develop", + "x-ms-build-version" : "1.0.20210407-3-27236ed1-develop", "retry-after" : "0", "StatusCode" : "200", "strict-transport-security" : "max-age=31536000; includeSubDomains", - "x-ms-server-latency" : "558", + "x-ms-server-latency" : "1214", "content-security-policy" : "default-src 'self'", "x-content-type-options" : "nosniff", - "x-ms-keyvault-region" : "EASTUS", + "x-ms-keyvault-region" : "westus", "content-type" : "application/json; charset=utf-8", - "x-ms-keyvault-network-info" : "addr=174.127.169.154", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", "cache-control" : "no-cache", - "x-ms-request-id" : "0a92d500-eeee-11ea-ad45-0242ac120005", - "Body" : "{\"endTime\":1599271882,\"error\":null,\"jobId\":\"39009818fe314387916f1513179d12cd\",\"startTime\":1599271865,\"status\":\"Succeeded\",\"statusDetails\":null}" + "x-ms-request-id" : "e8163bd4-aed7-11eb-a15d-000d3a59ae40", + "Body" : "{\"endTime\":1620352789,\"error\":null,\"jobId\":\"a5ebd32dce1b44308029a0711bd6d5ea\",\"startTime\":1620352771,\"status\":\"Succeeded\",\"statusDetails\":null}" }, "Exception" : null }, { "Method" : "GET", - "Uri" : "https://REDACTED.chriss-eu2.managedhsm-int.azure-int.net/restore/39009818fe314387916f1513179d12cd/pending?api-version=7.2-preview", + "Uri" : "https://REDACTED.managedhsm.azure.net/restore/a5ebd32dce1b44308029a0711bd6d5ea/pending?api-version=7.2", "Headers" : { "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" }, "Response" : { - "date" : "Sat, 05 Sep 2020 02:11:23 GMT", + "date" : "Fri, 07 May 2021 01:59:52 GMT", "server" : "Kestrel", "content-length" : "143", "x-frame-options" : "SAMEORIGIN", - "x-ms-build-version" : "1.0.20200904-1-42b8eab8-develop", + "x-ms-build-version" : "1.0.20210407-3-27236ed1-develop", "retry-after" : "0", "StatusCode" : "200", "strict-transport-security" : "max-age=31536000; includeSubDomains", - "x-ms-server-latency" : "543", + "x-ms-server-latency" : "1160", "content-security-policy" : "default-src 'self'", "x-content-type-options" : "nosniff", - "x-ms-keyvault-region" : "EASTUS", + "x-ms-keyvault-region" : "westus", "content-type" : "application/json; charset=utf-8", - "x-ms-keyvault-network-info" : "addr=174.127.169.154", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", "cache-control" : "no-cache", - "x-ms-request-id" : "0a92d500-eeee-11ea-ad45-0242ac120005", - "Body" : "{\"endTime\":1599271882,\"error\":null,\"jobId\":\"39009818fe314387916f1513179d12cd\",\"startTime\":1599271865,\"status\":\"Succeeded\",\"statusDetails\":null}" + "x-ms-request-id" : "e8e6117e-aed7-11eb-a15d-000d3a59ae40", + "Body" : "{\"endTime\":1620352789,\"error\":null,\"jobId\":\"a5ebd32dce1b44308029a0711bd6d5ea\",\"startTime\":1620352771,\"status\":\"Succeeded\",\"statusDetails\":null}" }, "Exception" : null } ], "variables" : [ ] -} +} \ No newline at end of file diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultBackupAsyncClientTest.beginSelectiveRestore[1].json b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultBackupAsyncClientTest.beginSelectiveRestore[1].json new file mode 100644 index 000000000000..779a13550283 --- /dev/null +++ b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultBackupAsyncClientTest.beginSelectiveRestore[1].json @@ -0,0 +1,188 @@ +{ + "networkCallRecords" : [ { + "Method" : "POST", + "Uri" : "https://REDACTED.managedhsm.azure.net/backup?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)", + "Content-Type" : "application/json" + }, + "Response" : { + "date" : "Fri, 07 May 2021 01:52:05 GMT", + "server" : "Kestrel", + "content-length" : "216", + "x-frame-options" : "SAMEORIGIN", + "retry-after" : "0", + "StatusCode" : "202", + "x-ms-server-latency" : "2452", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "x-ms-keyvault-region" : "westus", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "d17ecef0-aed6-11eb-9af8-000d3a3b7b4c", + "Body" : "{\"status\":\"InProgress\",\"statusDetails\":null,\"error\":{\"code\":null,\"message\":null,\"innererror\":null},\"startTime\":1620352324,\"endTime\":null,\"jobId\":\"160d3dfa124249b1b693a6dd3b8fcd13\",\"azureStorageBlobContainerUri\":null}", + "azure-asyncoperation" : "https://REACTED.managedhsm.azure.net/backup/160d3dfa124249b1b693a6dd3b8fcd13/pending" + }, + "Exception" : null + }, { + "Method" : "GET", + "Uri" : "https://REDACTED.managedhsm.azure.net/backup/160d3dfa124249b1b693a6dd3b8fcd13/pending?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" + }, + "Response" : { + "date" : "Fri, 07 May 2021 01:52:07 GMT", + "server" : "Kestrel", + "content-length" : "216", + "x-frame-options" : "SAMEORIGIN", + "x-ms-build-version" : "1.0.20210407-3-27236ed1-develop", + "retry-after" : "0", + "StatusCode" : "200", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "1475", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "x-ms-keyvault-region" : "westus", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "d403a948-aed6-11eb-9b69-000d3a31c437", + "Body" : "{\"azureStorageBlobContainerUri\":null,\"endTime\":null,\"error\":{\"code\":null,\"innererror\":null,\"message\":null},\"jobId\":\"160d3dfa124249b1b693a6dd3b8fcd13\",\"startTime\":1620352324,\"status\":\"InProgress\",\"statusDetails\":null}" + }, + "Exception" : null + }, { + "Method" : "GET", + "Uri" : "https://REDACTED.managedhsm.azure.net/backup/160d3dfa124249b1b693a6dd3b8fcd13/pending?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" + }, + "Response" : { + "date" : "Fri, 07 May 2021 01:52:12 GMT", + "server" : "Kestrel", + "content-length" : "271", + "x-frame-options" : "SAMEORIGIN", + "x-ms-build-version" : "1.0.20210407-3-27236ed1-develop", + "retry-after" : "0", + "StatusCode" : "200", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "1474", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "x-ms-keyvault-region" : "westus", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "d70d14e4-aed6-11eb-9b69-000d3a31c437", + "Body" : "{\"azureStorageBlobContainerUri\":\"https://testaccount.blob.core.windows.net/backup/REACTED-2021050701520489\",\"endTime\":1620352332,\"error\":null,\"jobId\":\"160d3dfa124249b1b693a6dd3b8fcd13\",\"startTime\":1620352324,\"status\":\"Succeeded\",\"statusDetails\":null}" + }, + "Exception" : null + }, { + "Method" : "PUT", + "Uri" : "https://REDACTED.managedhsm.azure.net/keys/testKey/restore?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)", + "Content-Type" : "application/json" + }, + "Response" : { + "date" : "Fri, 07 May 2021 01:52:16 GMT", + "server" : "Kestrel", + "content-length" : "180", + "x-frame-options" : "SAMEORIGIN", + "retry-after" : "0", + "StatusCode" : "202", + "x-ms-server-latency" : "4222", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "x-ms-keyvault-region" : "westus", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "d80bed2a-aed6-11eb-9b69-000d3a31c437", + "Body" : "{\"endTime\":null,\"error\":{\"code\":null,\"innererror\":null,\"message\":null},\"jobId\":\"5c54c6c556d1408ba0d0b7e315a77a09\",\"startTime\":1620352334,\"status\":\"InProgress\",\"statusDetails\":null}", + "azure-asyncoperation" : "https://REACTED.managedhsm.azure.net/restore/5c54c6c556d1408ba0d0b7e315a77a09/pending" + }, + "Exception" : null + }, { + "Method" : "GET", + "Uri" : "https://REDACTED.managedhsm.azure.net/restore/5c54c6c556d1408ba0d0b7e315a77a09/pending?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" + }, + "Response" : { + "date" : "Fri, 07 May 2021 01:52:32 GMT", + "server" : "Kestrel", + "content-length" : "180", + "x-frame-options" : "SAMEORIGIN", + "x-ms-build-version" : "1.0.20210407-3-27236ed1-develop", + "retry-after" : "0", + "StatusCode" : "200", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "1908", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "x-ms-keyvault-region" : "westus", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "e243ed4c-aed6-11eb-9b69-000d3a31c437", + "Body" : "{\"endTime\":null,\"error\":{\"code\":null,\"innererror\":null,\"message\":null},\"jobId\":\"5c54c6c556d1408ba0d0b7e315a77a09\",\"startTime\":1620352334,\"status\":\"InProgress\",\"statusDetails\":null}" + }, + "Exception" : null + }, { + "Method" : "GET", + "Uri" : "https://REDACTED.managedhsm.azure.net/restore/5c54c6c556d1408ba0d0b7e315a77a09/pending?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" + }, + "Response" : { + "date" : "Fri, 07 May 2021 01:52:34 GMT", + "server" : "Kestrel", + "content-length" : "219", + "x-frame-options" : "SAMEORIGIN", + "x-ms-build-version" : "1.0.20210407-3-27236ed1-develop", + "retry-after" : "0", + "StatusCode" : "200", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "1282", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "x-ms-keyvault-region" : "westus", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "e416621c-aed6-11eb-9b69-000d3a31c437", + "Body" : "{\"endTime\":1620352353,\"error\":{\"code\":null,\"innererror\":null,\"message\":null},\"jobId\":\"5c54c6c556d1408ba0d0b7e315a77a09\",\"startTime\":1620352334,\"status\":\"Succeeded\",\"statusDetails\":\"Number of successful key versions restored: 0, Number of key versions could not overwrite: 1\"}" + }, + "Exception" : null + }, { + "Method" : "GET", + "Uri" : "https://REDACTED.managedhsm.azure.net/restore/5c54c6c556d1408ba0d0b7e315a77a09/pending?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" + }, + "Response" : { + "date" : "Fri, 07 May 2021 01:52:36 GMT", + "server" : "Kestrel", + "content-length" : "219", + "x-frame-options" : "SAMEORIGIN", + "x-ms-build-version" : "1.0.20210407-3-27236ed1-develop", + "retry-after" : "0", + "StatusCode" : "200", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "1282", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "x-ms-keyvault-region" : "westus", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "e4f09996-aed6-11eb-9b69-000d3a31c437", + "Body" : "{\"endTime\":1620352353,\"error\":{\"code\":null,\"innererror\":null,\"message\":null},\"jobId\":\"5c54c6c556d1408ba0d0b7e315a77a09\",\"startTime\":1620352334,\"status\":\"Succeeded\",\"statusDetails\":\"Number of successful key versions restored: 0, Number of key versions could not overwrite: 1\"}" + }, + "Exception" : null + } ], + "variables" : [ ] +} \ No newline at end of file diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultBackupClientTest.beginBackup[1].json b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultBackupClientTest.beginBackup[1].json new file mode 100644 index 000000000000..5824625282cd --- /dev/null +++ b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultBackupClientTest.beginBackup[1].json @@ -0,0 +1,83 @@ +{ + "networkCallRecords" : [ { + "Method" : "POST", + "Uri" : "https://REDACTED.managedhsm.azure.net/backup?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)", + "Content-Type" : "application/json" + }, + "Response" : { + "date" : "Fri, 07 May 2021 01:51:07 GMT", + "server" : "Kestrel", + "content-length" : "216", + "x-frame-options" : "SAMEORIGIN", + "retry-after" : "0", + "StatusCode" : "202", + "x-ms-server-latency" : "4296", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "x-ms-keyvault-region" : "westus", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "ae9333d6-aed6-11eb-9ab0-000d3a59ae40", + "Body" : "{\"status\":\"InProgress\",\"statusDetails\":null,\"error\":{\"code\":null,\"message\":null,\"innererror\":null},\"startTime\":1620352268,\"endTime\":null,\"jobId\":\"8dc2fec887814b6ab5a1807277d81d05\",\"azureStorageBlobContainerUri\":null}", + "azure-asyncoperation" : "https://REDACTED.managedhsm.azure.net/backup/8dc2fec887814b6ab5a1807277d81d05/pending" + }, + "Exception" : null + }, { + "Method" : "GET", + "Uri" : "https://REDACTED.managedhsm.azure.net/backup/8dc2fec887814b6ab5a1807277d81d05/pending?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" + }, + "Response" : { + "date" : "Fri, 07 May 2021 01:51:10 GMT", + "server" : "Kestrel", + "content-length" : "216", + "x-frame-options" : "SAMEORIGIN", + "x-ms-build-version" : "1.0.20210407-3-27236ed1-develop", + "retry-after" : "0", + "StatusCode" : "200", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "1336", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "x-ms-keyvault-region" : "westus", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "b21a12fe-aed6-11eb-a2cd-000d3a31c437", + "Body" : "{\"azureStorageBlobContainerUri\":null,\"endTime\":null,\"error\":{\"code\":null,\"innererror\":null,\"message\":null},\"jobId\":\"8dc2fec887814b6ab5a1807277d81d05\",\"startTime\":1620352268,\"status\":\"InProgress\",\"statusDetails\":null}" + }, + "Exception" : null + }, { + "Method" : "GET", + "Uri" : "https://REDACTED.managedhsm.azure.net/backup/8dc2fec887814b6ab5a1807277d81d05/pending?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" + }, + "Response" : { + "date" : "Fri, 07 May 2021 01:51:15 GMT", + "server" : "Kestrel", + "content-length" : "271", + "x-frame-options" : "SAMEORIGIN", + "x-ms-build-version" : "1.0.20210407-3-27236ed1-develop", + "retry-after" : "0", + "StatusCode" : "200", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "1292", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "x-ms-keyvault-region" : "westus", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "b528dcd2-aed6-11eb-a2cd-000d3a31c437", + "Body" : "{\"azureStorageBlobContainerUri\":\"https://testaccount.blob.core.windows.net/backup/REDACTED-2021050701510807\",\"endTime\":1620352276,\"error\":null,\"jobId\":\"8dc2fec887814b6ab5a1807277d81d05\",\"startTime\":1620352268,\"status\":\"Succeeded\",\"statusDetails\":null}" + }, + "Exception" : null + } ], + "variables" : [ ] +} \ No newline at end of file diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/beginSelectiveRestore.json b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultBackupClientTest.beginRestore[1].json similarity index 51% rename from sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/beginSelectiveRestore.json rename to sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultBackupClientTest.beginRestore[1].json index e5c8e3ed5430..77ca93d99d3c 100644 --- a/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/beginSelectiveRestore.json +++ b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultBackupClientTest.beginRestore[1].json @@ -1,188 +1,188 @@ { "networkCallRecords" : [ { "Method" : "POST", - "Uri" : "https://REDACTED.chriss-eu2.managedhsm-int.azure-int.net/backup?api-version=7.2-preview", + "Uri" : "https://REDACTED.managedhsm.azure.net/backup?api-version=7.2", "Headers" : { "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)", "Content-Type" : "application/json" }, "Response" : { - "date" : "Sat, 05 Sep 2020 02:18:09 GMT", + "date" : "Fri, 07 May 2021 01:59:21 GMT", "server" : "Kestrel", "content-length" : "216", "x-frame-options" : "SAMEORIGIN", "retry-after" : "0", "StatusCode" : "202", - "x-ms-server-latency" : "738", + "x-ms-server-latency" : "1588", "strict-transport-security" : "max-age=31536000; includeSubDomains", "content-security-policy" : "default-src 'self'", "x-content-type-options" : "nosniff", - "x-ms-keyvault-region" : "EASTUS", + "x-ms-keyvault-region" : "westus", "content-type" : "application/json; charset=utf-8", - "x-ms-keyvault-network-info" : "addr=174.127.169.154", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", "cache-control" : "no-cache", - "x-ms-request-id" : "5a8f20bc-eee5-11ea-bf6e-0242ac120003", - "Body" : "{\"status\":\"InProgress\",\"statusDetails\":null,\"error\":{\"code\":null,\"message\":null,\"innererror\":null},\"startTime\":1599272289,\"endTime\":null,\"jobId\":\"9221e3b978b64dc089d74a64ca5bfbb8\",\"azureStorageBlobContainerUri\":null}", - "azure-asyncoperation" : "https://eastus2.chriss-eu2.managedhsm-int.azure-int.net/backup/9221e3b978b64dc089d74a64ca5bfbb8/pending" + "x-ms-request-id" : "d64faa20-aed7-11eb-bc0f-000d3a59ae40", + "Body" : "{\"status\":\"InProgress\",\"statusDetails\":null,\"error\":{\"code\":null,\"message\":null,\"innererror\":null},\"startTime\":1620352761,\"endTime\":null,\"jobId\":\"55bb480d6c6b4fd9ae302696f35c3f5e\",\"azureStorageBlobContainerUri\":null}", + "azure-asyncoperation" : "https://REDACTED.managedhsm.azure.net/backup/55bb480d6c6b4fd9ae302696f35c3f5e/pending" }, "Exception" : null }, { "Method" : "GET", - "Uri" : "https://REDACTED.chriss-eu2.managedhsm-int.azure-int.net/backup/9221e3b978b64dc089d74a64ca5bfbb8/pending?api-version=7.2-preview", + "Uri" : "https://REDACTED.managedhsm.azure.net/backup/55bb480d6c6b4fd9ae302696f35c3f5e/pending?api-version=7.2", "Headers" : { "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" }, "Response" : { - "date" : "Sat, 05 Sep 2020 02:18:10 GMT", + "date" : "Fri, 07 May 2021 01:59:23 GMT", "server" : "Kestrel", "content-length" : "216", "x-frame-options" : "SAMEORIGIN", - "x-ms-build-version" : "1.0.20200904-1-42b8eab8-develop", + "x-ms-build-version" : "1.0.20210407-3-27236ed1-develop", "retry-after" : "0", "StatusCode" : "200", "strict-transport-security" : "max-age=31536000; includeSubDomains", - "x-ms-server-latency" : "486", + "x-ms-server-latency" : "1502", "content-security-policy" : "default-src 'self'", "x-content-type-options" : "nosniff", - "x-ms-keyvault-region" : "EASTUS", + "x-ms-keyvault-region" : "westus", "content-type" : "application/json; charset=utf-8", - "x-ms-keyvault-network-info" : "addr=174.127.169.154", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", "cache-control" : "no-cache", - "x-ms-request-id" : "5a8f20bc-eee5-11ea-bf6e-0242ac120003", - "Body" : "{\"azureStorageBlobContainerUri\":null,\"endTime\":null,\"error\":{\"code\":null,\"innererror\":null,\"message\":null},\"jobId\":\"9221e3b978b64dc089d74a64ca5bfbb8\",\"startTime\":1599272289,\"status\":\"InProgress\",\"statusDetails\":null}" + "x-ms-request-id" : "d8372b6a-aed7-11eb-a15d-000d3a59ae40", + "Body" : "{\"azureStorageBlobContainerUri\":null,\"endTime\":null,\"error\":{\"code\":null,\"innererror\":null,\"message\":null},\"jobId\":\"55bb480d6c6b4fd9ae302696f35c3f5e\",\"startTime\":1620352761,\"status\":\"InProgress\",\"statusDetails\":null}" }, "Exception" : null }, { "Method" : "GET", - "Uri" : "https://REDACTED.chriss-eu2.managedhsm-int.azure-int.net/backup/9221e3b978b64dc089d74a64ca5bfbb8/pending?api-version=7.2-preview", + "Uri" : "https://REDACTED.managedhsm.azure.net/backup/55bb480d6c6b4fd9ae302696f35c3f5e/pending?api-version=7.2", "Headers" : { "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" }, "Response" : { - "date" : "Sat, 05 Sep 2020 02:18:21 GMT", + "date" : "Fri, 07 May 2021 01:59:29 GMT", "server" : "Kestrel", - "content-length" : "263", + "content-length" : "271", "x-frame-options" : "SAMEORIGIN", - "x-ms-build-version" : "1.0.20200904-1-42b8eab8-develop", + "x-ms-build-version" : "1.0.20210407-3-27236ed1-develop", "retry-after" : "0", "StatusCode" : "200", "strict-transport-security" : "max-age=31536000; includeSubDomains", - "x-ms-server-latency" : "452", + "x-ms-server-latency" : "1296", "content-security-policy" : "default-src 'self'", "x-content-type-options" : "nosniff", - "x-ms-keyvault-region" : "EASTUS", + "x-ms-keyvault-region" : "westus", "content-type" : "application/json; charset=utf-8", - "x-ms-keyvault-network-info" : "addr=174.127.169.154", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", "cache-control" : "no-cache", - "x-ms-request-id" : "5a8f20bc-eee5-11ea-bf6e-0242ac120003", - "Body" : "{\"azureStorageBlobContainerUri\":\"https://testaccount.blob.core.windows.net/backup/testKeyVault\",\"endTime\":1599272300,\"error\":null,\"jobId\":\"9221e3b978b64dc089d74a64ca5bfbb8\",\"startTime\":1599272289,\"status\":\"Succeeded\",\"statusDetails\":null}" + "x-ms-request-id" : "db3806e0-aed7-11eb-a15d-000d3a59ae40", + "Body" : "{\"azureStorageBlobContainerUri\":\"https://testaccount.blob.core.windows.net/backup/REDACTED-2021050701592162\",\"endTime\":1620352769,\"error\":null,\"jobId\":\"55bb480d6c6b4fd9ae302696f35c3f5e\",\"startTime\":1620352761,\"status\":\"Succeeded\",\"statusDetails\":null}" }, "Exception" : null }, { "Method" : "PUT", - "Uri" : "https://REDACTED.chriss-eu2.managedhsm-int.azure-int.net/keys/testKey/restore?api-version=7.2-preview", + "Uri" : "https://REDACTED.managedhsm.azure.net/restore?api-version=7.2", "Headers" : { "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)", "Content-Type" : "application/json" }, "Response" : { - "date" : "Sat, 05 Sep 2020 02:18:24 GMT", + "date" : "Fri, 07 May 2021 01:59:34 GMT", "server" : "Kestrel", "content-length" : "180", "x-frame-options" : "SAMEORIGIN", "retry-after" : "0", "StatusCode" : "202", - "x-ms-server-latency" : "3633", + "x-ms-server-latency" : "4289", "strict-transport-security" : "max-age=31536000; includeSubDomains", "content-security-policy" : "default-src 'self'", "x-content-type-options" : "nosniff", - "x-ms-keyvault-region" : "EASTUS", + "x-ms-keyvault-region" : "westus", "content-type" : "application/json; charset=utf-8", - "x-ms-keyvault-network-info" : "addr=174.127.169.154", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", "cache-control" : "no-cache", - "x-ms-request-id" : "5a8f20bc-eee5-11ea-bf6e-0242ac120003", - "Body" : "{\"endTime\":null,\"error\":{\"code\":null,\"innererror\":null,\"message\":null},\"jobId\":\"46ec38dfbb4b463b8d2f2d971e393cfa\",\"startTime\":1599272302,\"status\":\"InProgress\",\"statusDetails\":null}", - "azure-asyncoperation" : "https://eastus2.chriss-eu2.managedhsm-int.azure-int.net/restore/46ec38dfbb4b463b8d2f2d971e393cfa/pending" + "x-ms-request-id" : "dc1821d0-aed7-11eb-a15d-000d3a59ae40", + "Body" : "{\"endTime\":null,\"error\":{\"code\":null,\"innererror\":null,\"message\":null},\"jobId\":\"a5ebd32dce1b44308029a0711bd6d5ea\",\"startTime\":1620352771,\"status\":\"InProgress\",\"statusDetails\":null}", + "azure-asyncoperation" : "https://REDACTED.managedhsm.azure.net/restore/a5ebd32dce1b44308029a0711bd6d5ea/pending" }, "Exception" : null }, { "Method" : "GET", - "Uri" : "https://REDACTED.chriss-eu2.managedhsm-int.azure-int.net/restore/46ec38dfbb4b463b8d2f2d971e393cfa/pending?api-version=7.2-preview", + "Uri" : "https://REDACTED.managedhsm.azure.net/restore/a5ebd32dce1b44308029a0711bd6d5ea/pending?api-version=7.2", "Headers" : { "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" }, "Response" : { - "date" : "Sat, 05 Sep 2020 02:18:25 GMT", + "date" : "Fri, 07 May 2021 01:59:47 GMT", "server" : "Kestrel", "content-length" : "180", "x-frame-options" : "SAMEORIGIN", - "x-ms-build-version" : "1.0.20200904-1-42b8eab8-develop", + "x-ms-build-version" : "1.0.20210407-3-27236ed1-develop", "retry-after" : "0", "StatusCode" : "200", "strict-transport-security" : "max-age=31536000; includeSubDomains", - "x-ms-server-latency" : "465", + "x-ms-server-latency" : "1211", "content-security-policy" : "default-src 'self'", "x-content-type-options" : "nosniff", - "x-ms-keyvault-region" : "EASTUS", + "x-ms-keyvault-region" : "westus", "content-type" : "application/json; charset=utf-8", - "x-ms-keyvault-network-info" : "addr=174.127.169.154", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", "cache-control" : "no-cache", - "x-ms-request-id" : "5a8f20bc-eee5-11ea-bf6e-0242ac120003", - "Body" : "{\"endTime\":null,\"error\":{\"code\":null,\"innererror\":null,\"message\":null},\"jobId\":\"46ec38dfbb4b463b8d2f2d971e393cfa\",\"startTime\":1599272302,\"status\":\"InProgress\",\"statusDetails\":null}" + "x-ms-request-id" : "e6ab9bae-aed7-11eb-a15d-000d3a59ae40", + "Body" : "{\"endTime\":null,\"error\":{\"code\":null,\"innererror\":null,\"message\":null},\"jobId\":\"a5ebd32dce1b44308029a0711bd6d5ea\",\"startTime\":1620352771,\"status\":\"InProgress\",\"statusDetails\":null}" }, "Exception" : null }, { "Method" : "GET", - "Uri" : "https://REDACTED.chriss-eu2.managedhsm-int.azure-int.net/restore/46ec38dfbb4b463b8d2f2d971e393cfa/pending?api-version=7.2-preview", + "Uri" : "https://REDACTED.managedhsm.azure.net/restore/a5ebd32dce1b44308029a0711bd6d5ea/pending?api-version=7.2", "Headers" : { "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" }, "Response" : { - "date" : "Sat, 05 Sep 2020 02:18:43 GMT", + "date" : "Fri, 07 May 2021 01:59:50 GMT", "server" : "Kestrel", - "content-length" : "233", + "content-length" : "143", "x-frame-options" : "SAMEORIGIN", - "x-ms-build-version" : "1.0.20200904-1-42b8eab8-develop", + "x-ms-build-version" : "1.0.20210407-3-27236ed1-develop", "retry-after" : "0", "StatusCode" : "200", "strict-transport-security" : "max-age=31536000; includeSubDomains", - "x-ms-server-latency" : "447", + "x-ms-server-latency" : "1214", "content-security-policy" : "default-src 'self'", "x-content-type-options" : "nosniff", - "x-ms-keyvault-region" : "EASTUS", + "x-ms-keyvault-region" : "westus", "content-type" : "application/json; charset=utf-8", - "x-ms-keyvault-network-info" : "addr=174.127.169.154", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", "cache-control" : "no-cache", - "x-ms-request-id" : "5a8f20bc-eee5-11ea-bf6e-0242ac120003", - "Body" : "{\"endTime\":1599272322,\"error\":null,\"jobId\":\"46ec38dfbb4b463b8d2f2d971e393cfa\",\"startTime\":1599272302,\"status\":\"Succeeded\",\"statusDetails\":\"Number of successful key versions restored: 0, Number of key versions could not overwrite: 4\"}" + "x-ms-request-id" : "e8163bd4-aed7-11eb-a15d-000d3a59ae40", + "Body" : "{\"endTime\":1620352789,\"error\":null,\"jobId\":\"a5ebd32dce1b44308029a0711bd6d5ea\",\"startTime\":1620352771,\"status\":\"Succeeded\",\"statusDetails\":null}" }, "Exception" : null }, { "Method" : "GET", - "Uri" : "https://REDACTED.chriss-eu2.managedhsm-int.azure-int.net/restore/46ec38dfbb4b463b8d2f2d971e393cfa/pending?api-version=7.2-preview", + "Uri" : "https://REDACTED.managedhsm.azure.net/restore/a5ebd32dce1b44308029a0711bd6d5ea/pending?api-version=7.2", "Headers" : { "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" }, "Response" : { - "date" : "Sat, 05 Sep 2020 02:18:43 GMT", + "date" : "Fri, 07 May 2021 01:59:52 GMT", "server" : "Kestrel", - "content-length" : "233", + "content-length" : "143", "x-frame-options" : "SAMEORIGIN", - "x-ms-build-version" : "1.0.20200904-1-42b8eab8-develop", + "x-ms-build-version" : "1.0.20210407-3-27236ed1-develop", "retry-after" : "0", "StatusCode" : "200", "strict-transport-security" : "max-age=31536000; includeSubDomains", - "x-ms-server-latency" : "449", + "x-ms-server-latency" : "1160", "content-security-policy" : "default-src 'self'", "x-content-type-options" : "nosniff", - "x-ms-keyvault-region" : "EASTUS", + "x-ms-keyvault-region" : "westus", "content-type" : "application/json; charset=utf-8", - "x-ms-keyvault-network-info" : "addr=174.127.169.154", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", "cache-control" : "no-cache", - "x-ms-request-id" : "5a8f20bc-eee5-11ea-bf6e-0242ac120003", - "Body" : "{\"endTime\":1599272322,\"error\":null,\"jobId\":\"46ec38dfbb4b463b8d2f2d971e393cfa\",\"startTime\":1599272302,\"status\":\"Succeeded\",\"statusDetails\":\"Number of successful key versions restored: 0, Number of key versions could not overwrite: 4\"}" + "x-ms-request-id" : "e8e6117e-aed7-11eb-a15d-000d3a59ae40", + "Body" : "{\"endTime\":1620352789,\"error\":null,\"jobId\":\"a5ebd32dce1b44308029a0711bd6d5ea\",\"startTime\":1620352771,\"status\":\"Succeeded\",\"statusDetails\":null}" }, "Exception" : null } ], "variables" : [ ] -} +} \ No newline at end of file diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultBackupClientTest.beginSelectiveRestore[1].json b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultBackupClientTest.beginSelectiveRestore[1].json new file mode 100644 index 000000000000..779a13550283 --- /dev/null +++ b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultBackupClientTest.beginSelectiveRestore[1].json @@ -0,0 +1,188 @@ +{ + "networkCallRecords" : [ { + "Method" : "POST", + "Uri" : "https://REDACTED.managedhsm.azure.net/backup?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)", + "Content-Type" : "application/json" + }, + "Response" : { + "date" : "Fri, 07 May 2021 01:52:05 GMT", + "server" : "Kestrel", + "content-length" : "216", + "x-frame-options" : "SAMEORIGIN", + "retry-after" : "0", + "StatusCode" : "202", + "x-ms-server-latency" : "2452", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "x-ms-keyvault-region" : "westus", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "d17ecef0-aed6-11eb-9af8-000d3a3b7b4c", + "Body" : "{\"status\":\"InProgress\",\"statusDetails\":null,\"error\":{\"code\":null,\"message\":null,\"innererror\":null},\"startTime\":1620352324,\"endTime\":null,\"jobId\":\"160d3dfa124249b1b693a6dd3b8fcd13\",\"azureStorageBlobContainerUri\":null}", + "azure-asyncoperation" : "https://REACTED.managedhsm.azure.net/backup/160d3dfa124249b1b693a6dd3b8fcd13/pending" + }, + "Exception" : null + }, { + "Method" : "GET", + "Uri" : "https://REDACTED.managedhsm.azure.net/backup/160d3dfa124249b1b693a6dd3b8fcd13/pending?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" + }, + "Response" : { + "date" : "Fri, 07 May 2021 01:52:07 GMT", + "server" : "Kestrel", + "content-length" : "216", + "x-frame-options" : "SAMEORIGIN", + "x-ms-build-version" : "1.0.20210407-3-27236ed1-develop", + "retry-after" : "0", + "StatusCode" : "200", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "1475", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "x-ms-keyvault-region" : "westus", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "d403a948-aed6-11eb-9b69-000d3a31c437", + "Body" : "{\"azureStorageBlobContainerUri\":null,\"endTime\":null,\"error\":{\"code\":null,\"innererror\":null,\"message\":null},\"jobId\":\"160d3dfa124249b1b693a6dd3b8fcd13\",\"startTime\":1620352324,\"status\":\"InProgress\",\"statusDetails\":null}" + }, + "Exception" : null + }, { + "Method" : "GET", + "Uri" : "https://REDACTED.managedhsm.azure.net/backup/160d3dfa124249b1b693a6dd3b8fcd13/pending?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" + }, + "Response" : { + "date" : "Fri, 07 May 2021 01:52:12 GMT", + "server" : "Kestrel", + "content-length" : "271", + "x-frame-options" : "SAMEORIGIN", + "x-ms-build-version" : "1.0.20210407-3-27236ed1-develop", + "retry-after" : "0", + "StatusCode" : "200", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "1474", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "x-ms-keyvault-region" : "westus", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "d70d14e4-aed6-11eb-9b69-000d3a31c437", + "Body" : "{\"azureStorageBlobContainerUri\":\"https://testaccount.blob.core.windows.net/backup/REACTED-2021050701520489\",\"endTime\":1620352332,\"error\":null,\"jobId\":\"160d3dfa124249b1b693a6dd3b8fcd13\",\"startTime\":1620352324,\"status\":\"Succeeded\",\"statusDetails\":null}" + }, + "Exception" : null + }, { + "Method" : "PUT", + "Uri" : "https://REDACTED.managedhsm.azure.net/keys/testKey/restore?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)", + "Content-Type" : "application/json" + }, + "Response" : { + "date" : "Fri, 07 May 2021 01:52:16 GMT", + "server" : "Kestrel", + "content-length" : "180", + "x-frame-options" : "SAMEORIGIN", + "retry-after" : "0", + "StatusCode" : "202", + "x-ms-server-latency" : "4222", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "x-ms-keyvault-region" : "westus", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "d80bed2a-aed6-11eb-9b69-000d3a31c437", + "Body" : "{\"endTime\":null,\"error\":{\"code\":null,\"innererror\":null,\"message\":null},\"jobId\":\"5c54c6c556d1408ba0d0b7e315a77a09\",\"startTime\":1620352334,\"status\":\"InProgress\",\"statusDetails\":null}", + "azure-asyncoperation" : "https://REACTED.managedhsm.azure.net/restore/5c54c6c556d1408ba0d0b7e315a77a09/pending" + }, + "Exception" : null + }, { + "Method" : "GET", + "Uri" : "https://REDACTED.managedhsm.azure.net/restore/5c54c6c556d1408ba0d0b7e315a77a09/pending?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" + }, + "Response" : { + "date" : "Fri, 07 May 2021 01:52:32 GMT", + "server" : "Kestrel", + "content-length" : "180", + "x-frame-options" : "SAMEORIGIN", + "x-ms-build-version" : "1.0.20210407-3-27236ed1-develop", + "retry-after" : "0", + "StatusCode" : "200", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "1908", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "x-ms-keyvault-region" : "westus", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "e243ed4c-aed6-11eb-9b69-000d3a31c437", + "Body" : "{\"endTime\":null,\"error\":{\"code\":null,\"innererror\":null,\"message\":null},\"jobId\":\"5c54c6c556d1408ba0d0b7e315a77a09\",\"startTime\":1620352334,\"status\":\"InProgress\",\"statusDetails\":null}" + }, + "Exception" : null + }, { + "Method" : "GET", + "Uri" : "https://REDACTED.managedhsm.azure.net/restore/5c54c6c556d1408ba0d0b7e315a77a09/pending?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" + }, + "Response" : { + "date" : "Fri, 07 May 2021 01:52:34 GMT", + "server" : "Kestrel", + "content-length" : "219", + "x-frame-options" : "SAMEORIGIN", + "x-ms-build-version" : "1.0.20210407-3-27236ed1-develop", + "retry-after" : "0", + "StatusCode" : "200", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "1282", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "x-ms-keyvault-region" : "westus", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "e416621c-aed6-11eb-9b69-000d3a31c437", + "Body" : "{\"endTime\":1620352353,\"error\":{\"code\":null,\"innererror\":null,\"message\":null},\"jobId\":\"5c54c6c556d1408ba0d0b7e315a77a09\",\"startTime\":1620352334,\"status\":\"Succeeded\",\"statusDetails\":\"Number of successful key versions restored: 0, Number of key versions could not overwrite: 1\"}" + }, + "Exception" : null + }, { + "Method" : "GET", + "Uri" : "https://REDACTED.managedhsm.azure.net/restore/5c54c6c556d1408ba0d0b7e315a77a09/pending?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" + }, + "Response" : { + "date" : "Fri, 07 May 2021 01:52:36 GMT", + "server" : "Kestrel", + "content-length" : "219", + "x-frame-options" : "SAMEORIGIN", + "x-ms-build-version" : "1.0.20210407-3-27236ed1-develop", + "retry-after" : "0", + "StatusCode" : "200", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "1282", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "x-ms-keyvault-region" : "westus", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "e4f09996-aed6-11eb-9b69-000d3a31c437", + "Body" : "{\"endTime\":1620352353,\"error\":{\"code\":null,\"innererror\":null,\"message\":null},\"jobId\":\"5c54c6c556d1408ba0d0b7e315a77a09\",\"startTime\":1620352334,\"status\":\"Succeeded\",\"statusDetails\":\"Number of successful key versions restored: 0, Number of key versions could not overwrite: 1\"}" + }, + "Exception" : null + } ], + "variables" : [ ] +} \ No newline at end of file diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/createRoleAssignment.json b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/createRoleAssignment.json deleted file mode 100644 index ec3f5e763add..000000000000 --- a/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/createRoleAssignment.json +++ /dev/null @@ -1,52 +0,0 @@ -{ - "networkCallRecords" : [ { - "Method" : "GET", - "Uri" : "https://REDACTED.chriss-eu2.managedhsm-int.azure-int.net///providers/Microsoft.Authorization/roleDefinitions?api-version=7.2-preview", - "Headers" : { - "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" - }, - "Response" : { - "content-length" : "6428", - "x-frame-options" : "SAMEORIGIN", - "x-ms-build-version" : "1.0.20200903-1-42b8eab8-develop", - "retry-after" : "0", - "StatusCode" : "200", - "strict-transport-security" : "max-age=31536000; includeSubDomains", - "x-ms-server-latency" : "1", - "content-security-policy" : "default-src 'self'", - "x-content-type-options" : "nosniff", - "content-type" : "application/json; charset=utf-8", - "x-ms-keyvault-region" : "EASTUS", - "x-ms-keyvault-network-info" : "addr=174.127.169.154", - "cache-control" : "no-cache", - "x-ms-request-id" : "3afdb3e2-ee38-11ea-8011-0242ac120004", - "Body" : "{\"value\":[{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/a290e904-7015-4bba-90c8-60543313cdb4\",\"name\":\"a290e904-7015-4bba-90c8-60543313cdb4\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/write/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/recover/action\",\"Microsoft.KeyVault/managedHsm/keys/backup/action\",\"Microsoft.KeyVault/managedHsm/keys/restore/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/keys/encrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/decrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/wrap/action\",\"Microsoft.KeyVault/managedHsm/keys/unwrap/action\",\"Microsoft.KeyVault/managedHsm/keys/sign/action\",\"Microsoft.KeyVault/managedHsm/keys/verify/action\",\"Microsoft.KeyVault/managedHsm/keys/create\",\"Microsoft.KeyVault/managedHsm/keys/delete\",\"Microsoft.KeyVault/managedHsm/keys/export/action\",\"Microsoft.KeyVault/managedHsm/keys/import/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/delete\",\"Microsoft.KeyVault/managedHsm/securitydomain/download/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/upload/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/upload/read\",\"Microsoft.KeyVault/managedHsm/securitydomain/transferkey/read\",\"Microsoft.KeyVault/managedHsm/backup/start/action\",\"Microsoft.KeyVault/managedHsm/restore/start/action\",\"Microsoft.KeyVault/managedHsm/backup/status/action\",\"Microsoft.KeyVault/managedHsm/restore/status/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Administrator\",\"type\":\"\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"name\":\"515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/write/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/recover/action\",\"Microsoft.KeyVault/managedHsm/keys/backup/action\",\"Microsoft.KeyVault/managedHsm/keys/restore/action\",\"Microsoft.KeyVault/managedHsm/keys/encrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/decrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/sign/action\",\"Microsoft.KeyVault/managedHsm/keys/verify/action\",\"Microsoft.KeyVault/managedHsm/keys/wrap/action\",\"Microsoft.KeyVault/managedHsm/keys/unwrap/action\",\"Microsoft.KeyVault/managedHsm/keys/create\",\"Microsoft.KeyVault/managedHsm/keys/delete\",\"Microsoft.KeyVault/managedHsm/keys/export/action\",\"Microsoft.KeyVault/managedHsm/keys/import/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/delete\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Officer\",\"type\":\"\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625b\",\"name\":\"21dbd100-6940-42c2-9190-5d6cb909625b\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/write/action\",\"Microsoft.KeyVault/managedHsm/keys/backup/action\",\"Microsoft.KeyVault/managedHsm/keys/create\",\"Microsoft.KeyVault/managedHsm/keys/encrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/decrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/wrap/action\",\"Microsoft.KeyVault/managedHsm/keys/unwrap/action\",\"Microsoft.KeyVault/managedHsm/keys/sign/action\",\"Microsoft.KeyVault/managedHsm/keys/verify/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto User\",\"type\":\"\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/4bd23610-cdcf-4971-bdee-bdc562cc28e4\",\"name\":\"4bd23610-cdcf-4971-bdee-bdc562cc28e4\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Policy Administrator\",\"type\":\"\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/2c18b078-7c48-4d3a-af88-5a3a1b3f82b3\",\"name\":\"2c18b078-7c48-4d3a-af88-5a3a1b3f82b3\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Auditor\",\"type\":\"\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/33413926-3206-4cdd-b39a-83574fe37a17\",\"name\":\"33413926-3206-4cdd-b39a-83574fe37a17\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/wrap/action\",\"Microsoft.KeyVault/managedHsm/keys/unwrap/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Service Encryption\",\"type\":\"\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8\",\"name\":\"7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/backup/start/action\",\"Microsoft.KeyVault/managedHsm/backup/status/action\",\"Microsoft.KeyVault/managedHsm/keys/backup/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Backup\",\"type\":\"\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"}]}" - }, - "Exception" : null - }, { - "Method" : "PUT", - "Uri" : "https://REDACTED.chriss-eu2.managedhsm-int.azure-int.net///providers/Microsoft.Authorization/roleAssignments/d0bedeb4-7431-407d-81cd-278929c98218?api-version=7.2-preview", - "Headers" : { - "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)", - "Content-Type" : "application/json" - }, - "Response" : { - "content-length" : "398", - "x-frame-options" : "SAMEORIGIN", - "retry-after" : "0", - "StatusCode" : "201", - "strict-transport-security" : "max-age=31536000; includeSubDomains", - "x-ms-server-latency" : "347", - "content-security-policy" : "default-src 'self'", - "x-content-type-options" : "nosniff", - "content-type" : "application/json; charset=utf-8", - "x-ms-keyvault-region" : "EASTUS", - "x-ms-keyvault-network-info" : "addr=174.127.169.154", - "cache-control" : "no-cache", - "x-ms-request-id" : "3afdb3e2-ee38-11ea-8011-0242ac120004", - "Body" : "{\"id\":\"/providers/Microsoft.Authorization/roleAssignments/d0bedeb4-7431-407d-81cd-278929c98218\",\"name\":\"d0bedeb4-7431-407d-81cd-278929c98218\",\"properties\":{\"principalId\":\"49acc88b-8f9e-4619-9856-16691db66767\",\"roleDefinitionId\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625b\",\"scope\":\"/\"},\"type\":\"Microsoft.Authorization/roleAssignments\"}" - }, - "Exception" : null - } ], - "variables" : [ ] -} diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/deleteRoleAssignment.json b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/deleteRoleAssignment.json deleted file mode 100644 index f9cc1e2e3e25..000000000000 --- a/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/deleteRoleAssignment.json +++ /dev/null @@ -1,75 +0,0 @@ -{ - "networkCallRecords" : [ { - "Method" : "GET", - "Uri" : "https://REDACTED.chriss-eu2.managedhsm-int.azure-int.net///providers/Microsoft.Authorization/roleDefinitions?api-version=7.2-preview", - "Headers" : { - "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" - }, - "Response" : { - "content-length" : "6428", - "x-frame-options" : "SAMEORIGIN", - "x-ms-build-version" : "1.0.20200903-1-42b8eab8-develop", - "retry-after" : "0", - "StatusCode" : "200", - "strict-transport-security" : "max-age=31536000; includeSubDomains", - "x-ms-server-latency" : "1", - "content-security-policy" : "default-src 'self'", - "x-content-type-options" : "nosniff", - "content-type" : "application/json; charset=utf-8", - "x-ms-keyvault-region" : "EASTUS", - "x-ms-keyvault-network-info" : "addr=174.127.169.154", - "cache-control" : "no-cache", - "x-ms-request-id" : "e0fcdf70-ee33-11ea-934a-0242ac120003", - "Body" : "{\"value\":[{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/a290e904-7015-4bba-90c8-60543313cdb4\",\"name\":\"a290e904-7015-4bba-90c8-60543313cdb4\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/write/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/recover/action\",\"Microsoft.KeyVault/managedHsm/keys/backup/action\",\"Microsoft.KeyVault/managedHsm/keys/restore/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/keys/encrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/decrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/wrap/action\",\"Microsoft.KeyVault/managedHsm/keys/unwrap/action\",\"Microsoft.KeyVault/managedHsm/keys/sign/action\",\"Microsoft.KeyVault/managedHsm/keys/verify/action\",\"Microsoft.KeyVault/managedHsm/keys/create\",\"Microsoft.KeyVault/managedHsm/keys/delete\",\"Microsoft.KeyVault/managedHsm/keys/export/action\",\"Microsoft.KeyVault/managedHsm/keys/import/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/delete\",\"Microsoft.KeyVault/managedHsm/securitydomain/download/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/upload/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/upload/read\",\"Microsoft.KeyVault/managedHsm/securitydomain/transferkey/read\",\"Microsoft.KeyVault/managedHsm/backup/start/action\",\"Microsoft.KeyVault/managedHsm/restore/start/action\",\"Microsoft.KeyVault/managedHsm/backup/status/action\",\"Microsoft.KeyVault/managedHsm/restore/status/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Administrator\",\"type\":\"\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"name\":\"515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/write/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/recover/action\",\"Microsoft.KeyVault/managedHsm/keys/backup/action\",\"Microsoft.KeyVault/managedHsm/keys/restore/action\",\"Microsoft.KeyVault/managedHsm/keys/encrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/decrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/sign/action\",\"Microsoft.KeyVault/managedHsm/keys/verify/action\",\"Microsoft.KeyVault/managedHsm/keys/wrap/action\",\"Microsoft.KeyVault/managedHsm/keys/unwrap/action\",\"Microsoft.KeyVault/managedHsm/keys/create\",\"Microsoft.KeyVault/managedHsm/keys/delete\",\"Microsoft.KeyVault/managedHsm/keys/export/action\",\"Microsoft.KeyVault/managedHsm/keys/import/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/delete\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Officer\",\"type\":\"\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625b\",\"name\":\"21dbd100-6940-42c2-9190-5d6cb909625b\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/write/action\",\"Microsoft.KeyVault/managedHsm/keys/backup/action\",\"Microsoft.KeyVault/managedHsm/keys/create\",\"Microsoft.KeyVault/managedHsm/keys/encrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/decrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/wrap/action\",\"Microsoft.KeyVault/managedHsm/keys/unwrap/action\",\"Microsoft.KeyVault/managedHsm/keys/sign/action\",\"Microsoft.KeyVault/managedHsm/keys/verify/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto User\",\"type\":\"\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/4bd23610-cdcf-4971-bdee-bdc562cc28e4\",\"name\":\"4bd23610-cdcf-4971-bdee-bdc562cc28e4\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Policy Administrator\",\"type\":\"\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/2c18b078-7c48-4d3a-af88-5a3a1b3f82b3\",\"name\":\"2c18b078-7c48-4d3a-af88-5a3a1b3f82b3\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Auditor\",\"type\":\"\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/33413926-3206-4cdd-b39a-83574fe37a17\",\"name\":\"33413926-3206-4cdd-b39a-83574fe37a17\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/wrap/action\",\"Microsoft.KeyVault/managedHsm/keys/unwrap/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Service Encryption\",\"type\":\"\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8\",\"name\":\"7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/backup/start/action\",\"Microsoft.KeyVault/managedHsm/backup/status/action\",\"Microsoft.KeyVault/managedHsm/keys/backup/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Backup\",\"type\":\"\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"}]}" - }, - "Exception" : null - }, { - "Method" : "PUT", - "Uri" : "https://REDACTED.chriss-eu2.managedhsm-int.azure-int.net///providers/Microsoft.Authorization/roleAssignments/33785c35-4196-46b5-9d99-d5bcb2b9ca1d?api-version=7.2-preview", - "Headers" : { - "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)", - "Content-Type" : "application/json" - }, - "Response" : { - "content-length" : "398", - "x-frame-options" : "SAMEORIGIN", - "retry-after" : "0", - "StatusCode" : "201", - "strict-transport-security" : "max-age=31536000; includeSubDomains", - "x-ms-server-latency" : "362", - "content-security-policy" : "default-src 'self'", - "x-content-type-options" : "nosniff", - "content-type" : "application/json; charset=utf-8", - "x-ms-keyvault-region" : "EASTUS", - "x-ms-keyvault-network-info" : "addr=174.127.169.154", - "cache-control" : "no-cache", - "x-ms-request-id" : "e0fcdf70-ee33-11ea-934a-0242ac120003", - "Body" : "{\"id\":\"/providers/Microsoft.Authorization/roleAssignments/33785c35-4196-46b5-9d99-d5bcb2b9ca1d\",\"name\":\"33785c35-4196-46b5-9d99-d5bcb2b9ca1d\",\"properties\":{\"principalId\":\"49acc88b-8f9e-4619-9856-16691db66767\",\"roleDefinitionId\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625b\",\"scope\":\"/\"},\"type\":\"Microsoft.Authorization/roleAssignments\"}" - }, - "Exception" : null - }, { - "Method" : "DELETE", - "Uri" : "https://REDACTED.chriss-eu2.managedhsm-int.azure-int.net///providers/Microsoft.Authorization/roleAssignments/33785c35-4196-46b5-9d99-d5bcb2b9ca1d?api-version=7.2-preview", - "Headers" : { - "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" - }, - "Response" : { - "content-length" : "398", - "x-frame-options" : "SAMEORIGIN", - "retry-after" : "0", - "StatusCode" : "200", - "strict-transport-security" : "max-age=31536000; includeSubDomains", - "x-ms-server-latency" : "338", - "content-security-policy" : "default-src 'self'", - "x-content-type-options" : "nosniff", - "content-type" : "application/json; charset=utf-8", - "x-ms-keyvault-region" : "EASTUS", - "x-ms-keyvault-network-info" : "addr=174.127.169.154", - "cache-control" : "no-cache", - "x-ms-request-id" : "e0fcdf70-ee33-11ea-934a-0242ac120003", - "Body" : "{\"id\":\"/providers/Microsoft.Authorization/roleAssignments/33785c35-4196-46b5-9d99-d5bcb2b9ca1d\",\"name\":\"33785c35-4196-46b5-9d99-d5bcb2b9ca1d\",\"properties\":{\"principalId\":\"49acc88b-8f9e-4619-9856-16691db66767\",\"roleDefinitionId\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625b\",\"scope\":\"/\"},\"type\":\"Microsoft.Authorization/roleAssignments\"}" - }, - "Exception" : null - } ], - "variables" : [ ] -} diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/getRoleAssignment.json b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/getRoleAssignment.json deleted file mode 100644 index 1f9e1187ff44..000000000000 --- a/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/getRoleAssignment.json +++ /dev/null @@ -1,76 +0,0 @@ -{ - "networkCallRecords" : [ { - "Method" : "GET", - "Uri" : "https://REDACTED.chriss-eu2.managedhsm-int.azure-int.net///providers/Microsoft.Authorization/roleDefinitions?api-version=7.2-preview", - "Headers" : { - "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" - }, - "Response" : { - "content-length" : "6428", - "x-frame-options" : "SAMEORIGIN", - "x-ms-build-version" : "1.0.20200903-1-42b8eab8-develop", - "retry-after" : "0", - "StatusCode" : "200", - "strict-transport-security" : "max-age=31536000; includeSubDomains", - "x-ms-server-latency" : "1", - "content-security-policy" : "default-src 'self'", - "x-content-type-options" : "nosniff", - "content-type" : "application/json; charset=utf-8", - "x-ms-keyvault-region" : "EASTUS", - "x-ms-keyvault-network-info" : "addr=174.127.169.154", - "cache-control" : "no-cache", - "x-ms-request-id" : "6f025072-ee3c-11ea-b181-0242ac120006", - "Body" : "{\"value\":[{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/a290e904-7015-4bba-90c8-60543313cdb4\",\"name\":\"a290e904-7015-4bba-90c8-60543313cdb4\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/write/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/recover/action\",\"Microsoft.KeyVault/managedHsm/keys/backup/action\",\"Microsoft.KeyVault/managedHsm/keys/restore/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/keys/encrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/decrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/wrap/action\",\"Microsoft.KeyVault/managedHsm/keys/unwrap/action\",\"Microsoft.KeyVault/managedHsm/keys/sign/action\",\"Microsoft.KeyVault/managedHsm/keys/verify/action\",\"Microsoft.KeyVault/managedHsm/keys/create\",\"Microsoft.KeyVault/managedHsm/keys/delete\",\"Microsoft.KeyVault/managedHsm/keys/export/action\",\"Microsoft.KeyVault/managedHsm/keys/import/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/delete\",\"Microsoft.KeyVault/managedHsm/securitydomain/download/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/upload/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/upload/read\",\"Microsoft.KeyVault/managedHsm/securitydomain/transferkey/read\",\"Microsoft.KeyVault/managedHsm/backup/start/action\",\"Microsoft.KeyVault/managedHsm/restore/start/action\",\"Microsoft.KeyVault/managedHsm/backup/status/action\",\"Microsoft.KeyVault/managedHsm/restore/status/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Administrator\",\"type\":\"\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"name\":\"515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/write/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/recover/action\",\"Microsoft.KeyVault/managedHsm/keys/backup/action\",\"Microsoft.KeyVault/managedHsm/keys/restore/action\",\"Microsoft.KeyVault/managedHsm/keys/encrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/decrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/sign/action\",\"Microsoft.KeyVault/managedHsm/keys/verify/action\",\"Microsoft.KeyVault/managedHsm/keys/wrap/action\",\"Microsoft.KeyVault/managedHsm/keys/unwrap/action\",\"Microsoft.KeyVault/managedHsm/keys/create\",\"Microsoft.KeyVault/managedHsm/keys/delete\",\"Microsoft.KeyVault/managedHsm/keys/export/action\",\"Microsoft.KeyVault/managedHsm/keys/import/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/delete\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Officer\",\"type\":\"\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625b\",\"name\":\"21dbd100-6940-42c2-9190-5d6cb909625b\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/write/action\",\"Microsoft.KeyVault/managedHsm/keys/backup/action\",\"Microsoft.KeyVault/managedHsm/keys/create\",\"Microsoft.KeyVault/managedHsm/keys/encrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/decrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/wrap/action\",\"Microsoft.KeyVault/managedHsm/keys/unwrap/action\",\"Microsoft.KeyVault/managedHsm/keys/sign/action\",\"Microsoft.KeyVault/managedHsm/keys/verify/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto User\",\"type\":\"\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/4bd23610-cdcf-4971-bdee-bdc562cc28e4\",\"name\":\"4bd23610-cdcf-4971-bdee-bdc562cc28e4\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Policy Administrator\",\"type\":\"\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/2c18b078-7c48-4d3a-af88-5a3a1b3f82b3\",\"name\":\"2c18b078-7c48-4d3a-af88-5a3a1b3f82b3\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Auditor\",\"type\":\"\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/33413926-3206-4cdd-b39a-83574fe37a17\",\"name\":\"33413926-3206-4cdd-b39a-83574fe37a17\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/wrap/action\",\"Microsoft.KeyVault/managedHsm/keys/unwrap/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Service Encryption\",\"type\":\"\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8\",\"name\":\"7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/backup/start/action\",\"Microsoft.KeyVault/managedHsm/backup/status/action\",\"Microsoft.KeyVault/managedHsm/keys/backup/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Backup\",\"type\":\"\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"}]}" - }, - "Exception" : null - }, { - "Method" : "PUT", - "Uri" : "https://REDACTED.chriss-eu2.managedhsm-int.azure-int.net///providers/Microsoft.Authorization/roleAssignments/658d6c14-98c2-4a53-a523-be8609eb7f8b?api-version=7.2-preview", - "Headers" : { - "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)", - "Content-Type" : "application/json" - }, - "Response" : { - "content-length" : "398", - "x-frame-options" : "SAMEORIGIN", - "retry-after" : "0", - "StatusCode" : "201", - "strict-transport-security" : "max-age=31536000; includeSubDomains", - "x-ms-server-latency" : "265", - "content-security-policy" : "default-src 'self'", - "x-content-type-options" : "nosniff", - "content-type" : "application/json; charset=utf-8", - "x-ms-keyvault-region" : "EASTUS", - "x-ms-keyvault-network-info" : "addr=174.127.169.154", - "cache-control" : "no-cache", - "x-ms-request-id" : "6f025072-ee3c-11ea-b181-0242ac120006", - "Body" : "{\"id\":\"/providers/Microsoft.Authorization/roleAssignments/658d6c14-98c2-4a53-a523-be8609eb7f8b\",\"name\":\"658d6c14-98c2-4a53-a523-be8609eb7f8b\",\"properties\":{\"principalId\":\"49acc88b-8f9e-4619-9856-16691db66767\",\"roleDefinitionId\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625b\",\"scope\":\"/\"},\"type\":\"Microsoft.Authorization/roleAssignments\"}" - }, - "Exception" : null - }, { - "Method" : "GET", - "Uri" : "https://REDACTED.chriss-eu2.managedhsm-int.azure-int.net///providers/Microsoft.Authorization/roleAssignments/658d6c14-98c2-4a53-a523-be8609eb7f8b?api-version=7.2-preview", - "Headers" : { - "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" - }, - "Response" : { - "content-length" : "398", - "x-frame-options" : "SAMEORIGIN", - "x-ms-build-version" : "1.0.20200903-1-42b8eab8-develop", - "retry-after" : "0", - "StatusCode" : "200", - "strict-transport-security" : "max-age=31536000; includeSubDomains", - "x-ms-server-latency" : "0", - "content-security-policy" : "default-src 'self'", - "x-content-type-options" : "nosniff", - "content-type" : "application/json; charset=utf-8", - "x-ms-keyvault-region" : "EASTUS", - "x-ms-keyvault-network-info" : "addr=174.127.169.154", - "cache-control" : "no-cache", - "x-ms-request-id" : "6f025072-ee3c-11ea-b181-0242ac120006", - "Body" : "{\"id\":\"/providers/Microsoft.Authorization/roleAssignments/658d6c14-98c2-4a53-a523-be8609eb7f8b\",\"name\":\"658d6c14-98c2-4a53-a523-be8609eb7f8b\",\"properties\":{\"principalId\":\"49acc88b-8f9e-4619-9856-16691db66767\",\"roleDefinitionId\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625b\",\"scope\":\"/\"},\"type\":\"Microsoft.Authorization/roleAssignments\"}" - }, - "Exception" : null - } ], - "variables" : [ ] -} diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/listRoleAssignments.json b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/listRoleAssignments.json deleted file mode 100644 index 319affbd9440..000000000000 --- a/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/listRoleAssignments.json +++ /dev/null @@ -1,52 +0,0 @@ -{ - "networkCallRecords" : [ { - "Method" : "GET", - "Uri" : "https://REDACTED.chriss-eu2.managedhsm-int.azure-int.net///providers/Microsoft.Authorization/roleAssignments?api-version=7.2-preview", - "Headers" : { - "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" - }, - "Response" : { - "content-length" : "2804", - "x-frame-options" : "SAMEORIGIN", - "x-ms-build-version" : "1.0.20200903-1-42b8eab8-develop", - "retry-after" : "0", - "StatusCode" : "200", - "strict-transport-security" : "max-age=31536000; includeSubDomains", - "x-ms-server-latency" : "1", - "content-security-policy" : "default-src 'self'", - "x-content-type-options" : "nosniff", - "content-type" : "application/json; charset=utf-8", - "x-ms-keyvault-region" : "EASTUS", - "x-ms-keyvault-network-info" : "addr=174.127.169.154", - "cache-control" : "no-cache", - "x-ms-request-id" : "3afdb3e2-ee38-11ea-8011-0242ac120004", - "Body" : "{\"value\":[{\"id\":\"/providers/Microsoft.Authorization/roleAssignments/c2883562-e186-42ef-aff3-0acbe297c1ca\",\"name\":\"c2883562-e186-42ef-aff3-0acbe297c1ca\",\"properties\":{\"principalId\":\"c9cea829-776d-41db-9bd6-8bc6f63b507a\",\"roleDefinitionId\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/a290e904-7015-4bba-90c8-60543313cdb4\",\"scope\":\"/\"},\"type\":\"Microsoft.Authorization/roleAssignments\"},{\"id\":\"/providers/Microsoft.Authorization/roleAssignments/967a0ebd-73a1-0145-85fc-3b6514ac2581\",\"name\":\"967a0ebd-73a1-0145-85fc-3b6514ac2581\",\"properties\":{\"principalId\":\"e7941875-b7e4-4ba2-9527-d3ef2a9b58fa\",\"roleDefinitionId\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/a290e904-7015-4bba-90c8-60543313cdb4\",\"scope\":\"/\"},\"type\":\"Microsoft.Authorization/roleAssignments\"},{\"id\":\"/providers/Microsoft.Authorization/roleAssignments/ca7d5f7e-130d-43e1-b6a4-644c0e18f457\",\"name\":\"ca7d5f7e-130d-43e1-b6a4-644c0e18f457\",\"properties\":{\"principalId\":\"c2101ce9-648a-4bbe-8f0e-3e891ff1658d\",\"roleDefinitionId\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/a290e904-7015-4bba-90c8-60543313cdb4\",\"scope\":\"/\"},\"type\":\"Microsoft.Authorization/roleAssignments\"},{\"id\":\"/providers/Microsoft.Authorization/roleAssignments/8e7fe831-35fe-0488-beaf-5b0866306cbb\",\"name\":\"8e7fe831-35fe-0488-beaf-5b0866306cbb\",\"properties\":{\"principalId\":\"4f584d72-47b3-48d1-971c-ce0ae8a47560\",\"roleDefinitionId\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/a290e904-7015-4bba-90c8-60543313cdb4\",\"scope\":\"/\"},\"type\":\"Microsoft.Authorization/roleAssignments\"},{\"id\":\"/providers/Microsoft.Authorization/roleAssignments/65e1be51-aa38-4250-967a-8658fdfb260b\",\"name\":\"65e1be51-aa38-4250-967a-8658fdfb260b\",\"properties\":{\"principalId\":\"49acc88b-8f9e-4619-9856-16691db66767\",\"roleDefinitionId\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/a290e904-7015-4bba-90c8-60543313cdb4\",\"scope\":\"/\"},\"type\":\"Microsoft.Authorization/roleAssignments\"},{\"id\":\"/providers/Microsoft.Authorization/roleAssignments/1587adcd-1227-4799-03dc-a4194c659c07\",\"name\":\"1587adcd-1227-4799-03dc-a4194c659c07\",\"properties\":{\"principalId\":\"2bca474d-4fac-495d-919a-30376e0fe515\",\"roleDefinitionId\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/a290e904-7015-4bba-90c8-60543313cdb4\",\"scope\":\"/\"},\"type\":\"Microsoft.Authorization/roleAssignments\"},{\"id\":\"/providers/Microsoft.Authorization/roleAssignments/129c2001-45e7-0814-13d0-9d933e794b37\",\"name\":\"129c2001-45e7-0814-13d0-9d933e794b37\",\"properties\":{\"principalId\":\"d0596a07-8d8d-433f-a25e-5c6f46787784\",\"roleDefinitionId\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/a290e904-7015-4bba-90c8-60543313cdb4\",\"scope\":\"/\"},\"type\":\"Microsoft.Authorization/roleAssignments\"}]}" - }, - "Exception" : null - }, { - "Method" : "GET", - "Uri" : "https://REDACTED.chriss-eu2.managedhsm-int.azure-int.net///providers/Microsoft.Authorization/roleAssignments?api-version=7.2-preview", - "Headers" : { - "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" - }, - "Response" : { - "content-length" : "2804", - "x-frame-options" : "SAMEORIGIN", - "x-ms-build-version" : "1.0.20200903-1-42b8eab8-develop", - "retry-after" : "0", - "StatusCode" : "200", - "strict-transport-security" : "max-age=31536000; includeSubDomains", - "x-ms-server-latency" : "1", - "content-security-policy" : "default-src 'self'", - "x-content-type-options" : "nosniff", - "content-type" : "application/json; charset=utf-8", - "x-ms-keyvault-region" : "EASTUS", - "x-ms-keyvault-network-info" : "addr=174.127.169.154", - "cache-control" : "no-cache", - "x-ms-request-id" : "3afdb3e2-ee38-11ea-8011-0242ac120004", - "Body" : "{\"value\":[{\"id\":\"/providers/Microsoft.Authorization/roleAssignments/c2883562-e186-42ef-aff3-0acbe297c1ca\",\"name\":\"c2883562-e186-42ef-aff3-0acbe297c1ca\",\"properties\":{\"principalId\":\"c9cea829-776d-41db-9bd6-8bc6f63b507a\",\"roleDefinitionId\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/a290e904-7015-4bba-90c8-60543313cdb4\",\"scope\":\"/\"},\"type\":\"Microsoft.Authorization/roleAssignments\"},{\"id\":\"/providers/Microsoft.Authorization/roleAssignments/967a0ebd-73a1-0145-85fc-3b6514ac2581\",\"name\":\"967a0ebd-73a1-0145-85fc-3b6514ac2581\",\"properties\":{\"principalId\":\"e7941875-b7e4-4ba2-9527-d3ef2a9b58fa\",\"roleDefinitionId\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/a290e904-7015-4bba-90c8-60543313cdb4\",\"scope\":\"/\"},\"type\":\"Microsoft.Authorization/roleAssignments\"},{\"id\":\"/providers/Microsoft.Authorization/roleAssignments/ca7d5f7e-130d-43e1-b6a4-644c0e18f457\",\"name\":\"ca7d5f7e-130d-43e1-b6a4-644c0e18f457\",\"properties\":{\"principalId\":\"c2101ce9-648a-4bbe-8f0e-3e891ff1658d\",\"roleDefinitionId\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/a290e904-7015-4bba-90c8-60543313cdb4\",\"scope\":\"/\"},\"type\":\"Microsoft.Authorization/roleAssignments\"},{\"id\":\"/providers/Microsoft.Authorization/roleAssignments/8e7fe831-35fe-0488-beaf-5b0866306cbb\",\"name\":\"8e7fe831-35fe-0488-beaf-5b0866306cbb\",\"properties\":{\"principalId\":\"4f584d72-47b3-48d1-971c-ce0ae8a47560\",\"roleDefinitionId\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/a290e904-7015-4bba-90c8-60543313cdb4\",\"scope\":\"/\"},\"type\":\"Microsoft.Authorization/roleAssignments\"},{\"id\":\"/providers/Microsoft.Authorization/roleAssignments/65e1be51-aa38-4250-967a-8658fdfb260b\",\"name\":\"65e1be51-aa38-4250-967a-8658fdfb260b\",\"properties\":{\"principalId\":\"49acc88b-8f9e-4619-9856-16691db66767\",\"roleDefinitionId\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/a290e904-7015-4bba-90c8-60543313cdb4\",\"scope\":\"/\"},\"type\":\"Microsoft.Authorization/roleAssignments\"},{\"id\":\"/providers/Microsoft.Authorization/roleAssignments/1587adcd-1227-4799-03dc-a4194c659c07\",\"name\":\"1587adcd-1227-4799-03dc-a4194c659c07\",\"properties\":{\"principalId\":\"2bca474d-4fac-495d-919a-30376e0fe515\",\"roleDefinitionId\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/a290e904-7015-4bba-90c8-60543313cdb4\",\"scope\":\"/\"},\"type\":\"Microsoft.Authorization/roleAssignments\"},{\"id\":\"/providers/Microsoft.Authorization/roleAssignments/129c2001-45e7-0814-13d0-9d933e794b37\",\"name\":\"129c2001-45e7-0814-13d0-9d933e794b37\",\"properties\":{\"principalId\":\"d0596a07-8d8d-433f-a25e-5c6f46787784\",\"roleDefinitionId\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/a290e904-7015-4bba-90c8-60543313cdb4\",\"scope\":\"/\"},\"type\":\"Microsoft.Authorization/roleAssignments\"}]}" - }, - "Exception" : null - } ], - "variables" : [ ] -} diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/listRoleDefinitions.json b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/listRoleDefinitions.json deleted file mode 100644 index 898fcc156451..000000000000 --- a/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/listRoleDefinitions.json +++ /dev/null @@ -1,52 +0,0 @@ -{ - "networkCallRecords" : [ { - "Method" : "GET", - "Uri" : "https://REDACTED.chriss-eu2.managedhsm-int.azure-int.net///providers/Microsoft.Authorization/roleDefinitions?api-version=7.2-preview", - "Headers" : { - "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" - }, - "Response" : { - "content-length" : "6428", - "x-frame-options" : "SAMEORIGIN", - "x-ms-build-version" : "1.0.20200903-1-42b8eab8-develop", - "retry-after" : "0", - "StatusCode" : "200", - "strict-transport-security" : "max-age=31536000; includeSubDomains", - "x-ms-server-latency" : "1", - "content-security-policy" : "default-src 'self'", - "x-content-type-options" : "nosniff", - "content-type" : "application/json; charset=utf-8", - "x-ms-keyvault-region" : "EASTUS", - "x-ms-keyvault-network-info" : "addr=174.127.169.154", - "cache-control" : "no-cache", - "x-ms-request-id" : "e0fcdf70-ee33-11ea-934a-0242ac120003", - "Body" : "{\"value\":[{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/a290e904-7015-4bba-90c8-60543313cdb4\",\"name\":\"a290e904-7015-4bba-90c8-60543313cdb4\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/write/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/recover/action\",\"Microsoft.KeyVault/managedHsm/keys/backup/action\",\"Microsoft.KeyVault/managedHsm/keys/restore/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/keys/encrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/decrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/wrap/action\",\"Microsoft.KeyVault/managedHsm/keys/unwrap/action\",\"Microsoft.KeyVault/managedHsm/keys/sign/action\",\"Microsoft.KeyVault/managedHsm/keys/verify/action\",\"Microsoft.KeyVault/managedHsm/keys/create\",\"Microsoft.KeyVault/managedHsm/keys/delete\",\"Microsoft.KeyVault/managedHsm/keys/export/action\",\"Microsoft.KeyVault/managedHsm/keys/import/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/delete\",\"Microsoft.KeyVault/managedHsm/securitydomain/download/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/upload/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/upload/read\",\"Microsoft.KeyVault/managedHsm/securitydomain/transferkey/read\",\"Microsoft.KeyVault/managedHsm/backup/start/action\",\"Microsoft.KeyVault/managedHsm/restore/start/action\",\"Microsoft.KeyVault/managedHsm/backup/status/action\",\"Microsoft.KeyVault/managedHsm/restore/status/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Administrator\",\"type\":\"\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"name\":\"515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/write/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/recover/action\",\"Microsoft.KeyVault/managedHsm/keys/backup/action\",\"Microsoft.KeyVault/managedHsm/keys/restore/action\",\"Microsoft.KeyVault/managedHsm/keys/encrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/decrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/sign/action\",\"Microsoft.KeyVault/managedHsm/keys/verify/action\",\"Microsoft.KeyVault/managedHsm/keys/wrap/action\",\"Microsoft.KeyVault/managedHsm/keys/unwrap/action\",\"Microsoft.KeyVault/managedHsm/keys/create\",\"Microsoft.KeyVault/managedHsm/keys/delete\",\"Microsoft.KeyVault/managedHsm/keys/export/action\",\"Microsoft.KeyVault/managedHsm/keys/import/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/delete\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Officer\",\"type\":\"\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625b\",\"name\":\"21dbd100-6940-42c2-9190-5d6cb909625b\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/write/action\",\"Microsoft.KeyVault/managedHsm/keys/backup/action\",\"Microsoft.KeyVault/managedHsm/keys/create\",\"Microsoft.KeyVault/managedHsm/keys/encrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/decrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/wrap/action\",\"Microsoft.KeyVault/managedHsm/keys/unwrap/action\",\"Microsoft.KeyVault/managedHsm/keys/sign/action\",\"Microsoft.KeyVault/managedHsm/keys/verify/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto User\",\"type\":\"\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/4bd23610-cdcf-4971-bdee-bdc562cc28e4\",\"name\":\"4bd23610-cdcf-4971-bdee-bdc562cc28e4\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Policy Administrator\",\"type\":\"\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/2c18b078-7c48-4d3a-af88-5a3a1b3f82b3\",\"name\":\"2c18b078-7c48-4d3a-af88-5a3a1b3f82b3\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Auditor\",\"type\":\"\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/33413926-3206-4cdd-b39a-83574fe37a17\",\"name\":\"33413926-3206-4cdd-b39a-83574fe37a17\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/wrap/action\",\"Microsoft.KeyVault/managedHsm/keys/unwrap/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Service Encryption\",\"type\":\"\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8\",\"name\":\"7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/backup/start/action\",\"Microsoft.KeyVault/managedHsm/backup/status/action\",\"Microsoft.KeyVault/managedHsm/keys/backup/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Backup\",\"type\":\"\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"}]}" - }, - "Exception" : null - }, { - "Method" : "GET", - "Uri" : "https://REDACTED.chriss-eu2.managedhsm-int.azure-int.net///providers/Microsoft.Authorization/roleDefinitions?api-version=7.2-preview", - "Headers" : { - "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" - }, - "Response" : { - "content-length" : "6428", - "x-frame-options" : "SAMEORIGIN", - "x-ms-build-version" : "1.0.20200903-1-42b8eab8-develop", - "retry-after" : "0", - "StatusCode" : "200", - "strict-transport-security" : "max-age=31536000; includeSubDomains", - "x-ms-server-latency" : "0", - "content-security-policy" : "default-src 'self'", - "x-content-type-options" : "nosniff", - "content-type" : "application/json; charset=utf-8", - "x-ms-keyvault-region" : "EASTUS", - "x-ms-keyvault-network-info" : "addr=174.127.169.154", - "cache-control" : "no-cache", - "x-ms-request-id" : "e0fcdf70-ee33-11ea-934a-0242ac120003", - "Body" : "{\"value\":[{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/a290e904-7015-4bba-90c8-60543313cdb4\",\"name\":\"a290e904-7015-4bba-90c8-60543313cdb4\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/write/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/recover/action\",\"Microsoft.KeyVault/managedHsm/keys/backup/action\",\"Microsoft.KeyVault/managedHsm/keys/restore/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/keys/encrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/decrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/wrap/action\",\"Microsoft.KeyVault/managedHsm/keys/unwrap/action\",\"Microsoft.KeyVault/managedHsm/keys/sign/action\",\"Microsoft.KeyVault/managedHsm/keys/verify/action\",\"Microsoft.KeyVault/managedHsm/keys/create\",\"Microsoft.KeyVault/managedHsm/keys/delete\",\"Microsoft.KeyVault/managedHsm/keys/export/action\",\"Microsoft.KeyVault/managedHsm/keys/import/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/delete\",\"Microsoft.KeyVault/managedHsm/securitydomain/download/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/upload/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/upload/read\",\"Microsoft.KeyVault/managedHsm/securitydomain/transferkey/read\",\"Microsoft.KeyVault/managedHsm/backup/start/action\",\"Microsoft.KeyVault/managedHsm/restore/start/action\",\"Microsoft.KeyVault/managedHsm/backup/status/action\",\"Microsoft.KeyVault/managedHsm/restore/status/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Administrator\",\"type\":\"\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"name\":\"515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/write/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/recover/action\",\"Microsoft.KeyVault/managedHsm/keys/backup/action\",\"Microsoft.KeyVault/managedHsm/keys/restore/action\",\"Microsoft.KeyVault/managedHsm/keys/encrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/decrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/sign/action\",\"Microsoft.KeyVault/managedHsm/keys/verify/action\",\"Microsoft.KeyVault/managedHsm/keys/wrap/action\",\"Microsoft.KeyVault/managedHsm/keys/unwrap/action\",\"Microsoft.KeyVault/managedHsm/keys/create\",\"Microsoft.KeyVault/managedHsm/keys/delete\",\"Microsoft.KeyVault/managedHsm/keys/export/action\",\"Microsoft.KeyVault/managedHsm/keys/import/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/delete\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Officer\",\"type\":\"\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625b\",\"name\":\"21dbd100-6940-42c2-9190-5d6cb909625b\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/write/action\",\"Microsoft.KeyVault/managedHsm/keys/backup/action\",\"Microsoft.KeyVault/managedHsm/keys/create\",\"Microsoft.KeyVault/managedHsm/keys/encrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/decrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/wrap/action\",\"Microsoft.KeyVault/managedHsm/keys/unwrap/action\",\"Microsoft.KeyVault/managedHsm/keys/sign/action\",\"Microsoft.KeyVault/managedHsm/keys/verify/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto User\",\"type\":\"\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/4bd23610-cdcf-4971-bdee-bdc562cc28e4\",\"name\":\"4bd23610-cdcf-4971-bdee-bdc562cc28e4\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Policy Administrator\",\"type\":\"\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/2c18b078-7c48-4d3a-af88-5a3a1b3f82b3\",\"name\":\"2c18b078-7c48-4d3a-af88-5a3a1b3f82b3\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Auditor\",\"type\":\"\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/33413926-3206-4cdd-b39a-83574fe37a17\",\"name\":\"33413926-3206-4cdd-b39a-83574fe37a17\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/wrap/action\",\"Microsoft.KeyVault/managedHsm/keys/unwrap/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Service Encryption\",\"type\":\"\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8\",\"name\":\"7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/backup/start/action\",\"Microsoft.KeyVault/managedHsm/backup/status/action\",\"Microsoft.KeyVault/managedHsm/keys/backup/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Backup\",\"type\":\"\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"}]}" - }, - "Exception" : null - } ], - "variables" : [ ] -} diff --git a/sdk/keyvault/azure-security-keyvault-administration/swagger/autorest.md b/sdk/keyvault/azure-security-keyvault-administration/swagger/autorest.md index a34b4fdac9e0..8eb32fc1dd22 100644 --- a/sdk/keyvault/azure-security-keyvault-administration/swagger/autorest.md +++ b/sdk/keyvault/azure-security-keyvault-administration/swagger/autorest.md @@ -16,7 +16,7 @@ To see additional help and options, run: > `autorest --help` ### Generation -There are two swagger specifications for KeyVault Administration: rbac and backuprestore. They use the following tags: `--tag=rbac-preview` & `--tag=backuprestore-preview`. +There are two swagger specifications for KeyVault Administration: rbac and backuprestore. They use the following tags: `--tag=rbac` & `--tag=backuprestore`. ```ps cd @@ -26,12 +26,12 @@ autorest --use=@microsoft.azure/autorest.java@4.0.0 --tag=${package} e.g. ```ps cd -autorest --use=@microsoft.azure/autorest.java@4.0.0 --tag=rbac-preview +autorest --use=@microsoft.azure/autorest.java@4.0.0 --tag=rbac ``` ```ps cd -autorest --use=@microsoft.azure/autorest.java@4.0.0 --tag=backuprestore-preview +autorest --use=@microsoft.azure/autorest.java@4.0.0 --tag=backuprestore ``` ## Code generation settings @@ -48,18 +48,18 @@ add-context-parameter: true context-client-method-parameter: true ``` -### Tag: rbac-preview -These settings apply only when `--tag=rbac-preview` is specified on the command line. +### Tag: rbac +These settings apply only when `--tag=rbac` is specified on the command line. -``` yaml $(tag) == 'rbac-preview' -input-file: https://github.com/Azure/azure-rest-api-specs/blob/master/specification/keyvault/data-plane/Microsoft.KeyVault/preview/7.2-preview/rbac.json +``` yaml $(tag) == 'rbac' +input-file: https://github.com/Azure/azure-rest-api-specs/blob/master/specification/keyvault/data-plane/Microsoft.KeyVault/stable/7.2/rbac.json title: KeyVaultAccessControlClient ``` -### Tag: backuprestore-preview -These settings apply only when `--tag=backuprestore-preview` is specified on the command line. +### Tag: backuprestore +These settings apply only when `--tag=backuprestore` is specified on the command line. -``` yaml $(tag) == 'backuprestore-preview' -input-file: https://github.com/Azure/azure-rest-api-specs/blob/master/specification/keyvault/data-plane/Microsoft.KeyVault/preview/7.2-preview/backuprestore.json +``` yaml $(tag) == 'backuprestore' +input-file: https://github.com/Azure/azure-rest-api-specs/blob/master/specification/keyvault/data-plane/Microsoft.KeyVault/stable/7.2/backuprestore.json title: KeyVaultBackupClient ```