From 7641fcd17d2557f26094290e6bc17d7036a70b28 Mon Sep 17 00:00:00 2001 From: vcolin7 Date: Sun, 9 May 2021 15:12:37 -0500 Subject: [PATCH] Added support for creating, updating, retrieving and deleting role definitions in Key Vault Administration (#21125) * Updated Swagger configuration file. * Re-generated RBAC-related classes and added some public models to reflect changes in the implementation layer. Added public APIs for setting, retrieving and deleting role definitions, including an options class for these operations. * Re-generated classes related to backup and restore and added some public models to reflect changes in the implementation layer. * Applied some PR feedback. * Updated license for a couple files. * Added the KeyVaultRoleDefinitionType and included it in SetKeyVaultRoleDefinitionOptions and KeyVaultRoleDefinition. * Added the public KeyVaultAdministrationException and updated the JavaDoc in all clients to better reflect when it can be thrown. * Re-recorded all tests. * Fixed JavaDoc and Checkstyle issues. * Made it so that NullPointerExceptions for null service method arguments are logged in all clients. * Removed the roleType argument in SetKeyVaultRoleDefinitionOptions. * Removed unused import. * Renamed SetKeyVaultRoleDefinitionOptions to SetRoleDefinitionOptions. * Renamed some arguments and members for consistency with other languages. Applied other PR feedback. --- .../KeyVaultAccessControlAsyncClient.java | 632 +++++++++++++++--- .../KeyVaultAccessControlClient.java | 209 +++++- .../KeyVaultBackupAsyncClient.java | 216 +++--- .../administration/KeyVaultBackupClient.java | 73 +- .../KeyVaultAccessControlClientImpl.java | 21 +- ...eyVaultAccessControlClientImplBuilder.java | 155 ++++- .../KeyVaultAdministrationUtils.java | 97 +++ .../KeyVaultBackupClientImpl.java | 52 +- .../KeyVaultBackupClientImplBuilder.java | 154 ++++- .../implementation/RoleAssignmentsImpl.java | 39 +- .../implementation/RoleDefinitionsImpl.java | 120 +++- .../implementation/models/DataAction.java | 128 ++++ .../implementation/models/Error.java | 2 +- .../models/FullBackupOperation.java | 2 +- .../implementation/models/KeyVaultError.java | 2 +- .../implementation/models/Permission.java | 44 +- .../models/RestoreOperation.java | 2 +- .../models/RestoreOperationParameters.java | 7 +- .../implementation/models/RoleAssignment.java | 2 +- .../RoleAssignmentCreateParameters.java | 2 +- .../models/RoleAssignmentFilter.java | 2 +- .../models/RoleAssignmentListResult.java | 2 +- .../models/RoleAssignmentProperties.java | 2 +- .../RoleAssignmentPropertiesWithScope.java | 14 +- .../implementation/models/RoleDefinition.java | 18 +- .../RoleDefinitionCreateParameters.java | 38 ++ .../models/RoleDefinitionFilter.java | 2 +- .../models/RoleDefinitionListResult.java | 2 +- .../models/RoleDefinitionProperties.java | 143 ++++ .../models/RoleDefinitionType.java | 32 + .../implementation/models/RoleScope.java | 34 + .../implementation/models/RoleType.java | 34 + .../models/SelectiveKeyRestoreOperation.java | 2 +- ...electiveKeyRestoreOperationParameters.java | 7 +- .../implementation/package-info.java | 4 +- .../KeyVaultAdministrationException.java | 38 ++ .../models/KeyVaultDataAction.java | 182 +++++ .../models/KeyVaultPermission.java | 66 +- .../models/KeyVaultRoleDefinition.java | 17 +- .../KeyVaultRoleDefinitionProperties.java | 12 +- .../models/KeyVaultRoleDefinitionType.java | 30 + .../models/KeyVaultRoleType.java | 34 + .../options/SetRoleDefinitionOptions.java | 166 +++++ .../administration/options/package-info.java | 12 + .../src/main/java/module-info.java | 2 + .../KeyVaultAccessControlAsyncClientTest.java | 368 ++++++++-- .../KeyVaultAccessControlClientTest.java | 283 +++++++- .../KeyVaultAccessControlClientTestBase.java | 97 ++- .../KeyVaultAdministrationClientTestBase.java | 28 +- .../KeyVaultBackupAsyncClientTest.java | 2 +- .../KeyVaultBackupClientTest.java | 8 +- ...createExistingRoleAssignmentThrows[1].json | 74 ++ ...yncClientTest.createRoleAssignment[1].json | 28 + ...eteNonExistingRoleAssignmentThrows[1].json | 49 ++ ...eteNonExistingRoleDefinitionThrows[1].json | 25 + ...yncClientTest.deleteRoleAssignment[1].json | 75 +++ ...yncClientTest.deleteRoleDefinition[1].json | 51 ++ ...lAsyncClientTest.getRoleAssignment[1].json | 76 +++ ...lAsyncClientTest.getRoleDefinition[1].json | 52 ++ ...syncClientTest.listRoleAssignments[1].json | 28 + ...syncClientTest.listRoleDefinitions[1].json | 28 + ...lAsyncClientTest.setRoleDefinition[1].json | 28 + ...createExistingRoleAssignmentThrows[1].json | 74 ++ ...rolClientTest.createRoleAssignment[1].json | 52 ++ ...eteNonExistingRoleAssignmentThrows[1].json | 49 ++ ...eteNonExistingRoleDefinitionThrows[1].json | 25 + ...rolClientTest.deleteRoleAssignment[1].json | 75 +++ ...rolClientTest.deleteRoleDefinition[1].json | 51 ++ ...ontrolClientTest.getRoleAssignment[1].json | 76 +++ ...ontrolClientTest.getRoleDefinition[1].json | 52 ++ ...trolClientTest.listRoleAssignments[1].json | 52 ++ ...trolClientTest.listRoleDefinitions[1].json | 52 ++ ...ontrolClientTest.setRoleDefinition[1].json | 28 + ...BackupAsyncClientTest.beginBackup[1].json} | 52 +- ...ackupAsyncClientTest.beginRestore[1].json} | 116 ++-- ...ncClientTest.beginSelectiveRestore[1].json | 188 ++++++ ...yVaultBackupClientTest.beginBackup[1].json | 83 +++ ...aultBackupClientTest.beginRestore[1].json} | 120 ++-- ...upClientTest.beginSelectiveRestore[1].json | 188 ++++++ .../session-records/createRoleAssignment.json | 52 -- .../session-records/deleteRoleAssignment.json | 75 --- .../session-records/getRoleAssignment.json | 76 --- .../session-records/listRoleAssignments.json | 52 -- .../session-records/listRoleDefinitions.json | 52 -- .../swagger/autorest.md | 22 +- 85 files changed, 4848 insertions(+), 968 deletions(-) create mode 100644 sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/KeyVaultAdministrationUtils.java create mode 100644 sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/DataAction.java create mode 100644 sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleDefinitionCreateParameters.java create mode 100644 sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleDefinitionProperties.java create mode 100644 sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleDefinitionType.java create mode 100644 sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleScope.java create mode 100644 sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleType.java create mode 100644 sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/models/KeyVaultAdministrationException.java create mode 100644 sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/models/KeyVaultDataAction.java create mode 100644 sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/models/KeyVaultRoleDefinitionType.java create mode 100644 sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/models/KeyVaultRoleType.java create mode 100644 sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/options/SetRoleDefinitionOptions.java create mode 100644 sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/options/package-info.java create mode 100644 sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlAsyncClientTest.createExistingRoleAssignmentThrows[1].json create mode 100644 sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlAsyncClientTest.createRoleAssignment[1].json create mode 100644 sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlAsyncClientTest.deleteNonExistingRoleAssignmentThrows[1].json create mode 100644 sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlAsyncClientTest.deleteNonExistingRoleDefinitionThrows[1].json create mode 100644 sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlAsyncClientTest.deleteRoleAssignment[1].json create mode 100644 sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlAsyncClientTest.deleteRoleDefinition[1].json create mode 100644 sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlAsyncClientTest.getRoleAssignment[1].json create mode 100644 sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlAsyncClientTest.getRoleDefinition[1].json create mode 100644 sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlAsyncClientTest.listRoleAssignments[1].json create mode 100644 sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlAsyncClientTest.listRoleDefinitions[1].json create mode 100644 sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlAsyncClientTest.setRoleDefinition[1].json create mode 100644 sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlClientTest.createExistingRoleAssignmentThrows[1].json create mode 100644 sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlClientTest.createRoleAssignment[1].json create mode 100644 sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlClientTest.deleteNonExistingRoleAssignmentThrows[1].json create mode 100644 sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlClientTest.deleteNonExistingRoleDefinitionThrows[1].json create mode 100644 sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlClientTest.deleteRoleAssignment[1].json create mode 100644 sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlClientTest.deleteRoleDefinition[1].json create mode 100644 sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlClientTest.getRoleAssignment[1].json create mode 100644 sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlClientTest.getRoleDefinition[1].json create mode 100644 sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlClientTest.listRoleAssignments[1].json create mode 100644 sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlClientTest.listRoleDefinitions[1].json create mode 100644 sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlClientTest.setRoleDefinition[1].json rename sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/{beginBackup.json => KeyVaultBackupAsyncClientTest.beginBackup[1].json} (53%) rename sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/{beginRestore.json => KeyVaultBackupAsyncClientTest.beginRestore[1].json} (53%) create mode 100644 sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultBackupAsyncClientTest.beginSelectiveRestore[1].json create mode 100644 sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultBackupClientTest.beginBackup[1].json rename sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/{beginSelectiveRestore.json => KeyVaultBackupClientTest.beginRestore[1].json} (51%) create mode 100644 sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultBackupClientTest.beginSelectiveRestore[1].json delete mode 100644 sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/createRoleAssignment.json delete mode 100644 sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/deleteRoleAssignment.json delete mode 100644 sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/getRoleAssignment.json delete mode 100644 sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/listRoleAssignments.json delete mode 100644 sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/listRoleDefinitions.json diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/KeyVaultAccessControlAsyncClient.java b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/KeyVaultAccessControlAsyncClient.java index a6b0ba6cf7d7..30064c54991d 100644 --- a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/KeyVaultAccessControlAsyncClient.java +++ b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/KeyVaultAccessControlAsyncClient.java @@ -18,19 +18,30 @@ import com.azure.core.util.logging.ClientLogger; import com.azure.security.keyvault.administration.implementation.KeyVaultAccessControlClientImpl; import com.azure.security.keyvault.administration.implementation.KeyVaultAccessControlClientImplBuilder; +import com.azure.security.keyvault.administration.implementation.KeyVaultAdministrationUtils; import com.azure.security.keyvault.administration.implementation.KeyVaultErrorCodeStrings; +import com.azure.security.keyvault.administration.implementation.models.DataAction; import com.azure.security.keyvault.administration.implementation.models.Permission; import com.azure.security.keyvault.administration.implementation.models.RoleAssignment; import com.azure.security.keyvault.administration.implementation.models.RoleAssignmentCreateParameters; import com.azure.security.keyvault.administration.implementation.models.RoleAssignmentProperties; import com.azure.security.keyvault.administration.implementation.models.RoleAssignmentPropertiesWithScope; import com.azure.security.keyvault.administration.implementation.models.RoleDefinition; +import com.azure.security.keyvault.administration.implementation.models.RoleDefinitionCreateParameters; +import com.azure.security.keyvault.administration.implementation.models.RoleDefinitionProperties; +import com.azure.security.keyvault.administration.implementation.models.RoleScope; +import com.azure.security.keyvault.administration.implementation.models.RoleType; +import com.azure.security.keyvault.administration.models.KeyVaultDataAction; +import com.azure.security.keyvault.administration.models.KeyVaultAdministrationException; import com.azure.security.keyvault.administration.models.KeyVaultPermission; import com.azure.security.keyvault.administration.models.KeyVaultRoleAssignment; import com.azure.security.keyvault.administration.models.KeyVaultRoleAssignmentProperties; -import com.azure.security.keyvault.administration.models.KeyVaultRoleScope; import com.azure.security.keyvault.administration.models.KeyVaultRoleDefinition; import com.azure.security.keyvault.administration.models.KeyVaultRoleDefinitionProperties; +import com.azure.security.keyvault.administration.models.KeyVaultRoleDefinitionType; +import com.azure.security.keyvault.administration.models.KeyVaultRoleScope; +import com.azure.security.keyvault.administration.models.KeyVaultRoleType; +import com.azure.security.keyvault.administration.options.SetRoleDefinitionOptions; import reactor.core.publisher.Mono; import java.io.IOException; @@ -39,6 +50,7 @@ import java.util.List; import java.util.Objects; import java.util.UUID; +import java.util.stream.Collectors; import static com.azure.core.util.FluxUtil.monoError; import static com.azure.core.util.FluxUtil.withContext; @@ -47,8 +59,7 @@ /** * The {@link KeyVaultAccessControlAsyncClient} provides asynchronous methods to view and manage Role Based Access * for the Azure Key Vault. The client supports creating, listing, updating, and deleting - * {@link KeyVaultRoleAssignment role assignments}. Additionally, the client supports listing - * {@link KeyVaultRoleDefinition role definitions}. + * {@link KeyVaultRoleDefinition role definitions} and {@link KeyVaultRoleAssignment role assignments}. */ @ServiceClient(builder = KeyVaultAccessControlClientBuilder.class, isAsync = true) public final class KeyVaultAccessControlAsyncClient { @@ -84,7 +95,8 @@ public final class KeyVaultAccessControlAsyncClient { /** * Package private constructor to be used by {@link KeyVaultAccessControlClientBuilder}. */ - KeyVaultAccessControlAsyncClient(URL vaultUrl, HttpPipeline httpPipeline, KeyVaultAdministrationServiceVersion serviceVersion) { + KeyVaultAccessControlAsyncClient(URL vaultUrl, HttpPipeline httpPipeline, + KeyVaultAdministrationServiceVersion serviceVersion) { Objects.requireNonNull(vaultUrl, KeyVaultErrorCodeStrings.getErrorString(KeyVaultErrorCodeStrings.VAULT_END_POINT_REQUIRED)); @@ -94,6 +106,7 @@ public final class KeyVaultAccessControlAsyncClient { clientImpl = new KeyVaultAccessControlClientImplBuilder() .pipeline(httpPipeline) + .apiVersion(this.serviceVersion) .buildClient(); } @@ -120,9 +133,12 @@ HttpPipeline getHttpPipeline() { * {@link KeyVaultRoleScope role scope} and above. * * @param roleScope The {@link KeyVaultRoleScope role scope} of the {@link KeyVaultRoleDefinition role definitions}. + * * @return A {@link PagedFlux} containing the {@link KeyVaultRoleDefinition role definitions} for the given * {@link KeyVaultRoleScope role scope}. - * @throws NullPointerException if the {@link KeyVaultRoleScope role scope} is {@code null}. + * + * @throws KeyVaultAdministrationException If the given {@code roleScope} is invalid. + * @throws NullPointerException If the {@link KeyVaultRoleScope role scope} is {@code null}. */ @ServiceMethod(returns = ReturnType.COLLECTION) public PagedFlux listRoleDefinitions(KeyVaultRoleScope roleScope) { @@ -137,9 +153,12 @@ public PagedFlux listRoleDefinitions(KeyVaultRoleScope r * * @param roleScope The {@link KeyVaultRoleScope role scope} of the {@link KeyVaultRoleDefinition role definitions}. * @param context Additional {@link Context} that is passed through the HTTP pipeline during the service call. + * * @return A {@link PagedFlux} containing the {@link KeyVaultRoleDefinition role definitions} for the given * {@link KeyVaultRoleScope role scope}. - * @throws NullPointerException if the {@link KeyVaultRoleScope role scope} is {@code null}. + * + * @throws KeyVaultAdministrationException If the given {@code roleScope} is invalid. + * @throws NullPointerException If the {@link KeyVaultRoleScope role scope} is {@code null}. */ PagedFlux listRoleDefinitions(KeyVaultRoleScope roleScope, Context context) { return new PagedFlux<>( @@ -154,23 +173,30 @@ PagedFlux listRoleDefinitions(KeyVaultRoleScope roleScop * @param vaultUrl The URL for the Key Vault this client is associated with. * @param roleScope The {@link KeyVaultRoleScope role scope} of the {@link KeyVaultRoleDefinition}. * @param context Additional context that is passed through the HTTP pipeline during the service call. + * * @return A {@link Mono} containing a {@link PagedResponse} of {@link KeyVaultRoleDefinition role definitions} * for the given {@link KeyVaultRoleScope role scope} from the first page of results. - * @throws NullPointerException if the {@link KeyVaultRoleScope role scope} is {@code null}. + * + * @throws KeyVaultAdministrationException If the given {@code vaultUrl} or {@code roleScope} are invalid. + * @throws NullPointerException If the {@link KeyVaultRoleScope role scope} is {@code null}. */ - Mono> listRoleDefinitionsFirstPage(String vaultUrl, KeyVaultRoleScope roleScope, Context context) { - Objects.requireNonNull(roleScope, - String.format(KeyVaultErrorCodeStrings.getErrorString(KeyVaultErrorCodeStrings.PARAMETER_REQUIRED), - "'roleScope'")); - + Mono> listRoleDefinitionsFirstPage(String vaultUrl, + KeyVaultRoleScope roleScope, + Context context) { try { + Objects.requireNonNull(roleScope, + String.format(KeyVaultErrorCodeStrings.getErrorString(KeyVaultErrorCodeStrings.PARAMETER_REQUIRED), + "'roleScope'")); + return clientImpl.getRoleDefinitions() .listSinglePageAsync(vaultUrl, roleScope.toString(), null, context.addData(AZ_TRACING_NAMESPACE_KEY, KEYVAULT_TRACING_NAMESPACE_VALUE)) .doOnRequest(ignored -> logger.verbose("Listing role definitions for roleScope - {}", roleScope)) .doOnSuccess(response -> logger.verbose("Listed role definitions for roleScope - {}", roleScope)) - .doOnError(error -> logger.warning(String.format("Failed to list role definitions for roleScope - %s", - roleScope), error)) + .doOnError(error -> + logger.warning(String.format("Failed to list role definitions for roleScope - %s", roleScope), + error)) + .onErrorMap(KeyVaultAdministrationUtils::mapThrowableToKeyVaultAdministrationException) .map(KeyVaultAccessControlAsyncClient::transformRoleDefinitionsPagedResponse); } catch (RuntimeException e) { return monoError(logger, e); @@ -185,32 +211,328 @@ Mono> listRoleDefinitionsFirstPage(String * @param continuationToken The {@link PagedResponse#getContinuationToken() continuationToken} from a previous, * successful call to one of the {@code listKeyVaultRoleDefinitions} operations. * @param context Additional context that is passed through the HTTP pipeline during the service call. + * * @return A {@link Mono} containing a {@link PagedResponse} of {@link KeyVaultRoleDefinition role definitions} * for the given {@link KeyVaultRoleScope role scope} from the next page of results. + * + * @throws KeyVaultAdministrationException If the given {@code continuationToken} is invalid. */ Mono> listRoleDefinitionsNextPage(String continuationToken, Context context) { try { return clientImpl.getRoleDefinitions() - .listNextSinglePageAsync(continuationToken, context.addData(AZ_TRACING_NAMESPACE_KEY, + .listNextSinglePageAsync(continuationToken, vaultUrl, context.addData(AZ_TRACING_NAMESPACE_KEY, KEYVAULT_TRACING_NAMESPACE_VALUE)) - .doOnRequest(ignored -> logger.verbose("Listing next role definitions page - Page {}", continuationToken)) - .doOnSuccess(response -> logger.verbose("Listed next role definitions page - Page {}", continuationToken)) - .doOnError(error -> logger.warning("Failed to list next role definitions page - Page {}", - continuationToken, error)) + .doOnRequest(ignored -> + logger.verbose("Listing next role definitions page - Page {}", continuationToken)) + .doOnSuccess(response -> + logger.verbose("Listed next role definitions page - Page {}", continuationToken)) + .doOnError(error -> + logger.warning("Failed to list next role definitions page - Page {}", continuationToken, error)) + .onErrorMap(KeyVaultAdministrationUtils::mapThrowableToKeyVaultAdministrationException) .map(KeyVaultAccessControlAsyncClient::transformRoleDefinitionsPagedResponse); } catch (RuntimeException e) { return monoError(logger, e); } } + /** + * Creates or updates a {@link KeyVaultRoleDefinition} with a randomly generated {@link String name}. + * + * @param roleScope The {@link KeyVaultRoleScope role scope} of the {@link KeyVaultRoleDefinition}. Managed HSM + * only supports '/'. + * + * @return A {@link Mono} containing the created {@link KeyVaultRoleDefinition}. + * + * @throws KeyVaultAdministrationException If the given {@code roleScope} is invalid. + * @throws NullPointerException If the {@link KeyVaultRoleScope role scope} is {@code null}. + */ + @ServiceMethod(returns = ReturnType.SINGLE) + public Mono setRoleDefinition(KeyVaultRoleScope roleScope) { + return setRoleDefinition(roleScope, UUID.randomUUID().toString()); + } + + /** + * Creates or updates a {@link KeyVaultRoleDefinition}. + * + * @param roleScope The {@link KeyVaultRoleScope role scope} of the {@link KeyVaultRoleDefinition}. Managed HSM only + * supports '/'. + * @param roleDefinitionName The name of the {@link KeyVaultRoleDefinition}. It can be any valid UUID. + * + * @return A {@link Mono} containing the created {@link KeyVaultRoleDefinition}. + * + * @throws KeyVaultAdministrationException If the given {@code roleScope} is invalid. + * @throws NullPointerException If the {@link KeyVaultRoleScope role scope} or {@link String roleDefinitionName} + * are {@code null}. + */ + @ServiceMethod(returns = ReturnType.SINGLE) + public Mono setRoleDefinition(KeyVaultRoleScope roleScope, String roleDefinitionName) { + return setRoleDefinitionWithResponse(new SetRoleDefinitionOptions(roleScope, roleDefinitionName)) + .flatMap(FluxUtil::toMono); + } + + /** + * Creates or updates a {@link KeyVaultRoleDefinition}. + * + * @param options Object representing the configurable options to create or update a + * {@link KeyVaultRoleDefinition role definition}. + * + * @return A {@link Mono} containing a {@link Response} whose {@link Response#getValue() value} contains the + * created or updated {@link KeyVaultRoleDefinition}. + * + * @throws KeyVaultAdministrationException If any parameter in {@code options} is invalid. + * @throws NullPointerException If the {@link KeyVaultRoleScope role scope} or {@link String roleDefinitionName} + * in the {@link SetRoleDefinitionOptions options} object are {@code null}. + */ + @ServiceMethod(returns = ReturnType.SINGLE) + public Mono> setRoleDefinitionWithResponse(SetRoleDefinitionOptions options) { + return withContext(context -> setRoleDefinitionWithResponse(options, context)); + } + + /** + * Creates or updates a {@link KeyVaultRoleDefinition}. + * + * @param options Object representing the configurable options to create or update a + * {@link KeyVaultRoleDefinition role definition}. + * @param context Additional context that is passed through the HTTP pipeline during the service call. + * + * @return A {@link Mono} containing a {@link Response} whose {@link Response#getValue() value} contains the + * created or updated {@link KeyVaultRoleDefinition}. + * + * @throws KeyVaultAdministrationException If any parameter in {@code options} is invalid. + * @throws NullPointerException If the {@link KeyVaultRoleScope role scope} or {@link String roleDefinitionName} + * in the {@link SetRoleDefinitionOptions options} object are {@code null}. + */ + Mono> setRoleDefinitionWithResponse(SetRoleDefinitionOptions options, + Context context) { + try { + Objects.requireNonNull(options, + String.format(KeyVaultErrorCodeStrings.getErrorString(KeyVaultErrorCodeStrings.PARAMETER_REQUIRED), + "'options'")); + Objects.requireNonNull(options.getRoleScope(), + String.format(KeyVaultErrorCodeStrings.getErrorString(KeyVaultErrorCodeStrings.PARAMETER_REQUIRED), + "'options.getRoleScope()'")); + Objects.requireNonNull(options.getRoleDefinitionName(), + String.format(KeyVaultErrorCodeStrings.getErrorString(KeyVaultErrorCodeStrings.PARAMETER_REQUIRED), + "'options.getRoleDefinitionName()'")); + + List assignableScopes = null; + + if (options.getAssignableScopes() != null) { + assignableScopes = options.getAssignableScopes().stream() + .map(keyVaultRoleScope -> RoleScope.fromString(keyVaultRoleScope.toString())) + .collect(Collectors.toList()); + } + + List permissions = null; + + if (options.getPermissions() != null) { + permissions = options.getPermissions().stream() + .map(keyVaultPermission -> new Permission() + .setActions(keyVaultPermission.getActions()) + .setNotActions(keyVaultPermission.getNotActions()) + .setDataActions(keyVaultPermission.getDataActions().stream() + .map(allowedDataAction -> DataAction.fromString(allowedDataAction.toString())) + .collect(Collectors.toList())) + .setNotDataActions(keyVaultPermission.getNotDataActions().stream() + .map(notDataAction -> DataAction.fromString(notDataAction.toString())) + .collect(Collectors.toList()))) + .collect(Collectors.toList()); + } + + RoleDefinitionProperties roleDefinitionProperties = + new RoleDefinitionProperties() + .setRoleName(options.getRoleDefinitionName()) + .setRoleType(RoleType.fromString(options.getRoleType().toString())) + .setAssignableScopes(assignableScopes) + .setDescription(options.getDescription()) + .setPermissions(permissions); + RoleDefinitionCreateParameters parameters = + new RoleDefinitionCreateParameters() + .setProperties(roleDefinitionProperties); + + return clientImpl.getRoleDefinitions() + .createOrUpdateWithResponseAsync(vaultUrl, options.getRoleScope().toString(), + options.getRoleDefinitionName(), parameters, + context.addData(AZ_TRACING_NAMESPACE_KEY, KEYVAULT_TRACING_NAMESPACE_VALUE)) + .doOnRequest(ignored -> + logger.verbose("Creating role assignment - {}", options.getRoleDefinitionName())) + .doOnSuccess(response -> logger.verbose("Created role assignment - {}", response.getValue().getName())) + .doOnError(error -> + logger.warning("Failed to create role assignment - {}", options.getRoleDefinitionName(), error)) + .onErrorMap(KeyVaultAdministrationUtils::mapThrowableToKeyVaultAdministrationException) + .map(KeyVaultAccessControlAsyncClient::transformRoleDefinitionResponse); + } catch (RuntimeException e) { + return monoError(logger, e); + } + } + + /** + * Gets a {@link KeyVaultRoleDefinition}. + * + * @param roleScope The {@link KeyVaultRoleScope role scope} of the {@link KeyVaultRoleDefinition}. + * @param roleDefinitionName The name used of the {@link KeyVaultRoleDefinition}. + * + * @return A {@link Mono} containing the {@link KeyVaultRoleDefinition}. + * + * @throws KeyVaultAdministrationException If a {@link KeyVaultRoleDefinition role definition} with the given name cannot + * be found or if the given {@code roleScope} is invalid. + * @throws NullPointerException If the {@link KeyVaultRoleScope role scope} or {@link String roleDefinitionName} are + * {@code null}. + */ + @ServiceMethod(returns = ReturnType.SINGLE) + public Mono getRoleDefinition(KeyVaultRoleScope roleScope, String roleDefinitionName) { + return getRoleDefinitionWithResponse(roleScope, roleDefinitionName).flatMap(FluxUtil::toMono); + } + + /** + * Gets a {@link KeyVaultRoleDefinition}. + * + * @param roleScope The {@link KeyVaultRoleScope role scope} of the {@link KeyVaultRoleDefinition}. + * @param roleDefinitionName The name of the {@link KeyVaultRoleDefinition}. + * + * @return A {@link Mono} containing a {@link Response} whose {@link Response#getValue() value} contains the + * {@link KeyVaultRoleDefinition}. + * + * @throws KeyVaultAdministrationException If a {@link KeyVaultRoleDefinition role definition} with the given name cannot + * be found or if the given {@code roleScope} is invalid. + * @throws NullPointerException If the {@link KeyVaultRoleScope role scope} or {@link String roleDefinitionName} are + * {@code null}. + */ + @ServiceMethod(returns = ReturnType.SINGLE) + public Mono> getRoleDefinitionWithResponse(KeyVaultRoleScope roleScope, + String roleDefinitionName) { + return withContext(context -> getRoleDefinitionWithResponse(roleScope, roleDefinitionName, context)); + } + + /** + * Gets a {@link KeyVaultRoleDefinition}. + * + * @param roleScope The {@link KeyVaultRoleScope role scope} of the {@link KeyVaultRoleDefinition}. + * @param roleDefinitionName The name of the {@link KeyVaultRoleDefinition}. + * @param context Additional context that is passed through the HTTP pipeline during the service call. + * + * @return A {@link Mono} containing a {@link Response} whose {@link Response#getValue() value} contains the + * {@link KeyVaultRoleDefinition}. + * + * @throws KeyVaultAdministrationException If a {@link KeyVaultRoleDefinition role definition} with the given name cannot + * be found or if the given {@code roleScope} is invalid. + * @throws NullPointerException If the {@link KeyVaultRoleScope role scope} or {@link String roleDefinitionName} are + * {@code null}. + */ + Mono> getRoleDefinitionWithResponse(KeyVaultRoleScope roleScope, + String roleDefinitionName, Context context) { + try { + Objects.requireNonNull(roleScope, + String.format(KeyVaultErrorCodeStrings.getErrorString(KeyVaultErrorCodeStrings.PARAMETER_REQUIRED), + "'roleScope'")); + Objects.requireNonNull(roleDefinitionName, + String.format(KeyVaultErrorCodeStrings.getErrorString(KeyVaultErrorCodeStrings.PARAMETER_REQUIRED), + "'roleDefinitionName'")); + + return clientImpl.getRoleDefinitions() + .getWithResponseAsync(vaultUrl, roleScope.toString(), roleDefinitionName, + context.addData(AZ_TRACING_NAMESPACE_KEY, KEYVAULT_TRACING_NAMESPACE_VALUE)) + .doOnRequest(ignored -> logger.verbose("Retrieving role assignment - {}", roleDefinitionName)) + .doOnSuccess(response -> + logger.verbose("Retrieved role assignment - {}", response.getValue().getName())) + .doOnError(error -> + logger.warning("Failed to retrieved role assignment - {}", roleDefinitionName, error)) + .onErrorMap(KeyVaultAdministrationUtils::mapThrowableToKeyVaultAdministrationException) + .map(KeyVaultAccessControlAsyncClient::transformRoleDefinitionResponse); + } catch (RuntimeException e) { + return monoError(logger, e); + } + } + + /** + * Deletes a {@link KeyVaultRoleDefinition}. + * + * @param roleScope The {@link KeyVaultRoleScope role scope} of the {@link KeyVaultRoleDefinition}. Managed HSM + * only supports '/'. + * @param roleDefinitionName The name of the {@link KeyVaultRoleDefinition}. + * + * @return A {@link Mono} containing the deleted {@link KeyVaultRoleDefinition}. + * + * @throws KeyVaultAdministrationException If a {@link KeyVaultRoleDefinition role definition} with the given name cannot + * be found or if the given {@code roleScope} is invalid. + * @throws NullPointerException If the {@link KeyVaultRoleScope role scope} or {@link String roleDefinitionName} are + * {@code null}. + */ + @ServiceMethod(returns = ReturnType.SINGLE) + public Mono deleteRoleDefinition(KeyVaultRoleScope roleScope, String roleDefinitionName) { + return deleteRoleDefinitionWithResponse(roleScope, roleDefinitionName).flatMap(FluxUtil::toMono); + } + + /** + * Deletes a {@link KeyVaultRoleDefinition}. + * + * @param roleScope The {@link KeyVaultRoleScope role scope} of the {@link KeyVaultRoleDefinition}. + * @param roleDefinitionName The name of the {@link KeyVaultRoleDefinition}. + * + * @return A {@link Mono} containing a {@link Response} whose {@link Response#getValue() value} contains the deleted + * {@link KeyVaultRoleDefinition}. + * + * @throws KeyVaultAdministrationException If a {@link KeyVaultRoleDefinition role definition} with the given name cannot + * be found or if the given {@code roleScope} is invalid. + * @throws NullPointerException If the {@link KeyVaultRoleScope role scope} or {@link String roleDefinitionName} are + * {@code null}. + */ + @ServiceMethod(returns = ReturnType.SINGLE) + public Mono> deleteRoleDefinitionWithResponse(KeyVaultRoleScope roleScope, + String roleDefinitionName) { + return withContext(context -> deleteRoleDefinitionWithResponse(roleScope, roleDefinitionName, context)); + } + + /** + * Deletes a {@link KeyVaultRoleDefinition}. + * + * @param roleScope The {@link KeyVaultRoleScope role scope} of the {@link KeyVaultRoleDefinition}. + * @param roleDefinitionName The name of the {@link KeyVaultRoleDefinition}. + * @param context Additional context that is passed through the HTTP pipeline during the service call. + * + * @return A {@link Mono} containing a {@link Response} whose {@link Response#getValue() value} contains the deleted + * {@link KeyVaultRoleDefinition}. + * + * @throws KeyVaultAdministrationException If a {@link KeyVaultRoleDefinition role definition} with the given name cannot + * be found or if the given {@code roleScope} is invalid. + * @throws NullPointerException If the {@link KeyVaultRoleScope role scope} or {@link String roleDefinitionName} are + * {@code null}. + */ + Mono> deleteRoleDefinitionWithResponse(KeyVaultRoleScope roleScope, + String roleDefinitionName, + Context context) { + try { + Objects.requireNonNull(roleScope, + String.format(KeyVaultErrorCodeStrings.getErrorString(KeyVaultErrorCodeStrings.PARAMETER_REQUIRED), + "'roleScope'")); + Objects.requireNonNull(roleDefinitionName, + String.format(KeyVaultErrorCodeStrings.getErrorString(KeyVaultErrorCodeStrings.PARAMETER_REQUIRED), + "'roleDefinitionName'")); + + return clientImpl.getRoleDefinitions() + .deleteWithResponseAsync(vaultUrl, roleScope.toString(), roleDefinitionName, + context.addData(AZ_TRACING_NAMESPACE_KEY, KEYVAULT_TRACING_NAMESPACE_VALUE)) + .doOnRequest(ignored -> logger.verbose("Deleting role assignment - {}", roleDefinitionName)) + .doOnSuccess(response -> logger.verbose("Deleted role assignment - {}", response.getValue().getName())) + .doOnError(error -> logger.warning("Failed to delete role assignment - {}", roleDefinitionName, error)) + .onErrorMap(KeyVaultAdministrationUtils::mapThrowableToKeyVaultAdministrationException) + .map(KeyVaultAccessControlAsyncClient::transformRoleDefinitionResponse); + } catch (RuntimeException e) { + return monoError(logger, e); + } + } + /** * Lists all {@link KeyVaultRoleAssignment role assignments} that are applicable at the given * {@link KeyVaultRoleScope role scope} and above. * * @param roleScope The {@link KeyVaultRoleScope role scope} of the {@link KeyVaultRoleAssignment}. + * * @return A {@link PagedFlux} containing the {@link KeyVaultRoleAssignment role assignments} for the given * {@link KeyVaultRoleScope role scope}. - * @throws NullPointerException if the {@link KeyVaultRoleScope role scope} is {@code null}. + * + * @throws KeyVaultAdministrationException If the given {@code roleScope} is invalid. + * @throws NullPointerException If the {@link KeyVaultRoleScope role scope} is {@code null}. */ @ServiceMethod(returns = ReturnType.COLLECTION) public PagedFlux listRoleAssignments(KeyVaultRoleScope roleScope) { @@ -225,9 +547,12 @@ public PagedFlux listRoleAssignments(KeyVaultRoleScope r * * @param roleScope The {@link KeyVaultRoleScope role scope} of the {@link KeyVaultRoleAssignment}. * @param context Additional context that is passed through the HTTP pipeline during the service call. + * * @return A {@link PagedFlux} containing the {@link KeyVaultRoleAssignment role assignments} for the given * {@link KeyVaultRoleScope role scope}. - * @throws NullPointerException if the {@link KeyVaultRoleScope role scope} is {@code null}. + * + * @throws KeyVaultAdministrationException If the given {@code roleScope} is invalid. + * @throws NullPointerException If the {@link KeyVaultRoleScope role scope} is {@code null}. */ PagedFlux listRoleAssignments(KeyVaultRoleScope roleScope, Context context) { return new PagedFlux<>( @@ -242,23 +567,30 @@ PagedFlux listRoleAssignments(KeyVaultRoleScope roleScop * @param vaultUrl The URL for the Key Vault this client is associated with. * @param roleScope The {@link KeyVaultRoleScope role scope} of the {@link KeyVaultRoleAssignment}. * @param context Additional context that is passed through the HTTP pipeline during the service call. + * * @return A {@link Mono} containing a {@link PagedResponse} of {@link KeyVaultRoleAssignment role assignments} * in the given {@link KeyVaultRoleScope role scope} from the first page of results. - * @throws NullPointerException if the {@link KeyVaultRoleScope role scope} is {@code null}. + * + * @throws KeyVaultAdministrationException If the given {@code vaultUrl} or {@code roleScope} are invalid. + * @throws NullPointerException If the {@link KeyVaultRoleScope role scope} is {@code null}. */ - Mono> listRoleAssignmentsFirstPage(String vaultUrl, KeyVaultRoleScope roleScope, Context context) { - Objects.requireNonNull(roleScope, - String.format(KeyVaultErrorCodeStrings.getErrorString(KeyVaultErrorCodeStrings.PARAMETER_REQUIRED), - "'roleScope'")); - + Mono> listRoleAssignmentsFirstPage(String vaultUrl, + KeyVaultRoleScope roleScope, + Context context) { try { + Objects.requireNonNull(roleScope, + String.format(KeyVaultErrorCodeStrings.getErrorString(KeyVaultErrorCodeStrings.PARAMETER_REQUIRED), + "'roleScope'")); + return clientImpl.getRoleAssignments() .listForScopeSinglePageAsync(vaultUrl, roleScope.toString(), null, context.addData(AZ_TRACING_NAMESPACE_KEY, KEYVAULT_TRACING_NAMESPACE_VALUE)) .doOnRequest(ignored -> logger.verbose("Listing role assignments for roleScope - {}", roleScope)) .doOnSuccess(response -> logger.verbose("Listed role assignments for roleScope - {}", roleScope)) - .doOnError(error -> logger.warning(String.format("Failed to list role assignments for roleScope - %s", - roleScope), error)) + .doOnError(error -> + logger.warning(String.format("Failed to list role assignments for roleScope - %s", roleScope), + error)) + .onErrorMap(KeyVaultAdministrationUtils::mapThrowableToKeyVaultAdministrationException) .map(KeyVaultAccessControlAsyncClient::transformRoleAssignmentsPagedResponse); } catch (RuntimeException e) { return monoError(logger, e); @@ -272,18 +604,24 @@ Mono> listRoleAssignmentsFirstPage(String * @param continuationToken The {@link PagedResponse#getContinuationToken() continuationToken} from a previous, * successful call to one of the {@code listKeyVaultRoleAssignments} operations. * @param context Additional context that is passed through the HTTP pipeline during the service call. + * * @return A {@link Mono} containing a {@link PagedResponse} of {@link KeyVaultRoleAssignment role assignments} * for the given {@link KeyVaultRoleScope role scope} from the first page of results. + * + * @throws KeyVaultAdministrationException If the given {@code continuationToken} is invalid. */ Mono> listRoleAssignmentsNextPage(String continuationToken, Context context) { try { return clientImpl.getRoleAssignments() - .listForScopeNextSinglePageAsync(continuationToken, context.addData(AZ_TRACING_NAMESPACE_KEY, - KEYVAULT_TRACING_NAMESPACE_VALUE)) - .doOnRequest(ignored -> logger.verbose("Listing next role assignments page - Page {}", continuationToken)) - .doOnSuccess(response -> logger.verbose("Listed next role assignments page - Page {}", continuationToken)) + .listForScopeNextSinglePageAsync(continuationToken, vaultUrl, + context.addData(AZ_TRACING_NAMESPACE_KEY, KEYVAULT_TRACING_NAMESPACE_VALUE)) + .doOnRequest(ignored -> + logger.verbose("Listing next role assignments page - Page {}", continuationToken)) + .doOnSuccess(response -> + logger.verbose("Listed next role assignments page - Page {}", continuationToken)) .doOnError(error -> logger.warning("Failed to list next role assignments page - Page {}", continuationToken, error)) + .onErrorMap(KeyVaultAdministrationUtils::mapThrowableToKeyVaultAdministrationException) .map(KeyVaultAccessControlAsyncClient::transformRoleAssignmentsPagedResponse); } catch (RuntimeException e) { return monoError(logger, e); @@ -296,29 +634,40 @@ Mono> listRoleAssignmentsNextPage(String c * @param roleScope The {@link KeyVaultRoleScope role scope} of the {@link KeyVaultRoleAssignment} to create. * @param roleDefinitionId The {@link KeyVaultRoleDefinition role definition} ID for the role assignment. * @param principalId The principal ID assigned to the role. This maps to the ID inside the Active Directory. + * * @return A {@link Mono} containing the created {@link KeyVaultRoleAssignment}. - * @throws NullPointerException if the {@link KeyVaultRoleScope role scope}, {@link String roleAssignmentName}, + * + * @throws KeyVaultAdministrationException If the given {@code roleScope}, {@code roleDefinitionId} or {@code principalId} + * are invalid. + * @throws NullPointerException If the {@link KeyVaultRoleScope role scope}, {@link String roleAssignmentName}, * {@link String roleDefinitionId} or {@link String principalId} are {@code null}. */ @ServiceMethod(returns = ReturnType.SINGLE) - public Mono createRoleAssignment(KeyVaultRoleScope roleScope, String roleDefinitionId, String principalId) { - return createRoleAssignment(roleScope, UUID.randomUUID().toString(), roleDefinitionId, principalId); + public Mono createRoleAssignment(KeyVaultRoleScope roleScope, String roleDefinitionId, + String principalId) { + return createRoleAssignment(roleScope, roleDefinitionId, principalId, UUID.randomUUID().toString()); } /** * Creates a {@link KeyVaultRoleAssignment}. * * @param roleScope The {@link KeyVaultRoleScope role scope} of the {@link KeyVaultRoleAssignment} to create. - * @param roleAssignmentName The name used to create the {@link KeyVaultRoleAssignment}. It can be any valid UUID. * @param roleDefinitionId The {@link KeyVaultRoleDefinition role definition} ID for the role assignment. * @param principalId The principal ID assigned to the role. This maps to the ID inside the Active Directory. + * @param roleAssignmentName The name used to create the {@link KeyVaultRoleAssignment}. It can be any valid UUID. + * * @return A {@link Mono} containing the created {@link KeyVaultRoleAssignment}. - * @throws NullPointerException if the {@link KeyVaultRoleScope role scope}, {@link String roleAssignmentName}, + * + * @throws KeyVaultAdministrationException If a {@link KeyVaultRoleAssignment role assignment} with the given name already + * exists or if the given {@code roleScope}, {@code roleDefinitionId} or {@code principalId} are invalid. + * @throws NullPointerException If the {@link KeyVaultRoleScope role scope}, {@link String roleAssignmentName}, * {@link String roleDefinitionId} or {@link String principalId} are {@code null}. */ @ServiceMethod(returns = ReturnType.SINGLE) - public Mono createRoleAssignment(KeyVaultRoleScope roleScope, String roleAssignmentName, String roleDefinitionId, String principalId) { - return createRoleAssignmentWithResponse(roleScope, roleAssignmentName, roleDefinitionId, principalId).flatMap(FluxUtil::toMono); + public Mono createRoleAssignment(KeyVaultRoleScope roleScope, String roleDefinitionId, + String principalId, String roleAssignmentName) { + return createRoleAssignmentWithResponse(roleScope, roleDefinitionId, principalId, roleAssignmentName) + .flatMap(FluxUtil::toMono); } /** @@ -328,14 +677,22 @@ public Mono createRoleAssignment(KeyVaultRoleScope roleS * @param roleAssignmentName The name used to create the {@link KeyVaultRoleAssignment}. It can be any valid UUID. * @param roleDefinitionId The {@link KeyVaultRoleDefinition role definition} ID for the role assignment. * @param principalId The principal ID assigned to the role. This maps to the ID inside the Active Directory. + * * @return A {@link Mono} containing a {@link Response} whose {@link Response#getValue() value} contains the created * {@link KeyVaultRoleAssignment}. - * @throws NullPointerException if the {@link KeyVaultRoleScope role scope}, {@link String roleAssignmentName}, + * + * @throws KeyVaultAdministrationException If a {@link KeyVaultRoleAssignment role assignment} with the given name already + * exists or if the given {@code roleScope}, {@code roleDefinitionId} or {@code principalId} are invalid. + * @throws NullPointerException If the {@link KeyVaultRoleScope role scope}, {@link String roleAssignmentName}, * {@link String roleDefinitionId} or {@link String principalId} are {@code null}. */ @ServiceMethod(returns = ReturnType.SINGLE) - public Mono> createRoleAssignmentWithResponse(KeyVaultRoleScope roleScope, String roleAssignmentName, String roleDefinitionId, String principalId) { - return withContext(context -> createRoleAssignmentWithResponse(roleScope, roleAssignmentName, roleDefinitionId, principalId, context)); + public Mono> createRoleAssignmentWithResponse(KeyVaultRoleScope roleScope, + String roleDefinitionId, + String principalId, + String roleAssignmentName) { + return withContext(context -> + createRoleAssignmentWithResponse(roleScope, roleDefinitionId, principalId, roleAssignmentName, context)); } /** @@ -346,39 +703,48 @@ public Mono> createRoleAssignmentWithResponse(K * @param roleDefinitionId The {@link KeyVaultRoleDefinition role definition} ID for the role assignment. * @param principalId The principal ID assigned to the role. This maps to the ID inside the Active Directory. * @param context Additional context that is passed through the HTTP pipeline during the service call. + * * @return A {@link Mono} containing a {@link Response} whose {@link Response#getValue() value} contains the created * {@link KeyVaultRoleAssignment}. - * @throws NullPointerException if the {@link KeyVaultRoleScope role scope}, {@link String roleAssignmentName}, + * + * @throws KeyVaultAdministrationException If a {@link KeyVaultRoleAssignment role assignment} with the given name already + * exists or if the given {@code roleScope}, {@code roleDefinitionId} or {@code principalId} are invalid. + * @throws NullPointerException If the {@link KeyVaultRoleScope role scope}, {@link String roleAssignmentName}, * {@link String roleDefinitionId} or {@link String principalId} are {@code null}. */ - Mono> createRoleAssignmentWithResponse(KeyVaultRoleScope roleScope, String roleAssignmentName, String roleDefinitionId, String principalId, Context context) { - Objects.requireNonNull(roleScope, - String.format(KeyVaultErrorCodeStrings.getErrorString(KeyVaultErrorCodeStrings.PARAMETER_REQUIRED), - "'roleScope'")); - Objects.requireNonNull(roleAssignmentName, - String.format(KeyVaultErrorCodeStrings.getErrorString(KeyVaultErrorCodeStrings.PARAMETER_REQUIRED), - "'roleAssignmentName'")); - Objects.requireNonNull(principalId, - String.format(KeyVaultErrorCodeStrings.getErrorString(KeyVaultErrorCodeStrings.PARAMETER_REQUIRED), - "'principalId'")); - Objects.requireNonNull(roleDefinitionId, - String.format(KeyVaultErrorCodeStrings.getErrorString(KeyVaultErrorCodeStrings.PARAMETER_REQUIRED), - "'roleDefinitionId'")); - - RoleAssignmentProperties roleAssignmentProperties = - new RoleAssignmentProperties() - .setRoleDefinitionId(roleDefinitionId) - .setPrincipalId(principalId); - RoleAssignmentCreateParameters parameters = - new RoleAssignmentCreateParameters() - .setProperties(roleAssignmentProperties); + Mono> createRoleAssignmentWithResponse(KeyVaultRoleScope roleScope, + String roleDefinitionId, String principalId, + String roleAssignmentName, + Context context) { try { + Objects.requireNonNull(roleScope, + String.format(KeyVaultErrorCodeStrings.getErrorString(KeyVaultErrorCodeStrings.PARAMETER_REQUIRED), + "'roleScope'")); + Objects.requireNonNull(roleAssignmentName, + String.format(KeyVaultErrorCodeStrings.getErrorString(KeyVaultErrorCodeStrings.PARAMETER_REQUIRED), + "'roleAssignmentName'")); + Objects.requireNonNull(principalId, + String.format(KeyVaultErrorCodeStrings.getErrorString(KeyVaultErrorCodeStrings.PARAMETER_REQUIRED), + "'principalId'")); + Objects.requireNonNull(roleDefinitionId, + String.format(KeyVaultErrorCodeStrings.getErrorString(KeyVaultErrorCodeStrings.PARAMETER_REQUIRED), + "'roleDefinitionId'")); + + RoleAssignmentProperties roleAssignmentProperties = + new RoleAssignmentProperties() + .setRoleDefinitionId(roleDefinitionId) + .setPrincipalId(principalId); + RoleAssignmentCreateParameters parameters = + new RoleAssignmentCreateParameters() + .setProperties(roleAssignmentProperties); + return clientImpl.getRoleAssignments() .createWithResponseAsync(vaultUrl, roleScope.toString(), roleAssignmentName, parameters, context.addData(AZ_TRACING_NAMESPACE_KEY, KEYVAULT_TRACING_NAMESPACE_VALUE)) .doOnRequest(ignored -> logger.verbose("Creating role assignment - {}", roleAssignmentName)) .doOnSuccess(response -> logger.verbose("Created role assignment - {}", response.getValue().getName())) .doOnError(error -> logger.warning("Failed to create role assignment - {}", roleAssignmentName, error)) + .onErrorMap(KeyVaultAdministrationUtils::mapThrowableToKeyVaultAdministrationException) .map(KeyVaultAccessControlAsyncClient::transformRoleAssignmentResponse); } catch (RuntimeException e) { return monoError(logger, e); @@ -390,8 +756,12 @@ Mono> createRoleAssignmentWithResponse(KeyVault * * @param roleScope The {@link KeyVaultRoleScope role scope} of the {@link KeyVaultRoleAssignment}. * @param roleAssignmentName The name used of the {@link KeyVaultRoleAssignment}. + * * @return A {@link Mono} containing the {@link KeyVaultRoleAssignment}. - * @throws NullPointerException if the {@link KeyVaultRoleScope role scope} or {@link String roleAssignmentName} are + * + * @throws KeyVaultAdministrationException If a {@link KeyVaultRoleAssignment role assignment} with the given name cannot + * be found or if the given {@code roleScope} is invalid. + * @throws NullPointerException If the {@link KeyVaultRoleScope role scope} or {@link String roleAssignmentName} are * {@code null}. */ @ServiceMethod(returns = ReturnType.SINGLE) @@ -404,13 +774,18 @@ public Mono getRoleAssignment(KeyVaultRoleScope roleScop * * @param roleScope The {@link KeyVaultRoleScope role scope} of the {@link KeyVaultRoleAssignment}. * @param roleAssignmentName The name of the {@link KeyVaultRoleAssignment}. + * * @return A {@link Mono} containing a {@link Response} whose {@link Response#getValue() value} contains the * {@link KeyVaultRoleAssignment}. - * @throws NullPointerException if the {@link KeyVaultRoleScope role scope} or {@link String roleAssignmentName} are + * + * @throws KeyVaultAdministrationException If a {@link KeyVaultRoleAssignment role assignment} with the given name cannot + * be found or if the given {@code roleScope} is invalid. + * @throws NullPointerException If the {@link KeyVaultRoleScope role scope} or {@link String roleAssignmentName} are * {@code null}. */ @ServiceMethod(returns = ReturnType.SINGLE) - public Mono> getRoleAssignmentWithResponse(KeyVaultRoleScope roleScope, String roleAssignmentName) { + public Mono> getRoleAssignmentWithResponse(KeyVaultRoleScope roleScope, + String roleAssignmentName) { return withContext(context -> getRoleAssignmentWithResponse(roleScope, roleAssignmentName, context)); } @@ -420,26 +795,34 @@ public Mono> getRoleAssignmentWithResponse(KeyV * @param roleScope The {@link KeyVaultRoleScope role scope} of the {@link KeyVaultRoleAssignment}. * @param roleAssignmentName The name of the {@link KeyVaultRoleAssignment}. * @param context Additional context that is passed through the HTTP pipeline during the service call. + * * @return A {@link Mono} containing a {@link Response} whose {@link Response#getValue() value} contains the * {@link KeyVaultRoleAssignment}. - * @throws NullPointerException if the {@link KeyVaultRoleScope role scope} or {@link String roleAssignmentName} are + * + * @throws KeyVaultAdministrationException If a {@link KeyVaultRoleAssignment role assignment} with the given name cannot + * be found or if the given {@code roleScope} is invalid. + * @throws NullPointerException If the {@link KeyVaultRoleScope role scope} or {@link String roleAssignmentName} are * {@code null}. */ - Mono> getRoleAssignmentWithResponse(KeyVaultRoleScope roleScope, String roleAssignmentName, Context context) { - Objects.requireNonNull(roleScope, - String.format(KeyVaultErrorCodeStrings.getErrorString(KeyVaultErrorCodeStrings.PARAMETER_REQUIRED), - "'roleScope'")); - Objects.requireNonNull(roleAssignmentName, - String.format(KeyVaultErrorCodeStrings.getErrorString(KeyVaultErrorCodeStrings.PARAMETER_REQUIRED), - "'roleAssignmentName'")); - + Mono> getRoleAssignmentWithResponse(KeyVaultRoleScope roleScope, + String roleAssignmentName, Context context) { try { + Objects.requireNonNull(roleScope, + String.format(KeyVaultErrorCodeStrings.getErrorString(KeyVaultErrorCodeStrings.PARAMETER_REQUIRED), + "'roleScope'")); + Objects.requireNonNull(roleAssignmentName, + String.format(KeyVaultErrorCodeStrings.getErrorString(KeyVaultErrorCodeStrings.PARAMETER_REQUIRED), + "'roleAssignmentName'")); + return clientImpl.getRoleAssignments() - .getWithResponseAsync(vaultUrl, roleScope.toString(), roleAssignmentName, context.addData(AZ_TRACING_NAMESPACE_KEY, - KEYVAULT_TRACING_NAMESPACE_VALUE)) + .getWithResponseAsync(vaultUrl, roleScope.toString(), roleAssignmentName, + context.addData(AZ_TRACING_NAMESPACE_KEY, KEYVAULT_TRACING_NAMESPACE_VALUE)) .doOnRequest(ignored -> logger.verbose("Retrieving role assignment - {}", roleAssignmentName)) - .doOnSuccess(response -> logger.verbose("Retrieved role assignment - {}", response.getValue().getName())) - .doOnError(error -> logger.warning("Failed to retrieved role assignment - {}", roleAssignmentName, error)) + .doOnSuccess(response -> + logger.verbose("Retrieved role assignment - {}", response.getValue().getName())) + .doOnError(error -> + logger.warning("Failed to retrieved role assignment - {}", roleAssignmentName, error)) + .onErrorMap(KeyVaultAdministrationUtils::mapThrowableToKeyVaultAdministrationException) .map(KeyVaultAccessControlAsyncClient::transformRoleAssignmentResponse); } catch (RuntimeException e) { return monoError(logger, e); @@ -451,8 +834,12 @@ Mono> getRoleAssignmentWithResponse(KeyVaultRol * * @param roleScope The {@link KeyVaultRoleScope role scope} of the {@link KeyVaultRoleAssignment}. * @param roleAssignmentName The name of the {@link KeyVaultRoleAssignment}. + * * @return A {@link Mono} containing the {@link KeyVaultRoleAssignment}. - * @throws NullPointerException if the {@link KeyVaultRoleScope role scope} or {@link String roleAssignmentName} are + * + * @throws KeyVaultAdministrationException If a {@link KeyVaultRoleAssignment role assignment} with the given name cannot + * be found or if the given {@code roleScope} is invalid. + * @throws NullPointerException If the {@link KeyVaultRoleScope role scope} or {@link String roleAssignmentName} are * {@code null}. */ @ServiceMethod(returns = ReturnType.SINGLE) @@ -465,13 +852,18 @@ public Mono deleteRoleAssignment(KeyVaultRoleScope roleS * * @param roleScope The {@link KeyVaultRoleScope role scope} of the {@link KeyVaultRoleAssignment}. * @param roleAssignmentName The name of the {@link KeyVaultRoleAssignment}. + * * @return A {@link Mono} containing a {@link Response} whose {@link Response#getValue() value} contains the * {@link KeyVaultRoleAssignment}. - * @throws NullPointerException if the {@link KeyVaultRoleScope role scope} or {@link String roleAssignmentName} are + * + * @throws KeyVaultAdministrationException If a {@link KeyVaultRoleAssignment role assignment} with the given name cannot + * be found or if the given {@code roleScope} is invalid. + * @throws NullPointerException If the {@link KeyVaultRoleScope role scope} or {@link String roleAssignmentName} are * {@code null}. */ @ServiceMethod(returns = ReturnType.SINGLE) - public Mono> deleteRoleAssignmentWithResponse(KeyVaultRoleScope roleScope, String roleAssignmentName) { + public Mono> deleteRoleAssignmentWithResponse(KeyVaultRoleScope roleScope, + String roleAssignmentName) { return withContext(context -> deleteRoleAssignmentWithResponse(roleScope, roleAssignmentName, context)); } @@ -481,26 +873,33 @@ public Mono> deleteRoleAssignmentWithResponse(K * @param roleScope The {@link KeyVaultRoleScope role scope} of the {@link KeyVaultRoleAssignment}. * @param roleAssignmentName The name of the {@link KeyVaultRoleAssignment}. * @param context Additional context that is passed through the HTTP pipeline during the service call. + * * @return A {@link Mono} containing a {@link Response} whose {@link Response#getValue() value} contains the * {@link KeyVaultRoleAssignment}. - * @throws NullPointerException if the {@link KeyVaultRoleScope role scope} or {@link String roleAssignmentName} are + * + * @throws KeyVaultAdministrationException If a {@link KeyVaultRoleAssignment role assignment} with the given name cannot + * be found or if the given {@code roleScope} is invalid. + * @throws NullPointerException If the {@link KeyVaultRoleScope role scope} or {@link String roleAssignmentName} are * {@code null}. */ - Mono> deleteRoleAssignmentWithResponse(KeyVaultRoleScope roleScope, String roleAssignmentName, Context context) { - Objects.requireNonNull(roleScope, - String.format(KeyVaultErrorCodeStrings.getErrorString(KeyVaultErrorCodeStrings.PARAMETER_REQUIRED), - "'roleScope'")); - Objects.requireNonNull(roleAssignmentName, - String.format(KeyVaultErrorCodeStrings.getErrorString(KeyVaultErrorCodeStrings.PARAMETER_REQUIRED), - "'roleAssignmentName'")); - + Mono> deleteRoleAssignmentWithResponse(KeyVaultRoleScope roleScope, + String roleAssignmentName, + Context context) { try { + Objects.requireNonNull(roleScope, + String.format(KeyVaultErrorCodeStrings.getErrorString(KeyVaultErrorCodeStrings.PARAMETER_REQUIRED), + "'roleScope'")); + Objects.requireNonNull(roleAssignmentName, + String.format(KeyVaultErrorCodeStrings.getErrorString(KeyVaultErrorCodeStrings.PARAMETER_REQUIRED), + "'roleAssignmentName'")); + return clientImpl.getRoleAssignments() - .deleteWithResponseAsync(vaultUrl, roleScope.toString(), roleAssignmentName, context.addData(AZ_TRACING_NAMESPACE_KEY, - KEYVAULT_TRACING_NAMESPACE_VALUE)) + .deleteWithResponseAsync(vaultUrl, roleScope.toString(), roleAssignmentName, + context.addData(AZ_TRACING_NAMESPACE_KEY, KEYVAULT_TRACING_NAMESPACE_VALUE)) .doOnRequest(ignored -> logger.verbose("Deleting role assignment - {}", roleAssignmentName)) .doOnSuccess(response -> logger.verbose("Deleted role assignment - {}", response.getValue().getName())) .doOnError(error -> logger.warning("Failed to delete role assignment - {}", roleAssignmentName, error)) + .onErrorMap(KeyVaultAdministrationUtils::mapThrowableToKeyVaultAdministrationException) .map(KeyVaultAccessControlAsyncClient::transformRoleAssignmentResponse); } catch (RuntimeException e) { return monoError(logger, e); @@ -508,7 +907,9 @@ Mono> deleteRoleAssignmentWithResponse(KeyVault } @SuppressWarnings("BoundedWildcard") - private static PagedResponse transformRoleDefinitionsPagedResponse(PagedResponse pagedResponse) { + private static PagedResponse transformRoleDefinitionsPagedResponse( + PagedResponse pagedResponse) { + List keyVaultRoleDefinitions = new ArrayList<>(); for (RoleDefinition roleDefinition : pagedResponse.getValue()) { @@ -518,10 +919,10 @@ private static PagedResponse transformRoleDefinitionsPag return new TransformedPagedResponse<>(keyVaultRoleDefinitions, pagedResponse); } - private static Response transformRoleAssignmentResponse(Response response) { - KeyVaultRoleAssignment keyVaultRoleAssignment = roleAssignmentToKeyVaultRoleAssignment(response.getValue()); + private static Response transformRoleDefinitionResponse(Response response) { + KeyVaultRoleDefinition keyVaultRoleDefinition = roleDefinitionToKeyVaultRoleDefinition(response.getValue()); - return new TransformedResponse<>(keyVaultRoleAssignment, response); + return new TransformedResponse<>(keyVaultRoleDefinition, response); } private static KeyVaultRoleDefinition roleDefinitionToKeyVaultRoleDefinition(RoleDefinition roleDefinition) { @@ -529,17 +930,27 @@ private static KeyVaultRoleDefinition roleDefinitionToKeyVaultRoleDefinition(Rol for (Permission permission : roleDefinition.getPermissions()) { keyVaultPermissions.add( - new KeyVaultPermission(permission.getActions(), permission.getDataActions(), - permission.getDataActions(), permission.getNotDataActions())); + new KeyVaultPermission(permission.getActions(), permission.getNotActions(), + permission.getDataActions().stream() + .map(dataAction -> KeyVaultDataAction.fromString(dataAction.toString())) + .collect(Collectors.toList()), + permission.getNotDataActions().stream() + .map(notDataAction -> KeyVaultDataAction.fromString(notDataAction.toString())) + .collect(Collectors.toList()))); } - return new KeyVaultRoleDefinition(roleDefinition.getId(), roleDefinition.getName(), roleDefinition.getType(), - new KeyVaultRoleDefinitionProperties(roleDefinition.getRoleName(), - roleDefinition.getDescription(), roleDefinition.getRoleType(), keyVaultPermissions, - roleDefinition.getAssignableScopes())); + return new KeyVaultRoleDefinition(roleDefinition.getId(), roleDefinition.getName(), + KeyVaultRoleDefinitionType.fromString(roleDefinition.getType().toString()), + new KeyVaultRoleDefinitionProperties(roleDefinition.getRoleName(), roleDefinition.getDescription(), + KeyVaultRoleType.fromString(roleDefinition.getRoleType().toString()), keyVaultPermissions, + roleDefinition.getAssignableScopes().stream() + .map(roleScope -> KeyVaultRoleScope.fromString(roleScope.toString())) + .collect(Collectors.toList()))); } - private static PagedResponse transformRoleAssignmentsPagedResponse(PagedResponse pagedResponse) { + private static PagedResponse transformRoleAssignmentsPagedResponse( + PagedResponse pagedResponse) { + List keyVaultRoleAssignments = new ArrayList<>(); for (RoleAssignment roleAssignment : pagedResponse.getValue()) { @@ -549,12 +960,19 @@ private static PagedResponse transformRoleAssignmentsPag return new TransformedPagedResponse<>(keyVaultRoleAssignments, pagedResponse); } + private static Response transformRoleAssignmentResponse(Response response) { + KeyVaultRoleAssignment keyVaultRoleAssignment = roleAssignmentToKeyVaultRoleAssignment(response.getValue()); + + return new TransformedResponse<>(keyVaultRoleAssignment, response); + } + private static KeyVaultRoleAssignment roleAssignmentToKeyVaultRoleAssignment(RoleAssignment roleAssignment) { RoleAssignmentPropertiesWithScope propertiesWithScope = roleAssignment.getProperties(); return new KeyVaultRoleAssignment(roleAssignment.getId(), roleAssignment.getName(), roleAssignment.getType(), new KeyVaultRoleAssignmentProperties(propertiesWithScope.getRoleDefinitionId(), - propertiesWithScope.getPrincipalId()), KeyVaultRoleScope.fromString(propertiesWithScope.getScope())); + propertiesWithScope.getPrincipalId()), + KeyVaultRoleScope.fromString(propertiesWithScope.getScope().toString())); } private static final class TransformedPagedResponse, T, U> implements PagedResponse { diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/KeyVaultAccessControlClient.java b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/KeyVaultAccessControlClient.java index c8cf21bb97e5..70be5dd7cb7d 100644 --- a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/KeyVaultAccessControlClient.java +++ b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/KeyVaultAccessControlClient.java @@ -9,10 +9,12 @@ import com.azure.core.http.rest.PagedIterable; import com.azure.core.http.rest.Response; import com.azure.core.util.Context; +import com.azure.security.keyvault.administration.models.KeyVaultAdministrationException; import com.azure.security.keyvault.administration.models.KeyVaultRoleAssignment; import com.azure.security.keyvault.administration.models.KeyVaultRoleAssignmentProperties; -import com.azure.security.keyvault.administration.models.KeyVaultRoleScope; import com.azure.security.keyvault.administration.models.KeyVaultRoleDefinition; +import com.azure.security.keyvault.administration.models.KeyVaultRoleScope; +import com.azure.security.keyvault.administration.options.SetRoleDefinitionOptions; import reactor.core.publisher.Mono; import java.util.UUID; @@ -51,8 +53,11 @@ public String getVaultUrl() { * * @param roleScope The {@link KeyVaultRoleScope roleScope} of the {@link KeyVaultRoleDefinition role * definitions}. + * * @return A {@link PagedIterable} containing the {@link KeyVaultRoleDefinition role definitions} for the given * {@link KeyVaultRoleScope roleScope}. + * + * @throws KeyVaultAdministrationException If the given {@code roleScope} is invalid. * @throws NullPointerException if the {@link KeyVaultRoleScope roleScope} is {@code null}. */ @ServiceMethod(returns = ReturnType.COLLECTION) @@ -66,8 +71,11 @@ public PagedIterable listRoleDefinitions(KeyVaultRoleSco * * @param roleScope The {@link KeyVaultRoleScope scope} of the {@link KeyVaultRoleDefinition role definitions}. * @param context Additional {@link Context} that is passed through the HTTP pipeline during the service call. + * * @return A {@link PagedIterable} containing the {@link KeyVaultRoleDefinition role definitions} for the given * {@link KeyVaultRoleScope roleScope}. + * + * @throws KeyVaultAdministrationException If the given {@code roleScope} is invalid. * @throws NullPointerException if the {@link KeyVaultRoleScope roleScope} is {@code null}. */ @ServiceMethod(returns = ReturnType.COLLECTION) @@ -75,13 +83,150 @@ public PagedIterable listRoleDefinitions(KeyVaultRoleSco return new PagedIterable<>(asyncClient.listRoleDefinitions(roleScope, context)); } + /** + * Creates a {@link KeyVaultRoleDefinition} with a randomly generated {@link String name}. + * + * @param roleScope The {@link KeyVaultRoleScope role scope} of the {@link KeyVaultRoleDefinition}. Managed HSM only + * supports '/'. + * + * @return The created {@link KeyVaultRoleDefinition}. + * + * @throws KeyVaultAdministrationException If the given {@code roleScope} is invalid. + * @throws NullPointerException If the {@link KeyVaultRoleScope role scope} is {@code null}. + */ + @ServiceMethod(returns = ReturnType.SINGLE) + public KeyVaultRoleDefinition setRoleDefinition(KeyVaultRoleScope roleScope) { + return asyncClient.setRoleDefinition(roleScope).block(); + } + + /** + * Creates or updates a {@link KeyVaultRoleDefinition}. + * + * @param roleScope The {@link KeyVaultRoleScope role scope} of the {@link KeyVaultRoleDefinition}. Managed HSM + * only supports '/'. + * @param roleDefinitionName The name of the {@link KeyVaultRoleDefinition}. It can be any valid UUID. + * + * @return The created or updated {@link KeyVaultRoleDefinition}. + * + * @throws KeyVaultAdministrationException If the given {@code roleScope} is invalid. + * @throws NullPointerException If the {@link KeyVaultRoleScope role scope} or {@link String roleDefinitionName} + * are {@code null}. + */ + @ServiceMethod(returns = ReturnType.SINGLE) + public KeyVaultRoleDefinition setRoleDefinition(KeyVaultRoleScope roleScope, String roleDefinitionName) { + return asyncClient.setRoleDefinition(roleScope, roleDefinitionName).block(); + } + + /** + * Creates or updates a {@link KeyVaultRoleDefinition}. + * + * @param options Object representing the configurable options to create or update a + * {@link KeyVaultRoleDefinition role definition}. + * @param context Additional context that is passed through the HTTP pipeline during the service call. + * + * @return A {@link Response} whose {@link Response#getValue() value} contains the created or updated + * {@link KeyVaultRoleDefinition}. + * + * @throws KeyVaultAdministrationException If any parameter in {@code options} is invalid. + * @throws NullPointerException If the {@link KeyVaultRoleScope role scope} or {@link String roleDefinitionName} + * in the {@link SetRoleDefinitionOptions options} object are {@code null}. + */ + @ServiceMethod(returns = ReturnType.SINGLE) + public Response setRoleDefinitionWithResponse(SetRoleDefinitionOptions options, + Context context) { + return asyncClient.setRoleDefinitionWithResponse(options, context).block(); + } + + /** + * Gets a {@link KeyVaultRoleDefinition}. + * + * @param roleScope The {@link KeyVaultRoleScope role scope} of the {@link KeyVaultRoleDefinition}. + * @param roleDefinitionName The name used of the {@link KeyVaultRoleDefinition}. + * + * @return The retrieved {@link KeyVaultRoleDefinition}. + * + * @throws KeyVaultAdministrationException If a {@link KeyVaultRoleDefinition role definition} with the given name cannot + * be found or if the given {@code roleScope} is invalid. + * @throws NullPointerException If the {@link KeyVaultRoleScope role scope} or {@link String roleDefinitionName} are + * {@code null}. + */ + @ServiceMethod(returns = ReturnType.SINGLE) + public KeyVaultRoleDefinition getRoleDefinition(KeyVaultRoleScope roleScope, String roleDefinitionName) { + return asyncClient.getRoleDefinition(roleScope, roleDefinitionName).block(); + } + + /** + * Gets a {@link KeyVaultRoleDefinition}. + * + * @param roleScope The {@link KeyVaultRoleScope role scope} of the {@link KeyVaultRoleDefinition}. + * @param roleDefinitionName The name of the {@link KeyVaultRoleDefinition}. + * @param context Additional context that is passed through the HTTP pipeline during the service call. + * + * @return A {@link Response} whose {@link Response#getValue() value} contains the + * retrieved {@link KeyVaultRoleDefinition}. + * + * @throws KeyVaultAdministrationException If a {@link KeyVaultRoleDefinition role definition} with the given name cannot + * be found or if the given {@code roleScope} is invalid. + * @throws NullPointerException If the {@link KeyVaultRoleScope role scope} or {@link String roleDefinitionName} are + * {@code null}. + */ + @ServiceMethod(returns = ReturnType.SINGLE) + public Response getRoleDefinitionWithResponse(KeyVaultRoleScope roleScope, + String roleDefinitionName, Context context) { + return asyncClient.getRoleDefinitionWithResponse(roleScope, roleDefinitionName, context).block(); + } + + /** + * Deletes a {@link KeyVaultRoleDefinition}. + * + * @param roleScope The {@link KeyVaultRoleScope role scope} of the {@link KeyVaultRoleDefinition}. Managed HSM + * only supports '/'. + * @param roleDefinitionName The name of the {@link KeyVaultRoleDefinition}. + * + * @return The deleted {@link KeyVaultRoleDefinition}. + * + * @throws KeyVaultAdministrationException If a {@link KeyVaultRoleDefinition role definition} with the given name cannot + * be found or if the given {@code roleScope} is invalid. + * @throws NullPointerException If the {@link KeyVaultRoleScope role scope} or {@link String roleDefinitionName} are + * {@code null}. + */ + @ServiceMethod(returns = ReturnType.SINGLE) + public KeyVaultRoleDefinition deleteRoleDefinition(KeyVaultRoleScope roleScope, String roleDefinitionName) { + return asyncClient.deleteRoleDefinition(roleScope, roleDefinitionName).block(); + } + + /** + * Deletes a {@link KeyVaultRoleDefinition}. + * + * @param roleScope The {@link KeyVaultRoleScope role scope} of the {@link KeyVaultRoleDefinition}. + * @param roleDefinitionName The name of the {@link KeyVaultRoleDefinition}. + * @param context Additional context that is passed through the HTTP pipeline during the service call. + * + * @return A {@link Response} whose {@link Response#getValue() value} contains the deleted + * {@link KeyVaultRoleDefinition}. + * + * @throws KeyVaultAdministrationException If a {@link KeyVaultRoleDefinition role definition} with the given name cannot + * be found or if the given {@code roleScope} is invalid. + * @throws NullPointerException If the {@link KeyVaultRoleScope role scope} or {@link String roleDefinitionName} are + * {@code null}. + */ + @ServiceMethod(returns = ReturnType.SINGLE) + public Response deleteRoleDefinitionWithResponse(KeyVaultRoleScope roleScope, + String roleDefinitionName, + Context context) { + return asyncClient.deleteRoleDefinitionWithResponse(roleScope, roleDefinitionName, context).block(); + } + /** * Get all {@link KeyVaultRoleAssignment role assignments} that are applicable at the given * {@link KeyVaultRoleScope role scope} and above. * * @param roleScope The {@link KeyVaultRoleScope scope} of the {@link KeyVaultRoleAssignment}. + * * @return A {@link PagedIterable} containing the {@link KeyVaultRoleAssignment role assignments} for the given * {@link KeyVaultRoleScope roleScope}. + * + * @throws KeyVaultAdministrationException If the given {@code roleScope} is invalid. * @throws NullPointerException if the {@link KeyVaultRoleScope roleScope} is {@code null}. */ @ServiceMethod(returns = ReturnType.COLLECTION) @@ -95,8 +240,11 @@ public PagedIterable listRoleAssignments(KeyVaultRoleSco * * @param roleScope The {@link KeyVaultRoleScope scope} of the {@link KeyVaultRoleAssignment}. * @param context Additional context that is passed through the HTTP pipeline during the service call. + * * @return A {@link PagedIterable} containing the {@link KeyVaultRoleAssignment role assignments} for the given * {@link KeyVaultRoleScope roleScope}. + * + * @throws KeyVaultAdministrationException If the given {@code roleScope} is invalid. * @throws NullPointerException if the {@link KeyVaultRoleScope roleScope} is {@code null}. */ @ServiceMethod(returns = ReturnType.COLLECTION) @@ -110,13 +258,18 @@ public PagedIterable listRoleAssignments(KeyVaultRoleSco * @param roleScope The {@link KeyVaultRoleScope role scope} of the {@link KeyVaultRoleAssignment} to create. * @param roleDefinitionId The {@link KeyVaultRoleDefinition role definition} ID for the role assignment. * @param principalId The principal ID assigned to the role. This maps to the ID inside the Active Directory. + * * @return A {@link Mono} containing the created {@link KeyVaultRoleAssignment}. - * @throws NullPointerException if the {@link KeyVaultRoleScope roleScope}, {@link String roleAssignmentName}, - * {@link String roleDefinitionId} or {@link String principalId} are {@code null}. + * + * @throws KeyVaultAdministrationException If the given {@code roleScope}, {@code roleDefinitionId} or {@code principalId} + * are invalid. + * @throws NullPointerException if the {@link KeyVaultRoleScope roleScope}, {@link String roleDefinitionId} or + * {@link String principalId} are {@code null}. */ @ServiceMethod(returns = ReturnType.SINGLE) - public KeyVaultRoleAssignment createRoleAssignment(KeyVaultRoleScope roleScope, String roleDefinitionId, String principalId) { - return createRoleAssignmentWithResponse(roleScope, UUID.randomUUID().toString(), roleDefinitionId, principalId, + public KeyVaultRoleAssignment createRoleAssignment(KeyVaultRoleScope roleScope, String roleDefinitionId, + String principalId) { + return createRoleAssignmentWithResponse(roleScope, roleDefinitionId, principalId, UUID.randomUUID().toString(), Context.NONE).getValue(); } @@ -127,13 +280,18 @@ public KeyVaultRoleAssignment createRoleAssignment(KeyVaultRoleScope roleScope, * @param roleAssignmentName The name used to create the {@link KeyVaultRoleAssignment}. It can be any valid UUID. * @param roleDefinitionId The {@link KeyVaultRoleDefinition role definition} ID for the role assignment. * @param principalId The principal ID assigned to the role. This maps to the ID inside the Active Directory. + * * @return The created {@link KeyVaultRoleAssignment}. + * + * @throws KeyVaultAdministrationException If a {@link KeyVaultRoleAssignment role assignment} with the given name already + * exists or if the given {@code roleScope}, {@code roleDefinitionId} or {@code principalId} are invalid. * @throws NullPointerException if the {@link KeyVaultRoleScope roleScope}, {@link String roleAssignmentName} or * {@link KeyVaultRoleAssignmentProperties properties} are {@code null}. */ @ServiceMethod(returns = ReturnType.SINGLE) - public KeyVaultRoleAssignment createRoleAssignment(KeyVaultRoleScope roleScope, String roleAssignmentName, String roleDefinitionId, String principalId) { - return createRoleAssignmentWithResponse(roleScope, roleAssignmentName, roleDefinitionId, principalId, + public KeyVaultRoleAssignment createRoleAssignment(KeyVaultRoleScope roleScope, String roleDefinitionId, + String principalId, String roleAssignmentName) { + return createRoleAssignmentWithResponse(roleScope, roleDefinitionId, principalId, roleAssignmentName, Context.NONE).getValue(); } @@ -145,15 +303,23 @@ public KeyVaultRoleAssignment createRoleAssignment(KeyVaultRoleScope roleScope, * @param roleDefinitionId The {@link KeyVaultRoleDefinition role definition} ID for the role assignment. * @param principalId The principal ID assigned to the role. This maps to the ID inside the Active Directory. * @param context Additional context that is passed through the HTTP pipeline during the service call. + * * @return A {@link Mono} containing a {@link Response} whose {@link Response#getValue() value} contains the created * {@link KeyVaultRoleAssignment}. + * + * @throws KeyVaultAdministrationException If a {@link KeyVaultRoleAssignment role assignment} with the given name already + * exists or if the given {@code roleScope}, {@code roleDefinitionId} or {@code principalId} are invalid. * @throws NullPointerException if the {@link KeyVaultRoleScope roleScope}, {@link String roleAssignmentName} or * {@link KeyVaultRoleAssignmentProperties properties} are {@code null}. */ @ServiceMethod(returns = ReturnType.SINGLE) - public Response createRoleAssignmentWithResponse(KeyVaultRoleScope roleScope, String roleAssignmentName, String roleDefinitionId, String principalId, Context context) { - return asyncClient.createRoleAssignmentWithResponse(roleScope, roleAssignmentName, roleDefinitionId, - principalId, context).block(); + public Response createRoleAssignmentWithResponse(KeyVaultRoleScope roleScope, + String roleDefinitionId, + String principalId, + String roleAssignmentName, + Context context) { + return asyncClient.createRoleAssignmentWithResponse(roleScope, roleDefinitionId, principalId, + roleAssignmentName, context).block(); } /** @@ -161,7 +327,11 @@ public Response createRoleAssignmentWithResponse(KeyVaul * * @param roleScope The {@link KeyVaultRoleScope role scope} of the {@link KeyVaultRoleAssignment}. * @param roleAssignmentName The name of the {@link KeyVaultRoleAssignment}. + * * @return The {@link KeyVaultRoleAssignment}. + * + * @throws KeyVaultAdministrationException If a {@link KeyVaultRoleAssignment role assignment} with the given name cannot + * be found or if the given {@code roleScope} is invalid. * @throws NullPointerException if the {@link KeyVaultRoleScope roleScope} or {@link String roleAssignmentName} are * {@code null}. */ @@ -176,12 +346,17 @@ public KeyVaultRoleAssignment getRoleAssignment(KeyVaultRoleScope roleScope, Str * @param roleScope The {@link KeyVaultRoleScope role scope} of the {@link KeyVaultRoleAssignment}. * @param roleAssignmentName The name of the {@link KeyVaultRoleAssignment}. * @param context Additional context that is passed through the HTTP pipeline during the service call. + * * @return The {@link KeyVaultRoleAssignment}. + * + * @throws KeyVaultAdministrationException If a {@link KeyVaultRoleAssignment role assignment} with the given name cannot + * be found or if the given {@code roleScope} is invalid. * @throws NullPointerException if the {@link KeyVaultRoleScope roleScope} or {@link String roleAssignmentName} are * {@code null}. */ @ServiceMethod(returns = ReturnType.SINGLE) - public Response getRoleAssignmentWithResponse(KeyVaultRoleScope roleScope, String roleAssignmentName, Context context) { + public Response getRoleAssignmentWithResponse(KeyVaultRoleScope roleScope, + String roleAssignmentName, Context context) { return asyncClient.getRoleAssignmentWithResponse(roleScope, roleAssignmentName, context).block(); } @@ -190,7 +365,11 @@ public Response getRoleAssignmentWithResponse(KeyVaultRo * * @param roleScope The {@link KeyVaultRoleScope role scope} of the {@link KeyVaultRoleAssignment}. * @param roleAssignmentName The name of the {@link KeyVaultRoleAssignment}. + * * @return The {@link KeyVaultRoleAssignment}. + * + * @throws KeyVaultAdministrationException If a {@link KeyVaultRoleAssignment role assignment} with the given name cannot + * be found or if the given {@code roleScope} is invalid. * @throws NullPointerException if the {@link KeyVaultRoleScope roleScope} or {@link String roleAssignmentName} are * {@code null}. */ @@ -205,12 +384,18 @@ public KeyVaultRoleAssignment deleteRoleAssignment(KeyVaultRoleScope roleScope, * @param roleScope The {@link KeyVaultRoleScope role scope} of the {@link KeyVaultRoleAssignment}. * @param roleAssignmentName The name of the {@link KeyVaultRoleAssignment}. * @param context Additional context that is passed through the HTTP pipeline during the service call. + * * @return The {@link KeyVaultRoleAssignment}. + * + * @throws KeyVaultAdministrationException If a {@link KeyVaultRoleAssignment role assignment} with the given name cannot + * be found or if the given {@code roleScope} is invalid. * @throws NullPointerException if the {@link KeyVaultRoleScope roleScope} or {@link String roleAssignmentName} are * {@code null}. */ @ServiceMethod(returns = ReturnType.SINGLE) - public Response deleteRoleAssignmentWithResponse(KeyVaultRoleScope roleScope, String roleAssignmentName, Context context) { + public Response deleteRoleAssignmentWithResponse(KeyVaultRoleScope roleScope, + String roleAssignmentName, + Context context) { return asyncClient.deleteRoleAssignmentWithResponse(roleScope, roleAssignmentName, context).block(); } } diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/KeyVaultBackupAsyncClient.java b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/KeyVaultBackupAsyncClient.java index 8b5b437cfa13..6cec332245f5 100644 --- a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/KeyVaultBackupAsyncClient.java +++ b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/KeyVaultBackupAsyncClient.java @@ -19,7 +19,6 @@ import com.azure.security.keyvault.administration.implementation.KeyVaultBackupClientImpl; import com.azure.security.keyvault.administration.implementation.KeyVaultBackupClientImplBuilder; import com.azure.security.keyvault.administration.implementation.KeyVaultErrorCodeStrings; -import com.azure.security.keyvault.administration.implementation.models.Error; import com.azure.security.keyvault.administration.implementation.models.FullBackupOperation; import com.azure.security.keyvault.administration.implementation.models.RestoreOperation; import com.azure.security.keyvault.administration.implementation.models.RestoreOperationParameters; @@ -27,7 +26,7 @@ import com.azure.security.keyvault.administration.implementation.models.SelectiveKeyRestoreOperation; import com.azure.security.keyvault.administration.implementation.models.SelectiveKeyRestoreOperationParameters; import com.azure.security.keyvault.administration.models.KeyVaultBackupOperation; -import com.azure.security.keyvault.administration.models.KeyVaultError; +import com.azure.security.keyvault.administration.models.KeyVaultAdministrationException; import com.azure.security.keyvault.administration.models.KeyVaultLongRunningOperation; import com.azure.security.keyvault.administration.models.KeyVaultRestoreOperation; import reactor.core.publisher.Mono; @@ -44,6 +43,7 @@ import static com.azure.core.util.FluxUtil.monoError; import static com.azure.core.util.FluxUtil.withContext; import static com.azure.core.util.tracing.Tracer.AZ_TRACING_NAMESPACE_KEY; +import static com.azure.security.keyvault.administration.implementation.KeyVaultAdministrationUtils.createKeyVaultErrorFromError; /** * The {@link KeyVaultBackupAsyncClient} provides asynchronous methods to perform full backup and restore of an Azure @@ -89,7 +89,8 @@ static Duration getDefaultPollingInterval() { /** * Package private constructor to be used by {@link KeyVaultBackupClientBuilder}. */ - KeyVaultBackupAsyncClient(URL vaultUrl, HttpPipeline httpPipeline, KeyVaultAdministrationServiceVersion serviceVersion) { + KeyVaultBackupAsyncClient(URL vaultUrl, HttpPipeline httpPipeline, + KeyVaultAdministrationServiceVersion serviceVersion) { Objects.requireNonNull(vaultUrl, KeyVaultErrorCodeStrings.getErrorString(KeyVaultErrorCodeStrings.VAULT_END_POINT_REQUIRED)); @@ -99,6 +100,7 @@ static Duration getDefaultPollingInterval() { clientImpl = new KeyVaultBackupClientImplBuilder() .pipeline(httpPipeline) + .apiVersion(this.serviceVersion) .buildClient(); } @@ -125,8 +127,11 @@ HttpPipeline getHttpPipeline() { * * @param blobStorageUrl The URL for the Blob Storage resource where the backup will be located. * @param sasToken A Shared Access Signature (SAS) token to authorize access to the blob. + * * @return A {@link PollerFlux} polling on the {@link KeyVaultBackupOperation backup operation} status. - * @throws NullPointerException if the {@code blobStorageUrl} or {@code sasToken} are {@code null}. + * + * @throws KeyVaultAdministrationException If the given {@code blobStorageUrl} or {@code sasToken} are invalid. + * @throws NullPointerException If the {@code blobStorageUrl} or {@code sasToken} are {@code null}. */ @ServiceMethod(returns = ReturnType.LONG_RUNNING_OPERATION) public PollerFlux beginBackup(String blobStorageUrl, String sasToken) { @@ -139,17 +144,26 @@ public PollerFlux beginBackup(String blobStorag * @param blobStorageUrl The URL for the Blob Storage resource where the backup will be located. * @param sasToken A Shared Access Signature (SAS) token to authorize access to the blob. * @param pollingInterval The interval at which the operation status will be polled for. + * * @return A {@link PollerFlux} polling on the {@link KeyVaultBackupOperation backup operation} status. - * @throws NullPointerException if the {@code blobStorageUrl} or {@code sasToken} are {@code null}. + * + * @throws KeyVaultAdministrationException If the given {@code blobStorageUrl} or {@code sasToken} are invalid. + * @throws NullPointerException If the {@code blobStorageUrl} or {@code sasToken} are {@code null}. */ @ServiceMethod(returns = ReturnType.LONG_RUNNING_OPERATION) - public PollerFlux beginBackup(String blobStorageUrl, String sasToken, Duration pollingInterval) { - Objects.requireNonNull(blobStorageUrl, - String.format(KeyVaultErrorCodeStrings.getErrorString(KeyVaultErrorCodeStrings.PARAMETER_REQUIRED), - "'blobStorageUrl'")); - Objects.requireNonNull(sasToken, - String.format(KeyVaultErrorCodeStrings.getErrorString(KeyVaultErrorCodeStrings.PARAMETER_REQUIRED), - "'sasToken'")); + public PollerFlux beginBackup(String blobStorageUrl, String sasToken, + Duration pollingInterval) { + if (blobStorageUrl == null) { + throw logger.logExceptionAsError(new NullPointerException( + String.format(KeyVaultErrorCodeStrings.getErrorString(KeyVaultErrorCodeStrings.PARAMETER_REQUIRED), + "'blobStorageUrl'"))); + } + + if (sasToken == null) { + throw logger.logExceptionAsError(new NullPointerException( + String.format(KeyVaultErrorCodeStrings.getErrorString(KeyVaultErrorCodeStrings.PARAMETER_REQUIRED), + "'sasToken'"))); + } return new PollerFlux<>(pollingInterval, backupActivationOperation(blobStorageUrl, sasToken), @@ -164,9 +178,13 @@ public PollerFlux beginBackup(String blobStorag * @param blobStorageUrl The URL for the Blob Storage resource where the backup will be located. * @param sasToken A Shared Access Signature (SAS) token to authorize access to the blob. * @param context Additional context that is passed through the HTTP pipeline during the service call. + * * @return A {@link PollerFlux} polling on the {@link KeyVaultBackupOperation backup operation} status. + * + * @throws KeyVaultAdministrationException If the given {@code blobStorageUrl} or {@code sasToken} are invalid. */ - Mono> backupWithResponse(String blobStorageUrl, String sasToken, Context context) { + Mono> backupWithResponse(String blobStorageUrl, String sasToken, + Context context) { SASTokenParameter sasTokenParameter = new SASTokenParameter() .setStorageResourceUri(blobStorageUrl) .setToken(sasToken); @@ -187,7 +205,9 @@ Mono> backupWithResponse(String blobStorageUrl } } - private Function, Mono> backupActivationOperation(String blobStorageUrl, String sasToken) { + private Function, Mono> backupActivationOperation( + String blobStorageUrl, String sasToken) { + return (pollingContext) -> { try { return withContext(context -> backupWithResponse(blobStorageUrl, sasToken, context)) @@ -253,7 +273,9 @@ private Function, Mono> backupFe }; } - private static Mono> processBackupOperationResponse(Response response) { + private static Mono> processBackupOperationResponse( + Response response) { + String operationStatus = response.getValue().getStatus().toLowerCase(Locale.US); return Mono.just(new PollResponse<>( @@ -277,40 +299,54 @@ private static LongRunningOperationStatus toLongRunningOperationStatus(String op /** * Initiates a full restore of the Key Vault. * - * @param backupFolderUrl The URL for the Blob Storage resource where the backup is located, including the path to + * @param folderUrl The URL for the Blob Storage resource where the backup is located, including the path to * the blob container where the backup resides. This would be the exact value that is returned as the result of a - * backup operation. An example of such a URL may look like the following: https://contoso.blob.core.windows.net/backup/mhsm-contoso-2020090117323313. + * backup operation. An example of such a URL may look like the following: + * https://contoso.blob.core.windows.net/backup/mhsm-contoso-2020090117323313. * @param sasToken A Shared Access Signature (SAS) token to authorize access to the blob. + * * @return A {@link PollerFlux} polling on the {@link KeyVaultRestoreOperation restore operation} status. - * @throws NullPointerException if the {@code backupFolderUrl} or {@code sasToken} are {@code null}. + * + * @throws KeyVaultAdministrationException If the given {@code folderUrl} or {@code sasToken} are invalid. + * @throws NullPointerException If the {@code folderUrl} or {@code sasToken} are {@code null}. */ @ServiceMethod(returns = ReturnType.LONG_RUNNING_OPERATION) - public PollerFlux beginRestore(String backupFolderUrl, String sasToken) { - return beginRestore(backupFolderUrl, sasToken, getDefaultPollingInterval()); + public PollerFlux beginRestore(String folderUrl, String sasToken) { + return beginRestore(folderUrl, sasToken, getDefaultPollingInterval()); } /** * Initiates a full restore of the Key Vault. * - * @param backupFolderUrl The URL for the Blob Storage resource where the backup is located, including the path to + * @param folderUrl The URL for the Blob Storage resource where the backup is located, including the path to * the blob container where the backup resides. This would be the exact value that is returned as the result of a - * backup operation. An example of such a URL may look like the following: https://contoso.blob.core.windows.net/backup/mhsm-contoso-2020090117323313. + * backup operation. An example of such a URL may look like the following: + * https://contoso.blob.core.windows.net/backup/mhsm-contoso-2020090117323313. * @param sasToken A Shared Access Signature (SAS) token to authorize access to the blob. * @param pollingInterval The interval at which the operation status will be polled for. + * * @return A {@link PollerFlux} polling on the {@link KeyVaultRestoreOperation restore operation} status. - * @throws NullPointerException if the {@code backupFolderUrl} or {@code sasToken} are {@code null}. + * + * @throws KeyVaultAdministrationException If the given {@code folderUrl} or {@code sasToken} are invalid. + * @throws NullPointerException If the {@code folderUrl} or {@code sasToken} are {@code null}. */ @ServiceMethod(returns = ReturnType.LONG_RUNNING_OPERATION) - public PollerFlux beginRestore(String backupFolderUrl, String sasToken, Duration pollingInterval) { - Objects.requireNonNull(backupFolderUrl, - String.format(KeyVaultErrorCodeStrings.getErrorString(KeyVaultErrorCodeStrings.PARAMETER_REQUIRED), - "'backupFolderUrl'")); - Objects.requireNonNull(sasToken, - String.format(KeyVaultErrorCodeStrings.getErrorString(KeyVaultErrorCodeStrings.PARAMETER_REQUIRED), - "'sasToken'")); + public PollerFlux beginRestore(String folderUrl, String sasToken, + Duration pollingInterval) { + if (folderUrl == null) { + throw logger.logExceptionAsError(new NullPointerException( + String.format(KeyVaultErrorCodeStrings.getErrorString(KeyVaultErrorCodeStrings.PARAMETER_REQUIRED), + "'folderUrl'"))); + } + + if (sasToken == null) { + throw logger.logExceptionAsError(new NullPointerException( + String.format(KeyVaultErrorCodeStrings.getErrorString(KeyVaultErrorCodeStrings.PARAMETER_REQUIRED), + "'sasToken'"))); + } return new PollerFlux<>(pollingInterval, - restoreActivationOperation(backupFolderUrl, sasToken), + restoreActivationOperation(folderUrl, sasToken), restorePollOperation(), (pollingContext, firstResponse) -> Mono.empty(), (pollingContext) -> Mono.empty()); @@ -319,17 +355,21 @@ public PollerFlux beginRestore(String backupFold /** * Initiates a full restore of the Key Vault. * - * @param backupFolderUrl The URL for the Blob Storage resource where the backup is located, including the path to + * @param folderUrl The URL for the Blob Storage resource where the backup is located, including the path to * the blob container where the backup resides. This would be the exact value that is returned as the result of a - * backup operation. An example of such a URL may look like the following: https://contoso.blob.core.windows.net/backup/mhsm-contoso-2020090117323313. + * backup operation. An example of such a URL may look like the following: + * https://contoso.blob.core.windows.net/backup/mhsm-contoso-2020090117323313. * @param sasToken A Shared Access Signature (SAS) token to authorize access to the blob. * @param context Additional context that is passed through the HTTP pipeline during the service call. + * * @return A {@link PollerFlux} polling on the {@link KeyVaultRestoreOperation backup operation} status. + * + * @throws KeyVaultAdministrationException If the given {@code folderUrl} or {@code sasToken} are invalid. */ - Mono> restoreWithResponse(String backupFolderUrl, String sasToken, Context context) { - String[] segments = backupFolderUrl.split("/"); + Mono> restoreWithResponse(String folderUrl, String sasToken, Context context) { + String[] segments = folderUrl.split("/"); String folderName = segments[segments.length - 1]; - String containerUrl = backupFolderUrl.substring(0, backupFolderUrl.length() - folderName.length()); + String containerUrl = folderUrl.substring(0, folderUrl.length() - folderName.length()); SASTokenParameter sasTokenParameter = new SASTokenParameter() .setStorageResourceUri(containerUrl) @@ -342,10 +382,10 @@ Mono> restoreWithResponse(String backupFolder try { return clientImpl.fullRestoreOperationWithResponseAsync(vaultUrl, restoreOperationParameters, context.addData(AZ_TRACING_NAMESPACE_KEY, KEYVAULT_TRACING_NAMESPACE_VALUE)) - .doOnRequest(ignored -> logger.verbose("Restoring from location - {}", backupFolderUrl)) - .doOnSuccess(response -> logger.verbose("Restored from location - {}", backupFolderUrl)) + .doOnRequest(ignored -> logger.verbose("Restoring from location - {}", folderUrl)) + .doOnSuccess(response -> logger.verbose("Restored from location - {}", folderUrl)) .doOnError(error -> - logger.warning("Failed to restore from location - {}", backupFolderUrl, error)) + logger.warning("Failed to restore from location - {}", folderUrl, error)) .map(restoreOperationResponse -> new SimpleResponse<>(restoreOperationResponse.getRequest(), restoreOperationResponse.getStatusCode(), @@ -357,10 +397,10 @@ Mono> restoreWithResponse(String backupFolder } } - private Function, Mono> restoreActivationOperation(String backupFolderUrl, String sasToken) { + private Function, Mono> restoreActivationOperation(String folderUrl, String sasToken) { return (pollingContext) -> { try { - return withContext(context -> restoreWithResponse(backupFolderUrl, sasToken, context)) + return withContext(context -> restoreWithResponse(folderUrl, sasToken, context)) .flatMap(restoreResponse -> Mono.just(restoreResponse.getValue())); } catch (RuntimeException e) { return monoError(logger, e); @@ -407,7 +447,9 @@ private Function, Mono> processRestoreOperationResponse(Response response) { + private static Mono> processRestoreOperationResponse( + Response response) { + String operationStatus = response.getValue().getStatus().toLowerCase(Locale.US); return Mono.just(new PollResponse<>( @@ -419,17 +461,23 @@ private static Mono> processRestoreOperat * storage backup folder. * * @param keyName The name of the key to be restored. - * @param backupFolderUrl The URL for the Blob Storage resource where the backup is located, including the path to + * @param folderUrl The URL for the Blob Storage resource where the backup is located, including the path to * the blob container where the backup resides. This would be the exact value that is returned as the result of a - * backup operation. An example of such a URL may look like the following: https://contoso.blob.core.windows.net/backup/mhsm-contoso-2020090117323313. + * backup operation. An example of such a URL may look like the following: + * https://contoso.blob.core.windows.net/backup/mhsm-contoso-2020090117323313. * @param sasToken A Shared Access Signature (SAS) token to authorize access to the blob. + * * @return A {@link PollerFlux} polling on the {@link KeyVaultRestoreOperation restore operation} status. - * @throws NullPointerException if the {@code keyName}, {@code backupFolderUrl} or {@code sasToken} are {@code + * + * @throws KeyVaultAdministrationException If the given {@code keyName}, {@code folderUrl} or {@code sasToken} are + * invalid. + * @throws NullPointerException If the {@code keyName}, {@code folderUrl} or {@code sasToken} are {@code * null}. */ @ServiceMethod(returns = ReturnType.LONG_RUNNING_OPERATION) - public PollerFlux beginSelectiveRestore(String keyName, String backupFolderUrl, String sasToken) { - return beginSelectiveRestore(keyName, backupFolderUrl, sasToken, getDefaultPollingInterval()); + public PollerFlux beginSelectiveRestore(String keyName, String folderUrl, + String sasToken) { + return beginSelectiveRestore(keyName, folderUrl, sasToken, getDefaultPollingInterval()); } /** @@ -437,29 +485,43 @@ public PollerFlux beginSelectiveRestore(String k * storage backup folder. * * @param keyName The name of the key to be restored. - * @param backupFolderUrl The URL for the Blob Storage resource where the backup is located, including the path to + * @param folderUrl The URL for the Blob Storage resource where the backup is located, including the path to * the blob container where the backup resides. This would be the exact value that is returned as the result of a - * backup operation. An example of such a URL may look like the following: https://contoso.blob.core.windows.net/backup/mhsm-contoso-2020090117323313. + * backup operation. An example of such a URL may look like the following: + * https://contoso.blob.core.windows.net/backup/mhsm-contoso-2020090117323313. * @param sasToken A Shared Access Signature (SAS) token to authorize access to the blob. * @param pollingInterval The interval at which the operation status will be polled for. + * * @return A {@link PollerFlux} polling on the {@link KeyVaultRestoreOperation restore operation} status. - * @throws NullPointerException if the {@code keyName}, {@code backupFolderUrl} or {@code sasToken} are {@code + * + * @throws KeyVaultAdministrationException If the given {@code keyName}, {@code folderUrl} or {@code sasToken} are + * invalid. + * @throws NullPointerException If the {@code keyName}, {@code folderUrl} or {@code sasToken} are {@code * null}. */ @ServiceMethod(returns = ReturnType.LONG_RUNNING_OPERATION) - public PollerFlux beginSelectiveRestore(String keyName, String backupFolderUrl, String sasToken, Duration pollingInterval) { - Objects.requireNonNull(keyName, - String.format(KeyVaultErrorCodeStrings.getErrorString(KeyVaultErrorCodeStrings.PARAMETER_REQUIRED), - "'keyName'")); - Objects.requireNonNull(backupFolderUrl, - String.format(KeyVaultErrorCodeStrings.getErrorString(KeyVaultErrorCodeStrings.PARAMETER_REQUIRED), - "'backupFolderUrl'")); - Objects.requireNonNull(sasToken, - String.format(KeyVaultErrorCodeStrings.getErrorString(KeyVaultErrorCodeStrings.PARAMETER_REQUIRED), - "'sasToken'")); + public PollerFlux beginSelectiveRestore(String keyName, String folderUrl, + String sasToken, Duration pollingInterval) { + if (keyName == null) { + throw logger.logExceptionAsError(new NullPointerException( + String.format(KeyVaultErrorCodeStrings.getErrorString(KeyVaultErrorCodeStrings.PARAMETER_REQUIRED), + "'keyName'"))); + } + + if (folderUrl == null) { + throw logger.logExceptionAsError(new NullPointerException( + String.format(KeyVaultErrorCodeStrings.getErrorString(KeyVaultErrorCodeStrings.PARAMETER_REQUIRED), + "'folderUrl'"))); + } + + if (sasToken == null) { + throw logger.logExceptionAsError(new NullPointerException( + String.format(KeyVaultErrorCodeStrings.getErrorString(KeyVaultErrorCodeStrings.PARAMETER_REQUIRED), + "'sasToken'"))); + } return new PollerFlux<>(pollingInterval, - selectiveRestoreActivationOperation(keyName, backupFolderUrl, sasToken), + selectiveRestoreActivationOperation(keyName, folderUrl, sasToken), selectiveRestorePollOperation(), (pollingContext, firstResponse) -> Mono.empty(), (pollingContext) -> Mono.empty()); @@ -470,17 +532,20 @@ public PollerFlux beginSelectiveRestore(String k * storage backup folder. * * @param keyName The name of the key to be restored. - * @param backupFolderUrl The URL for the Blob Storage resource where the backup is located, including the path to + * @param folderUrl The URL for the Blob Storage resource where the backup is located, including the path to * the blob container where the backup resides. This would be the exact value that is returned as the result of a - * backup operation. An example of such a URL may look like the following: https://contoso.blob.core.windows.net/backup/mhsm-contoso-2020090117323313. + * backup operation. An example of such a URL may look like the following: + * https://contoso.blob.core.windows.net/backup/mhsm-contoso-2020090117323313. * @param sasToken A Shared Access Signature (SAS) token to authorize access to the blob. * @param context Additional context that is passed through the HTTP pipeline during the service call. + * * @return A {@link PollerFlux} polling on the {@link KeyVaultRestoreOperation backup operation} status. */ - Mono> selectiveRestoreWithResponse(String keyName, String backupFolderUrl, String sasToken, Context context) { - String[] segments = backupFolderUrl.split("/"); + Mono> selectiveRestoreWithResponse(String keyName, String folderUrl, + String sasToken, Context context) { + String[] segments = folderUrl.split("/"); String folderName = segments[segments.length - 1]; - String containerUrl = backupFolderUrl.substring(0, backupFolderUrl.length() - folderName.length()); + String containerUrl = folderUrl.substring(0, folderUrl.length() - folderName.length()); SASTokenParameter sasTokenParameter = new SASTokenParameter() .setStorageResourceUri(containerUrl) @@ -496,11 +561,11 @@ Mono> selectiveRestoreWithResponse(String key selectiveKeyRestoreOperationParameters, context.addData(AZ_TRACING_NAMESPACE_KEY, KEYVAULT_TRACING_NAMESPACE_VALUE)) .doOnRequest(ignored -> - logger.verbose("Restoring key \"{}\" from location - {}", keyName, backupFolderUrl)) + logger.verbose("Restoring key \"{}\" from location - {}", keyName, folderUrl)) .doOnSuccess(response -> - logger.verbose("Restored key \"{}\" from location - {}", keyName, backupFolderUrl)) + logger.verbose("Restored key \"{}\" from location - {}", keyName, folderUrl)) .doOnError(error -> - logger.warning("Failed to restore key \"{}\" from location - {}", keyName, backupFolderUrl, error)) + logger.warning("Failed to restore key \"{}\" from location - {}", keyName, folderUrl, error)) .map(restoreOperationResponse -> new SimpleResponse<>(restoreOperationResponse.getRequest(), restoreOperationResponse.getStatusCode(), @@ -512,10 +577,10 @@ Mono> selectiveRestoreWithResponse(String key } } - private Function, Mono> selectiveRestoreActivationOperation(String keyName, String backupFolderUrl, String sasToken) { + private Function, Mono> selectiveRestoreActivationOperation(String keyName, String folderUrl, String sasToken) { return (pollingContext) -> { try { - return withContext(context -> selectiveRestoreWithResponse(keyName, backupFolderUrl, sasToken, context)) + return withContext(context -> selectiveRestoreWithResponse(keyName, folderUrl, sasToken, context)) .flatMap(selectiveKeyRestoreResponse -> Mono.just(selectiveKeyRestoreResponse.getValue())); } catch (RuntimeException e) { return monoError(logger, e); @@ -592,15 +657,6 @@ private static KeyVaultLongRunningOperation transformToLongRunningOperation( } } - private static KeyVaultError createKeyVaultErrorFromError(Error error) { - if (error == null) { - return null; - } - - return - new KeyVaultError(error.getCode(), error.getMessage(), createKeyVaultErrorFromError(error.getInnerError())); - } - private static OffsetDateTime longToOffsetDateTime(Long epochInSeconds) { return epochInSeconds == null ? null : OffsetDateTime.ofInstant(Instant.ofEpochSecond(epochInSeconds), ZoneOffset.UTC); diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/KeyVaultBackupClient.java b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/KeyVaultBackupClient.java index 86258c2ca359..f443032c74da 100644 --- a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/KeyVaultBackupClient.java +++ b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/KeyVaultBackupClient.java @@ -8,6 +8,7 @@ import com.azure.core.annotation.ServiceMethod; import com.azure.core.util.polling.SyncPoller; import com.azure.security.keyvault.administration.models.KeyVaultBackupOperation; +import com.azure.security.keyvault.administration.models.KeyVaultAdministrationException; import com.azure.security.keyvault.administration.models.KeyVaultRestoreOperation; import java.time.Duration; @@ -43,8 +44,11 @@ public String getVaultUrl() { * * @param blobStorageUrl The URL for the Blob Storage resource where the backup will be located. * @param sasToken A Shared Access Signature (SAS) token to authorize access to the blob. + * * @return A {@link SyncPoller} polling on the {@link KeyVaultBackupOperation backup operation} status. - * @throws NullPointerException if the {@code blobStorageUrl} or {@code sasToken} are {@code null}. + * + * @throws KeyVaultAdministrationException If the given {@code blobStorageUrl} or {@code sasToken} are invalid. + * @throws NullPointerException If the {@code blobStorageUrl} or {@code sasToken} are {@code null}. */ @ServiceMethod(returns = ReturnType.LONG_RUNNING_OPERATION) public SyncPoller beginBackup(String blobStorageUrl, String sasToken) { @@ -57,43 +61,56 @@ public SyncPoller beginBackup(String blobStorag * @param blobStorageUrl The URL for the Blob Storage resource where the backup will be located. * @param sasToken A Shared Access Signature (SAS) token to authorize access to the blob. * @param pollingInterval The interval at which the operation status will be polled for. + * * @return A {@link SyncPoller} polling on the {@link KeyVaultBackupOperation backup operation} status. - * @throws NullPointerException if the {@code blobStorageUrl} or {@code sasToken} are {@code null}. + * + * @throws KeyVaultAdministrationException If the given {@code blobStorageUrl} or {@code sasToken} are invalid. + * @throws NullPointerException If the {@code blobStorageUrl} or {@code sasToken} are {@code null}. */ @ServiceMethod(returns = ReturnType.LONG_RUNNING_OPERATION) - public SyncPoller beginBackup(String blobStorageUrl, String sasToken, Duration pollingInterval) { + public SyncPoller beginBackup(String blobStorageUrl, String sasToken, + Duration pollingInterval) { return asyncClient.beginBackup(blobStorageUrl, sasToken, pollingInterval).getSyncPoller(); } /** * Initiates a full restore of the Key Vault. * - * @param backupFolderUrl The URL for the Blob Storage resource where the backup is located, including the path to + * @param folderUrl The URL for the Blob Storage resource where the backup is located, including the path to * the blob container where the backup resides. This would be the exact value that is returned as the result of a - * backup operation. An example of such a URL may look like the following: https://contoso.blob.core.windows.net/backup/mhsm-contoso-2020090117323313. + * backup operation. An example of such a URL may look like the following: + * https://contoso.blob.core.windows.net/backup/mhsm-contoso-2020090117323313. * @param sasToken A Shared Access Signature (SAS) token to authorize access to the blob. + * * @return A {@link SyncPoller} to poll on the {@link KeyVaultRestoreOperation restore operation} status. - * @throws NullPointerException if the {@code backupFolderUrl} or {@code sasToken} are {@code null}. + * + * @throws KeyVaultAdministrationException If the given {@code folderUrl} or {@code sasToken} are invalid. + * @throws NullPointerException If the {@code folderUrl} or {@code sasToken} are {@code null}. */ @ServiceMethod(returns = ReturnType.LONG_RUNNING_OPERATION) - public SyncPoller beginRestore(String backupFolderUrl, String sasToken) { - return asyncClient.beginRestore(backupFolderUrl, sasToken).getSyncPoller(); + public SyncPoller beginRestore(String folderUrl, String sasToken) { + return asyncClient.beginRestore(folderUrl, sasToken).getSyncPoller(); } /** * Initiates a full restore of the Key Vault. * - * @param backupFolderUrl The URL for the Blob Storage resource where the backup is located, including the path to + * @param folderUrl The URL for the Blob Storage resource where the backup is located, including the path to * the blob container where the backup resides. This would be the exact value that is returned as the result of a - * backup operation. An example of such a URL may look like the following: https://contoso.blob.core.windows.net/backup/mhsm-contoso-2020090117323313. + * backup operation. An example of such a URL may look like the following: + * https://contoso.blob.core.windows.net/backup/mhsm-contoso-2020090117323313. * @param sasToken A Shared Access Signature (SAS) token to authorize access to the blob. * @param pollingInterval The interval at which the operation status will be polled for. + * * @return A {@link SyncPoller} to poll on the {@link KeyVaultRestoreOperation restore operation} status. - * @throws NullPointerException if the {@code backupFolderUrl} or {@code sasToken} are {@code null}. + * + * @throws KeyVaultAdministrationException If the given {@code folderUrl} or {@code sasToken} are invalid. + * @throws NullPointerException If the {@code folderUrl} or {@code sasToken} are {@code null}. */ @ServiceMethod(returns = ReturnType.LONG_RUNNING_OPERATION) - public SyncPoller beginRestore(String backupFolderUrl, String sasToken, Duration pollingInterval) { - return asyncClient.beginRestore(backupFolderUrl, sasToken, pollingInterval).getSyncPoller(); + public SyncPoller beginRestore(String folderUrl, String sasToken, + Duration pollingInterval) { + return asyncClient.beginRestore(folderUrl, sasToken, pollingInterval).getSyncPoller(); } /** @@ -101,17 +118,22 @@ public SyncPoller beginRestore(String backupFold * storage backup folder. * * @param keyName The name of the key to be restored. - * @param backupFolderUrl The URL for the Blob Storage resource where the backup is located, including the path to + * @param folderUrl The URL for the Blob Storage resource where the backup is located, including the path to * the blob container where the backup resides. This would be the exact value that is returned as the result of a - * backup operation. An example of such a URL may look like the following: https://contoso.blob.core.windows.net/backup/mhsm-contoso-2020090117323313. + * backup operation. An example of such a URL may look like the following: + * https://contoso.blob.core.windows.net/backup/mhsm-contoso-2020090117323313. * @param sasToken A Shared Access Signature (SAS) token to authorize access to the blob. + * * @return A {@link SyncPoller} to poll on the {@link KeyVaultRestoreOperation restore operation} status. - * @throws NullPointerException if the {@code keyName}, {@code backupFolderUrl} or {@code sasToken} are {@code + * + * @throws KeyVaultAdministrationException If the given {@code folderUrl} or {@code sasToken} are invalid. + * @throws NullPointerException If the {@code keyName}, {@code folderUrl} or {@code sasToken} are {@code * null}. */ @ServiceMethod(returns = ReturnType.LONG_RUNNING_OPERATION) - public SyncPoller beginSelectiveRestore(String keyName, String backupFolderUrl, String sasToken) { - return asyncClient.beginSelectiveRestore(keyName, backupFolderUrl, sasToken).getSyncPoller(); + public SyncPoller beginSelectiveRestore(String keyName, String folderUrl, + String sasToken) { + return asyncClient.beginSelectiveRestore(keyName, folderUrl, sasToken).getSyncPoller(); } /** @@ -119,17 +141,22 @@ public SyncPoller beginSelectiveRestore(String k * storage backup folder. * * @param keyName The name of the key to be restored. - * @param backupFolderUrl The URL for the Blob Storage resource where the backup is located, including the path to + * @param folderUrl The URL for the Blob Storage resource where the backup is located, including the path to * the blob container where the backup resides. This would be the exact value that is returned as the result of a - * backup operation. An example of such a URL may look like the following: https://contoso.blob.core.windows.net/backup/mhsm-contoso-2020090117323313. + * backup operation. An example of such a URL may look like the following: + * https://contoso.blob.core.windows.net/backup/mhsm-contoso-2020090117323313. * @param sasToken A Shared Access Signature (SAS) token to authorize access to the blob. * @param pollingInterval The interval at which the operation status will be polled for. + * * @return A {@link SyncPoller} to poll on the {@link KeyVaultRestoreOperation restore operation} status. - * @throws NullPointerException if the {@code keyName}, {@code backupFolderUrl} or {@code sasToken} are {@code + * + * @throws KeyVaultAdministrationException If the given {@code folderUrl} or {@code sasToken} are invalid. + * @throws NullPointerException If the {@code keyName}, {@code folderUrl} or {@code sasToken} are {@code * null}. */ @ServiceMethod(returns = ReturnType.LONG_RUNNING_OPERATION) - public SyncPoller beginSelectiveRestore(String keyName, String backupFolderUrl, String sasToken, Duration pollingInterval) { - return asyncClient.beginSelectiveRestore(keyName, backupFolderUrl, sasToken, pollingInterval).getSyncPoller(); + public SyncPoller beginSelectiveRestore(String keyName, String folderUrl, + String sasToken, Duration pollingInterval) { + return asyncClient.beginSelectiveRestore(keyName, folderUrl, sasToken, pollingInterval).getSyncPoller(); } } diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/KeyVaultAccessControlClientImpl.java b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/KeyVaultAccessControlClientImpl.java index 1eedce941db5..21ec2536c3c0 100644 --- a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/KeyVaultAccessControlClientImpl.java +++ b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/KeyVaultAccessControlClientImpl.java @@ -74,22 +74,28 @@ public RoleAssignmentsImpl getRoleAssignments() { return this.roleAssignments; } - /** Initializes an instance of KeyVaultAccessControlClient client. */ - KeyVaultAccessControlClientImpl() { + /** + * Initializes an instance of KeyVaultAccessControlClient client. + * + * @param apiVersion Api Version. + */ + KeyVaultAccessControlClientImpl(String apiVersion) { this( new HttpPipelineBuilder() .policies(new UserAgentPolicy(), new RetryPolicy(), new CookiePolicy()) .build(), - JacksonAdapter.createDefaultSerializerAdapter()); + JacksonAdapter.createDefaultSerializerAdapter(), + apiVersion); } /** * Initializes an instance of KeyVaultAccessControlClient client. * * @param httpPipeline The HTTP pipeline to send requests through. + * @param apiVersion Api Version. */ - KeyVaultAccessControlClientImpl(HttpPipeline httpPipeline) { - this(httpPipeline, JacksonAdapter.createDefaultSerializerAdapter()); + KeyVaultAccessControlClientImpl(HttpPipeline httpPipeline, String apiVersion) { + this(httpPipeline, JacksonAdapter.createDefaultSerializerAdapter(), apiVersion); } /** @@ -97,11 +103,12 @@ public RoleAssignmentsImpl getRoleAssignments() { * * @param httpPipeline The HTTP pipeline to send requests through. * @param serializerAdapter The serializer to serialize an object into a string. + * @param apiVersion Api Version. */ - KeyVaultAccessControlClientImpl(HttpPipeline httpPipeline, SerializerAdapter serializerAdapter) { + KeyVaultAccessControlClientImpl(HttpPipeline httpPipeline, SerializerAdapter serializerAdapter, String apiVersion) { this.httpPipeline = httpPipeline; this.serializerAdapter = serializerAdapter; - this.apiVersion = "7.2-preview"; + this.apiVersion = apiVersion; this.roleDefinitions = new RoleDefinitionsImpl(this); this.roleAssignments = new RoleAssignmentsImpl(this); } diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/KeyVaultAccessControlClientImplBuilder.java b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/KeyVaultAccessControlClientImplBuilder.java index d135ff4387b1..79c3e6307ac9 100644 --- a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/KeyVaultAccessControlClientImplBuilder.java +++ b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/KeyVaultAccessControlClientImplBuilder.java @@ -5,17 +5,54 @@ package com.azure.security.keyvault.administration.implementation; import com.azure.core.annotation.ServiceClientBuilder; +import com.azure.core.http.HttpClient; import com.azure.core.http.HttpPipeline; import com.azure.core.http.HttpPipelineBuilder; import com.azure.core.http.policy.CookiePolicy; +import com.azure.core.http.policy.HttpLogOptions; +import com.azure.core.http.policy.HttpLoggingPolicy; +import com.azure.core.http.policy.HttpPipelinePolicy; +import com.azure.core.http.policy.HttpPolicyProviders; import com.azure.core.http.policy.RetryPolicy; import com.azure.core.http.policy.UserAgentPolicy; +import com.azure.core.util.Configuration; import com.azure.core.util.serializer.JacksonAdapter; import com.azure.core.util.serializer.SerializerAdapter; +import java.util.ArrayList; +import java.util.HashMap; +import java.util.List; +import java.util.Map; /** A builder for creating a new instance of the KeyVaultAccessControlClient type. */ @ServiceClientBuilder(serviceClients = {KeyVaultAccessControlClientImpl.class}) public final class KeyVaultAccessControlClientImplBuilder { + private static final String SDK_NAME = "name"; + + private static final String SDK_VERSION = "version"; + + private final Map properties = new HashMap<>(); + + /** Create an instance of the KeyVaultAccessControlClientImplBuilder. */ + public KeyVaultAccessControlClientImplBuilder() { + this.pipelinePolicies = new ArrayList<>(); + } + + /* + * Api Version + */ + private String apiVersion; + + /** + * Sets Api Version. + * + * @param apiVersion the apiVersion value. + * @return the KeyVaultAccessControlClientImplBuilder. + */ + public KeyVaultAccessControlClientImplBuilder apiVersion(String apiVersion) { + this.apiVersion = apiVersion; + return this; + } + /* * The HTTP pipeline to send requests through */ @@ -48,22 +85,130 @@ public KeyVaultAccessControlClientImplBuilder serializerAdapter(SerializerAdapte return this; } + /* + * The HTTP client used to send the request. + */ + private HttpClient httpClient; + + /** + * Sets The HTTP client used to send the request. + * + * @param httpClient the httpClient value. + * @return the KeyVaultAccessControlClientImplBuilder. + */ + public KeyVaultAccessControlClientImplBuilder httpClient(HttpClient httpClient) { + this.httpClient = httpClient; + return this; + } + + /* + * The configuration store that is used during construction of the service + * client. + */ + private Configuration configuration; + + /** + * Sets The configuration store that is used during construction of the service client. + * + * @param configuration the configuration value. + * @return the KeyVaultAccessControlClientImplBuilder. + */ + public KeyVaultAccessControlClientImplBuilder configuration(Configuration configuration) { + this.configuration = configuration; + return this; + } + + /* + * The logging configuration for HTTP requests and responses. + */ + private HttpLogOptions httpLogOptions; + + /** + * Sets The logging configuration for HTTP requests and responses. + * + * @param httpLogOptions the httpLogOptions value. + * @return the KeyVaultAccessControlClientImplBuilder. + */ + public KeyVaultAccessControlClientImplBuilder httpLogOptions(HttpLogOptions httpLogOptions) { + this.httpLogOptions = httpLogOptions; + return this; + } + + /* + * The retry policy that will attempt to retry failed requests, if + * applicable. + */ + private RetryPolicy retryPolicy; + + /** + * Sets The retry policy that will attempt to retry failed requests, if applicable. + * + * @param retryPolicy the retryPolicy value. + * @return the KeyVaultAccessControlClientImplBuilder. + */ + public KeyVaultAccessControlClientImplBuilder retryPolicy(RetryPolicy retryPolicy) { + this.retryPolicy = retryPolicy; + return this; + } + + /* + * The list of Http pipeline policies to add. + */ + private final List pipelinePolicies; + + /** + * Adds a custom Http pipeline policy. + * + * @param customPolicy The custom Http pipeline policy to add. + * @return the KeyVaultAccessControlClientImplBuilder. + */ + public KeyVaultAccessControlClientImplBuilder addPolicy(HttpPipelinePolicy customPolicy) { + pipelinePolicies.add(customPolicy); + return this; + } + /** * Builds an instance of KeyVaultAccessControlClientImpl with the provided parameters. * * @return an instance of KeyVaultAccessControlClientImpl. */ public KeyVaultAccessControlClientImpl buildClient() { + if (apiVersion == null) { + this.apiVersion = "7.2"; + } if (pipeline == null) { - this.pipeline = - new HttpPipelineBuilder() - .policies(new UserAgentPolicy(), new RetryPolicy(), new CookiePolicy()) - .build(); + this.pipeline = createHttpPipeline(); } if (serializerAdapter == null) { this.serializerAdapter = JacksonAdapter.createDefaultSerializerAdapter(); } - KeyVaultAccessControlClientImpl client = new KeyVaultAccessControlClientImpl(pipeline, serializerAdapter); + KeyVaultAccessControlClientImpl client = + new KeyVaultAccessControlClientImpl(pipeline, serializerAdapter, apiVersion); return client; } + + private HttpPipeline createHttpPipeline() { + Configuration buildConfiguration = + (configuration == null) ? Configuration.getGlobalConfiguration() : configuration; + if (httpLogOptions == null) { + httpLogOptions = new HttpLogOptions(); + } + List policies = new ArrayList<>(); + String clientName = properties.getOrDefault(SDK_NAME, "UnknownName"); + String clientVersion = properties.getOrDefault(SDK_VERSION, "UnknownVersion"); + policies.add( + new UserAgentPolicy(httpLogOptions.getApplicationId(), clientName, clientVersion, buildConfiguration)); + HttpPolicyProviders.addBeforeRetryPolicies(policies); + policies.add(retryPolicy == null ? new RetryPolicy() : retryPolicy); + policies.add(new CookiePolicy()); + policies.addAll(this.pipelinePolicies); + HttpPolicyProviders.addAfterRetryPolicies(policies); + policies.add(new HttpLoggingPolicy(httpLogOptions)); + HttpPipeline httpPipeline = + new HttpPipelineBuilder() + .policies(policies.toArray(new HttpPipelinePolicy[0])) + .httpClient(httpClient) + .build(); + return httpPipeline; + } } diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/KeyVaultAdministrationUtils.java b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/KeyVaultAdministrationUtils.java new file mode 100644 index 000000000000..e96504b2f116 --- /dev/null +++ b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/KeyVaultAdministrationUtils.java @@ -0,0 +1,97 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +package com.azure.security.keyvault.administration.implementation; + +import com.azure.security.keyvault.administration.implementation.models.Error; +import com.azure.security.keyvault.administration.models.KeyVaultError; +import com.azure.security.keyvault.administration.models.KeyVaultAdministrationException; + +/** + * A class containing utility methods for the Azure Security Key Vault Administration library. + */ +public final class KeyVaultAdministrationUtils { + private KeyVaultAdministrationUtils() { + throw new UnsupportedOperationException("Cannot instantiate KeyVaultAdministrationUtils"); + } + + /** + * Convert an implementation + * {@link com.azure.security.keyvault.administration.implementation.models.KeyVaultErrorException} to a public + * {@link KeyVaultAdministrationException}. + * + * @param exception The implementation + * {@link com.azure.security.keyvault.administration.implementation.models.KeyVaultErrorException}. + * + * @return An instance of the public {@link KeyVaultAdministrationException}. + */ + public static KeyVaultAdministrationException toKeyVaultAdministrationException( + com.azure.security.keyvault.administration.implementation.models.KeyVaultErrorException exception) { + + if (exception == null) { + return null; + } + + return new KeyVaultAdministrationException(exception.getMessage(), exception.getResponse(), + toKeyVaultError(exception.getValue())); + } + + /** + * Convert an implementation {@link com.azure.security.keyvault.administration.implementation.models.KeyVaultError} + * to a public {@link KeyVaultError}. + * + * @param keyVaultError The {@link com.azure.security.keyvault.administration.implementation.models.KeyVaultError} + * returned by the service. + * + * @return An instance of the public {@link KeyVaultError}. + */ + public static KeyVaultError toKeyVaultError( + com.azure.security.keyvault.administration.implementation.models.KeyVaultError keyVaultError) { + + if (keyVaultError == null) { + return null; + } + + return createKeyVaultErrorFromError(keyVaultError.getError()); + } + + /** + * Convert an error {@link Error} internal to an implementation + * {@link com.azure.security.keyvault.administration.implementation.models.KeyVaultError} to a public + * {@link KeyVaultError}. + * + * @param error The {@link Error} internal to an implementation + * {@link com.azure.security.keyvault.administration.implementation.models.KeyVaultError} returned by the service. + * + * @return An instance of the public {@link KeyVaultError}. + */ + public static KeyVaultError createKeyVaultErrorFromError(Error error) { + if (error == null) { + return null; + } + + return new KeyVaultError(error.getCode(), error.getMessage(), + createKeyVaultErrorFromError(error.getInnerError())); + } + + /** + * Maps a {@link Throwable} to {@link KeyVaultAdministrationException} if it's an instance of + * {@link com.azure.security.keyvault.administration.implementation.models.KeyVaultErrorException}, else it returns + * the original throwable. + * + * @param throwable A {@link Throwable}. + * + * @return A {@link Throwable} that is either an instance of the public {@link KeyVaultAdministrationException} or the + * original {@link Throwable}. + */ + public static Throwable mapThrowableToKeyVaultAdministrationException(Throwable throwable) { + if (throwable + instanceof com.azure.security.keyvault.administration.implementation.models.KeyVaultErrorException) { + + return toKeyVaultAdministrationException( + (com.azure.security.keyvault.administration.implementation.models.KeyVaultErrorException) throwable); + } else { + return throwable; + } + } +} diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/KeyVaultBackupClientImpl.java b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/KeyVaultBackupClientImpl.java index 363058bbf721..73e183fd34b3 100644 --- a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/KeyVaultBackupClientImpl.java +++ b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/KeyVaultBackupClientImpl.java @@ -7,6 +7,7 @@ import com.azure.core.annotation.BodyParam; import com.azure.core.annotation.ExpectedResponses; import com.azure.core.annotation.Get; +import com.azure.core.annotation.HeaderParam; import com.azure.core.annotation.Host; import com.azure.core.annotation.HostParam; import com.azure.core.annotation.PathParam; @@ -79,22 +80,28 @@ public SerializerAdapter getSerializerAdapter() { return this.serializerAdapter; } - /** Initializes an instance of KeyVaultBackupClient client. */ - KeyVaultBackupClientImpl() { + /** + * Initializes an instance of KeyVaultBackupClient client. + * + * @param apiVersion Api Version. + */ + KeyVaultBackupClientImpl(String apiVersion) { this( new HttpPipelineBuilder() .policies(new UserAgentPolicy(), new RetryPolicy(), new CookiePolicy()) .build(), - JacksonAdapter.createDefaultSerializerAdapter()); + JacksonAdapter.createDefaultSerializerAdapter(), + apiVersion); } /** * Initializes an instance of KeyVaultBackupClient client. * * @param httpPipeline The HTTP pipeline to send requests through. + * @param apiVersion Api Version. */ - KeyVaultBackupClientImpl(HttpPipeline httpPipeline) { - this(httpPipeline, JacksonAdapter.createDefaultSerializerAdapter()); + KeyVaultBackupClientImpl(HttpPipeline httpPipeline, String apiVersion) { + this(httpPipeline, JacksonAdapter.createDefaultSerializerAdapter(), apiVersion); } /** @@ -102,11 +109,12 @@ public SerializerAdapter getSerializerAdapter() { * * @param httpPipeline The HTTP pipeline to send requests through. * @param serializerAdapter The serializer to serialize an object into a string. + * @param apiVersion Api Version. */ - KeyVaultBackupClientImpl(HttpPipeline httpPipeline, SerializerAdapter serializerAdapter) { + KeyVaultBackupClientImpl(HttpPipeline httpPipeline, SerializerAdapter serializerAdapter, String apiVersion) { this.httpPipeline = httpPipeline; this.serializerAdapter = serializerAdapter; - this.apiVersion = "7.2-preview"; + this.apiVersion = apiVersion; this.service = RestProxy.create(KeyVaultBackupClientService.class, this.httpPipeline, this.getSerializerAdapter()); } @@ -125,6 +133,7 @@ Mono fullBackup( @HostParam("vaultBaseUrl") String vaultBaseUrl, @QueryParam("api-version") String apiVersion, @BodyParam("application/json") SASTokenParameter azureStorageBlobContainerUri, + @HeaderParam("Accept") String accept, Context context); @Get("/backup/{jobId}/pending") @@ -134,6 +143,7 @@ Mono> fullBackupStatus( @HostParam("vaultBaseUrl") String vaultBaseUrl, @PathParam("jobId") String jobId, @QueryParam("api-version") String apiVersion, + @HeaderParam("Accept") String accept, Context context); @Put("/restore") @@ -143,6 +153,7 @@ Mono fullRestoreOperation( @HostParam("vaultBaseUrl") String vaultBaseUrl, @QueryParam("api-version") String apiVersion, @BodyParam("application/json") RestoreOperationParameters restoreBlobDetails, + @HeaderParam("Accept") String accept, Context context); @Get("/restore/{jobId}/pending") @@ -152,6 +163,7 @@ Mono> restoreStatus( @HostParam("vaultBaseUrl") String vaultBaseUrl, @PathParam("jobId") String jobId, @QueryParam("api-version") String apiVersion, + @HeaderParam("Accept") String accept, Context context); @Put("/keys/{keyName}/restore") @@ -162,13 +174,14 @@ Mono selectiveKeyRestoreOperation( @PathParam("keyName") String keyName, @QueryParam("api-version") String apiVersion, @BodyParam("application/json") SelectiveKeyRestoreOperationParameters restoreBlobDetails, + @HeaderParam("Accept") String accept, Context context); } /** * Creates a full backup using a user-provided SAS token to an Azure blob storage container. * - * @param vaultBaseUrl simple string. + * @param vaultBaseUrl The vault name, for example https://myvault.vault.azure.net. * @param azureStorageBlobContainerUri Azure blob shared access signature token pointing to a valid Azure blob * container where full backup needs to be stored. This token needs to be valid for at least next 24 hours from * the time of making this call. @@ -181,13 +194,14 @@ Mono selectiveKeyRestoreOperation( @ServiceMethod(returns = ReturnType.SINGLE) public Mono fullBackupWithResponseAsync( String vaultBaseUrl, SASTokenParameter azureStorageBlobContainerUri, Context context) { - return service.fullBackup(vaultBaseUrl, this.getApiVersion(), azureStorageBlobContainerUri, context); + final String accept = "application/json"; + return service.fullBackup(vaultBaseUrl, this.getApiVersion(), azureStorageBlobContainerUri, accept, context); } /** * Returns the status of full backup operation. * - * @param vaultBaseUrl simple string. + * @param vaultBaseUrl The vault name, for example https://myvault.vault.azure.net. * @param jobId The id returned as part of the backup request. * @param context The context to associate with this operation. * @throws IllegalArgumentException thrown if parameters fail the validation. @@ -198,13 +212,14 @@ public Mono fullBackupWithResponseAsync( @ServiceMethod(returns = ReturnType.SINGLE) public Mono> fullBackupStatusWithResponseAsync( String vaultBaseUrl, String jobId, Context context) { - return service.fullBackupStatus(vaultBaseUrl, jobId, this.getApiVersion(), context); + final String accept = "application/json"; + return service.fullBackupStatus(vaultBaseUrl, jobId, this.getApiVersion(), accept, context); } /** * Restores all key materials using the SAS token pointing to a previously stored Azure Blob storage backup folder. * - * @param vaultBaseUrl simple string. + * @param vaultBaseUrl The vault name, for example https://myvault.vault.azure.net. * @param restoreBlobDetails The Azure blob SAS token pointing to a folder where the previous successful full backup * was stored. * @param context The context to associate with this operation. @@ -216,13 +231,14 @@ public Mono> fullBackupStatusWithResponseAsync( @ServiceMethod(returns = ReturnType.SINGLE) public Mono fullRestoreOperationWithResponseAsync( String vaultBaseUrl, RestoreOperationParameters restoreBlobDetails, Context context) { - return service.fullRestoreOperation(vaultBaseUrl, this.getApiVersion(), restoreBlobDetails, context); + final String accept = "application/json"; + return service.fullRestoreOperation(vaultBaseUrl, this.getApiVersion(), restoreBlobDetails, accept, context); } /** * Returns the status of restore operation. * - * @param vaultBaseUrl simple string. + * @param vaultBaseUrl The vault name, for example https://myvault.vault.azure.net. * @param jobId The Job Id returned part of the restore operation. * @param context The context to associate with this operation. * @throws IllegalArgumentException thrown if parameters fail the validation. @@ -233,14 +249,15 @@ public Mono fullRestoreOperationWithResponseAsync( @ServiceMethod(returns = ReturnType.SINGLE) public Mono> restoreStatusWithResponseAsync( String vaultBaseUrl, String jobId, Context context) { - return service.restoreStatus(vaultBaseUrl, jobId, this.getApiVersion(), context); + final String accept = "application/json"; + return service.restoreStatus(vaultBaseUrl, jobId, this.getApiVersion(), accept, context); } /** * Restores all key versions of a given key using user supplied SAS token pointing to a previously stored Azure Blob * storage backup folder. * - * @param vaultBaseUrl simple string. + * @param vaultBaseUrl The vault name, for example https://myvault.vault.azure.net. * @param keyName The name of the key to be restored from the user supplied backup. * @param restoreBlobDetails The Azure blob SAS token pointing to a folder where the previous successful full backup * was stored. @@ -256,7 +273,8 @@ public Mono selectiveKeyRestoreOperationWi String keyName, SelectiveKeyRestoreOperationParameters restoreBlobDetails, Context context) { + final String accept = "application/json"; return service.selectiveKeyRestoreOperation( - vaultBaseUrl, keyName, this.getApiVersion(), restoreBlobDetails, context); + vaultBaseUrl, keyName, this.getApiVersion(), restoreBlobDetails, accept, context); } } diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/KeyVaultBackupClientImplBuilder.java b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/KeyVaultBackupClientImplBuilder.java index aaa20c763c26..84d7976ee2ce 100644 --- a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/KeyVaultBackupClientImplBuilder.java +++ b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/KeyVaultBackupClientImplBuilder.java @@ -5,17 +5,54 @@ package com.azure.security.keyvault.administration.implementation; import com.azure.core.annotation.ServiceClientBuilder; +import com.azure.core.http.HttpClient; import com.azure.core.http.HttpPipeline; import com.azure.core.http.HttpPipelineBuilder; import com.azure.core.http.policy.CookiePolicy; +import com.azure.core.http.policy.HttpLogOptions; +import com.azure.core.http.policy.HttpLoggingPolicy; +import com.azure.core.http.policy.HttpPipelinePolicy; +import com.azure.core.http.policy.HttpPolicyProviders; import com.azure.core.http.policy.RetryPolicy; import com.azure.core.http.policy.UserAgentPolicy; +import com.azure.core.util.Configuration; import com.azure.core.util.serializer.JacksonAdapter; import com.azure.core.util.serializer.SerializerAdapter; +import java.util.ArrayList; +import java.util.HashMap; +import java.util.List; +import java.util.Map; /** A builder for creating a new instance of the KeyVaultBackupClient type. */ @ServiceClientBuilder(serviceClients = {KeyVaultBackupClientImpl.class}) public final class KeyVaultBackupClientImplBuilder { + private static final String SDK_NAME = "name"; + + private static final String SDK_VERSION = "version"; + + private final Map properties = new HashMap<>(); + + /** Create an instance of the KeyVaultBackupClientImplBuilder. */ + public KeyVaultBackupClientImplBuilder() { + this.pipelinePolicies = new ArrayList<>(); + } + + /* + * Api Version + */ + private String apiVersion; + + /** + * Sets Api Version. + * + * @param apiVersion the apiVersion value. + * @return the KeyVaultBackupClientImplBuilder. + */ + public KeyVaultBackupClientImplBuilder apiVersion(String apiVersion) { + this.apiVersion = apiVersion; + return this; + } + /* * The HTTP pipeline to send requests through */ @@ -48,22 +85,129 @@ public KeyVaultBackupClientImplBuilder serializerAdapter(SerializerAdapter seria return this; } + /* + * The HTTP client used to send the request. + */ + private HttpClient httpClient; + + /** + * Sets The HTTP client used to send the request. + * + * @param httpClient the httpClient value. + * @return the KeyVaultBackupClientImplBuilder. + */ + public KeyVaultBackupClientImplBuilder httpClient(HttpClient httpClient) { + this.httpClient = httpClient; + return this; + } + + /* + * The configuration store that is used during construction of the service + * client. + */ + private Configuration configuration; + + /** + * Sets The configuration store that is used during construction of the service client. + * + * @param configuration the configuration value. + * @return the KeyVaultBackupClientImplBuilder. + */ + public KeyVaultBackupClientImplBuilder configuration(Configuration configuration) { + this.configuration = configuration; + return this; + } + + /* + * The logging configuration for HTTP requests and responses. + */ + private HttpLogOptions httpLogOptions; + + /** + * Sets The logging configuration for HTTP requests and responses. + * + * @param httpLogOptions the httpLogOptions value. + * @return the KeyVaultBackupClientImplBuilder. + */ + public KeyVaultBackupClientImplBuilder httpLogOptions(HttpLogOptions httpLogOptions) { + this.httpLogOptions = httpLogOptions; + return this; + } + + /* + * The retry policy that will attempt to retry failed requests, if + * applicable. + */ + private RetryPolicy retryPolicy; + + /** + * Sets The retry policy that will attempt to retry failed requests, if applicable. + * + * @param retryPolicy the retryPolicy value. + * @return the KeyVaultBackupClientImplBuilder. + */ + public KeyVaultBackupClientImplBuilder retryPolicy(RetryPolicy retryPolicy) { + this.retryPolicy = retryPolicy; + return this; + } + + /* + * The list of Http pipeline policies to add. + */ + private final List pipelinePolicies; + + /** + * Adds a custom Http pipeline policy. + * + * @param customPolicy The custom Http pipeline policy to add. + * @return the KeyVaultBackupClientImplBuilder. + */ + public KeyVaultBackupClientImplBuilder addPolicy(HttpPipelinePolicy customPolicy) { + pipelinePolicies.add(customPolicy); + return this; + } + /** * Builds an instance of KeyVaultBackupClientImpl with the provided parameters. * * @return an instance of KeyVaultBackupClientImpl. */ public KeyVaultBackupClientImpl buildClient() { + if (apiVersion == null) { + this.apiVersion = "7.2"; + } if (pipeline == null) { - this.pipeline = - new HttpPipelineBuilder() - .policies(new UserAgentPolicy(), new RetryPolicy(), new CookiePolicy()) - .build(); + this.pipeline = createHttpPipeline(); } if (serializerAdapter == null) { this.serializerAdapter = JacksonAdapter.createDefaultSerializerAdapter(); } - KeyVaultBackupClientImpl client = new KeyVaultBackupClientImpl(pipeline, serializerAdapter); + KeyVaultBackupClientImpl client = new KeyVaultBackupClientImpl(pipeline, serializerAdapter, apiVersion); return client; } + + private HttpPipeline createHttpPipeline() { + Configuration buildConfiguration = + (configuration == null) ? Configuration.getGlobalConfiguration() : configuration; + if (httpLogOptions == null) { + httpLogOptions = new HttpLogOptions(); + } + List policies = new ArrayList<>(); + String clientName = properties.getOrDefault(SDK_NAME, "UnknownName"); + String clientVersion = properties.getOrDefault(SDK_VERSION, "UnknownVersion"); + policies.add( + new UserAgentPolicy(httpLogOptions.getApplicationId(), clientName, clientVersion, buildConfiguration)); + HttpPolicyProviders.addBeforeRetryPolicies(policies); + policies.add(retryPolicy == null ? new RetryPolicy() : retryPolicy); + policies.add(new CookiePolicy()); + policies.addAll(this.pipelinePolicies); + HttpPolicyProviders.addAfterRetryPolicies(policies); + policies.add(new HttpLoggingPolicy(httpLogOptions)); + HttpPipeline httpPipeline = + new HttpPipelineBuilder() + .policies(policies.toArray(new HttpPipelinePolicy[0])) + .httpClient(httpClient) + .build(); + return httpPipeline; + } } diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/RoleAssignmentsImpl.java b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/RoleAssignmentsImpl.java index ef7d31d6b48b..8287c175add9 100644 --- a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/RoleAssignmentsImpl.java +++ b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/RoleAssignmentsImpl.java @@ -8,6 +8,7 @@ import com.azure.core.annotation.Delete; import com.azure.core.annotation.ExpectedResponses; import com.azure.core.annotation.Get; +import com.azure.core.annotation.HeaderParam; import com.azure.core.annotation.Host; import com.azure.core.annotation.HostParam; import com.azure.core.annotation.PathParam; @@ -62,6 +63,7 @@ Mono> delete( @PathParam(value = "scope", encoded = true) String scope, @PathParam("roleAssignmentName") String roleAssignmentName, @QueryParam("api-version") String apiVersion, + @HeaderParam("Accept") String accept, Context context); @Put("/{scope}/providers/Microsoft.Authorization/roleAssignments/{roleAssignmentName}") @@ -73,6 +75,7 @@ Mono> create( @PathParam("roleAssignmentName") String roleAssignmentName, @QueryParam("api-version") String apiVersion, @BodyParam("application/json") RoleAssignmentCreateParameters parameters, + @HeaderParam("Accept") String accept, Context context); @Get("/{scope}/providers/Microsoft.Authorization/roleAssignments/{roleAssignmentName}") @@ -83,6 +86,7 @@ Mono> get( @PathParam(value = "scope", encoded = true) String scope, @PathParam("roleAssignmentName") String roleAssignmentName, @QueryParam("api-version") String apiVersion, + @HeaderParam("Accept") String accept, Context context); @Get("/{scope}/providers/Microsoft.Authorization/roleAssignments") @@ -93,19 +97,23 @@ Mono> listForScope( @PathParam(value = "scope", encoded = true) String scope, @QueryParam("$filter") String filter, @QueryParam("api-version") String apiVersion, + @HeaderParam("Accept") String accept, Context context); @Get("{nextLink}") @ExpectedResponses({200}) @UnexpectedResponseExceptionType(KeyVaultErrorException.class) Mono> listForScopeNext( - @PathParam(value = "nextLink", encoded = true) String nextLink, Context context); + @PathParam(value = "nextLink", encoded = true) String nextLink, + @HostParam("vaultBaseUrl") String vaultBaseUrl, + @HeaderParam("Accept") String accept, + Context context); } /** * Deletes a role assignment. * - * @param vaultBaseUrl simple string. + * @param vaultBaseUrl The vault name, for example https://myvault.vault.azure.net. * @param scope The scope of the role assignment to delete. * @param roleAssignmentName The name of the role assignment to delete. * @param context The context to associate with this operation. @@ -117,16 +125,17 @@ Mono> listForScopeNext( @ServiceMethod(returns = ReturnType.SINGLE) public Mono> deleteWithResponseAsync( String vaultBaseUrl, String scope, String roleAssignmentName, Context context) { - return service.delete(vaultBaseUrl, scope, roleAssignmentName, this.client.getApiVersion(), context); + final String accept = "application/json"; + return service.delete(vaultBaseUrl, scope, roleAssignmentName, this.client.getApiVersion(), accept, context); } /** * Creates a role assignment. * - * @param vaultBaseUrl simple string. + * @param vaultBaseUrl The vault name, for example https://myvault.vault.azure.net. * @param scope The scope of the role assignment to create. * @param roleAssignmentName The name of the role assignment to create. It can be any valid GUID. - * @param parameters Role assignment create parameters. + * @param parameters Parameters for the role assignment. * @param context The context to associate with this operation. * @throws IllegalArgumentException thrown if parameters fail the validation. * @throws KeyVaultErrorException thrown if the request is rejected by server. @@ -140,14 +149,15 @@ public Mono> createWithResponseAsync( String roleAssignmentName, RoleAssignmentCreateParameters parameters, Context context) { + final String accept = "application/json"; return service.create( - vaultBaseUrl, scope, roleAssignmentName, this.client.getApiVersion(), parameters, context); + vaultBaseUrl, scope, roleAssignmentName, this.client.getApiVersion(), parameters, accept, context); } /** * Get the specified role assignment. * - * @param vaultBaseUrl simple string. + * @param vaultBaseUrl The vault name, for example https://myvault.vault.azure.net. * @param scope The scope of the role assignment. * @param roleAssignmentName The name of the role assignment to get. * @param context The context to associate with this operation. @@ -159,13 +169,14 @@ public Mono> createWithResponseAsync( @ServiceMethod(returns = ReturnType.SINGLE) public Mono> getWithResponseAsync( String vaultBaseUrl, String scope, String roleAssignmentName, Context context) { - return service.get(vaultBaseUrl, scope, roleAssignmentName, this.client.getApiVersion(), context); + final String accept = "application/json"; + return service.get(vaultBaseUrl, scope, roleAssignmentName, this.client.getApiVersion(), accept, context); } /** * Gets role assignments for a scope. * - * @param vaultBaseUrl simple string. + * @param vaultBaseUrl The vault name, for example https://myvault.vault.azure.net. * @param scope The scope of the role assignments. * @param filter The filter to apply on the operation. Use $filter=atScope() to return all role assignments at or * above the scope. Use $filter=principalId eq {id} to return all role assignments at, above or below the scope @@ -179,7 +190,8 @@ public Mono> getWithResponseAsync( @ServiceMethod(returns = ReturnType.SINGLE) public Mono> listForScopeSinglePageAsync( String vaultBaseUrl, String scope, String filter, Context context) { - return service.listForScope(vaultBaseUrl, scope, filter, this.client.getApiVersion(), context) + final String accept = "application/json"; + return service.listForScope(vaultBaseUrl, scope, filter, this.client.getApiVersion(), accept, context) .map( res -> new PagedResponseBase<>( @@ -195,6 +207,7 @@ public Mono> listForScopeSinglePageAsync( * Get the next page of items. * * @param nextLink The nextLink parameter. + * @param vaultBaseUrl The vault name, for example https://myvault.vault.azure.net. * @param context The context to associate with this operation. * @throws IllegalArgumentException thrown if parameters fail the validation. * @throws KeyVaultErrorException thrown if the request is rejected by server. @@ -202,8 +215,10 @@ public Mono> listForScopeSinglePageAsync( * @return role assignment list operation result. */ @ServiceMethod(returns = ReturnType.SINGLE) - public Mono> listForScopeNextSinglePageAsync(String nextLink, Context context) { - return service.listForScopeNext(nextLink, context) + public Mono> listForScopeNextSinglePageAsync( + String nextLink, String vaultBaseUrl, Context context) { + final String accept = "application/json"; + return service.listForScopeNext(nextLink, vaultBaseUrl, accept, context) .map( res -> new PagedResponseBase<>( diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/RoleDefinitionsImpl.java b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/RoleDefinitionsImpl.java index 0bb245c326f4..03ac9ced4604 100644 --- a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/RoleDefinitionsImpl.java +++ b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/RoleDefinitionsImpl.java @@ -4,11 +4,15 @@ package com.azure.security.keyvault.administration.implementation; +import com.azure.core.annotation.BodyParam; +import com.azure.core.annotation.Delete; import com.azure.core.annotation.ExpectedResponses; import com.azure.core.annotation.Get; +import com.azure.core.annotation.HeaderParam; import com.azure.core.annotation.Host; import com.azure.core.annotation.HostParam; import com.azure.core.annotation.PathParam; +import com.azure.core.annotation.Put; import com.azure.core.annotation.QueryParam; import com.azure.core.annotation.ReturnType; import com.azure.core.annotation.ServiceInterface; @@ -21,6 +25,7 @@ import com.azure.core.util.Context; import com.azure.security.keyvault.administration.implementation.models.KeyVaultErrorException; import com.azure.security.keyvault.administration.implementation.models.RoleDefinition; +import com.azure.security.keyvault.administration.implementation.models.RoleDefinitionCreateParameters; import com.azure.security.keyvault.administration.implementation.models.RoleDefinitionListResult; import reactor.core.publisher.Mono; @@ -50,6 +55,40 @@ public final class RoleDefinitionsImpl { @Host("{vaultBaseUrl}") @ServiceInterface(name = "KeyVaultAccessContro") private interface RoleDefinitionsService { + @Delete("/{scope}/providers/Microsoft.Authorization/roleDefinitions/{roleDefinitionName}") + @ExpectedResponses({200}) + @UnexpectedResponseExceptionType(KeyVaultErrorException.class) + Mono> delete( + @HostParam("vaultBaseUrl") String vaultBaseUrl, + @PathParam(value = "scope", encoded = true) String scope, + @PathParam("roleDefinitionName") String roleDefinitionName, + @QueryParam("api-version") String apiVersion, + @HeaderParam("Accept") String accept, + Context context); + + @Put("/{scope}/providers/Microsoft.Authorization/roleDefinitions/{roleDefinitionName}") + @ExpectedResponses({201}) + @UnexpectedResponseExceptionType(KeyVaultErrorException.class) + Mono> createOrUpdate( + @HostParam("vaultBaseUrl") String vaultBaseUrl, + @PathParam(value = "scope", encoded = true) String scope, + @PathParam("roleDefinitionName") String roleDefinitionName, + @QueryParam("api-version") String apiVersion, + @BodyParam("application/json") RoleDefinitionCreateParameters parameters, + @HeaderParam("Accept") String accept, + Context context); + + @Get("/{scope}/providers/Microsoft.Authorization/roleDefinitions/{roleDefinitionName}") + @ExpectedResponses({200}) + @UnexpectedResponseExceptionType(KeyVaultErrorException.class) + Mono> get( + @HostParam("vaultBaseUrl") String vaultBaseUrl, + @PathParam(value = "scope", encoded = true) String scope, + @PathParam("roleDefinitionName") String roleDefinitionName, + @QueryParam("api-version") String apiVersion, + @HeaderParam("Accept") String accept, + Context context); + @Get("/{scope}/providers/Microsoft.Authorization/roleDefinitions") @ExpectedResponses({200}) @UnexpectedResponseExceptionType(KeyVaultErrorException.class) @@ -58,19 +97,86 @@ Mono> list( @PathParam(value = "scope", encoded = true) String scope, @QueryParam("$filter") String filter, @QueryParam("api-version") String apiVersion, + @HeaderParam("Accept") String accept, Context context); @Get("{nextLink}") @ExpectedResponses({200}) @UnexpectedResponseExceptionType(KeyVaultErrorException.class) Mono> listNext( - @PathParam(value = "nextLink", encoded = true) String nextLink, Context context); + @PathParam(value = "nextLink", encoded = true) String nextLink, + @HostParam("vaultBaseUrl") String vaultBaseUrl, + @HeaderParam("Accept") String accept, + Context context); + } + + /** + * Deletes a custom role definition. + * + * @param vaultBaseUrl The vault name, for example https://myvault.vault.azure.net. + * @param scope The scope of the role definition to delete. Managed HSM only supports '/'. + * @param roleDefinitionName The name (GUID) of the role definition to delete. + * @param context The context to associate with this operation. + * @throws IllegalArgumentException thrown if parameters fail the validation. + * @throws KeyVaultErrorException thrown if the request is rejected by server. + * @throws RuntimeException all other wrapped checked exceptions if the request fails to be sent. + * @return role definition. + */ + @ServiceMethod(returns = ReturnType.SINGLE) + public Mono> deleteWithResponseAsync( + String vaultBaseUrl, String scope, String roleDefinitionName, Context context) { + final String accept = "application/json"; + return service.delete(vaultBaseUrl, scope, roleDefinitionName, this.client.getApiVersion(), accept, context); + } + + /** + * Creates or updates a custom role definition. + * + * @param vaultBaseUrl The vault name, for example https://myvault.vault.azure.net. + * @param scope The scope of the role definition to create or update. Managed HSM only supports '/'. + * @param roleDefinitionName The name of the role definition to create or update. It can be any valid GUID. + * @param parameters Parameters for the role definition. + * @param context The context to associate with this operation. + * @throws IllegalArgumentException thrown if parameters fail the validation. + * @throws KeyVaultErrorException thrown if the request is rejected by server. + * @throws RuntimeException all other wrapped checked exceptions if the request fails to be sent. + * @return role definition. + */ + @ServiceMethod(returns = ReturnType.SINGLE) + public Mono> createOrUpdateWithResponseAsync( + String vaultBaseUrl, + String scope, + String roleDefinitionName, + RoleDefinitionCreateParameters parameters, + Context context) { + final String accept = "application/json"; + return service.createOrUpdate( + vaultBaseUrl, scope, roleDefinitionName, this.client.getApiVersion(), parameters, accept, context); + } + + /** + * Get the specified role definition. + * + * @param vaultBaseUrl The vault name, for example https://myvault.vault.azure.net. + * @param scope The scope of the role definition to get. Managed HSM only supports '/'. + * @param roleDefinitionName The name of the role definition to get. + * @param context The context to associate with this operation. + * @throws IllegalArgumentException thrown if parameters fail the validation. + * @throws KeyVaultErrorException thrown if the request is rejected by server. + * @throws RuntimeException all other wrapped checked exceptions if the request fails to be sent. + * @return the specified role definition. + */ + @ServiceMethod(returns = ReturnType.SINGLE) + public Mono> getWithResponseAsync( + String vaultBaseUrl, String scope, String roleDefinitionName, Context context) { + final String accept = "application/json"; + return service.get(vaultBaseUrl, scope, roleDefinitionName, this.client.getApiVersion(), accept, context); } /** * Get all role definitions that are applicable at scope and above. * - * @param vaultBaseUrl simple string. + * @param vaultBaseUrl The vault name, for example https://myvault.vault.azure.net. * @param scope The scope of the role definition. * @param filter The filter to apply on the operation. Use atScopeAndBelow filter to search below the given scope as * well. @@ -83,7 +189,8 @@ Mono> listNext( @ServiceMethod(returns = ReturnType.SINGLE) public Mono> listSinglePageAsync( String vaultBaseUrl, String scope, String filter, Context context) { - return service.list(vaultBaseUrl, scope, filter, this.client.getApiVersion(), context) + final String accept = "application/json"; + return service.list(vaultBaseUrl, scope, filter, this.client.getApiVersion(), accept, context) .map( res -> new PagedResponseBase<>( @@ -99,6 +206,7 @@ public Mono> listSinglePageAsync( * Get the next page of items. * * @param nextLink The nextLink parameter. + * @param vaultBaseUrl The vault name, for example https://myvault.vault.azure.net. * @param context The context to associate with this operation. * @throws IllegalArgumentException thrown if parameters fail the validation. * @throws KeyVaultErrorException thrown if the request is rejected by server. @@ -106,8 +214,10 @@ public Mono> listSinglePageAsync( * @return role definition list operation result. */ @ServiceMethod(returns = ReturnType.SINGLE) - public Mono> listNextSinglePageAsync(String nextLink, Context context) { - return service.listNext(nextLink, context) + public Mono> listNextSinglePageAsync( + String nextLink, String vaultBaseUrl, Context context) { + final String accept = "application/json"; + return service.listNext(nextLink, vaultBaseUrl, accept, context) .map( res -> new PagedResponseBase<>( diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/DataAction.java b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/DataAction.java new file mode 100644 index 000000000000..4ebb81c904b3 --- /dev/null +++ b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/DataAction.java @@ -0,0 +1,128 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. +// Code generated by Microsoft (R) AutoRest Code Generator. + +package com.azure.security.keyvault.administration.implementation.models; + +import com.azure.core.util.ExpandableStringEnum; +import com.fasterxml.jackson.annotation.JsonCreator; +import java.util.Collection; + +/** Defines values for DataAction. */ +public final class DataAction extends ExpandableStringEnum { + /** Static value Microsoft.KeyVault/managedHsm/keys/read/action for DataAction. */ + public static final DataAction READ_HSM_KEY = fromString("Microsoft.KeyVault/managedHsm/keys/read/action"); + + /** Static value Microsoft.KeyVault/managedHsm/keys/write/action for DataAction. */ + public static final DataAction WRITE_HSM_KEY = fromString("Microsoft.KeyVault/managedHsm/keys/write/action"); + + /** Static value Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action for DataAction. */ + public static final DataAction READ_DELETED_HSM_KEY = + fromString("Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action"); + + /** Static value Microsoft.KeyVault/managedHsm/keys/deletedKeys/recover/action for DataAction. */ + public static final DataAction RECOVER_DELETED_HSM_KEY = + fromString("Microsoft.KeyVault/managedHsm/keys/deletedKeys/recover/action"); + + /** Static value Microsoft.KeyVault/managedHsm/keys/backup/action for DataAction. */ + public static final DataAction BACKUP_HSM_KEYS = fromString("Microsoft.KeyVault/managedHsm/keys/backup/action"); + + /** Static value Microsoft.KeyVault/managedHsm/keys/restore/action for DataAction. */ + public static final DataAction RESTORE_HSM_KEYS = fromString("Microsoft.KeyVault/managedHsm/keys/restore/action"); + + /** Static value Microsoft.KeyVault/managedHsm/roleAssignments/delete/action for DataAction. */ + public static final DataAction DELETE_ROLE_ASSIGNMENT = + fromString("Microsoft.KeyVault/managedHsm/roleAssignments/delete/action"); + + /** Static value Microsoft.KeyVault/managedHsm/roleAssignments/read/action for DataAction. */ + public static final DataAction GET_ROLE_ASSIGNMENT = + fromString("Microsoft.KeyVault/managedHsm/roleAssignments/read/action"); + + /** Static value Microsoft.KeyVault/managedHsm/roleAssignments/write/action for DataAction. */ + public static final DataAction WRITE_ROLE_ASSIGNMENT = + fromString("Microsoft.KeyVault/managedHsm/roleAssignments/write/action"); + + /** Static value Microsoft.KeyVault/managedHsm/roleDefinitions/read/action for DataAction. */ + public static final DataAction READ_ROLE_DEFINITION = + fromString("Microsoft.KeyVault/managedHsm/roleDefinitions/read/action"); + + /** Static value Microsoft.KeyVault/managedHsm/keys/encrypt/action for DataAction. */ + public static final DataAction ENCRYPT_HSM_KEY = fromString("Microsoft.KeyVault/managedHsm/keys/encrypt/action"); + + /** Static value Microsoft.KeyVault/managedHsm/keys/decrypt/action for DataAction. */ + public static final DataAction DECRYPT_HSM_KEY = fromString("Microsoft.KeyVault/managedHsm/keys/decrypt/action"); + + /** Static value Microsoft.KeyVault/managedHsm/keys/wrap/action for DataAction. */ + public static final DataAction WRAP_HSM_KEY = fromString("Microsoft.KeyVault/managedHsm/keys/wrap/action"); + + /** Static value Microsoft.KeyVault/managedHsm/keys/unwrap/action for DataAction. */ + public static final DataAction UNWRAP_HSM_KEY = fromString("Microsoft.KeyVault/managedHsm/keys/unwrap/action"); + + /** Static value Microsoft.KeyVault/managedHsm/keys/sign/action for DataAction. */ + public static final DataAction SIGN_HSM_KEY = fromString("Microsoft.KeyVault/managedHsm/keys/sign/action"); + + /** Static value Microsoft.KeyVault/managedHsm/keys/verify/action for DataAction. */ + public static final DataAction VERIFY_HSM_KEY = fromString("Microsoft.KeyVault/managedHsm/keys/verify/action"); + + /** Static value Microsoft.KeyVault/managedHsm/keys/create for DataAction. */ + public static final DataAction CREATE_HSM_KEY = fromString("Microsoft.KeyVault/managedHsm/keys/create"); + + /** Static value Microsoft.KeyVault/managedHsm/keys/delete for DataAction. */ + public static final DataAction DELETE_HSM_KEY = fromString("Microsoft.KeyVault/managedHsm/keys/delete"); + + /** Static value Microsoft.KeyVault/managedHsm/keys/export/action for DataAction. */ + public static final DataAction EXPORT_HSM_KEY = fromString("Microsoft.KeyVault/managedHsm/keys/export/action"); + + /** Static value Microsoft.KeyVault/managedHsm/keys/import/action for DataAction. */ + public static final DataAction IMPORT_HSM_KEY = fromString("Microsoft.KeyVault/managedHsm/keys/import/action"); + + /** Static value Microsoft.KeyVault/managedHsm/keys/deletedKeys/delete for DataAction. */ + public static final DataAction PURGE_DELETED_HSM_KEY = + fromString("Microsoft.KeyVault/managedHsm/keys/deletedKeys/delete"); + + /** Static value Microsoft.KeyVault/managedHsm/securitydomain/download/action for DataAction. */ + public static final DataAction DOWNLOAD_HSM_SECURITY_DOMAIN = + fromString("Microsoft.KeyVault/managedHsm/securitydomain/download/action"); + + /** Static value Microsoft.KeyVault/managedHsm/securitydomain/upload/action for DataAction. */ + public static final DataAction UPLOAD_HSM_SECURITY_DOMAIN = + fromString("Microsoft.KeyVault/managedHsm/securitydomain/upload/action"); + + /** Static value Microsoft.KeyVault/managedHsm/securitydomain/upload/read for DataAction. */ + public static final DataAction READ_HSM_SECURITY_DOMAIN_STATUS = + fromString("Microsoft.KeyVault/managedHsm/securitydomain/upload/read"); + + /** Static value Microsoft.KeyVault/managedHsm/securitydomain/transferkey/read for DataAction. */ + public static final DataAction READ_HSM_SECURITY_DOMAIN_TRANSFER_KEY = + fromString("Microsoft.KeyVault/managedHsm/securitydomain/transferkey/read"); + + /** Static value Microsoft.KeyVault/managedHsm/backup/start/action for DataAction. */ + public static final DataAction START_HSM_BACKUP = fromString("Microsoft.KeyVault/managedHsm/backup/start/action"); + + /** Static value Microsoft.KeyVault/managedHsm/restore/start/action for DataAction. */ + public static final DataAction START_HSM_RESTORE = fromString("Microsoft.KeyVault/managedHsm/restore/start/action"); + + /** Static value Microsoft.KeyVault/managedHsm/backup/status/action for DataAction. */ + public static final DataAction READ_HSM_BACKUP_STATUS = + fromString("Microsoft.KeyVault/managedHsm/backup/status/action"); + + /** Static value Microsoft.KeyVault/managedHsm/restore/status/action for DataAction. */ + public static final DataAction READ_HSM_RESTORE_STATUS = + fromString("Microsoft.KeyVault/managedHsm/restore/status/action"); + + /** + * Creates or finds a DataAction from its string representation. + * + * @param name a name to look for. + * @return the corresponding DataAction. + */ + @JsonCreator + public static DataAction fromString(String name) { + return fromString(name, DataAction.class); + } + + /** @return known DataAction values. */ + public static Collection values() { + return values(DataAction.class); + } +} diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/Error.java b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/Error.java index 7d7efb8e170e..ca8046fbc6eb 100644 --- a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/Error.java +++ b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/Error.java @@ -7,7 +7,7 @@ import com.azure.core.annotation.Immutable; import com.fasterxml.jackson.annotation.JsonProperty; -/** The Error model. */ +/** The key vault server error. */ @Immutable public final class Error { /* diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/FullBackupOperation.java b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/FullBackupOperation.java index cea344daf582..cc96e2041f9b 100644 --- a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/FullBackupOperation.java +++ b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/FullBackupOperation.java @@ -7,7 +7,7 @@ import com.azure.core.annotation.Fluent; import com.fasterxml.jackson.annotation.JsonProperty; -/** The FullBackupOperation model. */ +/** Full backup operation. */ @Fluent public final class FullBackupOperation { /* diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/KeyVaultError.java b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/KeyVaultError.java index e7a84828d10c..2d08c6827982 100644 --- a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/KeyVaultError.java +++ b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/KeyVaultError.java @@ -7,7 +7,7 @@ import com.azure.core.annotation.Immutable; import com.fasterxml.jackson.annotation.JsonProperty; -/** The KeyVaultError model. */ +/** The key vault error exception. */ @Immutable public final class KeyVaultError { /* diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/Permission.java b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/Permission.java index d1feaf6d24e4..bde54a4f21ab 100644 --- a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/Permission.java +++ b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/Permission.java @@ -8,35 +8,37 @@ import com.fasterxml.jackson.annotation.JsonProperty; import java.util.List; -/** The Permission model. */ +/** Role definition permissions. */ @Fluent public final class Permission { /* - * Allowed actions. + * Action permissions that are granted. */ @JsonProperty(value = "actions") private List actions; /* - * Denied actions. + * Action permissions that are excluded but not denied. They may be granted + * by other role definitions assigned to a principal. */ @JsonProperty(value = "notActions") private List notActions; /* - * Allowed Data actions. + * Data action permissions that are granted. */ @JsonProperty(value = "dataActions") - private List dataActions; + private List dataActions; /* - * Denied Data actions. + * Data action permissions that are excluded but not denied. They may be + * granted by other role definitions assigned to a principal. */ @JsonProperty(value = "notDataActions") - private List notDataActions; + private List notDataActions; /** - * Get the actions property: Allowed actions. + * Get the actions property: Action permissions that are granted. * * @return the actions value. */ @@ -45,7 +47,7 @@ public List getActions() { } /** - * Set the actions property: Allowed actions. + * Set the actions property: Action permissions that are granted. * * @param actions the actions value to set. * @return the Permission object itself. @@ -56,7 +58,8 @@ public Permission setActions(List actions) { } /** - * Get the notActions property: Denied actions. + * Get the notActions property: Action permissions that are excluded but not denied. They may be granted by other + * role definitions assigned to a principal. * * @return the notActions value. */ @@ -65,7 +68,8 @@ public List getNotActions() { } /** - * Set the notActions property: Denied actions. + * Set the notActions property: Action permissions that are excluded but not denied. They may be granted by other + * role definitions assigned to a principal. * * @param notActions the notActions value to set. * @return the Permission object itself. @@ -76,41 +80,43 @@ public Permission setNotActions(List notActions) { } /** - * Get the dataActions property: Allowed Data actions. + * Get the dataActions property: Data action permissions that are granted. * * @return the dataActions value. */ - public List getDataActions() { + public List getDataActions() { return this.dataActions; } /** - * Set the dataActions property: Allowed Data actions. + * Set the dataActions property: Data action permissions that are granted. * * @param dataActions the dataActions value to set. * @return the Permission object itself. */ - public Permission setDataActions(List dataActions) { + public Permission setDataActions(List dataActions) { this.dataActions = dataActions; return this; } /** - * Get the notDataActions property: Denied Data actions. + * Get the notDataActions property: Data action permissions that are excluded but not denied. They may be granted by + * other role definitions assigned to a principal. * * @return the notDataActions value. */ - public List getNotDataActions() { + public List getNotDataActions() { return this.notDataActions; } /** - * Set the notDataActions property: Denied Data actions. + * Set the notDataActions property: Data action permissions that are excluded but not denied. They may be granted by + * other role definitions assigned to a principal. * * @param notDataActions the notDataActions value to set. * @return the Permission object itself. */ - public Permission setNotDataActions(List notDataActions) { + public Permission setNotDataActions(List notDataActions) { this.notDataActions = notDataActions; return this; } diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RestoreOperation.java b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RestoreOperation.java index 0e31d72ee4aa..8c12d0cfd8a4 100644 --- a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RestoreOperation.java +++ b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RestoreOperation.java @@ -7,7 +7,7 @@ import com.azure.core.annotation.Fluent; import com.fasterxml.jackson.annotation.JsonProperty; -/** The RestoreOperation model. */ +/** Restore operation. */ @Fluent public final class RestoreOperation { /* diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RestoreOperationParameters.java b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RestoreOperationParameters.java index 4048b51aa2b4..6e227d151f29 100644 --- a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RestoreOperationParameters.java +++ b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RestoreOperationParameters.java @@ -11,7 +11,8 @@ @Fluent public final class RestoreOperationParameters { /* - * The sasTokenParameters property. + * SAS token parameter object containing Azure storage resourceUri and + * token */ @JsonProperty(value = "sasTokenParameters", required = true) private SASTokenParameter sasTokenParameters; @@ -24,7 +25,7 @@ public final class RestoreOperationParameters { private String folderToRestore; /** - * Get the sasTokenParameters property: The sasTokenParameters property. + * Get the sasTokenParameters property: SAS token parameter object containing Azure storage resourceUri and token. * * @return the sasTokenParameters value. */ @@ -33,7 +34,7 @@ public SASTokenParameter getSasTokenParameters() { } /** - * Set the sasTokenParameters property: The sasTokenParameters property. + * Set the sasTokenParameters property: SAS token parameter object containing Azure storage resourceUri and token. * * @param sasTokenParameters the sasTokenParameters value to set. * @return the RestoreOperationParameters object itself. diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleAssignment.java b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleAssignment.java index 1d06ce14088f..0379dc7eaf48 100644 --- a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleAssignment.java +++ b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleAssignment.java @@ -7,7 +7,7 @@ import com.azure.core.annotation.Fluent; import com.fasterxml.jackson.annotation.JsonProperty; -/** The RoleAssignment model. */ +/** Role Assignments. */ @Fluent public final class RoleAssignment { /* diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleAssignmentCreateParameters.java b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleAssignmentCreateParameters.java index 56d16b847a06..08f2052b7b33 100644 --- a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleAssignmentCreateParameters.java +++ b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleAssignmentCreateParameters.java @@ -7,7 +7,7 @@ import com.azure.core.annotation.Fluent; import com.fasterxml.jackson.annotation.JsonProperty; -/** The RoleAssignmentCreateParameters model. */ +/** Role assignment create parameters. */ @Fluent public final class RoleAssignmentCreateParameters { /* diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleAssignmentFilter.java b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleAssignmentFilter.java index c04d69f36bd9..458671cf8604 100644 --- a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleAssignmentFilter.java +++ b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleAssignmentFilter.java @@ -7,7 +7,7 @@ import com.azure.core.annotation.Fluent; import com.fasterxml.jackson.annotation.JsonProperty; -/** The RoleAssignmentFilter model. */ +/** Role Assignments filter. */ @Fluent public final class RoleAssignmentFilter { /* diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleAssignmentListResult.java b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleAssignmentListResult.java index 72a6eb8440a6..29096bd35f17 100644 --- a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleAssignmentListResult.java +++ b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleAssignmentListResult.java @@ -8,7 +8,7 @@ import com.fasterxml.jackson.annotation.JsonProperty; import java.util.List; -/** The RoleAssignmentListResult model. */ +/** Role assignment list operation result. */ @Fluent public final class RoleAssignmentListResult { /* diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleAssignmentProperties.java b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleAssignmentProperties.java index 0ab892817a1e..46d3c7ff6263 100644 --- a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleAssignmentProperties.java +++ b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleAssignmentProperties.java @@ -7,7 +7,7 @@ import com.azure.core.annotation.Fluent; import com.fasterxml.jackson.annotation.JsonProperty; -/** The RoleAssignmentProperties model. */ +/** Role assignment properties. */ @Fluent public final class RoleAssignmentProperties { /* diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleAssignmentPropertiesWithScope.java b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleAssignmentPropertiesWithScope.java index ff50c91dc2ae..9c607bc7c46e 100644 --- a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleAssignmentPropertiesWithScope.java +++ b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleAssignmentPropertiesWithScope.java @@ -7,14 +7,14 @@ import com.azure.core.annotation.Fluent; import com.fasterxml.jackson.annotation.JsonProperty; -/** The RoleAssignmentPropertiesWithScope model. */ +/** Role assignment properties with scope. */ @Fluent public final class RoleAssignmentPropertiesWithScope { /* - * The role assignment scope. + * The role scope. */ @JsonProperty(value = "scope") - private String scope; + private RoleScope scope; /* * The role definition ID. @@ -29,21 +29,21 @@ public final class RoleAssignmentPropertiesWithScope { private String principalId; /** - * Get the scope property: The role assignment scope. + * Get the scope property: The role scope. * * @return the scope value. */ - public String getScope() { + public RoleScope getScope() { return this.scope; } /** - * Set the scope property: The role assignment scope. + * Set the scope property: The role scope. * * @param scope the scope value to set. * @return the RoleAssignmentPropertiesWithScope object itself. */ - public RoleAssignmentPropertiesWithScope setScope(String scope) { + public RoleAssignmentPropertiesWithScope setScope(RoleScope scope) { this.scope = scope; return this; } diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleDefinition.java b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleDefinition.java index 5383e4acbb8a..8c2b0b98414d 100644 --- a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleDefinition.java +++ b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleDefinition.java @@ -9,7 +9,7 @@ import com.fasterxml.jackson.annotation.JsonProperty; import java.util.List; -/** The RoleDefinition model. */ +/** Role definition. */ @JsonFlatten @Fluent public class RoleDefinition { @@ -29,7 +29,7 @@ public class RoleDefinition { * The role definition type. */ @JsonProperty(value = "type", access = JsonProperty.Access.WRITE_ONLY) - private String type; + private RoleDefinitionType type; /* * The role name. @@ -47,7 +47,7 @@ public class RoleDefinition { * The role type. */ @JsonProperty(value = "properties.type") - private String roleType; + private RoleType roleType; /* * Role definition permissions. @@ -59,7 +59,7 @@ public class RoleDefinition { * Role definition assignable scopes. */ @JsonProperty(value = "properties.assignableScopes") - private List assignableScopes; + private List assignableScopes; /** * Get the id property: The role definition ID. @@ -84,7 +84,7 @@ public String getName() { * * @return the type value. */ - public String getType() { + public RoleDefinitionType getType() { return this.type; } @@ -133,7 +133,7 @@ public RoleDefinition setDescription(String description) { * * @return the roleType value. */ - public String getRoleType() { + public RoleType getRoleType() { return this.roleType; } @@ -143,7 +143,7 @@ public String getRoleType() { * @param roleType the roleType value to set. * @return the RoleDefinition object itself. */ - public RoleDefinition setRoleType(String roleType) { + public RoleDefinition setRoleType(RoleType roleType) { this.roleType = roleType; return this; } @@ -173,7 +173,7 @@ public RoleDefinition setPermissions(List permissions) { * * @return the assignableScopes value. */ - public List getAssignableScopes() { + public List getAssignableScopes() { return this.assignableScopes; } @@ -183,7 +183,7 @@ public List getAssignableScopes() { * @param assignableScopes the assignableScopes value to set. * @return the RoleDefinition object itself. */ - public RoleDefinition setAssignableScopes(List assignableScopes) { + public RoleDefinition setAssignableScopes(List assignableScopes) { this.assignableScopes = assignableScopes; return this; } diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleDefinitionCreateParameters.java b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleDefinitionCreateParameters.java new file mode 100644 index 000000000000..3ed961b756bd --- /dev/null +++ b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleDefinitionCreateParameters.java @@ -0,0 +1,38 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. +// Code generated by Microsoft (R) AutoRest Code Generator. + +package com.azure.security.keyvault.administration.implementation.models; + +import com.azure.core.annotation.Fluent; +import com.fasterxml.jackson.annotation.JsonProperty; + +/** Role definition create parameters. */ +@Fluent +public final class RoleDefinitionCreateParameters { + /* + * Role definition properties. + */ + @JsonProperty(value = "properties", required = true) + private RoleDefinitionProperties properties; + + /** + * Get the properties property: Role definition properties. + * + * @return the properties value. + */ + public RoleDefinitionProperties getProperties() { + return this.properties; + } + + /** + * Set the properties property: Role definition properties. + * + * @param properties the properties value to set. + * @return the RoleDefinitionCreateParameters object itself. + */ + public RoleDefinitionCreateParameters setProperties(RoleDefinitionProperties properties) { + this.properties = properties; + return this; + } +} diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleDefinitionFilter.java b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleDefinitionFilter.java index ce01792ed37f..30260424862d 100644 --- a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleDefinitionFilter.java +++ b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleDefinitionFilter.java @@ -7,7 +7,7 @@ import com.azure.core.annotation.Fluent; import com.fasterxml.jackson.annotation.JsonProperty; -/** The RoleDefinitionFilter model. */ +/** Role Definitions filter. */ @Fluent public final class RoleDefinitionFilter { /* diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleDefinitionListResult.java b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleDefinitionListResult.java index fa52f012f154..1bbaeff80b5a 100644 --- a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleDefinitionListResult.java +++ b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleDefinitionListResult.java @@ -8,7 +8,7 @@ import com.fasterxml.jackson.annotation.JsonProperty; import java.util.List; -/** The RoleDefinitionListResult model. */ +/** Role definition list operation result. */ @Fluent public final class RoleDefinitionListResult { /* diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleDefinitionProperties.java b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleDefinitionProperties.java new file mode 100644 index 000000000000..2456dceba1e1 --- /dev/null +++ b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleDefinitionProperties.java @@ -0,0 +1,143 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. +// Code generated by Microsoft (R) AutoRest Code Generator. + +package com.azure.security.keyvault.administration.implementation.models; + +import com.azure.core.annotation.Fluent; +import com.fasterxml.jackson.annotation.JsonProperty; +import java.util.List; + +/** Role definition properties. */ +@Fluent +public final class RoleDefinitionProperties { + /* + * The role name. + */ + @JsonProperty(value = "roleName") + private String roleName; + + /* + * The role definition description. + */ + @JsonProperty(value = "description") + private String description; + + /* + * The role type. + */ + @JsonProperty(value = "type") + private RoleType roleType; + + /* + * Role definition permissions. + */ + @JsonProperty(value = "permissions") + private List permissions; + + /* + * Role definition assignable scopes. + */ + @JsonProperty(value = "assignableScopes") + private List assignableScopes; + + /** + * Get the roleName property: The role name. + * + * @return the roleName value. + */ + public String getRoleName() { + return this.roleName; + } + + /** + * Set the roleName property: The role name. + * + * @param roleName the roleName value to set. + * @return the RoleDefinitionProperties object itself. + */ + public RoleDefinitionProperties setRoleName(String roleName) { + this.roleName = roleName; + return this; + } + + /** + * Get the description property: The role definition description. + * + * @return the description value. + */ + public String getDescription() { + return this.description; + } + + /** + * Set the description property: The role definition description. + * + * @param description the description value to set. + * @return the RoleDefinitionProperties object itself. + */ + public RoleDefinitionProperties setDescription(String description) { + this.description = description; + return this; + } + + /** + * Get the roleType property: The role type. + * + * @return the roleType value. + */ + public RoleType getRoleType() { + return this.roleType; + } + + /** + * Set the roleType property: The role type. + * + * @param roleType the roleType value to set. + * @return the RoleDefinitionProperties object itself. + */ + public RoleDefinitionProperties setRoleType(RoleType roleType) { + this.roleType = roleType; + return this; + } + + /** + * Get the permissions property: Role definition permissions. + * + * @return the permissions value. + */ + public List getPermissions() { + return this.permissions; + } + + /** + * Set the permissions property: Role definition permissions. + * + * @param permissions the permissions value to set. + * @return the RoleDefinitionProperties object itself. + */ + public RoleDefinitionProperties setPermissions(List permissions) { + this.permissions = permissions; + return this; + } + + /** + * Get the assignableScopes property: Role definition assignable scopes. + * + * @return the assignableScopes value. + */ + public List getAssignableScopes() { + return this.assignableScopes; + } + + /** + * Set the assignableScopes property: Role definition assignable scopes. + * + * @param assignableScopes the assignableScopes value to set. + * @return the RoleDefinitionProperties object itself. + */ + public RoleDefinitionProperties setAssignableScopes(List assignableScopes) { + this.assignableScopes = assignableScopes; + return this; + } +} diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleDefinitionType.java b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleDefinitionType.java new file mode 100644 index 000000000000..671b83e32c7b --- /dev/null +++ b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleDefinitionType.java @@ -0,0 +1,32 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. +// Code generated by Microsoft (R) AutoRest Code Generator. + +package com.azure.security.keyvault.administration.implementation.models; + +import com.azure.core.util.ExpandableStringEnum; +import com.fasterxml.jackson.annotation.JsonCreator; +import java.util.Collection; + +/** Defines values for RoleDefinitionType. */ +public final class RoleDefinitionType extends ExpandableStringEnum { + /** Static value Microsoft.Authorization/roleDefinitions for RoleDefinitionType. */ + public static final RoleDefinitionType MICROSOFT_AUTHORIZATION_ROLE_DEFINITIONS = + fromString("Microsoft.Authorization/roleDefinitions"); + + /** + * Creates or finds a RoleDefinitionType from its string representation. + * + * @param name a name to look for. + * @return the corresponding RoleDefinitionType. + */ + @JsonCreator + public static RoleDefinitionType fromString(String name) { + return fromString(name, RoleDefinitionType.class); + } + + /** @return known RoleDefinitionType values. */ + public static Collection values() { + return values(RoleDefinitionType.class); + } +} diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleScope.java b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleScope.java new file mode 100644 index 000000000000..8952e5d385f8 --- /dev/null +++ b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleScope.java @@ -0,0 +1,34 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. +// Code generated by Microsoft (R) AutoRest Code Generator. + +package com.azure.security.keyvault.administration.implementation.models; + +import com.azure.core.util.ExpandableStringEnum; +import com.fasterxml.jackson.annotation.JsonCreator; +import java.util.Collection; + +/** Defines values for RoleScope. */ +public final class RoleScope extends ExpandableStringEnum { + /** Static value / for RoleScope. */ + public static final RoleScope GLOBAL = fromString("/"); + + /** Static value /keys for RoleScope. */ + public static final RoleScope KEYS = fromString("/keys"); + + /** + * Creates or finds a RoleScope from its string representation. + * + * @param name a name to look for. + * @return the corresponding RoleScope. + */ + @JsonCreator + public static RoleScope fromString(String name) { + return fromString(name, RoleScope.class); + } + + /** @return known RoleScope values. */ + public static Collection values() { + return values(RoleScope.class); + } +} diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleType.java b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleType.java new file mode 100644 index 000000000000..52f22567508e --- /dev/null +++ b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/RoleType.java @@ -0,0 +1,34 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. +// Code generated by Microsoft (R) AutoRest Code Generator. + +package com.azure.security.keyvault.administration.implementation.models; + +import com.azure.core.util.ExpandableStringEnum; +import com.fasterxml.jackson.annotation.JsonCreator; +import java.util.Collection; + +/** Defines values for RoleType. */ +public final class RoleType extends ExpandableStringEnum { + /** Static value AKVBuiltInRole for RoleType. */ + public static final RoleType BUILT_IN_ROLE = fromString("AKVBuiltInRole"); + + /** Static value CustomRole for RoleType. */ + public static final RoleType CUSTOM_ROLE = fromString("CustomRole"); + + /** + * Creates or finds a RoleType from its string representation. + * + * @param name a name to look for. + * @return the corresponding RoleType. + */ + @JsonCreator + public static RoleType fromString(String name) { + return fromString(name, RoleType.class); + } + + /** @return known RoleType values. */ + public static Collection values() { + return values(RoleType.class); + } +} diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/SelectiveKeyRestoreOperation.java b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/SelectiveKeyRestoreOperation.java index a182cef2629b..0615db4e2969 100644 --- a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/SelectiveKeyRestoreOperation.java +++ b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/SelectiveKeyRestoreOperation.java @@ -7,7 +7,7 @@ import com.azure.core.annotation.Fluent; import com.fasterxml.jackson.annotation.JsonProperty; -/** The SelectiveKeyRestoreOperation model. */ +/** Selective Key Restore operation. */ @Fluent public final class SelectiveKeyRestoreOperation { /* diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/SelectiveKeyRestoreOperationParameters.java b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/SelectiveKeyRestoreOperationParameters.java index 9c5e86c53299..197c4e5794a4 100644 --- a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/SelectiveKeyRestoreOperationParameters.java +++ b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/models/SelectiveKeyRestoreOperationParameters.java @@ -11,7 +11,8 @@ @Fluent public final class SelectiveKeyRestoreOperationParameters { /* - * The sasTokenParameters property. + * SAS token parameter object containing Azure storage resourceUri and + * token */ @JsonProperty(value = "sasTokenParameters", required = true) private SASTokenParameter sasTokenParameters; @@ -24,7 +25,7 @@ public final class SelectiveKeyRestoreOperationParameters { private String folder; /** - * Get the sasTokenParameters property: The sasTokenParameters property. + * Get the sasTokenParameters property: SAS token parameter object containing Azure storage resourceUri and token. * * @return the sasTokenParameters value. */ @@ -33,7 +34,7 @@ public SASTokenParameter getSasTokenParameters() { } /** - * Set the sasTokenParameters property: The sasTokenParameters property. + * Set the sasTokenParameters property: SAS token parameter object containing Azure storage resourceUri and token. * * @param sasTokenParameters the sasTokenParameters value to set. * @return the SelectiveKeyRestoreOperationParameters object itself. diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/package-info.java b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/package-info.java index 6b89e34ff9e4..1b4e3c41171c 100644 --- a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/package-info.java +++ b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/implementation/package-info.java @@ -3,7 +3,7 @@ // Code generated by Microsoft (R) AutoRest Code Generator. /** - * Package containing the implementations and inner classes for KeyVaultAccessControlClient and KeyVaultBackupClient. - * The key vault client performs cryptographic key operations and vault operations against the Key Vault service. + * Package containing the implementations for KeyVaultAccessControlClient. The key vault client performs cryptographic + * key operations and vault operations against the Key Vault service. */ package com.azure.security.keyvault.administration.implementation; diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/models/KeyVaultAdministrationException.java b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/models/KeyVaultAdministrationException.java new file mode 100644 index 000000000000..6bc7ccf1b775 --- /dev/null +++ b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/models/KeyVaultAdministrationException.java @@ -0,0 +1,38 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +package com.azure.security.keyvault.administration.models; + +import com.azure.core.exception.HttpResponseException; +import com.azure.core.http.HttpResponse; + +/** + * Exception thrown for an invalid response with {@link KeyVaultError} information. + */ +public final class KeyVaultAdministrationException extends HttpResponseException { + /** + * Creates a new instance of the {@link KeyVaultAdministrationException} class. + * + * @param message The exception message or the response content if a message is not available. + * @param response The HTTP response. + */ + public KeyVaultAdministrationException(String message, HttpResponse response) { + super(message, response); + } + + /** + * Creates a new instance of {@link KeyVaultAdministrationException}. + * + * @param message The exception message or the response content if a message is not available. + * @param response The HTTP response. + * @param value The deserialized response value. + */ + public KeyVaultAdministrationException(String message, HttpResponse response, KeyVaultError value) { + super(message, response, value); + } + + @Override + public KeyVaultError getValue() { + return (KeyVaultError) super.getValue(); + } +} diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/models/KeyVaultDataAction.java b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/models/KeyVaultDataAction.java new file mode 100644 index 000000000000..3dc7d5abbb64 --- /dev/null +++ b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/models/KeyVaultDataAction.java @@ -0,0 +1,182 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +package com.azure.security.keyvault.administration.models; + +import com.azure.core.util.ExpandableStringEnum; +import com.fasterxml.jackson.annotation.JsonCreator; + +/** + * Defines values for {@link KeyVaultDataAction}. + */ +public class KeyVaultDataAction extends ExpandableStringEnum { + /** + * Static value Microsoft.KeyVault/managedHsm/keys/read/action for {@link KeyVaultDataAction}. + */ + public static final KeyVaultDataAction READ_HSM_KEY = fromString("Microsoft.KeyVault/managedHsm/keys/read/action"); + + /** + * Static value Microsoft.KeyVault/managedHsm/keys/write/action for {@link KeyVaultDataAction}. + */ + public static final KeyVaultDataAction WRITE_HSM_KEY = fromString("Microsoft.KeyVault/managedHsm/keys/write/action"); + + /** + * Static value Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action for {@link KeyVaultDataAction}. + */ + public static final KeyVaultDataAction READ_DELETED_HSM_KEY = + fromString("Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action"); + + /** + * Static value Microsoft.KeyVault/managedHsm/keys/deletedKeys/recover/action for {@link KeyVaultDataAction}. + */ + public static final KeyVaultDataAction RECOVER_DELETED_HSM_KEY = + fromString("Microsoft.KeyVault/managedHsm/keys/deletedKeys/recover/action"); + + /** + * Static value Microsoft.KeyVault/managedHsm/keys/backup/action for {@link KeyVaultDataAction}. + */ + public static final KeyVaultDataAction BACKUP_HSM_KEYS = fromString("Microsoft.KeyVault/managedHsm/keys/backup/action"); + + /** + * Static value Microsoft.KeyVault/managedHsm/keys/restore/action for {@link KeyVaultDataAction}. + */ + public static final KeyVaultDataAction RESTORE_HSM_KEYS = fromString("Microsoft.KeyVault/managedHsm/keys/restore/action"); + + /** + * Static value Microsoft.KeyVault/managedHsm/roleAssignments/delete/action for {@link KeyVaultDataAction}. + */ + public static final KeyVaultDataAction DELETE_ROLE_ASSIGNMENT = + fromString("Microsoft.KeyVault/managedHsm/roleAssignments/delete/action"); + + /** + * Static value Microsoft.KeyVault/managedHsm/roleAssignments/read/action for {@link KeyVaultDataAction}. + */ + public static final KeyVaultDataAction GET_ROLE_ASSIGNMENT = + fromString("Microsoft.KeyVault/managedHsm/roleAssignments/read/action"); + + /** + * Static value Microsoft.KeyVault/managedHsm/roleAssignments/write/action for {@link KeyVaultDataAction}. + */ + public static final KeyVaultDataAction WRITE_ROLE_ASSIGNMENT = + fromString("Microsoft.KeyVault/managedHsm/roleAssignments/write/action"); + + /** + * Static value Microsoft.KeyVault/managedHsm/roleDefinitions/read/action for {@link KeyVaultDataAction}. + */ + public static final KeyVaultDataAction READ_ROLE_DEFINITION = + fromString("Microsoft.KeyVault/managedHsm/roleDefinitions/read/action"); + + /** + * Static value Microsoft.KeyVault/managedHsm/keys/encrypt/action for {@link KeyVaultDataAction}. + */ + public static final KeyVaultDataAction ENCRYPT_HSM_KEY = fromString("Microsoft.KeyVault/managedHsm/keys/encrypt/action"); + + /** + * Static value Microsoft.KeyVault/managedHsm/keys/decrypt/action for {@link KeyVaultDataAction}. + */ + public static final KeyVaultDataAction DECRYPT_HSM_KEY = fromString("Microsoft.KeyVault/managedHsm/keys/decrypt/action"); + + /** + * Static value Microsoft.KeyVault/managedHsm/keys/wrap/action for {@link KeyVaultDataAction}. + */ + public static final KeyVaultDataAction WRAP_HSM_KEY = fromString("Microsoft.KeyVault/managedHsm/keys/wrap/action"); + + /** + * Static value Microsoft.KeyVault/managedHsm/keys/unwrap/action for {@link KeyVaultDataAction}. + */ + public static final KeyVaultDataAction UNWRAP_HSM_KEY = fromString("Microsoft.KeyVault/managedHsm/keys/unwrap/action"); + + /** + * Static value Microsoft.KeyVault/managedHsm/keys/sign/action for {@link KeyVaultDataAction}. + */ + public static final KeyVaultDataAction SIGN_HSM_KEY = fromString("Microsoft.KeyVault/managedHsm/keys/sign/action"); + + /** + * Static value Microsoft.KeyVault/managedHsm/keys/verify/action for {@link KeyVaultDataAction}. + */ + public static final KeyVaultDataAction VERIFY_HSM_KEY = fromString("Microsoft.KeyVault/managedHsm/keys/verify/action"); + + /** + * Static value Microsoft.KeyVault/managedHsm/keys/create for {@link KeyVaultDataAction}. + */ + public static final KeyVaultDataAction CREATE_HSM_KEY = fromString("Microsoft.KeyVault/managedHsm/keys/create"); + + /** + * Static value Microsoft.KeyVault/managedHsm/keys/delete for {@link KeyVaultDataAction}. + */ + public static final KeyVaultDataAction DELETE_HSM_KEY = fromString("Microsoft.KeyVault/managedHsm/keys/delete"); + + /** + * Static value Microsoft.KeyVault/managedHsm/keys/export/action for {@link KeyVaultDataAction}. + */ + public static final KeyVaultDataAction EXPORT_HSM_KEY = fromString("Microsoft.KeyVault/managedHsm/keys/export/action"); + + /** + * Static value Microsoft.KeyVault/managedHsm/keys/import/action for {@link KeyVaultDataAction}. + */ + public static final KeyVaultDataAction IMPORT_HSM_KEY = fromString("Microsoft.KeyVault/managedHsm/keys/import/action"); + + /** + * Static value Microsoft.KeyVault/managedHsm/keys/deletedKeys/delete for {@link KeyVaultDataAction}. + */ + public static final KeyVaultDataAction PURGE_DELETED_HSM_KEY = + fromString("Microsoft.KeyVault/managedHsm/keys/deletedKeys/delete"); + + /** + * Static value Microsoft.KeyVault/managedHsm/securitydomain/download/action for {@link KeyVaultDataAction}. + */ + public static final KeyVaultDataAction DOWNLOAD_HSM_SECURITY_DOMAIN = + fromString("Microsoft.KeyVault/managedHsm/securitydomain/download/action"); + + /** + * Static value Microsoft.KeyVault/managedHsm/securitydomain/upload/action for {@link KeyVaultDataAction}. + */ + public static final KeyVaultDataAction UPLOAD_HSM_SECURITY_DOMAIN = + fromString("Microsoft.KeyVault/managedHsm/securitydomain/upload/action"); + + /** + * Static value Microsoft.KeyVault/managedHsm/securitydomain/upload/read for {@link KeyVaultDataAction}. + */ + public static final KeyVaultDataAction READ_HSM_SECURITY_DOMAIN_STATUS = + fromString("Microsoft.KeyVault/managedHsm/securitydomain/upload/read"); + + /** + * Static value Microsoft.KeyVault/managedHsm/securitydomain/transferkey/read for {@link KeyVaultDataAction}. + */ + public static final KeyVaultDataAction READ_HSM_SECURITY_DOMAIN_TRANSFER_KEY = + fromString("Microsoft.KeyVault/managedHsm/securitydomain/transferkey/read"); + + /** + * Static value Microsoft.KeyVault/managedHsm/backup/start/action for {@link KeyVaultDataAction}. + */ + public static final KeyVaultDataAction START_HSM_BACKUP = fromString("Microsoft.KeyVault/managedHsm/backup/start/action"); + + /** + * Static value Microsoft.KeyVault/managedHsm/restore/start/action for {@link KeyVaultDataAction}. + */ + public static final KeyVaultDataAction START_HSM_RESTORE = fromString("Microsoft.KeyVault/managedHsm/restore/start/action"); + + /** + * Static value Microsoft.KeyVault/managedHsm/backup/status/action for {@link KeyVaultDataAction}. + */ + public static final KeyVaultDataAction READ_HSM_BACKUP_STATUS = + fromString("Microsoft.KeyVault/managedHsm/backup/status/action"); + + /** + * Static value Microsoft.KeyVault/managedHsm/restore/status/action for {@link KeyVaultDataAction}. + */ + public static final KeyVaultDataAction READ_HSM_RESTORE_STATUS = + fromString("Microsoft.KeyVault/managedHsm/restore/status/action"); + + /** + * Creates or finds a {@link KeyVaultDataAction} from its string representation. + * + * @param name A name to look for. + * + * @return The corresponding {@link KeyVaultDataAction}. + */ + @JsonCreator + public static KeyVaultDataAction fromString(String name) { + return fromString(name, KeyVaultDataAction.class); + } +} diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/models/KeyVaultPermission.java b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/models/KeyVaultPermission.java index 7bcae4cdb6f3..b722f5e2106e 100644 --- a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/models/KeyVaultPermission.java +++ b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/models/KeyVaultPermission.java @@ -8,63 +8,67 @@ import java.util.List; /** - * A class describing allowed and denied actions and data actions of a {@link KeyVaultRoleDefinition}. + * A class describing allowed and forbidden actions and data actions of a {@link KeyVaultRoleDefinition}. */ @Immutable public final class KeyVaultPermission { - private final List allowedActions; - private final List deniedActions; - private final List allowedDataActions; - private final List deniedDataActions; + private final List actions; + private final List notActions; + private final List dataActions; + private final List notDataActions; /** - * Creates a new {@link KeyVaultPermission} with the specified allowed and denied actions and data actions. + * Creates a new {@link KeyVaultPermission} with the specified allowed and forbidden actions and data actions. * - * @param allowedActions The actions this {@link KeyVaultPermission permission} allows. - * @param deniedActions The actions this {@link KeyVaultPermission permission} denies. - * @param allowedDataActions The data actions this {@link KeyVaultPermission permission} allows. - * @param deniedDataActions The data actions this {@link KeyVaultPermission permission} denies. + * @param actions Action permissions that are granted. + * @param notActions Action permissions that are excluded but not denied. They may be granted by other role + * definitions assigned to a principal. + * @param dataActions Data action permissions that are granted. + * @param notDataActions Data action permissions that are excluded but not denied. They may be granted by other role + * definitions assigned to a principal. */ - public KeyVaultPermission(List allowedActions, List deniedActions, List allowedDataActions, List deniedDataActions) { - this.allowedActions = allowedActions; - this.deniedActions = deniedActions; - this.allowedDataActions = allowedDataActions; - this.deniedDataActions = deniedDataActions; + public KeyVaultPermission(List actions, List notActions, List dataActions, + List notDataActions) { + this.actions = actions; + this.notActions = notActions; + this.dataActions = dataActions; + this.notDataActions = notDataActions; } /** - * Get the actions this {@link KeyVaultPermission permission} allows. + * Get the action permissions that are granted. * - * @return The allowed actions. + * @return The action permissions that are granted. */ - public List getAllowedActions() { - return allowedActions; + public List getActions() { + return actions; } /** - * Get the actions this {@link KeyVaultPermission permission} denies. + * Get the action permissions that are excluded but not denied. They may be granted by other role definitions + * assigned to a principal * - * @return The denied actions. + * @return The action permissions that are excluded but not denied. */ - public List getDeniedActions() { - return deniedActions; + public List getNotActions() { + return notActions; } /** - * Get the data actions this {@link KeyVaultPermission permission} allows. + * Get the data action permissions that are granted. * - * @return The allowed data actions. + * @return The data action permissions that are granted. */ - public List getAllowedDataActions() { - return allowedDataActions; + public List getDataActions() { + return dataActions; } /** - * Get the data actions this {@link KeyVaultPermission permission} denies. + * Get the data action permissions that are excluded but not denied. * - * @return The denied data actions. + * @return The data action permissions that are excluded but not denied. */ - public List getDeniedDataActions() { - return deniedDataActions; + public List getNotDataActions() { + return notDataActions; } } diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/models/KeyVaultRoleDefinition.java b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/models/KeyVaultRoleDefinition.java index 8e5ff31250ad..4e1d8a3dd190 100644 --- a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/models/KeyVaultRoleDefinition.java +++ b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/models/KeyVaultRoleDefinition.java @@ -12,7 +12,7 @@ public final class KeyVaultRoleDefinition { private final String id; private final String name; - private final String type; + private final KeyVaultRoleDefinitionType type; private final KeyVaultRoleDefinitionProperties properties; /** @@ -20,11 +20,12 @@ public final class KeyVaultRoleDefinition { * * @param id The ID for this {@link KeyVaultRoleDefinition role definition}. * @param name The name for this {@link KeyVaultRoleDefinition role definition}. - * @param type The type for this {@link KeyVaultRoleDefinition role definition}. + * @param type The type of this {@link KeyVaultRoleDefinition role definition}. * @param properties {@link KeyVaultRoleDefinitionProperties properties} of this {@link KeyVaultRoleDefinition * role definition}. */ - public KeyVaultRoleDefinition(String id, String name, String type, KeyVaultRoleDefinitionProperties properties) { + public KeyVaultRoleDefinition(String id, String name, KeyVaultRoleDefinitionType type, + KeyVaultRoleDefinitionProperties properties) { this.id = id; this.name = name; this.type = type; @@ -50,18 +51,18 @@ public String getName() { } /** - * Get the {@link KeyVaultRoleDefinition role definition} type. + * Get the {@link KeyVaultRoleDefinitionType role definition type}. * - * @return The {@link KeyVaultRoleDefinition role definition} type. + * @return The {@link KeyVaultRoleDefinitionType role definition type}. */ - public String getType() { + public KeyVaultRoleDefinitionType getType() { return type; } /** - * Get the {@link KeyVaultRoleDefinition role definition} {@link KeyVaultRoleDefinitionProperties properties}. + * Get the {@link KeyVaultRoleDefinitionProperties role definition properties}. * - * @return The {@link KeyVaultRoleDefinition role definition} {@link KeyVaultRoleDefinitionProperties properties}. + * @return The {@link KeyVaultRoleDefinitionProperties role definition properties}. */ public KeyVaultRoleDefinitionProperties getProperties() { return properties; diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/models/KeyVaultRoleDefinitionProperties.java b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/models/KeyVaultRoleDefinitionProperties.java index 219e35cd60fc..b04ef0b14b4f 100644 --- a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/models/KeyVaultRoleDefinitionProperties.java +++ b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/models/KeyVaultRoleDefinitionProperties.java @@ -14,9 +14,9 @@ public final class KeyVaultRoleDefinitionProperties { private final String roleName; private final String description; - private final String roleType; + private final KeyVaultRoleType roleType; private final List permissions; - private final List assignableScopes; + private final List assignableScopes; /** * Creates a new {@link KeyVaultRoleDefinitionProperties role definition properties} object with the specified @@ -29,7 +29,9 @@ public final class KeyVaultRoleDefinitionProperties { * has. * @param assignableScopes The assignable scopes of the {@link KeyVaultRoleDefinition role definition}. */ - public KeyVaultRoleDefinitionProperties(String roleName, String roleDescription, String roleType, List permissions, List assignableScopes) { + public KeyVaultRoleDefinitionProperties(String roleName, String roleDescription, KeyVaultRoleType roleType, + List permissions, + List assignableScopes) { this.roleName = roleName; this.description = roleDescription; this.roleType = roleType; @@ -60,7 +62,7 @@ public String getDescription() { * * @return The role type. */ - public String getRoleType() { + public KeyVaultRoleType getRoleType() { return roleType; } @@ -78,7 +80,7 @@ public List getPermissions() { * * @return The {@link KeyVaultRoleDefinition role definition}'s assignable scopes. */ - public List getAssignableScopes() { + public List getAssignableScopes() { return assignableScopes; } } diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/models/KeyVaultRoleDefinitionType.java b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/models/KeyVaultRoleDefinitionType.java new file mode 100644 index 000000000000..64d795937723 --- /dev/null +++ b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/models/KeyVaultRoleDefinitionType.java @@ -0,0 +1,30 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +package com.azure.security.keyvault.administration.models; + +import com.azure.core.util.ExpandableStringEnum; +import com.fasterxml.jackson.annotation.JsonCreator; + +/** + * Defines values for {@link KeyVaultRoleDefinitionType}. + */ +public class KeyVaultRoleDefinitionType extends ExpandableStringEnum { + /** + * Static value Microsoft.Authorization/roleDefinitions for {@link KeyVaultRoleDefinitionType}. + */ + public static final KeyVaultRoleDefinitionType MICROSOFT_AUTHORIZATION_ROLE_DEFINITIONS = + fromString("Microsoft.Authorization/roleDefinitions"); + + /** + * Creates or finds a {@link KeyVaultRoleDefinitionType} from its string representation. + * + * @param name A name to look for. + * + * @return The corresponding {@link KeyVaultRoleDefinitionType}. + */ + @JsonCreator + public static KeyVaultRoleDefinitionType fromString(String name) { + return fromString(name, KeyVaultRoleDefinitionType.class); + } +} diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/models/KeyVaultRoleType.java b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/models/KeyVaultRoleType.java new file mode 100644 index 000000000000..8240edf1bd5a --- /dev/null +++ b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/models/KeyVaultRoleType.java @@ -0,0 +1,34 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +package com.azure.security.keyvault.administration.models; + +import com.azure.core.util.ExpandableStringEnum; +import com.fasterxml.jackson.annotation.JsonCreator; + +/** + * Defines values for {@link KeyVaultRoleType}. + */ +public class KeyVaultRoleType extends ExpandableStringEnum { + /** + * Static value AKVBuiltInRole for {@link KeyVaultRoleType}. + */ + public static final KeyVaultRoleType BUILT_IN_ROLE = fromString("AKVBuiltInRole"); + + /** + * Static value CustomRole for {@link KeyVaultRoleType}. + */ + public static final KeyVaultRoleType CUSTOM_ROLE = fromString("CustomRole"); + + /** + * Creates or finds a {@link KeyVaultRoleType} from its string representation. + * + * @param name A name to look for. + * + * @return The corresponding {@link KeyVaultRoleType}. + */ + @JsonCreator + public static KeyVaultRoleType fromString(String name) { + return fromString(name, KeyVaultRoleType.class); + } +} diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/options/SetRoleDefinitionOptions.java b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/options/SetRoleDefinitionOptions.java new file mode 100644 index 000000000000..d74890dadd50 --- /dev/null +++ b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/options/SetRoleDefinitionOptions.java @@ -0,0 +1,166 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +package com.azure.security.keyvault.administration.options; + +import com.azure.core.annotation.Fluent; +import com.azure.security.keyvault.administration.models.KeyVaultPermission; +import com.azure.security.keyvault.administration.models.KeyVaultRoleDefinition; +import com.azure.security.keyvault.administration.models.KeyVaultRoleScope; +import com.azure.security.keyvault.administration.models.KeyVaultRoleType; + +import java.util.List; +import java.util.UUID; + +/** + * Represents the configurable options to create or update a {@link KeyVaultRoleDefinition role definition}. + */ +@Fluent +public class SetRoleDefinitionOptions { + private final KeyVaultRoleScope roleScope; + private final String roleDefinitionName; + private final KeyVaultRoleType roleType; + private String roleName; + private String description; + private List permissions; + private List assignableScopes; + + /** + * Creates an instance of {@link SetRoleDefinitionOptions} with an automatically generated name. + * + * @param roleScope The {@link KeyVaultRoleScope role scope} of the {@link KeyVaultRoleDefinition} to create. + * Managed HSM only supports '/'. + */ + public SetRoleDefinitionOptions(KeyVaultRoleScope roleScope) { + this(roleScope, UUID.randomUUID().toString()); + } + + /** + * Creates an instance of {@link SetRoleDefinitionOptions}. + * + * @param roleScope The {@link KeyVaultRoleScope role scope} of the {@link KeyVaultRoleDefinition} to create. + * Managed HSM only supports '/'. + * @param roleDefinitionName The name of the {@link KeyVaultRoleDefinition}. It can be any valid UUID. + */ + public SetRoleDefinitionOptions(KeyVaultRoleScope roleScope, String roleDefinitionName) { + this.roleScope = roleScope; + this.roleDefinitionName = roleDefinitionName; + this.roleType = KeyVaultRoleType.CUSTOM_ROLE; + } + + /** + * Get the {@link KeyVaultRoleScope role scope} of the {@link KeyVaultRoleDefinition} to create or update. + * + * @return The {@link KeyVaultRoleScope role scope} of the {@link KeyVaultRoleDefinition}. + */ + public KeyVaultRoleScope getRoleScope() { + return roleScope; + } + + /** + * Get the name of the {@link KeyVaultRoleDefinition} to create or update. + * + * @return The name of the {@link KeyVaultRoleDefinition}. + */ + public String getRoleDefinitionName() { + return roleDefinitionName; + } + + /** + * Get the role type. + * + * @return The role type. + */ + public KeyVaultRoleType getRoleType() { + return roleType; + } + + /** + * Get the role name. + * + * @return The role name. + */ + public String getRoleName() { + return roleName; + } + + /** + * Set the role name. + * + * @param roleName The role name to set. + * + * @return The updated {@link SetRoleDefinitionOptions} object. + */ + public SetRoleDefinitionOptions setRoleName(String roleName) { + this.roleName = roleName; + + return this; + } + + /** + * Get the role description. + * + * @return The role description. + */ + public String getDescription() { + return description; + } + + /** + * Set the role description. + * + * @param description The role description to set. + * + * @return The updated {@link SetRoleDefinitionOptions} object. + */ + public SetRoleDefinitionOptions setDescription(String description) { + this.description = description; + + return this; + } + + /** + * Get the {@link KeyVaultRoleDefinition role definition}'s {@link KeyVaultPermission permissions}. + * + * @return The {@link KeyVaultRoleDefinition role definition}'s {@link KeyVaultPermission permissions}. + */ + public List getPermissions() { + return permissions; + } + + /** + * Set the {@link KeyVaultRoleDefinition role definition}'s {@link KeyVaultPermission permissions}. + * + * @param permissions The {@link KeyVaultRoleDefinition role definition}'s {@link KeyVaultPermission permissions} + * to set. + * + * @return The updated {@link SetRoleDefinitionOptions} object. + */ + public SetRoleDefinitionOptions setPermissions(List permissions) { + this.permissions = permissions; + + return this; + } + + /** + * Get the {@link KeyVaultRoleDefinition role definition}'s assignable scopes. + * + * @return The {@link KeyVaultRoleDefinition role definition}'s assignable scopes. + */ + public List getAssignableScopes() { + return assignableScopes; + } + + /** + * Set the {@link KeyVaultRoleDefinition role definition}'s assignable scopes. + * + * @param assignableScopes The {@link KeyVaultRoleDefinition role definition}'s assignable scopes to set. + * + * @return The updated {@link SetRoleDefinitionOptions} object. + */ + public SetRoleDefinitionOptions setAssignableScopes(List assignableScopes) { + this.assignableScopes = assignableScopes; + + return this; + } +} diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/options/package-info.java b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/options/package-info.java new file mode 100644 index 000000000000..1a7bdeead57c --- /dev/null +++ b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/com/azure/security/keyvault/administration/options/package-info.java @@ -0,0 +1,12 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +/** + * Package containing options classes for access control operations performed by + * {@link com.azure.security.keyvault.administration.KeyVaultAccessControlAsyncClient} and + * {@link com.azure.security.keyvault.administration.KeyVaultAccessControlClient}, as well as backup and restore + * operations for Azure Key Vault keys performed by + * {@link com.azure.security.keyvault.administration.KeyVaultBackupAsyncClient} and + * {@link com.azure.security.keyvault.administration.KeyVaultBackupClient}. + */ +package com.azure.security.keyvault.administration.options; diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/module-info.java b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/module-info.java index 580cb9dabee7..2f64ab84c320 100644 --- a/sdk/keyvault/azure-security-keyvault-administration/src/main/java/module-info.java +++ b/sdk/keyvault/azure-security-keyvault-administration/src/main/java/module-info.java @@ -6,9 +6,11 @@ exports com.azure.security.keyvault.administration; exports com.azure.security.keyvault.administration.models; + exports com.azure.security.keyvault.administration.options; opens com.azure.security.keyvault.administration to com.fasterxml.jackson.databind; opens com.azure.security.keyvault.administration.models to com.fasterxml.jackson.databind; opens com.azure.security.keyvault.administration.implementation to com.fasterxml.jackson.databind; opens com.azure.security.keyvault.administration.implementation.models to com.azure.core, com.fasterxml.jackson.databind; + opens com.azure.security.keyvault.administration.options to com.fasterxml.jackson.databind; } diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/test/java/com/azure/security/keyvault/administration/KeyVaultAccessControlAsyncClientTest.java b/sdk/keyvault/azure-security-keyvault-administration/src/test/java/com/azure/security/keyvault/administration/KeyVaultAccessControlAsyncClientTest.java index 3b552f831dde..8fc9fe79a2c7 100644 --- a/sdk/keyvault/azure-security-keyvault-administration/src/test/java/com/azure/security/keyvault/administration/KeyVaultAccessControlAsyncClientTest.java +++ b/sdk/keyvault/azure-security-keyvault-administration/src/test/java/com/azure/security/keyvault/administration/KeyVaultAccessControlAsyncClientTest.java @@ -5,11 +5,14 @@ import com.azure.core.http.HttpClient; import com.azure.core.test.TestMode; +import com.azure.security.keyvault.administration.models.KeyVaultAdministrationException; import com.azure.security.keyvault.administration.models.KeyVaultRoleAssignment; import com.azure.security.keyvault.administration.models.KeyVaultRoleAssignmentProperties; -import com.azure.security.keyvault.administration.models.KeyVaultRoleScope; import com.azure.security.keyvault.administration.models.KeyVaultRoleDefinition; import com.azure.security.keyvault.administration.models.KeyVaultRoleDefinitionProperties; +import com.azure.security.keyvault.administration.models.KeyVaultRoleDefinitionType; +import com.azure.security.keyvault.administration.models.KeyVaultRoleScope; +import com.azure.security.keyvault.administration.models.KeyVaultRoleType; import org.junit.jupiter.params.ParameterizedTest; import org.junit.jupiter.params.provider.MethodSource; @@ -17,8 +20,9 @@ import java.util.List; import static org.junit.jupiter.api.Assertions.assertEquals; -import static org.junit.jupiter.api.Assertions.assertNotEquals; +import static org.junit.jupiter.api.Assertions.assertFalse; import static org.junit.jupiter.api.Assertions.assertNotNull; +import static org.junit.jupiter.api.Assertions.assertThrows; import static org.junit.jupiter.api.Assertions.assertTrue; public class KeyVaultAccessControlAsyncClientTest extends KeyVaultAccessControlClientTestBase { @@ -43,34 +47,117 @@ public void listRoleDefinitions(HttpClient httpClient) { asyncClient = getClientBuilder(httpClient, false).buildAsyncClient(); - List roleDefinitions = new ArrayList<>(); + asyncClient.listRoleDefinitions(KeyVaultRoleScope.GLOBAL) + .subscribe(roleDefinition -> { + assertNotNull(roleDefinition.getId()); + assertNotNull(roleDefinition.getName()); + assertNotNull(roleDefinition.getType()); - asyncClient.listRoleDefinitions(KeyVaultRoleScope.GLOBAL).subscribe(roleDefinitions::add); + KeyVaultRoleDefinitionProperties properties = roleDefinition.getProperties(); + + assertNotNull(properties); + assertNotNull(properties.getRoleName()); + assertNotNull(properties.getDescription()); + assertNotNull(properties.getRoleType()); + assertFalse(properties.getAssignableScopes().isEmpty()); + assertFalse(properties.getPermissions().isEmpty()); + }); + + sleepIfRunningAgainstService(5000); + } + + /** + * Tests that a {@link KeyVaultRoleDefinition role definition} can be created in the Key Vault. + */ + @ParameterizedTest(name = DISPLAY_NAME) + @MethodSource("com.azure.security.keyvault.administration.KeyVaultAdministrationClientTestBase#createHttpClients") + public void setRoleDefinition(HttpClient httpClient) { + if (getTestMode() != TestMode.PLAYBACK) { + // Currently there is no test cloud environment for Managed HSM. + // TODO: Remove once there is a proper cloud environment available. + return; + } + + asyncClient = getClientBuilder(httpClient, false).buildAsyncClient(); + + String roleDefinitionName = "91d62511-feb2-456f-80a0-5b17bbaa50ec"; + + // Create a role definition. + asyncClient.setRoleDefinition(KeyVaultRoleScope.GLOBAL, roleDefinitionName) + .subscribe(roleDefinition -> { + assertNotNull(roleDefinition); + assertNotNull(roleDefinition.getId()); + assertEquals(roleDefinitionName, roleDefinition.getName()); + assertEquals(KeyVaultRoleDefinitionType.MICROSOFT_AUTHORIZATION_ROLE_DEFINITIONS, + roleDefinition.getType()); + + KeyVaultRoleDefinitionProperties properties = roleDefinition.getProperties(); + + assertNotNull(properties); + assertTrue(properties.getAssignableScopes().contains(KeyVaultRoleScope.GLOBAL)); + assertEquals(KeyVaultRoleType.CUSTOM_ROLE, properties.getRoleType()); + assertEquals(roleDefinitionName, properties.getRoleName()); + + // Clean up the role definition. + KeyVaultAccessControlAsyncClient cleanupClient = + getClientBuilder(httpClient, true).buildAsyncClient(); + + cleanupClient.deleteRoleDefinition(KeyVaultRoleScope.GLOBAL, roleDefinitionName); + }); + + sleepIfRunningAgainstService(2000); + } + + /** + * Tests that an existing {@link KeyVaultRoleDefinition role definition} can be retrieved from the Key Vault. + */ + @ParameterizedTest(name = DISPLAY_NAME) + @MethodSource("com.azure.security.keyvault.administration.KeyVaultAdministrationClientTestBase#createHttpClients") + public void getRoleDefinition(HttpClient httpClient) { + if (getTestMode() != TestMode.PLAYBACK) { + // Currently there is no test cloud environment for Managed HSM. + // TODO: Remove once there is a proper cloud environment available. + return; + } + + asyncClient = getClientBuilder(httpClient, false).buildAsyncClient(); - assertTrue(roleDefinitions.iterator().hasNext()); + String roleDefinitionName = "69dd1d15-b9c3-4252-be2e-e5ce7cbed1d5"; + KeyVaultRoleDefinition createdRoleDefinition = null; - for (KeyVaultRoleDefinition roleDefinition : roleDefinitions) { - assertNotNull(roleDefinition.getId()); - assertNotNull(roleDefinition.getName()); - assertNotNull(roleDefinition.getType()); + try { + List assignableScopes = new ArrayList<>(); + assignableScopes.add(KeyVaultRoleScope.GLOBAL); + assignableScopes.add(KeyVaultRoleScope.KEYS); + + // Create a role definition to retrieve. + createdRoleDefinition = asyncClient.setRoleDefinition(KeyVaultRoleScope.GLOBAL, roleDefinitionName).block(); + + assertNotNull(createdRoleDefinition); + + // Get the role assignment. + KeyVaultRoleDefinition retrievedRoleDefinition = + asyncClient.getRoleDefinition(KeyVaultRoleScope.GLOBAL, roleDefinitionName) + .block(); - KeyVaultRoleDefinitionProperties properties = roleDefinition.getProperties(); + assertNotNull(retrievedRoleDefinition); + assertRoleDefinitionEquals(createdRoleDefinition, retrievedRoleDefinition); + } finally { + if (getTestMode() != TestMode.PLAYBACK && createdRoleDefinition != null) { + // Clean up the role definition. + KeyVaultAccessControlAsyncClient cleanupClient = getClientBuilder(httpClient, true).buildAsyncClient(); - assertNotNull(properties); - assertNotNull(properties.getRoleName()); - assertNotNull(properties.getDescription()); - assertNotNull(properties.getRoleType()); - assertNotEquals(0, properties.getAssignableScopes().size()); - assertNotEquals(0, properties.getPermissions().size()); + cleanupClient.deleteRoleDefinition(KeyVaultRoleScope.GLOBAL, roleDefinitionName).block(); + } } } /** - * Tests that existing {@link KeyVaultRoleAssignment role assignments} can be retrieved from the Key Vault. + * Tests that an existing {@link KeyVaultRoleDefinition role definition} can be deleted from the Key Vault. */ @ParameterizedTest(name = DISPLAY_NAME) @MethodSource("com.azure.security.keyvault.administration.KeyVaultAdministrationClientTestBase#createHttpClients") - public void listRoleAssignments(HttpClient httpClient) { + public void deleteRoleDefinition(HttpClient httpClient) { if (getTestMode() != TestMode.PLAYBACK) { // Currently there is no test cloud environment for Managed HSM. // TODO: Remove once there is a proper cloud environment available. @@ -79,22 +166,72 @@ public void listRoleAssignments(HttpClient httpClient) { asyncClient = getClientBuilder(httpClient, false).buildAsyncClient(); - List roleAssignments = new ArrayList<>(); + String roleDefinitionName = "6adc4e1b-ff4f-43a7-92ad-6e4ca58d354f"; + + // Create a role definition to delete. + KeyVaultRoleDefinition createdRoleDefinition = + asyncClient.setRoleDefinition(KeyVaultRoleScope.GLOBAL, roleDefinitionName).block(); - asyncClient.listRoleAssignments(KeyVaultRoleScope.GLOBAL).subscribe(roleAssignments::add); - sleepInLiveOrRecordMode(5000); + assertNotNull(createdRoleDefinition); - for (KeyVaultRoleAssignment roleAssignment : roleAssignments) { - assertNotNull(roleAssignment.getId()); - assertNotNull(roleAssignment.getName()); - assertNotNull(roleAssignment.getType()); + // Delete the role definition. + KeyVaultRoleDefinition deletedRoleDefinition = + asyncClient.deleteRoleDefinition(KeyVaultRoleScope.GLOBAL, roleDefinitionName).block(); - KeyVaultRoleAssignmentProperties properties = roleAssignment.getProperties(); + assertNotNull(deletedRoleDefinition); + assertRoleDefinitionEquals(createdRoleDefinition, deletedRoleDefinition); + } - assertNotNull(properties); - assertNotNull(properties.getRoleDefinitionId()); - assertNotNull(properties.getPrincipalId()); + /** + * Tests that an exception is thrown when trying to delete a non-existent + * {@link KeyVaultRoleDefinition role definition} from the Key Vault. + */ + @ParameterizedTest(name = DISPLAY_NAME) + @MethodSource("com.azure.security.keyvault.administration.KeyVaultAdministrationClientTestBase#createHttpClients") + public void deleteNonExistingRoleDefinitionThrows(HttpClient httpClient) { + if (getTestMode() != TestMode.PLAYBACK) { + // Currently there is no test cloud environment for Managed HSM. + // TODO: Remove once there is a proper cloud environment available. + return; } + + asyncClient = getClientBuilder(httpClient, false).buildAsyncClient(); + + String roleDefinitionName = "475ed505-5835-48ce-b257-cdb8fa153e67"; + + // Try to delete a non-existent role definition. + assertThrows(KeyVaultAdministrationException.class, + () -> asyncClient.deleteRoleDefinition(KeyVaultRoleScope.GLOBAL, roleDefinitionName).block()); + } + + /** + * Tests that existing {@link KeyVaultRoleAssignment role assignments} can be retrieved from the Key Vault. + */ + @ParameterizedTest(name = DISPLAY_NAME) + @MethodSource("com.azure.security.keyvault.administration.KeyVaultAdministrationClientTestBase#createHttpClients") + public void listRoleAssignments(HttpClient httpClient) { + if (getTestMode() != TestMode.PLAYBACK) { + // Currently there is no test cloud environment for Managed HSM. + // TODO: Remove once there is a proper cloud environment available. + return; + } + + asyncClient = getClientBuilder(httpClient, false).buildAsyncClient(); + + asyncClient.listRoleAssignments(KeyVaultRoleScope.GLOBAL) + .subscribe(roleAssignment -> { + assertNotNull(roleAssignment.getId()); + assertNotNull(roleAssignment.getName()); + assertNotNull(roleAssignment.getType()); + + KeyVaultRoleAssignmentProperties properties = roleAssignment.getProperties(); + + assertNotNull(properties); + assertNotNull(properties.getRoleDefinitionId()); + assertNotNull(properties.getPrincipalId()); + }); + + sleepIfRunningAgainstService(5000); } /** @@ -114,13 +251,17 @@ public void createRoleAssignment(HttpClient httpClient) { List roleDefinitions = new ArrayList<>(); asyncClient.listRoleDefinitions(KeyVaultRoleScope.GLOBAL).subscribe(roleDefinitions::add); - sleepInLiveOrRecordMode(5000); + sleepIfRunningAgainstService(5000); + + assertFalse(roleDefinitions.isEmpty()); KeyVaultRoleDefinition roleDefinition = null; for (KeyVaultRoleDefinition currentRoleDefinition : roleDefinitions) { if (currentRoleDefinition.getProperties().getRoleName().equals(ROLE_NAME)) { roleDefinition = currentRoleDefinition; + + break; } } @@ -128,29 +269,83 @@ public void createRoleAssignment(HttpClient httpClient) { String roleAssignmentName = "d0bedeb4-7431-407d-81cd-278929c98218"; + // Create a role assignment. + KeyVaultRoleDefinition finalRoleDefinition = roleDefinition; + + asyncClient.createRoleAssignment(KeyVaultRoleScope.GLOBAL, roleDefinition.getId(), servicePrincipalId, + roleAssignmentName).subscribe(roleAssignment -> { + assertNotNull(roleAssignment); + assertNotNull(roleAssignment.getId()); + assertEquals(roleAssignmentName, roleAssignment.getName()); + assertNotNull(roleAssignment.getType()); + assertNotNull(roleAssignment.getRoleScope()); + + KeyVaultRoleAssignmentProperties properties = roleAssignment.getProperties(); + + assertNotNull(properties); + assertEquals(servicePrincipalId, properties.getPrincipalId()); + assertEquals(finalRoleDefinition.getId(), properties.getRoleDefinitionId()); + + // Clean up the role assignment. + KeyVaultAccessControlAsyncClient cleanupClient = getClientBuilder(httpClient, true).buildAsyncClient(); + + cleanupClient.deleteRoleAssignment(KeyVaultRoleScope.GLOBAL, roleAssignmentName).block(); + }); + } + + /** + * Tests that a {@link KeyVaultRoleAssignment role assignment} that already exists in the Key Vault cannot be + * created again. + */ + @ParameterizedTest(name = DISPLAY_NAME) + @MethodSource("com.azure.security.keyvault.administration.KeyVaultAdministrationClientTestBase#createHttpClients") + public void createExistingRoleAssignmentThrows(HttpClient httpClient) { + if (getTestMode() != TestMode.PLAYBACK) { + // Currently there is no test cloud environment for Managed HSM. + // TODO: Remove once there is a proper cloud environment available. + return; + } + + asyncClient = getClientBuilder(httpClient, false).buildAsyncClient(); + + List roleDefinitions = new ArrayList<>(); + + asyncClient.listRoleDefinitions(KeyVaultRoleScope.GLOBAL).subscribe(roleDefinitions::add); + sleepIfRunningAgainstService(5000); + + KeyVaultRoleDefinition roleDefinition = null; + + for (KeyVaultRoleDefinition currentRoleDefinition : roleDefinitions) { + if (currentRoleDefinition.getProperties().getRoleName().equals(ROLE_NAME)) { + roleDefinition = currentRoleDefinition; + + break; + } + } + + assertNotNull(roleDefinition); + + String roleAssignmentName = "9412ec53-56f1-4cd8-ab3e-cbbd38253f08"; + KeyVaultRoleAssignment roleAssignment = null; + try { // Create a role assignment. - KeyVaultRoleAssignment roleAssignment = - asyncClient.createRoleAssignment(KeyVaultRoleScope.GLOBAL, roleAssignmentName, roleDefinition.getId(), - clientId).block(); + roleAssignment = + asyncClient.createRoleAssignment(KeyVaultRoleScope.GLOBAL, roleDefinition.getId(), servicePrincipalId, + roleAssignmentName).block(); - assertNotNull(roleAssignment); - assertNotNull(roleAssignment.getId()); - assertEquals(roleAssignment.getName(), roleAssignmentName); - assertNotNull(roleAssignment.getType()); - assertNotNull(roleAssignment.getRoleScope()); + KeyVaultRoleDefinition finalRoleDefinition = roleDefinition; - KeyVaultRoleAssignmentProperties properties = roleAssignment.getProperties(); - - assertNotNull(properties); - assertEquals(clientId, properties.getPrincipalId()); - assertEquals(roleDefinition.getId(), properties.getRoleDefinitionId()); + // Attempt to create a role assignment with the same roe scope, name, role definition ID and principal ID. + assertThrows(KeyVaultAdministrationException.class, + () -> asyncClient.createRoleAssignment(KeyVaultRoleScope.GLOBAL, finalRoleDefinition.getId(), + servicePrincipalId, roleAssignmentName).block()); } finally { - if (getTestMode() != TestMode.PLAYBACK) { + if (getTestMode() != TestMode.PLAYBACK && roleAssignment != null) { // Clean up the role assignment. KeyVaultAccessControlAsyncClient cleanupClient = getClientBuilder(httpClient, true).buildAsyncClient(); - cleanupClient.deleteRoleAssignment(KeyVaultRoleScope.GLOBAL, roleAssignmentName); + cleanupClient.deleteRoleAssignment(KeyVaultRoleScope.GLOBAL, roleAssignmentName).block(); } } } @@ -172,50 +367,43 @@ public void getRoleAssignment(HttpClient httpClient) { List roleDefinitions = new ArrayList<>(); asyncClient.listRoleDefinitions(KeyVaultRoleScope.GLOBAL).subscribe(roleDefinitions::add); - sleepInLiveOrRecordMode(5000); + sleepIfRunningAgainstService(5000); KeyVaultRoleDefinition roleDefinition = null; for (KeyVaultRoleDefinition currentRoleDefinition : roleDefinitions) { if (currentRoleDefinition.getProperties().getRoleName().equals(ROLE_NAME)) { roleDefinition = currentRoleDefinition; + + break; } } assertNotNull(roleDefinition); String roleAssignmentName = "658d6c14-98c2-4a53-a523-be8609eb7f8b"; + KeyVaultRoleAssignment createdRoleAssignment = null; try { // Create a role assignment to retrieve. - KeyVaultRoleAssignment createdRoleAssignment = - asyncClient.createRoleAssignment(KeyVaultRoleScope.GLOBAL, roleAssignmentName, roleDefinition.getId(), - clientId).block(); + createdRoleAssignment = + asyncClient.createRoleAssignment(KeyVaultRoleScope.GLOBAL, roleDefinition.getId(), servicePrincipalId, + roleAssignmentName).block(); assertNotNull(createdRoleAssignment); // Get the role assignment. KeyVaultRoleAssignment retrievedRoleAssignment = - asyncClient.getRoleAssignment(KeyVaultRoleScope.GLOBAL, roleAssignmentName) - .block(); + asyncClient.getRoleAssignment(KeyVaultRoleScope.GLOBAL, roleAssignmentName).block(); assertNotNull(retrievedRoleAssignment); - assertEquals(createdRoleAssignment.getId(), retrievedRoleAssignment.getId()); - assertEquals(createdRoleAssignment.getName(), retrievedRoleAssignment.getName()); - assertEquals(createdRoleAssignment.getType(), retrievedRoleAssignment.getType()); - assertEquals(createdRoleAssignment.getRoleScope(), retrievedRoleAssignment.getRoleScope()); - - KeyVaultRoleAssignmentProperties retrievedProperties = retrievedRoleAssignment.getProperties(); - - assertNotNull(retrievedProperties); - assertEquals(clientId, retrievedProperties.getPrincipalId()); - assertEquals(roleDefinition.getId(), retrievedProperties.getRoleDefinitionId()); + assertRoleAssignmentEquals(createdRoleAssignment, retrievedRoleAssignment); } finally { - if (getTestMode() != TestMode.PLAYBACK) { + if (getTestMode() != TestMode.PLAYBACK && createdRoleAssignment != null) { // Clean up the role assignment. KeyVaultAccessControlAsyncClient cleanupClient = getClientBuilder(httpClient, true).buildAsyncClient(); - cleanupClient.deleteRoleAssignment(KeyVaultRoleScope.GLOBAL, roleAssignmentName); + cleanupClient.deleteRoleAssignment(KeyVaultRoleScope.GLOBAL, roleAssignmentName).block(); } } } @@ -237,13 +425,15 @@ public void deleteRoleAssignment(HttpClient httpClient) { List roleDefinitions = new ArrayList<>(); asyncClient.listRoleDefinitions(KeyVaultRoleScope.GLOBAL).subscribe(roleDefinitions::add); - sleepInLiveOrRecordMode(5000); + sleepIfRunningAgainstService(5000); KeyVaultRoleDefinition roleDefinition = null; for (KeyVaultRoleDefinition currentRoleDefinition : roleDefinitions) { if (currentRoleDefinition.getProperties().getRoleName().equals(ROLE_NAME)) { roleDefinition = currentRoleDefinition; + + break; } } @@ -253,8 +443,8 @@ public void deleteRoleAssignment(HttpClient httpClient) { // Create a role assignment to delete. KeyVaultRoleAssignment createdRoleAssignment = - asyncClient.createRoleAssignment(KeyVaultRoleScope.GLOBAL, roleAssignmentName, roleDefinition.getId(), - clientId).block(); + asyncClient.createRoleAssignment(KeyVaultRoleScope.GLOBAL, roleDefinition.getId(), servicePrincipalId, + roleAssignmentName).block(); assertNotNull(createdRoleAssignment); @@ -263,15 +453,45 @@ public void deleteRoleAssignment(HttpClient httpClient) { asyncClient.deleteRoleAssignment(KeyVaultRoleScope.GLOBAL, roleAssignmentName).block(); assertNotNull(deletedRoleAssignment); - assertEquals(createdRoleAssignment.getId(), deletedRoleAssignment.getId()); - assertEquals(createdRoleAssignment.getName(), deletedRoleAssignment.getName()); - assertEquals(createdRoleAssignment.getType(), deletedRoleAssignment.getType()); - assertEquals(createdRoleAssignment.getRoleScope(), deletedRoleAssignment.getRoleScope()); + assertRoleAssignmentEquals(createdRoleAssignment, deletedRoleAssignment); + } + + /** + * Tests that an exception is thrown when trying to delete a non-existent + * {@link KeyVaultRoleAssignment role assignment} from the Key Vault. + */ + @ParameterizedTest(name = DISPLAY_NAME) + @MethodSource("com.azure.security.keyvault.administration.KeyVaultAdministrationClientTestBase#createHttpClients") + public void deleteNonExistingRoleAssignmentThrows(HttpClient httpClient) { + if (getTestMode() != TestMode.PLAYBACK) { + // Currently there is no test cloud environment for Managed HSM. + // TODO: Remove once there is a proper cloud environment available. + return; + } + + asyncClient = getClientBuilder(httpClient, false).buildAsyncClient(); + + List roleDefinitions = new ArrayList<>(); + + asyncClient.listRoleDefinitions(KeyVaultRoleScope.GLOBAL).subscribe(roleDefinitions::add); + sleepIfRunningAgainstService(5000); + + KeyVaultRoleDefinition roleDefinition = null; + + for (KeyVaultRoleDefinition currentRoleDefinition : roleDefinitions) { + if (currentRoleDefinition.getProperties().getRoleName().equals(ROLE_NAME)) { + roleDefinition = currentRoleDefinition; + + break; + } + } + + assertNotNull(roleDefinition); - KeyVaultRoleAssignmentProperties retrievedProperties = deletedRoleAssignment.getProperties(); + String roleAssignmentName = "ee830d79-e3dc-4ac5-8581-b6f650aa7831"; - assertNotNull(retrievedProperties); - assertEquals(clientId, retrievedProperties.getPrincipalId()); - assertEquals(roleDefinition.getId(), retrievedProperties.getRoleDefinitionId()); + // Try to delete a non-existent role assignment. + assertThrows(KeyVaultAdministrationException.class, + () -> asyncClient.deleteRoleAssignment(KeyVaultRoleScope.GLOBAL, roleAssignmentName).block()); } } diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/test/java/com/azure/security/keyvault/administration/KeyVaultAccessControlClientTest.java b/sdk/keyvault/azure-security-keyvault-administration/src/test/java/com/azure/security/keyvault/administration/KeyVaultAccessControlClientTest.java index c05c1b8081a3..7c289603d1ca 100644 --- a/sdk/keyvault/azure-security-keyvault-administration/src/test/java/com/azure/security/keyvault/administration/KeyVaultAccessControlClientTest.java +++ b/sdk/keyvault/azure-security-keyvault-administration/src/test/java/com/azure/security/keyvault/administration/KeyVaultAccessControlClientTest.java @@ -6,17 +6,21 @@ import com.azure.core.http.HttpClient; import com.azure.core.http.rest.PagedIterable; import com.azure.core.test.TestMode; +import com.azure.security.keyvault.administration.models.KeyVaultAdministrationException; import com.azure.security.keyvault.administration.models.KeyVaultRoleAssignment; import com.azure.security.keyvault.administration.models.KeyVaultRoleAssignmentProperties; -import com.azure.security.keyvault.administration.models.KeyVaultRoleScope; import com.azure.security.keyvault.administration.models.KeyVaultRoleDefinition; import com.azure.security.keyvault.administration.models.KeyVaultRoleDefinitionProperties; +import com.azure.security.keyvault.administration.models.KeyVaultRoleDefinitionType; +import com.azure.security.keyvault.administration.models.KeyVaultRoleScope; +import com.azure.security.keyvault.administration.models.KeyVaultRoleType; import org.junit.jupiter.params.ParameterizedTest; import org.junit.jupiter.params.provider.MethodSource; import static org.junit.jupiter.api.Assertions.assertEquals; -import static org.junit.jupiter.api.Assertions.assertNotEquals; +import static org.junit.jupiter.api.Assertions.assertFalse; import static org.junit.jupiter.api.Assertions.assertNotNull; +import static org.junit.jupiter.api.Assertions.assertThrows; import static org.junit.jupiter.api.Assertions.assertTrue; public class KeyVaultAccessControlClientTest extends KeyVaultAccessControlClientTestBase { @@ -40,9 +44,7 @@ public void listRoleDefinitions(HttpClient httpClient) { } client = getClientBuilder(httpClient, false).buildClient(); - - PagedIterable roleDefinitions = - client.listRoleDefinitions(KeyVaultRoleScope.GLOBAL); + PagedIterable roleDefinitions = client.listRoleDefinitions(KeyVaultRoleScope.GLOBAL); assertTrue(roleDefinitions.iterator().hasNext()); @@ -57,9 +59,143 @@ public void listRoleDefinitions(HttpClient httpClient) { assertNotNull(properties.getRoleName()); assertNotNull(properties.getDescription()); assertNotNull(properties.getRoleType()); - assertNotEquals(0, properties.getAssignableScopes().size()); - assertNotEquals(0, properties.getPermissions().size()); + assertFalse(properties.getAssignableScopes().isEmpty()); + assertFalse(properties.getPermissions().isEmpty()); + } + } + + /** + * Tests that a {@link KeyVaultRoleDefinition role definition} can be created in the Key Vault. + */ + @ParameterizedTest(name = DISPLAY_NAME) + @MethodSource("com.azure.security.keyvault.administration.KeyVaultAdministrationClientTestBase#createHttpClients") + public void setRoleDefinition(HttpClient httpClient) { + if (getTestMode() != TestMode.PLAYBACK) { + // Currently there is no test cloud environment for Managed HSM. + // TODO: Remove once there is a proper cloud environment available. + return; + } + + client = getClientBuilder(httpClient, false).buildClient(); + + String roleDefinitionName = "91d62511-feb2-456f-80a0-5b17bbaa50ec"; + KeyVaultRoleDefinition roleDefinition = null; + + try { + // Create a role definition. + roleDefinition = client.setRoleDefinition(KeyVaultRoleScope.GLOBAL, roleDefinitionName); + + assertNotNull(roleDefinition); + assertNotNull(roleDefinition.getId()); + assertEquals(roleDefinitionName, roleDefinition.getName()); + assertEquals(KeyVaultRoleDefinitionType.MICROSOFT_AUTHORIZATION_ROLE_DEFINITIONS, + roleDefinition.getType()); + + KeyVaultRoleDefinitionProperties properties = roleDefinition.getProperties(); + + assertNotNull(properties); + assertTrue(properties.getAssignableScopes().contains(KeyVaultRoleScope.GLOBAL)); + assertEquals(KeyVaultRoleType.CUSTOM_ROLE, properties.getRoleType()); + assertEquals(roleDefinitionName, properties.getRoleName()); + } finally { + if (getTestMode() != TestMode.PLAYBACK && roleDefinition != null) { + // Clean up the role assignment. + KeyVaultAccessControlClient cleanupClient = getClientBuilder(httpClient, true).buildClient(); + + cleanupClient.deleteRoleDefinition(KeyVaultRoleScope.GLOBAL, roleDefinitionName); + } + } + } + + /** + * Tests that an existing {@link KeyVaultRoleDefinition role definition} can be retrieved from the Key Vault. + */ + @ParameterizedTest(name = DISPLAY_NAME) + @MethodSource("com.azure.security.keyvault.administration.KeyVaultAdministrationClientTestBase#createHttpClients") + public void getRoleDefinition(HttpClient httpClient) { + if (getTestMode() != TestMode.PLAYBACK) { + // Currently there is no test cloud environment for Managed HSM. + // TODO: Remove once there is a proper cloud environment available. + return; + } + + client = getClientBuilder(httpClient, false).buildClient(); + + String roleDefinitionName = "69dd1d15-b9c3-4252-be2e-e5ce7cbed1d5"; + KeyVaultRoleDefinition createdRoleDefinition = null; + + try { + // Create a role definition to retrieve. + createdRoleDefinition = client.setRoleDefinition(KeyVaultRoleScope.GLOBAL, roleDefinitionName); + + assertNotNull(createdRoleDefinition); + + // Get the role assignment. + KeyVaultRoleDefinition retrievedRoleDefinition = + client.getRoleDefinition(KeyVaultRoleScope.GLOBAL, roleDefinitionName); + + assertNotNull(retrievedRoleDefinition); + assertRoleDefinitionEquals(createdRoleDefinition, retrievedRoleDefinition); + } finally { + if (getTestMode() != TestMode.PLAYBACK && createdRoleDefinition != null) { + // Clean up the role assignment. + KeyVaultAccessControlClient cleanupClient = getClientBuilder(httpClient, true).buildClient(); + + cleanupClient.deleteRoleDefinition(KeyVaultRoleScope.GLOBAL, roleDefinitionName); + } + } + } + + /** + * Tests that an existing {@link KeyVaultRoleDefinition role definition} can be deleted from the Key Vault. + */ + @ParameterizedTest(name = DISPLAY_NAME) + @MethodSource("com.azure.security.keyvault.administration.KeyVaultAdministrationClientTestBase#createHttpClients") + public void deleteRoleDefinition(HttpClient httpClient) { + if (getTestMode() != TestMode.PLAYBACK) { + // Currently there is no test cloud environment for Managed HSM. + // TODO: Remove once there is a proper cloud environment available. + return; + } + + client = getClientBuilder(httpClient, false).buildClient(); + + String roleDefinitionName = "6adc4e1b-ff4f-43a7-92ad-6e4ca58d354f"; + + // Create a role definition to delete. + KeyVaultRoleDefinition createdRoleDefinition = + client.setRoleDefinition(KeyVaultRoleScope.GLOBAL, roleDefinitionName); + + assertNotNull(createdRoleDefinition); + + // Delete the role definition. + KeyVaultRoleDefinition deletedRoleDefinition = + client.deleteRoleDefinition(KeyVaultRoleScope.GLOBAL, roleDefinitionName); + + assertNotNull(deletedRoleDefinition); + assertRoleDefinitionEquals(createdRoleDefinition, deletedRoleDefinition); + } + + /** + * Tests that an exception is thrown when trying to delete a non-existent + * {@link KeyVaultRoleDefinition role definition} from the Key Vault. + */ + @ParameterizedTest(name = DISPLAY_NAME) + @MethodSource("com.azure.security.keyvault.administration.KeyVaultAdministrationClientTestBase#createHttpClients") + public void deleteNonExistingRoleDefinitionThrows(HttpClient httpClient) { + if (getTestMode() != TestMode.PLAYBACK) { + // Currently there is no test cloud environment for Managed HSM. + // TODO: Remove once there is a proper cloud environment available. + return; } + + client = getClientBuilder(httpClient, false).buildClient(); + + String roleDefinitionName = "475ed505-5835-48ce-b257-cdb8fa153e67"; + + // Try to delete a non-existent role definition. + assertThrows(KeyVaultAdministrationException.class, + () -> client.deleteRoleDefinition(KeyVaultRoleScope.GLOBAL, roleDefinitionName)); } /** @@ -76,8 +212,7 @@ public void listRoleAssignments(HttpClient httpClient) { client = getClientBuilder(httpClient, false).buildClient(); - PagedIterable roleAssignments = - client.listRoleAssignments(KeyVaultRoleScope.GLOBAL); + PagedIterable roleAssignments = client.listRoleAssignments(KeyVaultRoleScope.GLOBAL); assertTrue(roleAssignments.iterator().hasNext()); @@ -108,14 +243,14 @@ public void createRoleAssignment(HttpClient httpClient) { client = getClientBuilder(httpClient, false).buildClient(); - PagedIterable roleDefinitions = - client.listRoleDefinitions(KeyVaultRoleScope.GLOBAL); + PagedIterable roleDefinitions = client.listRoleDefinitions(KeyVaultRoleScope.GLOBAL); KeyVaultRoleDefinition roleDefinition = null; for (KeyVaultRoleDefinition currentRoleDefinition : roleDefinitions) { if (currentRoleDefinition.getProperties().getRoleName().equals(ROLE_NAME)) { roleDefinition = currentRoleDefinition; + break; } } @@ -127,19 +262,19 @@ public void createRoleAssignment(HttpClient httpClient) { try { // Create a role assignment. KeyVaultRoleAssignment createdRoleAssignment = - client.createRoleAssignment(KeyVaultRoleScope.GLOBAL, roleAssignmentName, roleDefinition.getId(), - clientId); + client.createRoleAssignment(KeyVaultRoleScope.GLOBAL, roleDefinition.getId(), servicePrincipalId, + roleAssignmentName); assertNotNull(createdRoleAssignment); assertNotNull(createdRoleAssignment.getId()); - assertEquals(createdRoleAssignment.getName(), roleAssignmentName); + assertEquals(roleAssignmentName, createdRoleAssignment.getName()); assertNotNull(createdRoleAssignment.getType()); assertNotNull(createdRoleAssignment.getRoleScope()); KeyVaultRoleAssignmentProperties properties = createdRoleAssignment.getProperties(); assertNotNull(properties); - assertEquals(clientId, properties.getPrincipalId()); + assertEquals(servicePrincipalId, properties.getPrincipalId()); assertEquals(roleDefinition.getId(), properties.getRoleDefinitionId()); } finally { if (getTestMode() != TestMode.PLAYBACK) { @@ -151,6 +286,60 @@ public void createRoleAssignment(HttpClient httpClient) { } } + /** + * Tests that a {@link KeyVaultRoleAssignment role assignment} that already exists in the Key Vault cannot be + * created again. + */ + @ParameterizedTest(name = DISPLAY_NAME) + @MethodSource("com.azure.security.keyvault.administration.KeyVaultAdministrationClientTestBase#createHttpClients") + public void createExistingRoleAssignmentThrows(HttpClient httpClient) { + if (getTestMode() != TestMode.PLAYBACK) { + // Currently there is no test cloud environment for Managed HSM. + // TODO: Remove once there is a proper cloud environment available. + return; + } + + client = getClientBuilder(httpClient, false).buildClient(); + + PagedIterable roleDefinitions = client.listRoleDefinitions(KeyVaultRoleScope.GLOBAL); + + KeyVaultRoleDefinition roleDefinition = null; + + for (KeyVaultRoleDefinition currentRoleDefinition : roleDefinitions) { + if (currentRoleDefinition.getProperties().getRoleName().equals(ROLE_NAME)) { + roleDefinition = currentRoleDefinition; + + break; + } + } + + assertNotNull(roleDefinition); + + String roleAssignmentName = "9412ec53-56f1-4cd8-ab3e-cbbd38253f08"; + KeyVaultRoleAssignment roleAssignment = null; + + try { + // Create a role assignment. + roleAssignment = + client.createRoleAssignment(KeyVaultRoleScope.GLOBAL, roleDefinition.getId(), servicePrincipalId, + roleAssignmentName); + + KeyVaultRoleDefinition finalRoleDefinition = roleDefinition; + + // Attempt to create a role assignment with the same name and scope. + assertThrows(KeyVaultAdministrationException.class, + () -> client.createRoleAssignment(KeyVaultRoleScope.GLOBAL, finalRoleDefinition.getId(), + servicePrincipalId, roleAssignmentName)); + } finally { + if (getTestMode() != TestMode.PLAYBACK && roleAssignment != null) { + // Clean up the role assignment. + KeyVaultAccessControlClient cleanupClient = getClientBuilder(httpClient, true).buildClient(); + + cleanupClient.deleteRoleAssignment(KeyVaultRoleScope.GLOBAL, roleAssignmentName); + } + } + } + /** * Tests that an existing {@link KeyVaultRoleAssignment role assignment} can be retrieved from the Key Vault. */ @@ -183,24 +372,17 @@ public void getRoleAssignment(HttpClient httpClient) { try { // Create a role assignment to retrieve. KeyVaultRoleAssignment createdRoleAssignment = - client.createRoleAssignment(KeyVaultRoleScope.GLOBAL, roleAssignmentName, roleDefinition.getId(), - clientId); + client.createRoleAssignment(KeyVaultRoleScope.GLOBAL, roleDefinition.getId(), servicePrincipalId, + roleAssignmentName); + + assertNotNull(createdRoleAssignment); // Get the role assignment. KeyVaultRoleAssignment retrievedRoleAssignment = client.getRoleAssignment(KeyVaultRoleScope.GLOBAL, roleAssignmentName); assertNotNull(retrievedRoleAssignment); - assertEquals(createdRoleAssignment.getId(), retrievedRoleAssignment.getId()); - assertEquals(createdRoleAssignment.getName(), retrievedRoleAssignment.getName()); - assertEquals(createdRoleAssignment.getType(), retrievedRoleAssignment.getType()); - assertEquals(createdRoleAssignment.getRoleScope(), retrievedRoleAssignment.getRoleScope()); - - KeyVaultRoleAssignmentProperties retrievedProperties = retrievedRoleAssignment.getProperties(); - - assertNotNull(retrievedProperties); - assertEquals(clientId, retrievedProperties.getPrincipalId()); - assertEquals(roleDefinition.getId(), retrievedProperties.getRoleDefinitionId()); + assertRoleAssignmentEquals(createdRoleAssignment, retrievedRoleAssignment); } finally { if (getTestMode() != TestMode.PLAYBACK) { // Clean up the role assignment. @@ -242,22 +424,51 @@ public void deleteRoleAssignment(HttpClient httpClient) { // Create a role assignment to delete. KeyVaultRoleAssignment createdRoleAssignment = - client.createRoleAssignment(KeyVaultRoleScope.GLOBAL, roleAssignmentName, roleDefinition.getId(), clientId); + client.createRoleAssignment(KeyVaultRoleScope.GLOBAL, roleDefinition.getId(), servicePrincipalId, + roleAssignmentName); + + assertNotNull(createdRoleAssignment); // Delete the role assignment. KeyVaultRoleAssignment deletedRoleAssignment = client.deleteRoleAssignment(KeyVaultRoleScope.GLOBAL, roleAssignmentName); assertNotNull(deletedRoleAssignment); - assertEquals(createdRoleAssignment.getId(), deletedRoleAssignment.getId()); - assertEquals(createdRoleAssignment.getName(), deletedRoleAssignment.getName()); - assertEquals(createdRoleAssignment.getType(), deletedRoleAssignment.getType()); - assertEquals(createdRoleAssignment.getRoleScope(), deletedRoleAssignment.getRoleScope()); + assertRoleAssignmentEquals(createdRoleAssignment, deletedRoleAssignment); + } + + /** + * Tests that an exception is thrown when trying to delete a non-existent + * {@link KeyVaultRoleAssignment role assignment} from the Key Vault. + */ + @ParameterizedTest(name = DISPLAY_NAME) + @MethodSource("com.azure.security.keyvault.administration.KeyVaultAdministrationClientTestBase#createHttpClients") + public void deleteNonExistingRoleAssignmentThrows(HttpClient httpClient) { + if (getTestMode() != TestMode.PLAYBACK) { + // Currently there is no test cloud environment for Managed HSM. + // TODO: Remove once there is a proper cloud environment available. + return; + } + + client = getClientBuilder(httpClient, false).buildClient(); + + PagedIterable roleDefinitions = + client.listRoleDefinitions(KeyVaultRoleScope.GLOBAL); + + KeyVaultRoleDefinition roleDefinition = null; + + for (KeyVaultRoleDefinition currentRoleDefinition : roleDefinitions) { + if (currentRoleDefinition.getProperties().getRoleName().equals(ROLE_NAME)) { + roleDefinition = currentRoleDefinition; + } + } + + assertNotNull(roleDefinition); - KeyVaultRoleAssignmentProperties retrievedProperties = deletedRoleAssignment.getProperties(); + String roleAssignmentName = "ee830d79-e3dc-4ac5-8581-b6f650aa7831"; - assertNotNull(retrievedProperties); - assertEquals(clientId, retrievedProperties.getPrincipalId()); - assertEquals(roleDefinition.getId(), retrievedProperties.getRoleDefinitionId()); + // Try to delete a non-existent role assignment. + assertThrows(KeyVaultAdministrationException.class, + () -> client.deleteRoleAssignment(KeyVaultRoleScope.GLOBAL, roleAssignmentName)); } } diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/test/java/com/azure/security/keyvault/administration/KeyVaultAccessControlClientTestBase.java b/sdk/keyvault/azure-security-keyvault-administration/src/test/java/com/azure/security/keyvault/administration/KeyVaultAccessControlClientTestBase.java index 70e14ea6cbc1..7b1f3ab58b5f 100644 --- a/sdk/keyvault/azure-security-keyvault-administration/src/test/java/com/azure/security/keyvault/administration/KeyVaultAccessControlClientTestBase.java +++ b/sdk/keyvault/azure-security-keyvault-administration/src/test/java/com/azure/security/keyvault/administration/KeyVaultAccessControlClientTestBase.java @@ -8,13 +8,23 @@ import com.azure.core.http.HttpPipelineBuilder; import com.azure.core.http.policy.HttpPipelinePolicy; import com.azure.core.test.TestMode; +import com.azure.security.keyvault.administration.models.KeyVaultPermission; +import com.azure.security.keyvault.administration.models.KeyVaultRoleAssignment; +import com.azure.security.keyvault.administration.models.KeyVaultRoleAssignmentProperties; +import com.azure.security.keyvault.administration.models.KeyVaultRoleDefinition; +import com.azure.security.keyvault.administration.models.KeyVaultRoleDefinitionProperties; +import com.azure.security.keyvault.administration.models.KeyVaultRoleScope; import org.junit.jupiter.api.Test; import java.util.List; +import static org.junit.jupiter.api.Assertions.assertEquals; +import static org.junit.jupiter.api.Assertions.assertNotNull; +import static org.junit.jupiter.api.Assertions.assertTrue; + public abstract class KeyVaultAccessControlClientTestBase extends KeyVaultAdministrationClientTestBase { - protected static final String ROLE_NAME = "Managed HSM Crypto User"; - String clientId = "49acc88b-8f9e-4619-9856-16691db66767"; + protected static final String ROLE_NAME = "Managed HSM Crypto Officer"; + String servicePrincipalId = "49acc88b-8f9e-4619-9856-16691db66767"; protected KeyVaultAccessControlClientBuilder getClientBuilder(HttpClient httpClient, boolean forCleanup) { List policies = getPolicies(); @@ -36,15 +46,98 @@ protected KeyVaultAccessControlClientBuilder getClientBuilder(HttpClient httpCli @Test public abstract void listRoleDefinitions(HttpClient httpClient); + @Test + public abstract void setRoleDefinition(HttpClient httpClient); + + @Test + public abstract void getRoleDefinition(HttpClient httpClient); + + @Test + public abstract void deleteRoleDefinition(HttpClient httpClient); + + @Test + public abstract void deleteNonExistingRoleDefinitionThrows(HttpClient httpClient); + @Test public abstract void listRoleAssignments(HttpClient httpClient); @Test public abstract void createRoleAssignment(HttpClient httpClient); + @Test + public abstract void createExistingRoleAssignmentThrows(HttpClient httpClient); + @Test public abstract void getRoleAssignment(HttpClient httpClient); @Test public abstract void deleteRoleAssignment(HttpClient httpClient); + + @Test + public abstract void deleteNonExistingRoleAssignmentThrows(HttpClient httpClient); + + static void assertRoleAssignmentEquals(KeyVaultRoleAssignment roleAssignment1, + KeyVaultRoleAssignment roleAssignment2) { + assertEquals(roleAssignment1.getId(), roleAssignment2.getId()); + assertEquals(roleAssignment1.getName(), roleAssignment2.getName()); + assertEquals(roleAssignment1.getType(), roleAssignment2.getType()); + assertEquals(roleAssignment1.getRoleScope(), roleAssignment2.getRoleScope()); + + KeyVaultRoleAssignmentProperties properties1 = roleAssignment1.getProperties(); + KeyVaultRoleAssignmentProperties properties2 = roleAssignment2.getProperties(); + + if (properties1 == null && properties2 == null) { + return; + } + + assertNotNull(properties1); + assertNotNull(properties2); + assertEquals(properties1.getPrincipalId(), properties2.getPrincipalId()); + assertEquals(properties1.getRoleDefinitionId(), properties2.getRoleDefinitionId()); + } + + static void assertRoleDefinitionEquals(KeyVaultRoleDefinition roleDefinition1, + KeyVaultRoleDefinition roleDefinition2) { + assertEquals(roleDefinition1.getId(), roleDefinition2.getId()); + assertEquals(roleDefinition1.getName(), roleDefinition2.getName()); + assertEquals(roleDefinition1.getType(), roleDefinition2.getType()); + + KeyVaultRoleDefinitionProperties properties1 = roleDefinition1.getProperties(); + KeyVaultRoleDefinitionProperties properties2 = roleDefinition2.getProperties(); + + if (properties1 == null && properties2 == null) { + return; + } + + assertNotNull(properties1); + assertNotNull(properties2); + assertEquals(properties1.getRoleName(), properties2.getRoleName()); + assertEquals(properties1.getRoleType(), properties2.getRoleType()); + assertEquals(properties1.getDescription(), properties2.getDescription()); + + List assignableScopes1 = properties1.getAssignableScopes(); + List assignableScopes2 = properties2.getAssignableScopes(); + + if (assignableScopes1 == null && assignableScopes2 == null) { + return; + } + + assertNotNull(assignableScopes1); + assertNotNull(assignableScopes2); + + assertEquals(assignableScopes1.size(), assignableScopes2.size()); + assertTrue(assignableScopes1.containsAll(assignableScopes2)); + + List permissions1 = properties1.getPermissions(); + List permissions2 = properties2.getPermissions(); + + if (permissions1 == null && permissions2 == null) { + return; + } + + assertNotNull(permissions1); + assertNotNull(permissions2); + + assertEquals(permissions1.size(), permissions2.size()); + } } diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/test/java/com/azure/security/keyvault/administration/KeyVaultAdministrationClientTestBase.java b/sdk/keyvault/azure-security-keyvault-administration/src/test/java/com/azure/security/keyvault/administration/KeyVaultAdministrationClientTestBase.java index 963200be557a..a62649653862 100644 --- a/sdk/keyvault/azure-security-keyvault-administration/src/test/java/com/azure/security/keyvault/administration/KeyVaultAdministrationClientTestBase.java +++ b/sdk/keyvault/azure-security-keyvault-administration/src/test/java/com/azure/security/keyvault/administration/KeyVaultAdministrationClientTestBase.java @@ -16,7 +16,7 @@ import com.azure.core.http.policy.UserAgentPolicy; import com.azure.core.test.TestBase; import com.azure.core.util.Configuration; -import com.azure.identity.AzureCliCredentialBuilder; +import com.azure.identity.ClientSecretCredentialBuilder; import com.azure.security.keyvault.administration.implementation.KeyVaultCredentialPolicy; import org.junit.jupiter.params.provider.Arguments; @@ -43,7 +43,19 @@ protected List getPolicies() { TokenCredential credential = null; if (!interceptorManager.isPlaybackMode()) { - credential = new AzureCliCredentialBuilder().build(); + String clientId = System.getenv("ARM_CLIENTID"); + String clientKey = System.getenv("ARM_CLIENTKEY"); + String tenantId = System.getenv("AZURE_TENANT_ID"); + + Objects.requireNonNull(clientId, "The client id cannot be null"); + Objects.requireNonNull(clientKey, "The client key cannot be null"); + Objects.requireNonNull(tenantId, "The tenant id cannot be null"); + + credential = new ClientSecretCredentialBuilder() + .clientSecret(clientKey) + .clientId(clientId) + .tenantId(tenantId) + .build(); } // Closest to API goes first, closest to wire goes last. @@ -81,16 +93,4 @@ public String getEndpoint() { static Stream createHttpClients() { return TestBase.getHttpClients().map(Arguments::of); } - - public void sleepInLiveOrRecordMode(long millis) { - if (interceptorManager.isPlaybackMode()) { - return; - } - - try { - Thread.sleep(millis); - } catch (InterruptedException e) { - e.printStackTrace(); - } - } } diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/test/java/com/azure/security/keyvault/administration/KeyVaultBackupAsyncClientTest.java b/sdk/keyvault/azure-security-keyvault-administration/src/test/java/com/azure/security/keyvault/administration/KeyVaultBackupAsyncClientTest.java index 0787eb497e37..09db2d92e57b 100644 --- a/sdk/keyvault/azure-security-keyvault-administration/src/test/java/com/azure/security/keyvault/administration/KeyVaultBackupAsyncClientTest.java +++ b/sdk/keyvault/azure-security-keyvault-administration/src/test/java/com/azure/security/keyvault/administration/KeyVaultBackupAsyncClientTest.java @@ -28,7 +28,7 @@ protected void beforeTest() { } /** - * Tests that a Key Vault can be backed up. + * Tests that a Key Vault or MHSM can be backed up. */ @SuppressWarnings("ConstantConditions") @ParameterizedTest(name = DISPLAY_NAME) diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/test/java/com/azure/security/keyvault/administration/KeyVaultBackupClientTest.java b/sdk/keyvault/azure-security-keyvault-administration/src/test/java/com/azure/security/keyvault/administration/KeyVaultBackupClientTest.java index c31cdd96a4a9..c3f2baae29ea 100644 --- a/sdk/keyvault/azure-security-keyvault-administration/src/test/java/com/azure/security/keyvault/administration/KeyVaultBackupClientTest.java +++ b/sdk/keyvault/azure-security-keyvault-administration/src/test/java/com/azure/security/keyvault/administration/KeyVaultBackupClientTest.java @@ -106,15 +106,9 @@ public void beginSelectiveRestore(HttpClient httpClient) { SyncPoller selectiveRestorePoller = client.beginSelectiveRestore("testKey", backupFolderUrl, sasToken); - PollResponse response = selectiveRestorePoller.poll(); - - assertNotNull(response); - assertEquals(LongRunningOperationStatus.IN_PROGRESS, response.getStatus()); - assertNotNull(response.getValue()); - selectiveRestorePoller.waitForCompletion(); - response = selectiveRestorePoller.poll(); + PollResponse response = selectiveRestorePoller.poll(); assertEquals(LongRunningOperationStatus.SUCCESSFULLY_COMPLETED, response.getStatus()); } diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlAsyncClientTest.createExistingRoleAssignmentThrows[1].json b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlAsyncClientTest.createExistingRoleAssignmentThrows[1].json new file mode 100644 index 000000000000..df9ab4054cd2 --- /dev/null +++ b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlAsyncClientTest.createExistingRoleAssignmentThrows[1].json @@ -0,0 +1,74 @@ +{ + "networkCallRecords" : [ { + "Method" : "GET", + "Uri" : "https://REDACTED.managedhsm.azure.net///providers/Microsoft.Authorization/roleDefinitions?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" + }, + "Response" : { + "content-length" : "6944", + "x-frame-options" : "SAMEORIGIN", + "x-ms-build-version" : "1.0.20210407-3-27236ed1-develop", + "retry-after" : "0", + "StatusCode" : "200", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "1", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-region" : "westus", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "a4e41264-aecd-11eb-8eeb-000d3a31c437", + "Body" : "{\"value\":[{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8\",\"name\":\"7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/backup/start/action\",\"Microsoft.KeyVault/managedHsm/backup/status/action\",\"Microsoft.KeyVault/managedHsm/keys/backup/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Backup\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/33413926-3206-4cdd-b39a-83574fe37a17\",\"name\":\"33413926-3206-4cdd-b39a-83574fe37a17\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/wrap/action\",\"Microsoft.KeyVault/managedHsm/keys/unwrap/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Service Encryption\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625c\",\"name\":\"21dbd100-6940-42c2-9190-5d6cb909625c\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/release/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Service Release\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/2c18b078-7c48-4d3a-af88-5a3a1b3f82b3\",\"name\":\"2c18b078-7c48-4d3a-af88-5a3a1b3f82b3\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Auditor\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/4bd23610-cdcf-4971-bdee-bdc562cc28e4\",\"name\":\"4bd23610-cdcf-4971-bdee-bdc562cc28e4\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/delete/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Policy Administrator\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625b\",\"name\":\"21dbd100-6940-42c2-9190-5d6cb909625b\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/write/action\",\"Microsoft.KeyVault/managedHsm/keys/delete\",\"Microsoft.KeyVault/managedHsm/keys/create\",\"Microsoft.KeyVault/managedHsm/keys/import/action\",\"Microsoft.KeyVault/managedHsm/keys/release/action\",\"Microsoft.KeyVault/managedHsm/keys/backup/action\",\"Microsoft.KeyVault/managedHsm/keys/restore/action\",\"Microsoft.KeyVault/managedHsm/keys/encrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/decrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/wrap/action\",\"Microsoft.KeyVault/managedHsm/keys/unwrap/action\",\"Microsoft.KeyVault/managedHsm/keys/sign/action\",\"Microsoft.KeyVault/managedHsm/keys/verify/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto User\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"name\":\"515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/delete/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/delete\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/recover/action\",\"Microsoft.KeyVault/managedHsm/keys/export/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Officer\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/a290e904-7015-4bba-90c8-60543313cdb4\",\"name\":\"a290e904-7015-4bba-90c8-60543313cdb4\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/delete/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/download/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/download/read\",\"Microsoft.KeyVault/managedHsm/securitydomain/upload/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/upload/read\",\"Microsoft.KeyVault/managedHsm/securitydomain/transferkey/read\",\"Microsoft.KeyVault/managedHsm/backup/start/action\",\"Microsoft.KeyVault/managedHsm/restore/start/action\",\"Microsoft.KeyVault/managedHsm/backup/status/action\",\"Microsoft.KeyVault/managedHsm/restore/status/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Administrator\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/91d62511-feb2-456f-80a0-5b17bbaa50ec\",\"name\":\"91d62511-feb2-456f-80a0-5b17bbaa50ec\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[],\"roleName\":\"91d62511-feb2-456f-80a0-5b17bbaa50ec\",\"type\":\"CustomRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"}]}" + }, + "Exception" : null + }, { + "Method" : "PUT", + "Uri" : "https://REDACTED.managedhsm.azure.net///providers/Microsoft.Authorization/roleAssignments/9412ec53-56f1-4cd8-ab3e-cbbd38253f08?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)", + "Content-Type" : "application/json" + }, + "Response" : { + "content-length" : "398", + "x-frame-options" : "SAMEORIGIN", + "retry-after" : "0", + "StatusCode" : "201", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "80", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-region" : "westus", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "a70ffecc-aecd-11eb-a764-000d3a3b7b4c", + "Body" : "{\"id\":\"/providers/Microsoft.Authorization/roleAssignments/9412ec53-56f1-4cd8-ab3e-cbbd38253f08\",\"name\":\"9412ec53-56f1-4cd8-ab3e-cbbd38253f08\",\"properties\":{\"principalId\":\"49acc88b-8f9e-4619-9856-16691db66767\",\"roleDefinitionId\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"scope\":\"/\"},\"type\":\"Microsoft.Authorization/roleAssignments\"}" + }, + "Exception" : null + }, { + "Method" : "PUT", + "Uri" : "https://REDACTED.managedhsm.azure.net///providers/Microsoft.Authorization/roleAssignments/9412ec53-56f1-4cd8-ab3e-cbbd38253f08?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)", + "Content-Type" : "application/json" + }, + "Response" : { + "content-length" : "141", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "x-frame-options" : "SAMEORIGIN", + "content-type" : "application/json; charset=utf-8", + "retry-after" : "0", + "cache-control" : "no-cache", + "StatusCode" : "400", + "x-ms-request-id" : "a734027c-aecd-11eb-a764-000d3a3b7b4c", + "Body" : "{\"error\":{\"code\":\"RoleAssignmentExists\",\"message\":\"The role assignment already exists. (Activity ID: a734027c-aecd-11eb-a764-000d3a3b7b4c)\"}}", + "x-ms-server-latency" : "1", + "strict-transport-security" : "max-age=31536000; includeSubDomains" + }, + "Exception" : null + } ], + "variables" : [ ] +} \ No newline at end of file diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlAsyncClientTest.createRoleAssignment[1].json b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlAsyncClientTest.createRoleAssignment[1].json new file mode 100644 index 000000000000..f939e52f7995 --- /dev/null +++ b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlAsyncClientTest.createRoleAssignment[1].json @@ -0,0 +1,28 @@ +{ + "networkCallRecords" : [ { + "Method" : "GET", + "Uri" : "https://REDACTED.managedhsm.azure.net///providers/Microsoft.Authorization/roleDefinitions?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" + }, + "Response" : { + "content-length" : "6944", + "x-frame-options" : "SAMEORIGIN", + "x-ms-build-version" : "1.0.20210407-3-27236ed1-develop", + "retry-after" : "0", + "StatusCode" : "200", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "0", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-region" : "westus", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "9a0581de-aecd-11eb-a15d-000d3a59ae40", + "Body" : "{\"value\":[{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8\",\"name\":\"7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/backup/start/action\",\"Microsoft.KeyVault/managedHsm/backup/status/action\",\"Microsoft.KeyVault/managedHsm/keys/backup/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Backup\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/33413926-3206-4cdd-b39a-83574fe37a17\",\"name\":\"33413926-3206-4cdd-b39a-83574fe37a17\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/wrap/action\",\"Microsoft.KeyVault/managedHsm/keys/unwrap/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Service Encryption\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625c\",\"name\":\"21dbd100-6940-42c2-9190-5d6cb909625c\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/release/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Service Release\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/2c18b078-7c48-4d3a-af88-5a3a1b3f82b3\",\"name\":\"2c18b078-7c48-4d3a-af88-5a3a1b3f82b3\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Auditor\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/4bd23610-cdcf-4971-bdee-bdc562cc28e4\",\"name\":\"4bd23610-cdcf-4971-bdee-bdc562cc28e4\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/delete/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Policy Administrator\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625b\",\"name\":\"21dbd100-6940-42c2-9190-5d6cb909625b\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/write/action\",\"Microsoft.KeyVault/managedHsm/keys/delete\",\"Microsoft.KeyVault/managedHsm/keys/create\",\"Microsoft.KeyVault/managedHsm/keys/import/action\",\"Microsoft.KeyVault/managedHsm/keys/release/action\",\"Microsoft.KeyVault/managedHsm/keys/backup/action\",\"Microsoft.KeyVault/managedHsm/keys/restore/action\",\"Microsoft.KeyVault/managedHsm/keys/encrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/decrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/wrap/action\",\"Microsoft.KeyVault/managedHsm/keys/unwrap/action\",\"Microsoft.KeyVault/managedHsm/keys/sign/action\",\"Microsoft.KeyVault/managedHsm/keys/verify/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto User\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"name\":\"515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/delete/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/delete\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/recover/action\",\"Microsoft.KeyVault/managedHsm/keys/export/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Officer\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/a290e904-7015-4bba-90c8-60543313cdb4\",\"name\":\"a290e904-7015-4bba-90c8-60543313cdb4\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/delete/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/download/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/download/read\",\"Microsoft.KeyVault/managedHsm/securitydomain/upload/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/upload/read\",\"Microsoft.KeyVault/managedHsm/securitydomain/transferkey/read\",\"Microsoft.KeyVault/managedHsm/backup/start/action\",\"Microsoft.KeyVault/managedHsm/restore/start/action\",\"Microsoft.KeyVault/managedHsm/backup/status/action\",\"Microsoft.KeyVault/managedHsm/restore/status/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Administrator\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/91d62511-feb2-456f-80a0-5b17bbaa50ec\",\"name\":\"91d62511-feb2-456f-80a0-5b17bbaa50ec\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[],\"roleName\":\"91d62511-feb2-456f-80a0-5b17bbaa50ec\",\"type\":\"CustomRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"}]}" + }, + "Exception" : null + } ], + "variables" : [ ] +} \ No newline at end of file diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlAsyncClientTest.deleteNonExistingRoleAssignmentThrows[1].json b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlAsyncClientTest.deleteNonExistingRoleAssignmentThrows[1].json new file mode 100644 index 000000000000..de257c201636 --- /dev/null +++ b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlAsyncClientTest.deleteNonExistingRoleAssignmentThrows[1].json @@ -0,0 +1,49 @@ +{ + "networkCallRecords" : [ { + "Method" : "GET", + "Uri" : "https://REDACTED.managedhsm.azure.net///providers/Microsoft.Authorization/roleDefinitions?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" + }, + "Response" : { + "content-length" : "6944", + "x-frame-options" : "SAMEORIGIN", + "x-ms-build-version" : "1.0.20210407-3-27236ed1-develop", + "retry-after" : "0", + "StatusCode" : "200", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "0", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-region" : "westus", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "c1d8cf22-aecd-11eb-bc09-000d3a3b7b4c", + "Body" : "{\"value\":[{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8\",\"name\":\"7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/backup/start/action\",\"Microsoft.KeyVault/managedHsm/backup/status/action\",\"Microsoft.KeyVault/managedHsm/keys/backup/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Backup\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/33413926-3206-4cdd-b39a-83574fe37a17\",\"name\":\"33413926-3206-4cdd-b39a-83574fe37a17\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/wrap/action\",\"Microsoft.KeyVault/managedHsm/keys/unwrap/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Service Encryption\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625c\",\"name\":\"21dbd100-6940-42c2-9190-5d6cb909625c\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/release/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Service Release\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/2c18b078-7c48-4d3a-af88-5a3a1b3f82b3\",\"name\":\"2c18b078-7c48-4d3a-af88-5a3a1b3f82b3\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Auditor\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/4bd23610-cdcf-4971-bdee-bdc562cc28e4\",\"name\":\"4bd23610-cdcf-4971-bdee-bdc562cc28e4\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/delete/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Policy Administrator\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625b\",\"name\":\"21dbd100-6940-42c2-9190-5d6cb909625b\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/write/action\",\"Microsoft.KeyVault/managedHsm/keys/delete\",\"Microsoft.KeyVault/managedHsm/keys/create\",\"Microsoft.KeyVault/managedHsm/keys/import/action\",\"Microsoft.KeyVault/managedHsm/keys/release/action\",\"Microsoft.KeyVault/managedHsm/keys/backup/action\",\"Microsoft.KeyVault/managedHsm/keys/restore/action\",\"Microsoft.KeyVault/managedHsm/keys/encrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/decrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/wrap/action\",\"Microsoft.KeyVault/managedHsm/keys/unwrap/action\",\"Microsoft.KeyVault/managedHsm/keys/sign/action\",\"Microsoft.KeyVault/managedHsm/keys/verify/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto User\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"name\":\"515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/delete/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/delete\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/recover/action\",\"Microsoft.KeyVault/managedHsm/keys/export/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Officer\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/a290e904-7015-4bba-90c8-60543313cdb4\",\"name\":\"a290e904-7015-4bba-90c8-60543313cdb4\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/delete/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/download/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/download/read\",\"Microsoft.KeyVault/managedHsm/securitydomain/upload/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/upload/read\",\"Microsoft.KeyVault/managedHsm/securitydomain/transferkey/read\",\"Microsoft.KeyVault/managedHsm/backup/start/action\",\"Microsoft.KeyVault/managedHsm/restore/start/action\",\"Microsoft.KeyVault/managedHsm/backup/status/action\",\"Microsoft.KeyVault/managedHsm/restore/status/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Administrator\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/91d62511-feb2-456f-80a0-5b17bbaa50ec\",\"name\":\"91d62511-feb2-456f-80a0-5b17bbaa50ec\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[],\"roleName\":\"91d62511-feb2-456f-80a0-5b17bbaa50ec\",\"type\":\"CustomRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"}]}" + }, + "Exception" : null + }, { + "Method" : "DELETE", + "Uri" : "https://REDACTED.managedhsm.azure.net///providers/Microsoft.Authorization/roleAssignments/ee830d79-e3dc-4ac5-8581-b6f650aa7831?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" + }, + "Response" : { + "content-length" : "143", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "x-frame-options" : "SAMEORIGIN", + "content-type" : "application/json; charset=utf-8", + "retry-after" : "0", + "cache-control" : "no-cache", + "StatusCode" : "404", + "x-ms-request-id" : "c451257e-aecd-11eb-a15d-000d3a59ae40", + "Body" : "{\"error\":{\"code\":\"RoleAssignmentNotFound\",\"message\":\"Requested role assignment not found (Activity ID: c451257e-aecd-11eb-a15d-000d3a59ae40)\"}}", + "x-ms-server-latency" : "1", + "strict-transport-security" : "max-age=31536000; includeSubDomains" + }, + "Exception" : null + } ], + "variables" : [ ] +} \ No newline at end of file diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlAsyncClientTest.deleteNonExistingRoleDefinitionThrows[1].json b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlAsyncClientTest.deleteNonExistingRoleDefinitionThrows[1].json new file mode 100644 index 000000000000..bc448e270b56 --- /dev/null +++ b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlAsyncClientTest.deleteNonExistingRoleDefinitionThrows[1].json @@ -0,0 +1,25 @@ +{ + "networkCallRecords" : [ { + "Method" : "DELETE", + "Uri" : "https://REDACTED.managedhsm.azure.net///providers/Microsoft.Authorization/roleDefinitions/475ed505-5835-48ce-b257-cdb8fa153e67?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" + }, + "Response" : { + "content-length" : "143", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "x-frame-options" : "SAMEORIGIN", + "content-type" : "application/json; charset=utf-8", + "retry-after" : "0", + "cache-control" : "no-cache", + "StatusCode" : "404", + "x-ms-request-id" : "7ece1070-aecd-11eb-8fdc-000d3a31c437", + "Body" : "{\"error\":{\"code\":\"RoleDefinitionNotFound\",\"message\":\"Requested role definition not found (Activity ID: 7ece1070-aecd-11eb-8fdc-000d3a31c437)\"}}", + "x-ms-server-latency" : "0", + "strict-transport-security" : "max-age=31536000; includeSubDomains" + }, + "Exception" : null + } ], + "variables" : [ ] +} \ No newline at end of file diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlAsyncClientTest.deleteRoleAssignment[1].json b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlAsyncClientTest.deleteRoleAssignment[1].json new file mode 100644 index 000000000000..ccc9002ab50d --- /dev/null +++ b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlAsyncClientTest.deleteRoleAssignment[1].json @@ -0,0 +1,75 @@ +{ + "networkCallRecords" : [ { + "Method" : "GET", + "Uri" : "https://REDACTED.managedhsm.azure.net///providers/Microsoft.Authorization/roleDefinitions?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" + }, + "Response" : { + "content-length" : "6944", + "x-frame-options" : "SAMEORIGIN", + "x-ms-build-version" : "1.0.20210407-3-27236ed1-develop", + "retry-after" : "0", + "StatusCode" : "200", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "1", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-region" : "westus", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "ba551562-aecd-11eb-8e60-000d3a31c437", + "Body" : "{\"value\":[{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8\",\"name\":\"7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/backup/start/action\",\"Microsoft.KeyVault/managedHsm/backup/status/action\",\"Microsoft.KeyVault/managedHsm/keys/backup/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Backup\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/33413926-3206-4cdd-b39a-83574fe37a17\",\"name\":\"33413926-3206-4cdd-b39a-83574fe37a17\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/wrap/action\",\"Microsoft.KeyVault/managedHsm/keys/unwrap/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Service Encryption\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625c\",\"name\":\"21dbd100-6940-42c2-9190-5d6cb909625c\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/release/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Service Release\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/2c18b078-7c48-4d3a-af88-5a3a1b3f82b3\",\"name\":\"2c18b078-7c48-4d3a-af88-5a3a1b3f82b3\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Auditor\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/4bd23610-cdcf-4971-bdee-bdc562cc28e4\",\"name\":\"4bd23610-cdcf-4971-bdee-bdc562cc28e4\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/delete/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Policy Administrator\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625b\",\"name\":\"21dbd100-6940-42c2-9190-5d6cb909625b\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/write/action\",\"Microsoft.KeyVault/managedHsm/keys/delete\",\"Microsoft.KeyVault/managedHsm/keys/create\",\"Microsoft.KeyVault/managedHsm/keys/import/action\",\"Microsoft.KeyVault/managedHsm/keys/release/action\",\"Microsoft.KeyVault/managedHsm/keys/backup/action\",\"Microsoft.KeyVault/managedHsm/keys/restore/action\",\"Microsoft.KeyVault/managedHsm/keys/encrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/decrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/wrap/action\",\"Microsoft.KeyVault/managedHsm/keys/unwrap/action\",\"Microsoft.KeyVault/managedHsm/keys/sign/action\",\"Microsoft.KeyVault/managedHsm/keys/verify/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto User\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"name\":\"515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/delete/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/delete\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/recover/action\",\"Microsoft.KeyVault/managedHsm/keys/export/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Officer\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/a290e904-7015-4bba-90c8-60543313cdb4\",\"name\":\"a290e904-7015-4bba-90c8-60543313cdb4\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/delete/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/download/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/download/read\",\"Microsoft.KeyVault/managedHsm/securitydomain/upload/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/upload/read\",\"Microsoft.KeyVault/managedHsm/securitydomain/transferkey/read\",\"Microsoft.KeyVault/managedHsm/backup/start/action\",\"Microsoft.KeyVault/managedHsm/restore/start/action\",\"Microsoft.KeyVault/managedHsm/backup/status/action\",\"Microsoft.KeyVault/managedHsm/restore/status/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Administrator\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/91d62511-feb2-456f-80a0-5b17bbaa50ec\",\"name\":\"91d62511-feb2-456f-80a0-5b17bbaa50ec\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[],\"roleName\":\"91d62511-feb2-456f-80a0-5b17bbaa50ec\",\"type\":\"CustomRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"}]}" + }, + "Exception" : null + }, { + "Method" : "PUT", + "Uri" : "https://REDACTED.managedhsm.azure.net///providers/Microsoft.Authorization/roleAssignments/33785c35-4196-46b5-9d99-d5bcb2b9ca1d?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)", + "Content-Type" : "application/json" + }, + "Response" : { + "content-length" : "398", + "x-frame-options" : "SAMEORIGIN", + "retry-after" : "0", + "StatusCode" : "201", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "44", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-region" : "westus", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "bb07fc18-aecd-11eb-a76a-000d3a31c437", + "Body" : "{\"id\":\"/providers/Microsoft.Authorization/roleAssignments/33785c35-4196-46b5-9d99-d5bcb2b9ca1d\",\"name\":\"33785c35-4196-46b5-9d99-d5bcb2b9ca1d\",\"properties\":{\"principalId\":\"49acc88b-8f9e-4619-9856-16691db66767\",\"roleDefinitionId\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"scope\":\"/\"},\"type\":\"Microsoft.Authorization/roleAssignments\"}" + }, + "Exception" : null + }, { + "Method" : "DELETE", + "Uri" : "https://REDACTED.managedhsm.azure.net///providers/Microsoft.Authorization/roleAssignments/33785c35-4196-46b5-9d99-d5bcb2b9ca1d?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" + }, + "Response" : { + "content-length" : "398", + "x-frame-options" : "SAMEORIGIN", + "retry-after" : "0", + "StatusCode" : "200", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "55", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-region" : "westus", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "bb2853f0-aecd-11eb-a76a-000d3a31c437", + "Body" : "{\"id\":\"/providers/Microsoft.Authorization/roleAssignments/33785c35-4196-46b5-9d99-d5bcb2b9ca1d\",\"name\":\"33785c35-4196-46b5-9d99-d5bcb2b9ca1d\",\"properties\":{\"principalId\":\"49acc88b-8f9e-4619-9856-16691db66767\",\"roleDefinitionId\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"scope\":\"/\"},\"type\":\"Microsoft.Authorization/roleAssignments\"}" + }, + "Exception" : null + } ], + "variables" : [ ] +} \ No newline at end of file diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlAsyncClientTest.deleteRoleDefinition[1].json b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlAsyncClientTest.deleteRoleDefinition[1].json new file mode 100644 index 000000000000..a254f9bc9de6 --- /dev/null +++ b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlAsyncClientTest.deleteRoleDefinition[1].json @@ -0,0 +1,51 @@ +{ + "networkCallRecords" : [ { + "Method" : "PUT", + "Uri" : "https://REDACTED.managedhsm.azure.net///providers/Microsoft.Authorization/roleDefinitions/6adc4e1b-ff4f-43a7-92ad-6e4ca58d354f?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)", + "Content-Type" : "application/json" + }, + "Response" : { + "content-length" : "353", + "x-frame-options" : "SAMEORIGIN", + "retry-after" : "0", + "StatusCode" : "201", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "57", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-region" : "westus", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "663112c4-aecd-11eb-a15d-000d3a59ae40", + "Body" : "{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/6adc4e1b-ff4f-43a7-92ad-6e4ca58d354f\",\"name\":\"6adc4e1b-ff4f-43a7-92ad-6e4ca58d354f\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[],\"roleName\":\"6adc4e1b-ff4f-43a7-92ad-6e4ca58d354f\",\"type\":\"CustomRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"}" + }, + "Exception" : null + }, { + "Method" : "DELETE", + "Uri" : "https://REDACTED.managedhsm.azure.net///providers/Microsoft.Authorization/roleDefinitions/6adc4e1b-ff4f-43a7-92ad-6e4ca58d354f?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" + }, + "Response" : { + "content-length" : "353", + "x-frame-options" : "SAMEORIGIN", + "retry-after" : "0", + "StatusCode" : "200", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "44", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-region" : "westus", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "66964360-aecd-11eb-b0c9-000d3a31c437", + "Body" : "{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/6adc4e1b-ff4f-43a7-92ad-6e4ca58d354f\",\"name\":\"6adc4e1b-ff4f-43a7-92ad-6e4ca58d354f\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[],\"roleName\":\"6adc4e1b-ff4f-43a7-92ad-6e4ca58d354f\",\"type\":\"CustomRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"}" + }, + "Exception" : null + } ], + "variables" : [ ] +} \ No newline at end of file diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlAsyncClientTest.getRoleAssignment[1].json b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlAsyncClientTest.getRoleAssignment[1].json new file mode 100644 index 000000000000..731c88b4d3aa --- /dev/null +++ b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlAsyncClientTest.getRoleAssignment[1].json @@ -0,0 +1,76 @@ +{ + "networkCallRecords" : [ { + "Method" : "GET", + "Uri" : "https://REDACTED.managedhsm.azure.net///providers/Microsoft.Authorization/roleDefinitions?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" + }, + "Response" : { + "content-length" : "6944", + "x-frame-options" : "SAMEORIGIN", + "x-ms-build-version" : "1.0.20210407-3-27236ed1-develop", + "retry-after" : "0", + "StatusCode" : "200", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "1", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-region" : "westus", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "ae761f98-aecd-11eb-8e60-000d3a31c437", + "Body" : "{\"value\":[{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8\",\"name\":\"7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/backup/start/action\",\"Microsoft.KeyVault/managedHsm/backup/status/action\",\"Microsoft.KeyVault/managedHsm/keys/backup/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Backup\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/33413926-3206-4cdd-b39a-83574fe37a17\",\"name\":\"33413926-3206-4cdd-b39a-83574fe37a17\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/wrap/action\",\"Microsoft.KeyVault/managedHsm/keys/unwrap/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Service Encryption\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625c\",\"name\":\"21dbd100-6940-42c2-9190-5d6cb909625c\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/release/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Service Release\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/2c18b078-7c48-4d3a-af88-5a3a1b3f82b3\",\"name\":\"2c18b078-7c48-4d3a-af88-5a3a1b3f82b3\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Auditor\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/4bd23610-cdcf-4971-bdee-bdc562cc28e4\",\"name\":\"4bd23610-cdcf-4971-bdee-bdc562cc28e4\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/delete/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Policy Administrator\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625b\",\"name\":\"21dbd100-6940-42c2-9190-5d6cb909625b\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/write/action\",\"Microsoft.KeyVault/managedHsm/keys/delete\",\"Microsoft.KeyVault/managedHsm/keys/create\",\"Microsoft.KeyVault/managedHsm/keys/import/action\",\"Microsoft.KeyVault/managedHsm/keys/release/action\",\"Microsoft.KeyVault/managedHsm/keys/backup/action\",\"Microsoft.KeyVault/managedHsm/keys/restore/action\",\"Microsoft.KeyVault/managedHsm/keys/encrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/decrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/wrap/action\",\"Microsoft.KeyVault/managedHsm/keys/unwrap/action\",\"Microsoft.KeyVault/managedHsm/keys/sign/action\",\"Microsoft.KeyVault/managedHsm/keys/verify/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto User\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"name\":\"515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/delete/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/delete\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/recover/action\",\"Microsoft.KeyVault/managedHsm/keys/export/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Officer\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/a290e904-7015-4bba-90c8-60543313cdb4\",\"name\":\"a290e904-7015-4bba-90c8-60543313cdb4\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/delete/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/download/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/download/read\",\"Microsoft.KeyVault/managedHsm/securitydomain/upload/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/upload/read\",\"Microsoft.KeyVault/managedHsm/securitydomain/transferkey/read\",\"Microsoft.KeyVault/managedHsm/backup/start/action\",\"Microsoft.KeyVault/managedHsm/restore/start/action\",\"Microsoft.KeyVault/managedHsm/backup/status/action\",\"Microsoft.KeyVault/managedHsm/restore/status/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Administrator\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/91d62511-feb2-456f-80a0-5b17bbaa50ec\",\"name\":\"91d62511-feb2-456f-80a0-5b17bbaa50ec\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[],\"roleName\":\"91d62511-feb2-456f-80a0-5b17bbaa50ec\",\"type\":\"CustomRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"}]}" + }, + "Exception" : null + }, { + "Method" : "PUT", + "Uri" : "https://REDACTED.managedhsm.azure.net///providers/Microsoft.Authorization/roleAssignments/658d6c14-98c2-4a53-a523-be8609eb7f8b?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)", + "Content-Type" : "application/json" + }, + "Response" : { + "content-length" : "398", + "x-frame-options" : "SAMEORIGIN", + "retry-after" : "0", + "StatusCode" : "201", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "51", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-region" : "westus", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "b0ff365a-aecd-11eb-8eeb-000d3a31c437", + "Body" : "{\"id\":\"/providers/Microsoft.Authorization/roleAssignments/658d6c14-98c2-4a53-a523-be8609eb7f8b\",\"name\":\"658d6c14-98c2-4a53-a523-be8609eb7f8b\",\"properties\":{\"principalId\":\"49acc88b-8f9e-4619-9856-16691db66767\",\"roleDefinitionId\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"scope\":\"/\"},\"type\":\"Microsoft.Authorization/roleAssignments\"}" + }, + "Exception" : null + }, { + "Method" : "GET", + "Uri" : "https://REDACTED.managedhsm.azure.net///providers/Microsoft.Authorization/roleAssignments/658d6c14-98c2-4a53-a523-be8609eb7f8b?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" + }, + "Response" : { + "content-length" : "398", + "x-frame-options" : "SAMEORIGIN", + "x-ms-build-version" : "1.0.20210407-3-27236ed1-develop", + "retry-after" : "0", + "StatusCode" : "200", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "1", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-region" : "westus", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "b11fe7a6-aecd-11eb-8eeb-000d3a31c437", + "Body" : "{\"id\":\"/providers/Microsoft.Authorization/roleAssignments/658d6c14-98c2-4a53-a523-be8609eb7f8b\",\"name\":\"658d6c14-98c2-4a53-a523-be8609eb7f8b\",\"properties\":{\"principalId\":\"49acc88b-8f9e-4619-9856-16691db66767\",\"roleDefinitionId\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"scope\":\"/\"},\"type\":\"Microsoft.Authorization/roleAssignments\"}" + }, + "Exception" : null + } ], + "variables" : [ ] +} \ No newline at end of file diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlAsyncClientTest.getRoleDefinition[1].json b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlAsyncClientTest.getRoleDefinition[1].json new file mode 100644 index 000000000000..793eb1cdbc13 --- /dev/null +++ b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlAsyncClientTest.getRoleDefinition[1].json @@ -0,0 +1,52 @@ +{ + "networkCallRecords" : [ { + "Method" : "PUT", + "Uri" : "https://REDACTED.managedhsm.azure.net///providers/Microsoft.Authorization/roleDefinitions/69dd1d15-b9c3-4252-be2e-e5ce7cbed1d5?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)", + "Content-Type" : "application/json" + }, + "Response" : { + "content-length" : "353", + "x-frame-options" : "SAMEORIGIN", + "retry-after" : "0", + "StatusCode" : "201", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "65", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-region" : "westus", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "5aa48ea4-aecd-11eb-a2cd-000d3a31c437", + "Body" : "{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/69dd1d15-b9c3-4252-be2e-e5ce7cbed1d5\",\"name\":\"69dd1d15-b9c3-4252-be2e-e5ce7cbed1d5\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[],\"roleName\":\"69dd1d15-b9c3-4252-be2e-e5ce7cbed1d5\",\"type\":\"CustomRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"}" + }, + "Exception" : null + }, { + "Method" : "GET", + "Uri" : "https://REDACTED.managedhsm.azure.net///providers/Microsoft.Authorization/roleDefinitions/69dd1d15-b9c3-4252-be2e-e5ce7cbed1d5?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" + }, + "Response" : { + "content-length" : "353", + "x-frame-options" : "SAMEORIGIN", + "x-ms-build-version" : "1.0.20210407-3-27236ed1-develop", + "retry-after" : "0", + "StatusCode" : "200", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "0", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-region" : "westus", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "5b09f834-aecd-11eb-b2e9-000d3a3b7b4c", + "Body" : "{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/69dd1d15-b9c3-4252-be2e-e5ce7cbed1d5\",\"name\":\"69dd1d15-b9c3-4252-be2e-e5ce7cbed1d5\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[],\"roleName\":\"69dd1d15-b9c3-4252-be2e-e5ce7cbed1d5\",\"type\":\"CustomRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"}" + }, + "Exception" : null + } ], + "variables" : [ ] +} \ No newline at end of file diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlAsyncClientTest.listRoleAssignments[1].json b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlAsyncClientTest.listRoleAssignments[1].json new file mode 100644 index 000000000000..654bb1019bae --- /dev/null +++ b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlAsyncClientTest.listRoleAssignments[1].json @@ -0,0 +1,28 @@ +{ + "networkCallRecords" : [ { + "Method" : "GET", + "Uri" : "https://REDACTED.managedhsm.azure.net///providers/Microsoft.Authorization/roleAssignments?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" + }, + "Response" : { + "content-length" : "809", + "x-frame-options" : "SAMEORIGIN", + "x-ms-build-version" : "1.0.20210407-3-27236ed1-develop", + "retry-after" : "0", + "StatusCode" : "200", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "1", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-region" : "westus", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "8cdd315a-aecd-11eb-9509-000d3a59ae40", + "Body" : "{\"value\":[{\"id\":\"/providers/Microsoft.Authorization/roleAssignments/d11629b0-e3d5-4fe7-01e3-a87029e0ca39\",\"name\":\"d11629b0-e3d5-4fe7-01e3-a87029e0ca39\",\"properties\":{\"principalId\":\"f84ae8f9-c979-4750-a2fe-b350a00bebff\",\"roleDefinitionId\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/a290e904-7015-4bba-90c8-60543313cdb4\",\"scope\":\"/\"},\"type\":\"Microsoft.Authorization/roleAssignments\"},{\"id\":\"/providers/Microsoft.Authorization/roleAssignments/1ee3281c-3854-46f8-b75a-ecda480081dc\",\"name\":\"1ee3281c-3854-46f8-b75a-ecda480081dc\",\"properties\":{\"principalId\":\"e2a5509f-bad0-4a8c-863d-48942ecf3344\",\"roleDefinitionId\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/a290e904-7015-4bba-90c8-60543313cdb4\",\"scope\":\"/\"},\"type\":\"Microsoft.Authorization/roleAssignments\"}]}" + }, + "Exception" : null + } ], + "variables" : [ ] +} \ No newline at end of file diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlAsyncClientTest.listRoleDefinitions[1].json b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlAsyncClientTest.listRoleDefinitions[1].json new file mode 100644 index 000000000000..6e0242fa41c6 --- /dev/null +++ b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlAsyncClientTest.listRoleDefinitions[1].json @@ -0,0 +1,28 @@ +{ + "networkCallRecords" : [ { + "Method" : "GET", + "Uri" : "https://REDACTED.managedhsm.azure.net///providers/Microsoft.Authorization/roleDefinitions?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" + }, + "Response" : { + "content-length" : "6590", + "x-frame-options" : "SAMEORIGIN", + "x-ms-build-version" : "1.0.20210407-3-27236ed1-develop", + "retry-after" : "0", + "StatusCode" : "200", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "1", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-region" : "westus", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "3be0a3a4-aecd-11eb-8fdc-000d3a31c437", + "Body" : "{\"value\":[{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8\",\"name\":\"7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/backup/start/action\",\"Microsoft.KeyVault/managedHsm/backup/status/action\",\"Microsoft.KeyVault/managedHsm/keys/backup/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Backup\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/33413926-3206-4cdd-b39a-83574fe37a17\",\"name\":\"33413926-3206-4cdd-b39a-83574fe37a17\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/wrap/action\",\"Microsoft.KeyVault/managedHsm/keys/unwrap/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Service Encryption\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625c\",\"name\":\"21dbd100-6940-42c2-9190-5d6cb909625c\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/release/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Service Release\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/2c18b078-7c48-4d3a-af88-5a3a1b3f82b3\",\"name\":\"2c18b078-7c48-4d3a-af88-5a3a1b3f82b3\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Auditor\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/4bd23610-cdcf-4971-bdee-bdc562cc28e4\",\"name\":\"4bd23610-cdcf-4971-bdee-bdc562cc28e4\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/delete/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Policy Administrator\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625b\",\"name\":\"21dbd100-6940-42c2-9190-5d6cb909625b\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/write/action\",\"Microsoft.KeyVault/managedHsm/keys/delete\",\"Microsoft.KeyVault/managedHsm/keys/create\",\"Microsoft.KeyVault/managedHsm/keys/import/action\",\"Microsoft.KeyVault/managedHsm/keys/release/action\",\"Microsoft.KeyVault/managedHsm/keys/backup/action\",\"Microsoft.KeyVault/managedHsm/keys/restore/action\",\"Microsoft.KeyVault/managedHsm/keys/encrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/decrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/wrap/action\",\"Microsoft.KeyVault/managedHsm/keys/unwrap/action\",\"Microsoft.KeyVault/managedHsm/keys/sign/action\",\"Microsoft.KeyVault/managedHsm/keys/verify/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto User\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"name\":\"515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/delete/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/delete\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/recover/action\",\"Microsoft.KeyVault/managedHsm/keys/export/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Officer\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/a290e904-7015-4bba-90c8-60543313cdb4\",\"name\":\"a290e904-7015-4bba-90c8-60543313cdb4\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/delete/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/download/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/download/read\",\"Microsoft.KeyVault/managedHsm/securitydomain/upload/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/upload/read\",\"Microsoft.KeyVault/managedHsm/securitydomain/transferkey/read\",\"Microsoft.KeyVault/managedHsm/backup/start/action\",\"Microsoft.KeyVault/managedHsm/restore/start/action\",\"Microsoft.KeyVault/managedHsm/backup/status/action\",\"Microsoft.KeyVault/managedHsm/restore/status/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Administrator\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"}]}" + }, + "Exception" : null + } ], + "variables" : [ ] +} \ No newline at end of file diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlAsyncClientTest.setRoleDefinition[1].json b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlAsyncClientTest.setRoleDefinition[1].json new file mode 100644 index 000000000000..1aabf210ab7e --- /dev/null +++ b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlAsyncClientTest.setRoleDefinition[1].json @@ -0,0 +1,28 @@ +{ + "networkCallRecords" : [ { + "Method" : "PUT", + "Uri" : "https://REDACTED.managedhsm.azure.net///providers/Microsoft.Authorization/roleDefinitions/91d62511-feb2-456f-80a0-5b17bbaa50ec?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)", + "Content-Type" : "application/json" + }, + "Response" : { + "content-length" : "353", + "x-frame-options" : "SAMEORIGIN", + "retry-after" : "0", + "StatusCode" : "201", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "110", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-region" : "westus", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "4f3fccf4-aecd-11eb-9c19-000d3a3b7b4c", + "Body" : "{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/91d62511-feb2-456f-80a0-5b17bbaa50ec\",\"name\":\"91d62511-feb2-456f-80a0-5b17bbaa50ec\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[],\"roleName\":\"91d62511-feb2-456f-80a0-5b17bbaa50ec\",\"type\":\"CustomRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"}" + }, + "Exception" : null + } ], + "variables" : [ ] +} \ No newline at end of file diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlClientTest.createExistingRoleAssignmentThrows[1].json b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlClientTest.createExistingRoleAssignmentThrows[1].json new file mode 100644 index 000000000000..cdc9356b556a --- /dev/null +++ b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlClientTest.createExistingRoleAssignmentThrows[1].json @@ -0,0 +1,74 @@ +{ + "networkCallRecords" : [ { + "Method" : "GET", + "Uri" : "https://REDACTED.managedhsm.azure.net///providers/Microsoft.Authorization/roleDefinitions?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" + }, + "Response" : { + "content-length" : "6590", + "x-frame-options" : "SAMEORIGIN", + "x-ms-build-version" : "1.0.20210407-3-27236ed1-develop", + "retry-after" : "0", + "StatusCode" : "200", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "1", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-region" : "westus", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "52f82de2-aec2-11eb-8fdc-000d3a31c437", + "Body" : "{\"value\":[{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8\",\"name\":\"7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/backup/start/action\",\"Microsoft.KeyVault/managedHsm/backup/status/action\",\"Microsoft.KeyVault/managedHsm/keys/backup/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Backup\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/33413926-3206-4cdd-b39a-83574fe37a17\",\"name\":\"33413926-3206-4cdd-b39a-83574fe37a17\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/wrap/action\",\"Microsoft.KeyVault/managedHsm/keys/unwrap/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Service Encryption\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625c\",\"name\":\"21dbd100-6940-42c2-9190-5d6cb909625c\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/release/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Service Release\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/2c18b078-7c48-4d3a-af88-5a3a1b3f82b3\",\"name\":\"2c18b078-7c48-4d3a-af88-5a3a1b3f82b3\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Auditor\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/4bd23610-cdcf-4971-bdee-bdc562cc28e4\",\"name\":\"4bd23610-cdcf-4971-bdee-bdc562cc28e4\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/delete/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Policy Administrator\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625b\",\"name\":\"21dbd100-6940-42c2-9190-5d6cb909625b\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/write/action\",\"Microsoft.KeyVault/managedHsm/keys/delete\",\"Microsoft.KeyVault/managedHsm/keys/create\",\"Microsoft.KeyVault/managedHsm/keys/import/action\",\"Microsoft.KeyVault/managedHsm/keys/release/action\",\"Microsoft.KeyVault/managedHsm/keys/backup/action\",\"Microsoft.KeyVault/managedHsm/keys/restore/action\",\"Microsoft.KeyVault/managedHsm/keys/encrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/decrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/wrap/action\",\"Microsoft.KeyVault/managedHsm/keys/unwrap/action\",\"Microsoft.KeyVault/managedHsm/keys/sign/action\",\"Microsoft.KeyVault/managedHsm/keys/verify/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto User\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"name\":\"515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/delete/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/delete\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/recover/action\",\"Microsoft.KeyVault/managedHsm/keys/export/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Officer\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/a290e904-7015-4bba-90c8-60543313cdb4\",\"name\":\"a290e904-7015-4bba-90c8-60543313cdb4\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/delete/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/download/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/download/read\",\"Microsoft.KeyVault/managedHsm/securitydomain/upload/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/upload/read\",\"Microsoft.KeyVault/managedHsm/securitydomain/transferkey/read\",\"Microsoft.KeyVault/managedHsm/backup/start/action\",\"Microsoft.KeyVault/managedHsm/restore/start/action\",\"Microsoft.KeyVault/managedHsm/backup/status/action\",\"Microsoft.KeyVault/managedHsm/restore/status/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Administrator\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"}]}" + }, + "Exception" : null + }, { + "Method" : "PUT", + "Uri" : "https://REDACTED.managedhsm.azure.net///providers/Microsoft.Authorization/roleAssignments/9412ec53-56f1-4cd8-ab3e-cbbd38253f08?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)", + "Content-Type" : "application/json" + }, + "Response" : { + "content-length" : "398", + "x-frame-options" : "SAMEORIGIN", + "retry-after" : "0", + "StatusCode" : "201", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "70", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-region" : "westus", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "535b6204-aec2-11eb-b32c-000d3a3b7b4c", + "Body" : "{\"id\":\"/providers/Microsoft.Authorization/roleAssignments/9412ec53-56f1-4cd8-ab3e-cbbd38253f08\",\"name\":\"9412ec53-56f1-4cd8-ab3e-cbbd38253f08\",\"properties\":{\"principalId\":\"49acc88b-8f9e-4619-9856-16691db66767\",\"roleDefinitionId\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"scope\":\"/\"},\"type\":\"Microsoft.Authorization/roleAssignments\"}" + }, + "Exception" : null + }, { + "Method" : "PUT", + "Uri" : "https://REDACTED.managedhsm.azure.net///providers/Microsoft.Authorization/roleAssignments/9412ec53-56f1-4cd8-ab3e-cbbd38253f08?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)", + "Content-Type" : "application/json" + }, + "Response" : { + "content-length" : "141", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "x-frame-options" : "SAMEORIGIN", + "content-type" : "application/json; charset=utf-8", + "retry-after" : "0", + "cache-control" : "no-cache", + "StatusCode" : "400", + "x-ms-request-id" : "537e9828-aec2-11eb-b32c-000d3a3b7b4c", + "Body" : "{\"error\":{\"code\":\"RoleAssignmentExists\",\"message\":\"The role assignment already exists. (Activity ID: 537e9828-aec2-11eb-b32c-000d3a3b7b4c)\"}}", + "x-ms-server-latency" : "1", + "strict-transport-security" : "max-age=31536000; includeSubDomains" + }, + "Exception" : null + } ], + "variables" : [ ] +} \ No newline at end of file diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlClientTest.createRoleAssignment[1].json b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlClientTest.createRoleAssignment[1].json new file mode 100644 index 000000000000..0e79e7fa679b --- /dev/null +++ b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlClientTest.createRoleAssignment[1].json @@ -0,0 +1,52 @@ +{ + "networkCallRecords" : [ { + "Method" : "GET", + "Uri" : "https://REDACTED.managedhsm.azure.net///providers/Microsoft.Authorization/roleDefinitions?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" + }, + "Response" : { + "content-length" : "6590", + "x-frame-options" : "SAMEORIGIN", + "x-ms-build-version" : "1.0.20210407-3-27236ed1-develop", + "retry-after" : "0", + "StatusCode" : "200", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "0", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-region" : "westus", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "13e73b66-aec2-11eb-a7d0-000d3a31c437", + "Body" : "{\"value\":[{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8\",\"name\":\"7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/backup/start/action\",\"Microsoft.KeyVault/managedHsm/backup/status/action\",\"Microsoft.KeyVault/managedHsm/keys/backup/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Backup\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/33413926-3206-4cdd-b39a-83574fe37a17\",\"name\":\"33413926-3206-4cdd-b39a-83574fe37a17\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/wrap/action\",\"Microsoft.KeyVault/managedHsm/keys/unwrap/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Service Encryption\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625c\",\"name\":\"21dbd100-6940-42c2-9190-5d6cb909625c\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/release/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Service Release\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/2c18b078-7c48-4d3a-af88-5a3a1b3f82b3\",\"name\":\"2c18b078-7c48-4d3a-af88-5a3a1b3f82b3\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Auditor\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/4bd23610-cdcf-4971-bdee-bdc562cc28e4\",\"name\":\"4bd23610-cdcf-4971-bdee-bdc562cc28e4\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/delete/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Policy Administrator\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625b\",\"name\":\"21dbd100-6940-42c2-9190-5d6cb909625b\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/write/action\",\"Microsoft.KeyVault/managedHsm/keys/delete\",\"Microsoft.KeyVault/managedHsm/keys/create\",\"Microsoft.KeyVault/managedHsm/keys/import/action\",\"Microsoft.KeyVault/managedHsm/keys/release/action\",\"Microsoft.KeyVault/managedHsm/keys/backup/action\",\"Microsoft.KeyVault/managedHsm/keys/restore/action\",\"Microsoft.KeyVault/managedHsm/keys/encrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/decrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/wrap/action\",\"Microsoft.KeyVault/managedHsm/keys/unwrap/action\",\"Microsoft.KeyVault/managedHsm/keys/sign/action\",\"Microsoft.KeyVault/managedHsm/keys/verify/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto User\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"name\":\"515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/delete/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/delete\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/recover/action\",\"Microsoft.KeyVault/managedHsm/keys/export/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Officer\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/a290e904-7015-4bba-90c8-60543313cdb4\",\"name\":\"a290e904-7015-4bba-90c8-60543313cdb4\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/delete/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/download/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/download/read\",\"Microsoft.KeyVault/managedHsm/securitydomain/upload/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/upload/read\",\"Microsoft.KeyVault/managedHsm/securitydomain/transferkey/read\",\"Microsoft.KeyVault/managedHsm/backup/start/action\",\"Microsoft.KeyVault/managedHsm/restore/start/action\",\"Microsoft.KeyVault/managedHsm/backup/status/action\",\"Microsoft.KeyVault/managedHsm/restore/status/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Administrator\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"}]}" + }, + "Exception" : null + }, { + "Method" : "PUT", + "Uri" : "https://REDACTED.managedhsm.azure.net///providers/Microsoft.Authorization/roleAssignments/d0bedeb4-7431-407d-81cd-278929c98218?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)", + "Content-Type" : "application/json" + }, + "Response" : { + "content-length" : "398", + "x-frame-options" : "SAMEORIGIN", + "retry-after" : "0", + "StatusCode" : "201", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "66", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-region" : "westus", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "144c0f46-aec2-11eb-b2e9-000d3a3b7b4c", + "Body" : "{\"id\":\"/providers/Microsoft.Authorization/roleAssignments/d0bedeb4-7431-407d-81cd-278929c98218\",\"name\":\"d0bedeb4-7431-407d-81cd-278929c98218\",\"properties\":{\"principalId\":\"49acc88b-8f9e-4619-9856-16691db66767\",\"roleDefinitionId\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"scope\":\"/\"},\"type\":\"Microsoft.Authorization/roleAssignments\"}" + }, + "Exception" : null + } ], + "variables" : [ ] +} \ No newline at end of file diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlClientTest.deleteNonExistingRoleAssignmentThrows[1].json b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlClientTest.deleteNonExistingRoleAssignmentThrows[1].json new file mode 100644 index 000000000000..c453526119d5 --- /dev/null +++ b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlClientTest.deleteNonExistingRoleAssignmentThrows[1].json @@ -0,0 +1,49 @@ +{ + "networkCallRecords" : [ { + "Method" : "GET", + "Uri" : "https://REDACTED.managedhsm.azure.net///providers/Microsoft.Authorization/roleDefinitions?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" + }, + "Response" : { + "content-length" : "6590", + "x-frame-options" : "SAMEORIGIN", + "x-ms-build-version" : "1.0.20210407-3-27236ed1-develop", + "retry-after" : "0", + "StatusCode" : "200", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "1", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-region" : "westus", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "019a2a62-aec3-11eb-97f3-000d3a59ae40", + "Body" : "{\"value\":[{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8\",\"name\":\"7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/backup/start/action\",\"Microsoft.KeyVault/managedHsm/backup/status/action\",\"Microsoft.KeyVault/managedHsm/keys/backup/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Backup\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/33413926-3206-4cdd-b39a-83574fe37a17\",\"name\":\"33413926-3206-4cdd-b39a-83574fe37a17\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/wrap/action\",\"Microsoft.KeyVault/managedHsm/keys/unwrap/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Service Encryption\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625c\",\"name\":\"21dbd100-6940-42c2-9190-5d6cb909625c\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/release/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Service Release\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/2c18b078-7c48-4d3a-af88-5a3a1b3f82b3\",\"name\":\"2c18b078-7c48-4d3a-af88-5a3a1b3f82b3\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Auditor\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/4bd23610-cdcf-4971-bdee-bdc562cc28e4\",\"name\":\"4bd23610-cdcf-4971-bdee-bdc562cc28e4\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/delete/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Policy Administrator\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625b\",\"name\":\"21dbd100-6940-42c2-9190-5d6cb909625b\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/write/action\",\"Microsoft.KeyVault/managedHsm/keys/delete\",\"Microsoft.KeyVault/managedHsm/keys/create\",\"Microsoft.KeyVault/managedHsm/keys/import/action\",\"Microsoft.KeyVault/managedHsm/keys/release/action\",\"Microsoft.KeyVault/managedHsm/keys/backup/action\",\"Microsoft.KeyVault/managedHsm/keys/restore/action\",\"Microsoft.KeyVault/managedHsm/keys/encrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/decrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/wrap/action\",\"Microsoft.KeyVault/managedHsm/keys/unwrap/action\",\"Microsoft.KeyVault/managedHsm/keys/sign/action\",\"Microsoft.KeyVault/managedHsm/keys/verify/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto User\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"name\":\"515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/delete/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/delete\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/recover/action\",\"Microsoft.KeyVault/managedHsm/keys/export/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Officer\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/a290e904-7015-4bba-90c8-60543313cdb4\",\"name\":\"a290e904-7015-4bba-90c8-60543313cdb4\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/delete/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/download/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/download/read\",\"Microsoft.KeyVault/managedHsm/securitydomain/upload/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/upload/read\",\"Microsoft.KeyVault/managedHsm/securitydomain/transferkey/read\",\"Microsoft.KeyVault/managedHsm/backup/start/action\",\"Microsoft.KeyVault/managedHsm/restore/start/action\",\"Microsoft.KeyVault/managedHsm/backup/status/action\",\"Microsoft.KeyVault/managedHsm/restore/status/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Administrator\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"}]}" + }, + "Exception" : null + }, { + "Method" : "DELETE", + "Uri" : "https://REDACTED.managedhsm.azure.net///providers/Microsoft.Authorization/roleAssignments/ee830d79-e3dc-4ac5-8581-b6f650aa7831?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" + }, + "Response" : { + "content-length" : "143", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "x-frame-options" : "SAMEORIGIN", + "content-type" : "application/json; charset=utf-8", + "retry-after" : "0", + "cache-control" : "no-cache", + "StatusCode" : "404", + "x-ms-request-id" : "01f9a85c-aec3-11eb-a430-000d3a59ae40", + "Body" : "{\"error\":{\"code\":\"RoleAssignmentNotFound\",\"message\":\"Requested role assignment not found (Activity ID: 01f9a85c-aec3-11eb-a430-000d3a59ae40)\"}}", + "x-ms-server-latency" : "0", + "strict-transport-security" : "max-age=31536000; includeSubDomains" + }, + "Exception" : null + } ], + "variables" : [ ] +} \ No newline at end of file diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlClientTest.deleteNonExistingRoleDefinitionThrows[1].json b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlClientTest.deleteNonExistingRoleDefinitionThrows[1].json new file mode 100644 index 000000000000..f2363a981514 --- /dev/null +++ b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlClientTest.deleteNonExistingRoleDefinitionThrows[1].json @@ -0,0 +1,25 @@ +{ + "networkCallRecords" : [ { + "Method" : "DELETE", + "Uri" : "https://REDACTED.managedhsm.azure.net///providers/Microsoft.Authorization/roleDefinitions/475ed505-5835-48ce-b257-cdb8fa153e67?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" + }, + "Response" : { + "content-length" : "143", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "x-frame-options" : "SAMEORIGIN", + "content-type" : "application/json; charset=utf-8", + "retry-after" : "0", + "cache-control" : "no-cache", + "StatusCode" : "404", + "x-ms-request-id" : "ae14f644-aec0-11eb-b929-000d3a31c437", + "Body" : "{\"error\":{\"code\":\"RoleDefinitionNotFound\",\"message\":\"Requested role definition not found (Activity ID: ae14f644-aec0-11eb-b929-000d3a31c437)\"}}", + "x-ms-server-latency" : "0", + "strict-transport-security" : "max-age=31536000; includeSubDomains" + }, + "Exception" : null + } ], + "variables" : [ ] +} \ No newline at end of file diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlClientTest.deleteRoleAssignment[1].json b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlClientTest.deleteRoleAssignment[1].json new file mode 100644 index 000000000000..3f5f2a585853 --- /dev/null +++ b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlClientTest.deleteRoleAssignment[1].json @@ -0,0 +1,75 @@ +{ + "networkCallRecords" : [ { + "Method" : "GET", + "Uri" : "https://REDACTED.managedhsm.azure.net///providers/Microsoft.Authorization/roleDefinitions?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" + }, + "Response" : { + "content-length" : "6590", + "x-frame-options" : "SAMEORIGIN", + "x-ms-build-version" : "1.0.20210407-3-27236ed1-develop", + "retry-after" : "0", + "StatusCode" : "200", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "1", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-region" : "westus", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "ed28fd4c-aec2-11eb-9023-000d3a59ae40", + "Body" : "{\"value\":[{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8\",\"name\":\"7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/backup/start/action\",\"Microsoft.KeyVault/managedHsm/backup/status/action\",\"Microsoft.KeyVault/managedHsm/keys/backup/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Backup\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/33413926-3206-4cdd-b39a-83574fe37a17\",\"name\":\"33413926-3206-4cdd-b39a-83574fe37a17\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/wrap/action\",\"Microsoft.KeyVault/managedHsm/keys/unwrap/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Service Encryption\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625c\",\"name\":\"21dbd100-6940-42c2-9190-5d6cb909625c\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/release/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Service Release\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/2c18b078-7c48-4d3a-af88-5a3a1b3f82b3\",\"name\":\"2c18b078-7c48-4d3a-af88-5a3a1b3f82b3\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Auditor\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/4bd23610-cdcf-4971-bdee-bdc562cc28e4\",\"name\":\"4bd23610-cdcf-4971-bdee-bdc562cc28e4\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/delete/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Policy Administrator\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625b\",\"name\":\"21dbd100-6940-42c2-9190-5d6cb909625b\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/write/action\",\"Microsoft.KeyVault/managedHsm/keys/delete\",\"Microsoft.KeyVault/managedHsm/keys/create\",\"Microsoft.KeyVault/managedHsm/keys/import/action\",\"Microsoft.KeyVault/managedHsm/keys/release/action\",\"Microsoft.KeyVault/managedHsm/keys/backup/action\",\"Microsoft.KeyVault/managedHsm/keys/restore/action\",\"Microsoft.KeyVault/managedHsm/keys/encrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/decrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/wrap/action\",\"Microsoft.KeyVault/managedHsm/keys/unwrap/action\",\"Microsoft.KeyVault/managedHsm/keys/sign/action\",\"Microsoft.KeyVault/managedHsm/keys/verify/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto User\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"name\":\"515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/delete/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/delete\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/recover/action\",\"Microsoft.KeyVault/managedHsm/keys/export/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Officer\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/a290e904-7015-4bba-90c8-60543313cdb4\",\"name\":\"a290e904-7015-4bba-90c8-60543313cdb4\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/delete/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/download/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/download/read\",\"Microsoft.KeyVault/managedHsm/securitydomain/upload/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/upload/read\",\"Microsoft.KeyVault/managedHsm/securitydomain/transferkey/read\",\"Microsoft.KeyVault/managedHsm/backup/start/action\",\"Microsoft.KeyVault/managedHsm/restore/start/action\",\"Microsoft.KeyVault/managedHsm/backup/status/action\",\"Microsoft.KeyVault/managedHsm/restore/status/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Administrator\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"}]}" + }, + "Exception" : null + }, { + "Method" : "PUT", + "Uri" : "https://REDACTED.managedhsm.azure.net///providers/Microsoft.Authorization/roleAssignments/33785c35-4196-46b5-9d99-d5bcb2b9ca1d?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)", + "Content-Type" : "application/json" + }, + "Response" : { + "content-length" : "398", + "x-frame-options" : "SAMEORIGIN", + "retry-after" : "0", + "StatusCode" : "201", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "104", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-region" : "westus", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "ed8e264a-aec2-11eb-9ab0-000d3a59ae40", + "Body" : "{\"id\":\"/providers/Microsoft.Authorization/roleAssignments/33785c35-4196-46b5-9d99-d5bcb2b9ca1d\",\"name\":\"33785c35-4196-46b5-9d99-d5bcb2b9ca1d\",\"properties\":{\"principalId\":\"49acc88b-8f9e-4619-9856-16691db66767\",\"roleDefinitionId\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"scope\":\"/\"},\"type\":\"Microsoft.Authorization/roleAssignments\"}" + }, + "Exception" : null + }, { + "Method" : "DELETE", + "Uri" : "https://REDACTED.managedhsm.azure.net///providers/Microsoft.Authorization/roleAssignments/33785c35-4196-46b5-9d99-d5bcb2b9ca1d?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" + }, + "Response" : { + "content-length" : "398", + "x-frame-options" : "SAMEORIGIN", + "retry-after" : "0", + "StatusCode" : "200", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "42", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-region" : "westus", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "edb6454e-aec2-11eb-9ab0-000d3a59ae40", + "Body" : "{\"id\":\"/providers/Microsoft.Authorization/roleAssignments/33785c35-4196-46b5-9d99-d5bcb2b9ca1d\",\"name\":\"33785c35-4196-46b5-9d99-d5bcb2b9ca1d\",\"properties\":{\"principalId\":\"49acc88b-8f9e-4619-9856-16691db66767\",\"roleDefinitionId\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"scope\":\"/\"},\"type\":\"Microsoft.Authorization/roleAssignments\"}" + }, + "Exception" : null + } ], + "variables" : [ ] +} \ No newline at end of file diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlClientTest.deleteRoleDefinition[1].json b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlClientTest.deleteRoleDefinition[1].json new file mode 100644 index 000000000000..084fbe37e91a --- /dev/null +++ b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlClientTest.deleteRoleDefinition[1].json @@ -0,0 +1,51 @@ +{ + "networkCallRecords" : [ { + "Method" : "PUT", + "Uri" : "https://REDACTED.managedhsm.azure.net///providers/Microsoft.Authorization/roleDefinitions/6adc4e1b-ff4f-43a7-92ad-6e4ca58d354f?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)", + "Content-Type" : "application/json" + }, + "Response" : { + "content-length" : "353", + "x-frame-options" : "SAMEORIGIN", + "retry-after" : "0", + "StatusCode" : "201", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "69", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-region" : "westus", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "70bfd8ae-aec0-11eb-9c19-000d3a3b7b4c", + "Body" : "{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/6adc4e1b-ff4f-43a7-92ad-6e4ca58d354f\",\"name\":\"6adc4e1b-ff4f-43a7-92ad-6e4ca58d354f\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[],\"roleName\":\"6adc4e1b-ff4f-43a7-92ad-6e4ca58d354f\",\"type\":\"CustomRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"}" + }, + "Exception" : null + }, { + "Method" : "DELETE", + "Uri" : "https://REDACTED.managedhsm.azure.net///providers/Microsoft.Authorization/roleDefinitions/6adc4e1b-ff4f-43a7-92ad-6e4ca58d354f?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" + }, + "Response" : { + "content-length" : "353", + "x-frame-options" : "SAMEORIGIN", + "retry-after" : "0", + "StatusCode" : "200", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "41", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-region" : "westus", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "713eadf0-aec0-11eb-a750-000d3a59ae40", + "Body" : "{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/6adc4e1b-ff4f-43a7-92ad-6e4ca58d354f\",\"name\":\"6adc4e1b-ff4f-43a7-92ad-6e4ca58d354f\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[],\"roleName\":\"6adc4e1b-ff4f-43a7-92ad-6e4ca58d354f\",\"type\":\"CustomRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"}" + }, + "Exception" : null + } ], + "variables" : [ ] +} \ No newline at end of file diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlClientTest.getRoleAssignment[1].json b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlClientTest.getRoleAssignment[1].json new file mode 100644 index 000000000000..bb5621b4c17c --- /dev/null +++ b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlClientTest.getRoleAssignment[1].json @@ -0,0 +1,76 @@ +{ + "networkCallRecords" : [ { + "Method" : "GET", + "Uri" : "https://REDACTED.managedhsm.azure.net///providers/Microsoft.Authorization/roleDefinitions?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" + }, + "Response" : { + "content-length" : "6590", + "x-frame-options" : "SAMEORIGIN", + "x-ms-build-version" : "1.0.20210407-3-27236ed1-develop", + "retry-after" : "0", + "StatusCode" : "200", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "0", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-region" : "westus", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "dbd30d12-aec2-11eb-9509-000d3a59ae40", + "Body" : "{\"value\":[{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8\",\"name\":\"7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/backup/start/action\",\"Microsoft.KeyVault/managedHsm/backup/status/action\",\"Microsoft.KeyVault/managedHsm/keys/backup/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Backup\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/33413926-3206-4cdd-b39a-83574fe37a17\",\"name\":\"33413926-3206-4cdd-b39a-83574fe37a17\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/wrap/action\",\"Microsoft.KeyVault/managedHsm/keys/unwrap/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Service Encryption\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625c\",\"name\":\"21dbd100-6940-42c2-9190-5d6cb909625c\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/release/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Service Release\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/2c18b078-7c48-4d3a-af88-5a3a1b3f82b3\",\"name\":\"2c18b078-7c48-4d3a-af88-5a3a1b3f82b3\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Auditor\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/4bd23610-cdcf-4971-bdee-bdc562cc28e4\",\"name\":\"4bd23610-cdcf-4971-bdee-bdc562cc28e4\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/delete/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Policy Administrator\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625b\",\"name\":\"21dbd100-6940-42c2-9190-5d6cb909625b\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/write/action\",\"Microsoft.KeyVault/managedHsm/keys/delete\",\"Microsoft.KeyVault/managedHsm/keys/create\",\"Microsoft.KeyVault/managedHsm/keys/import/action\",\"Microsoft.KeyVault/managedHsm/keys/release/action\",\"Microsoft.KeyVault/managedHsm/keys/backup/action\",\"Microsoft.KeyVault/managedHsm/keys/restore/action\",\"Microsoft.KeyVault/managedHsm/keys/encrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/decrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/wrap/action\",\"Microsoft.KeyVault/managedHsm/keys/unwrap/action\",\"Microsoft.KeyVault/managedHsm/keys/sign/action\",\"Microsoft.KeyVault/managedHsm/keys/verify/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto User\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"name\":\"515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/delete/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/delete\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/recover/action\",\"Microsoft.KeyVault/managedHsm/keys/export/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Officer\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/a290e904-7015-4bba-90c8-60543313cdb4\",\"name\":\"a290e904-7015-4bba-90c8-60543313cdb4\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/delete/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/download/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/download/read\",\"Microsoft.KeyVault/managedHsm/securitydomain/upload/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/upload/read\",\"Microsoft.KeyVault/managedHsm/securitydomain/transferkey/read\",\"Microsoft.KeyVault/managedHsm/backup/start/action\",\"Microsoft.KeyVault/managedHsm/restore/start/action\",\"Microsoft.KeyVault/managedHsm/backup/status/action\",\"Microsoft.KeyVault/managedHsm/restore/status/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Administrator\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"}]}" + }, + "Exception" : null + }, { + "Method" : "PUT", + "Uri" : "https://REDACTED.managedhsm.azure.net///providers/Microsoft.Authorization/roleAssignments/658d6c14-98c2-4a53-a523-be8609eb7f8b?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)", + "Content-Type" : "application/json" + }, + "Response" : { + "content-length" : "398", + "x-frame-options" : "SAMEORIGIN", + "retry-after" : "0", + "StatusCode" : "201", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "99", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-region" : "westus", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "dc35d4c4-aec2-11eb-996c-000d3a31c437", + "Body" : "{\"id\":\"/providers/Microsoft.Authorization/roleAssignments/658d6c14-98c2-4a53-a523-be8609eb7f8b\",\"name\":\"658d6c14-98c2-4a53-a523-be8609eb7f8b\",\"properties\":{\"principalId\":\"49acc88b-8f9e-4619-9856-16691db66767\",\"roleDefinitionId\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"scope\":\"/\"},\"type\":\"Microsoft.Authorization/roleAssignments\"}" + }, + "Exception" : null + }, { + "Method" : "GET", + "Uri" : "https://REDACTED.managedhsm.azure.net///providers/Microsoft.Authorization/roleAssignments/658d6c14-98c2-4a53-a523-be8609eb7f8b?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" + }, + "Response" : { + "content-length" : "398", + "x-frame-options" : "SAMEORIGIN", + "x-ms-build-version" : "1.0.20210407-3-27236ed1-develop", + "retry-after" : "0", + "StatusCode" : "200", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "1", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-region" : "westus", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "dc5d4130-aec2-11eb-996c-000d3a31c437", + "Body" : "{\"id\":\"/providers/Microsoft.Authorization/roleAssignments/658d6c14-98c2-4a53-a523-be8609eb7f8b\",\"name\":\"658d6c14-98c2-4a53-a523-be8609eb7f8b\",\"properties\":{\"principalId\":\"49acc88b-8f9e-4619-9856-16691db66767\",\"roleDefinitionId\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"scope\":\"/\"},\"type\":\"Microsoft.Authorization/roleAssignments\"}" + }, + "Exception" : null + } ], + "variables" : [ ] +} \ No newline at end of file diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlClientTest.getRoleDefinition[1].json b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlClientTest.getRoleDefinition[1].json new file mode 100644 index 000000000000..6f43f112d7af --- /dev/null +++ b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlClientTest.getRoleDefinition[1].json @@ -0,0 +1,52 @@ +{ + "networkCallRecords" : [ { + "Method" : "PUT", + "Uri" : "https://REDACTED.managedhsm.azure.net///providers/Microsoft.Authorization/roleDefinitions/69dd1d15-b9c3-4252-be2e-e5ce7cbed1d5?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)", + "Content-Type" : "application/json" + }, + "Response" : { + "content-length" : "353", + "x-frame-options" : "SAMEORIGIN", + "retry-after" : "0", + "StatusCode" : "201", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "73", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-region" : "westus", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "4d80ab84-aec0-11eb-8fdc-000d3a31c437", + "Body" : "{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/69dd1d15-b9c3-4252-be2e-e5ce7cbed1d5\",\"name\":\"69dd1d15-b9c3-4252-be2e-e5ce7cbed1d5\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[],\"roleName\":\"69dd1d15-b9c3-4252-be2e-e5ce7cbed1d5\",\"type\":\"CustomRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"}" + }, + "Exception" : null + }, { + "Method" : "GET", + "Uri" : "https://REDACTED.managedhsm.azure.net///providers/Microsoft.Authorization/roleDefinitions/69dd1d15-b9c3-4252-be2e-e5ce7cbed1d5?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" + }, + "Response" : { + "content-length" : "353", + "x-frame-options" : "SAMEORIGIN", + "x-ms-build-version" : "1.0.20210407-3-27236ed1-develop", + "retry-after" : "0", + "StatusCode" : "200", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "1", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-region" : "westus", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "4de71d56-aec0-11eb-a9c6-000d3a31c437", + "Body" : "{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/69dd1d15-b9c3-4252-be2e-e5ce7cbed1d5\",\"name\":\"69dd1d15-b9c3-4252-be2e-e5ce7cbed1d5\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[],\"roleName\":\"69dd1d15-b9c3-4252-be2e-e5ce7cbed1d5\",\"type\":\"CustomRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"}" + }, + "Exception" : null + } ], + "variables" : [ ] +} \ No newline at end of file diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlClientTest.listRoleAssignments[1].json b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlClientTest.listRoleAssignments[1].json new file mode 100644 index 000000000000..7c265b47074b --- /dev/null +++ b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlClientTest.listRoleAssignments[1].json @@ -0,0 +1,52 @@ +{ + "networkCallRecords" : [ { + "Method" : "GET", + "Uri" : "https://REDACTED.managedhsm.azure.net///providers/Microsoft.Authorization/roleAssignments?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" + }, + "Response" : { + "content-length" : "809", + "x-frame-options" : "SAMEORIGIN", + "x-ms-build-version" : "1.0.20210407-3-27236ed1-develop", + "retry-after" : "0", + "StatusCode" : "200", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "1", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-region" : "westus", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "52123acc-aec1-11eb-8e60-000d3a31c437", + "Body" : "{\"value\":[{\"id\":\"/providers/Microsoft.Authorization/roleAssignments/d11629b0-e3d5-4fe7-01e3-a87029e0ca39\",\"name\":\"d11629b0-e3d5-4fe7-01e3-a87029e0ca39\",\"properties\":{\"principalId\":\"f84ae8f9-c979-4750-a2fe-b350a00bebff\",\"roleDefinitionId\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/a290e904-7015-4bba-90c8-60543313cdb4\",\"scope\":\"/\"},\"type\":\"Microsoft.Authorization/roleAssignments\"},{\"id\":\"/providers/Microsoft.Authorization/roleAssignments/1ee3281c-3854-46f8-b75a-ecda480081dc\",\"name\":\"1ee3281c-3854-46f8-b75a-ecda480081dc\",\"properties\":{\"principalId\":\"e2a5509f-bad0-4a8c-863d-48942ecf3344\",\"roleDefinitionId\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/a290e904-7015-4bba-90c8-60543313cdb4\",\"scope\":\"/\"},\"type\":\"Microsoft.Authorization/roleAssignments\"}]}" + }, + "Exception" : null + }, { + "Method" : "GET", + "Uri" : "https://REDACTED.managedhsm.azure.net///providers/Microsoft.Authorization/roleAssignments?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" + }, + "Response" : { + "content-length" : "809", + "x-frame-options" : "SAMEORIGIN", + "x-ms-build-version" : "1.0.20210407-3-27236ed1-develop", + "retry-after" : "0", + "StatusCode" : "200", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "1", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-region" : "westus", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "526b94d2-aec1-11eb-a764-000d3a3b7b4c", + "Body" : "{\"value\":[{\"id\":\"/providers/Microsoft.Authorization/roleAssignments/d11629b0-e3d5-4fe7-01e3-a87029e0ca39\",\"name\":\"d11629b0-e3d5-4fe7-01e3-a87029e0ca39\",\"properties\":{\"principalId\":\"f84ae8f9-c979-4750-a2fe-b350a00bebff\",\"roleDefinitionId\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/a290e904-7015-4bba-90c8-60543313cdb4\",\"scope\":\"/\"},\"type\":\"Microsoft.Authorization/roleAssignments\"},{\"id\":\"/providers/Microsoft.Authorization/roleAssignments/1ee3281c-3854-46f8-b75a-ecda480081dc\",\"name\":\"1ee3281c-3854-46f8-b75a-ecda480081dc\",\"properties\":{\"principalId\":\"e2a5509f-bad0-4a8c-863d-48942ecf3344\",\"roleDefinitionId\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/a290e904-7015-4bba-90c8-60543313cdb4\",\"scope\":\"/\"},\"type\":\"Microsoft.Authorization/roleAssignments\"}]}" + }, + "Exception" : null + } ], + "variables" : [ ] +} \ No newline at end of file diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlClientTest.listRoleDefinitions[1].json b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlClientTest.listRoleDefinitions[1].json new file mode 100644 index 000000000000..e998cbe660e3 --- /dev/null +++ b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlClientTest.listRoleDefinitions[1].json @@ -0,0 +1,52 @@ +{ + "networkCallRecords" : [ { + "Method" : "GET", + "Uri" : "https://REDACTED.managedhsm.azure.net///providers/Microsoft.Authorization/roleDefinitions?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" + }, + "Response" : { + "content-length" : "6590", + "x-frame-options" : "SAMEORIGIN", + "x-ms-build-version" : "1.0.20210407-3-27236ed1-develop", + "retry-after" : "0", + "StatusCode" : "200", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "1", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-region" : "westus", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "428c4ac2-aeb5-11eb-aea6-000d3a3b7b4c", + "Body" : "{\"value\":[{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8\",\"name\":\"7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/backup/start/action\",\"Microsoft.KeyVault/managedHsm/backup/status/action\",\"Microsoft.KeyVault/managedHsm/keys/backup/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Backup\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/33413926-3206-4cdd-b39a-83574fe37a17\",\"name\":\"33413926-3206-4cdd-b39a-83574fe37a17\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/wrap/action\",\"Microsoft.KeyVault/managedHsm/keys/unwrap/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Service Encryption\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625c\",\"name\":\"21dbd100-6940-42c2-9190-5d6cb909625c\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/release/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Service Release\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/2c18b078-7c48-4d3a-af88-5a3a1b3f82b3\",\"name\":\"2c18b078-7c48-4d3a-af88-5a3a1b3f82b3\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Auditor\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/4bd23610-cdcf-4971-bdee-bdc562cc28e4\",\"name\":\"4bd23610-cdcf-4971-bdee-bdc562cc28e4\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/delete/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Policy Administrator\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625b\",\"name\":\"21dbd100-6940-42c2-9190-5d6cb909625b\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/write/action\",\"Microsoft.KeyVault/managedHsm/keys/delete\",\"Microsoft.KeyVault/managedHsm/keys/create\",\"Microsoft.KeyVault/managedHsm/keys/import/action\",\"Microsoft.KeyVault/managedHsm/keys/release/action\",\"Microsoft.KeyVault/managedHsm/keys/backup/action\",\"Microsoft.KeyVault/managedHsm/keys/restore/action\",\"Microsoft.KeyVault/managedHsm/keys/encrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/decrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/wrap/action\",\"Microsoft.KeyVault/managedHsm/keys/unwrap/action\",\"Microsoft.KeyVault/managedHsm/keys/sign/action\",\"Microsoft.KeyVault/managedHsm/keys/verify/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto User\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"name\":\"515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/delete/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/delete\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/recover/action\",\"Microsoft.KeyVault/managedHsm/keys/export/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Officer\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/a290e904-7015-4bba-90c8-60543313cdb4\",\"name\":\"a290e904-7015-4bba-90c8-60543313cdb4\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/delete/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/download/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/download/read\",\"Microsoft.KeyVault/managedHsm/securitydomain/upload/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/upload/read\",\"Microsoft.KeyVault/managedHsm/securitydomain/transferkey/read\",\"Microsoft.KeyVault/managedHsm/backup/start/action\",\"Microsoft.KeyVault/managedHsm/restore/start/action\",\"Microsoft.KeyVault/managedHsm/backup/status/action\",\"Microsoft.KeyVault/managedHsm/restore/status/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Administrator\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"}]}" + }, + "Exception" : null + }, { + "Method" : "GET", + "Uri" : "https://REDACTED.managedhsm.azure.net///providers/Microsoft.Authorization/roleDefinitions?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" + }, + "Response" : { + "content-length" : "6590", + "x-frame-options" : "SAMEORIGIN", + "x-ms-build-version" : "1.0.20210407-3-27236ed1-develop", + "retry-after" : "0", + "StatusCode" : "200", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "0", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-region" : "westus", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "42ee172a-aeb5-11eb-8f2a-000d3a3b7b4c", + "Body" : "{\"value\":[{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8\",\"name\":\"7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/backup/start/action\",\"Microsoft.KeyVault/managedHsm/backup/status/action\",\"Microsoft.KeyVault/managedHsm/keys/backup/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Backup\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/33413926-3206-4cdd-b39a-83574fe37a17\",\"name\":\"33413926-3206-4cdd-b39a-83574fe37a17\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/wrap/action\",\"Microsoft.KeyVault/managedHsm/keys/unwrap/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Service Encryption\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625c\",\"name\":\"21dbd100-6940-42c2-9190-5d6cb909625c\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/release/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Service Release\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/2c18b078-7c48-4d3a-af88-5a3a1b3f82b3\",\"name\":\"2c18b078-7c48-4d3a-af88-5a3a1b3f82b3\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Auditor\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/4bd23610-cdcf-4971-bdee-bdc562cc28e4\",\"name\":\"4bd23610-cdcf-4971-bdee-bdc562cc28e4\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/delete/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Policy Administrator\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625b\",\"name\":\"21dbd100-6940-42c2-9190-5d6cb909625b\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/write/action\",\"Microsoft.KeyVault/managedHsm/keys/delete\",\"Microsoft.KeyVault/managedHsm/keys/create\",\"Microsoft.KeyVault/managedHsm/keys/import/action\",\"Microsoft.KeyVault/managedHsm/keys/release/action\",\"Microsoft.KeyVault/managedHsm/keys/backup/action\",\"Microsoft.KeyVault/managedHsm/keys/restore/action\",\"Microsoft.KeyVault/managedHsm/keys/encrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/decrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/wrap/action\",\"Microsoft.KeyVault/managedHsm/keys/unwrap/action\",\"Microsoft.KeyVault/managedHsm/keys/sign/action\",\"Microsoft.KeyVault/managedHsm/keys/verify/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto User\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"name\":\"515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/delete/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/delete\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/recover/action\",\"Microsoft.KeyVault/managedHsm/keys/export/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Officer\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/a290e904-7015-4bba-90c8-60543313cdb4\",\"name\":\"a290e904-7015-4bba-90c8-60543313cdb4\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/delete/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/download/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/download/read\",\"Microsoft.KeyVault/managedHsm/securitydomain/upload/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/upload/read\",\"Microsoft.KeyVault/managedHsm/securitydomain/transferkey/read\",\"Microsoft.KeyVault/managedHsm/backup/start/action\",\"Microsoft.KeyVault/managedHsm/restore/start/action\",\"Microsoft.KeyVault/managedHsm/backup/status/action\",\"Microsoft.KeyVault/managedHsm/restore/status/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Administrator\",\"type\":\"AKVBuiltInRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"}]}" + }, + "Exception" : null + } ], + "variables" : [ ] +} \ No newline at end of file diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlClientTest.setRoleDefinition[1].json b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlClientTest.setRoleDefinition[1].json new file mode 100644 index 000000000000..b63435593e36 --- /dev/null +++ b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultAccessControlClientTest.setRoleDefinition[1].json @@ -0,0 +1,28 @@ +{ + "networkCallRecords" : [ { + "Method" : "PUT", + "Uri" : "https://REDACTED.managedhsm.azure.net///providers/Microsoft.Authorization/roleDefinitions/91d62511-feb2-456f-80a0-5b17bbaa50ec?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)", + "Content-Type" : "application/json" + }, + "Response" : { + "content-length" : "353", + "x-frame-options" : "SAMEORIGIN", + "retry-after" : "0", + "StatusCode" : "201", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "46", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-region" : "westus", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "88c49cba-aebf-11eb-8b15-000d3a31c437", + "Body" : "{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/91d62511-feb2-456f-80a0-5b17bbaa50ec\",\"name\":\"91d62511-feb2-456f-80a0-5b17bbaa50ec\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[],\"roleName\":\"91d62511-feb2-456f-80a0-5b17bbaa50ec\",\"type\":\"CustomRole\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"}" + }, + "Exception" : null + } ], + "variables" : [ ] +} \ No newline at end of file diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/beginBackup.json b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultBackupAsyncClientTest.beginBackup[1].json similarity index 53% rename from sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/beginBackup.json rename to sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultBackupAsyncClientTest.beginBackup[1].json index 82bf7b7f2ad8..5824625282cd 100644 --- a/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/beginBackup.json +++ b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultBackupAsyncClientTest.beginBackup[1].json @@ -1,83 +1,83 @@ { "networkCallRecords" : [ { "Method" : "POST", - "Uri" : "https://REDACTED.chriss-eu2.managedhsm-int.azure-int.net/backup?api-version=7.2-preview", + "Uri" : "https://REDACTED.managedhsm.azure.net/backup?api-version=7.2", "Headers" : { "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)", "Content-Type" : "application/json" }, "Response" : { - "date" : "Sat, 05 Sep 2020 01:44:06 GMT", + "date" : "Fri, 07 May 2021 01:51:07 GMT", "server" : "Kestrel", "content-length" : "216", "x-frame-options" : "SAMEORIGIN", "retry-after" : "0", "StatusCode" : "202", - "x-ms-server-latency" : "4663", + "x-ms-server-latency" : "4296", "strict-transport-security" : "max-age=31536000; includeSubDomains", "content-security-policy" : "default-src 'self'", "x-content-type-options" : "nosniff", - "x-ms-keyvault-region" : "EASTUS", + "x-ms-keyvault-region" : "westus", "content-type" : "application/json; charset=utf-8", - "x-ms-keyvault-network-info" : "addr=174.127.169.154", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", "cache-control" : "no-cache", - "x-ms-request-id" : "5a8f20bc-eee5-11ea-bf6e-0242ac120003", - "Body" : "{\"status\":\"InProgress\",\"statusDetails\":null,\"error\":{\"code\":null,\"message\":null,\"innererror\":null},\"startTime\":1599270244,\"endTime\":null,\"jobId\":\"bff4961da63f44e0ae9cdf6924b37243\",\"azureStorageBlobContainerUri\":null}", - "azure-asyncoperation" : "https://eastus2.chriss-eu2.managedhsm-int.azure-int.net/backup/bff4961da63f44e0ae9cdf6924b37243/pending" + "x-ms-request-id" : "ae9333d6-aed6-11eb-9ab0-000d3a59ae40", + "Body" : "{\"status\":\"InProgress\",\"statusDetails\":null,\"error\":{\"code\":null,\"message\":null,\"innererror\":null},\"startTime\":1620352268,\"endTime\":null,\"jobId\":\"8dc2fec887814b6ab5a1807277d81d05\",\"azureStorageBlobContainerUri\":null}", + "azure-asyncoperation" : "https://REDACTED.managedhsm.azure.net/backup/8dc2fec887814b6ab5a1807277d81d05/pending" }, "Exception" : null }, { "Method" : "GET", - "Uri" : "https://REDACTED.chriss-eu2.managedhsm-int.azure-int.net/backup/bff4961da63f44e0ae9cdf6924b37243/pending?api-version=7.2-preview", + "Uri" : "https://REDACTED.managedhsm.azure.net/backup/8dc2fec887814b6ab5a1807277d81d05/pending?api-version=7.2", "Headers" : { "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" }, "Response" : { - "date" : "Sat, 05 Sep 2020 01:44:07 GMT", + "date" : "Fri, 07 May 2021 01:51:10 GMT", "server" : "Kestrel", "content-length" : "216", "x-frame-options" : "SAMEORIGIN", - "x-ms-build-version" : "1.0.20200904-1-42b8eab8-develop", + "x-ms-build-version" : "1.0.20210407-3-27236ed1-develop", "retry-after" : "0", "StatusCode" : "200", "strict-transport-security" : "max-age=31536000; includeSubDomains", - "x-ms-server-latency" : "580", + "x-ms-server-latency" : "1336", "content-security-policy" : "default-src 'self'", "x-content-type-options" : "nosniff", - "x-ms-keyvault-region" : "EASTUS", + "x-ms-keyvault-region" : "westus", "content-type" : "application/json; charset=utf-8", - "x-ms-keyvault-network-info" : "addr=174.127.169.154", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", "cache-control" : "no-cache", - "x-ms-request-id" : "5a8f20bc-eee5-11ea-bf6e-0242ac120003", - "Body" : "{\"azureStorageBlobContainerUri\":null,\"endTime\":null,\"error\":{\"code\":null,\"innererror\":null,\"message\":null},\"jobId\":\"bff4961da63f44e0ae9cdf6924b37243\",\"startTime\":1599270244,\"status\":\"InProgress\",\"statusDetails\":null}" + "x-ms-request-id" : "b21a12fe-aed6-11eb-a2cd-000d3a31c437", + "Body" : "{\"azureStorageBlobContainerUri\":null,\"endTime\":null,\"error\":{\"code\":null,\"innererror\":null,\"message\":null},\"jobId\":\"8dc2fec887814b6ab5a1807277d81d05\",\"startTime\":1620352268,\"status\":\"InProgress\",\"statusDetails\":null}" }, "Exception" : null }, { "Method" : "GET", - "Uri" : "https://REDACTED.chriss-eu2.managedhsm-int.azure-int.net/backup/bff4961da63f44e0ae9cdf6924b37243/pending?api-version=7.2-preview", + "Uri" : "https://REDACTED.managedhsm.azure.net/backup/8dc2fec887814b6ab5a1807277d81d05/pending?api-version=7.2", "Headers" : { "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" }, "Response" : { - "date" : "Sat, 05 Sep 2020 01:44:19 GMT", + "date" : "Fri, 07 May 2021 01:51:15 GMT", "server" : "Kestrel", - "content-length" : "263", + "content-length" : "271", "x-frame-options" : "SAMEORIGIN", - "x-ms-build-version" : "1.0.20200904-1-42b8eab8-develop", + "x-ms-build-version" : "1.0.20210407-3-27236ed1-develop", "retry-after" : "0", "StatusCode" : "200", "strict-transport-security" : "max-age=31536000; includeSubDomains", - "x-ms-server-latency" : "461", + "x-ms-server-latency" : "1292", "content-security-policy" : "default-src 'self'", "x-content-type-options" : "nosniff", - "x-ms-keyvault-region" : "EASTUS", + "x-ms-keyvault-region" : "westus", "content-type" : "application/json; charset=utf-8", - "x-ms-keyvault-network-info" : "addr=174.127.169.154", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", "cache-control" : "no-cache", - "x-ms-request-id" : "5a8f20bc-eee5-11ea-bf6e-0242ac120003", - "Body" : "{\"azureStorageBlobContainerUri\":\"https://testaccount.blob.core.windows.net/backup/testKeyVault\",\"endTime\":1599270258,\"error\":null,\"jobId\":\"bff4961da63f44e0ae9cdf6924b37243\",\"startTime\":1599270244,\"status\":\"Succeeded\",\"statusDetails\":null}" + "x-ms-request-id" : "b528dcd2-aed6-11eb-a2cd-000d3a31c437", + "Body" : "{\"azureStorageBlobContainerUri\":\"https://testaccount.blob.core.windows.net/backup/REDACTED-2021050701510807\",\"endTime\":1620352276,\"error\":null,\"jobId\":\"8dc2fec887814b6ab5a1807277d81d05\",\"startTime\":1620352268,\"status\":\"Succeeded\",\"statusDetails\":null}" }, "Exception" : null } ], "variables" : [ ] -} +} \ No newline at end of file diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/beginRestore.json b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultBackupAsyncClientTest.beginRestore[1].json similarity index 53% rename from sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/beginRestore.json rename to sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultBackupAsyncClientTest.beginRestore[1].json index 1f6962d4d98e..77ca93d99d3c 100644 --- a/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/beginRestore.json +++ b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultBackupAsyncClientTest.beginRestore[1].json @@ -1,188 +1,188 @@ { "networkCallRecords" : [ { "Method" : "POST", - "Uri" : "https://REDACTED.chriss-eu2.managedhsm-int.azure-int.net/backup?api-version=7.2-preview", + "Uri" : "https://REDACTED.managedhsm.azure.net/backup?api-version=7.2", "Headers" : { "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)", "Content-Type" : "application/json" }, "Response" : { - "date" : "Sat, 05 Sep 2020 02:10:42 GMT", + "date" : "Fri, 07 May 2021 01:59:21 GMT", "server" : "Kestrel", "content-length" : "216", "x-frame-options" : "SAMEORIGIN", "retry-after" : "0", "StatusCode" : "202", - "x-ms-server-latency" : "956", + "x-ms-server-latency" : "1588", "strict-transport-security" : "max-age=31536000; includeSubDomains", "content-security-policy" : "default-src 'self'", "x-content-type-options" : "nosniff", - "x-ms-keyvault-region" : "EASTUS", + "x-ms-keyvault-region" : "westus", "content-type" : "application/json; charset=utf-8", - "x-ms-keyvault-network-info" : "addr=174.127.169.154", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", "cache-control" : "no-cache", - "x-ms-request-id" : "0a92d500-eeee-11ea-ad45-0242ac120005", - "Body" : "{\"status\":\"InProgress\",\"statusDetails\":null,\"error\":{\"code\":null,\"message\":null,\"innererror\":null},\"startTime\":1599271842,\"endTime\":null,\"jobId\":\"41b6e77196cb46f8a1eafe715312d672\",\"azureStorageBlobContainerUri\":null}", - "azure-asyncoperation" : "https://eastus2.chriss-eu2.managedhsm-int.azure-int.net/backup/41b6e77196cb46f8a1eafe715312d672/pending" + "x-ms-request-id" : "d64faa20-aed7-11eb-bc0f-000d3a59ae40", + "Body" : "{\"status\":\"InProgress\",\"statusDetails\":null,\"error\":{\"code\":null,\"message\":null,\"innererror\":null},\"startTime\":1620352761,\"endTime\":null,\"jobId\":\"55bb480d6c6b4fd9ae302696f35c3f5e\",\"azureStorageBlobContainerUri\":null}", + "azure-asyncoperation" : "https://REDACTED.managedhsm.azure.net/backup/55bb480d6c6b4fd9ae302696f35c3f5e/pending" }, "Exception" : null }, { "Method" : "GET", - "Uri" : "https://REDACTED.chriss-eu2.managedhsm-int.azure-int.net/backup/41b6e77196cb46f8a1eafe715312d672/pending?api-version=7.2-preview", + "Uri" : "https://REDACTED.managedhsm.azure.net/backup/55bb480d6c6b4fd9ae302696f35c3f5e/pending?api-version=7.2", "Headers" : { "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" }, "Response" : { - "date" : "Sat, 05 Sep 2020 02:10:43 GMT", + "date" : "Fri, 07 May 2021 01:59:23 GMT", "server" : "Kestrel", "content-length" : "216", "x-frame-options" : "SAMEORIGIN", - "x-ms-build-version" : "1.0.20200904-1-42b8eab8-develop", + "x-ms-build-version" : "1.0.20210407-3-27236ed1-develop", "retry-after" : "0", "StatusCode" : "200", "strict-transport-security" : "max-age=31536000; includeSubDomains", - "x-ms-server-latency" : "669", + "x-ms-server-latency" : "1502", "content-security-policy" : "default-src 'self'", "x-content-type-options" : "nosniff", - "x-ms-keyvault-region" : "EASTUS", + "x-ms-keyvault-region" : "westus", "content-type" : "application/json; charset=utf-8", - "x-ms-keyvault-network-info" : "addr=174.127.169.154", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", "cache-control" : "no-cache", - "x-ms-request-id" : "0a92d500-eeee-11ea-ad45-0242ac120005", - "Body" : "{\"azureStorageBlobContainerUri\":null,\"endTime\":null,\"error\":{\"code\":null,\"innererror\":null,\"message\":null},\"jobId\":\"41b6e77196cb46f8a1eafe715312d672\",\"startTime\":1599271842,\"status\":\"InProgress\",\"statusDetails\":null}" + "x-ms-request-id" : "d8372b6a-aed7-11eb-a15d-000d3a59ae40", + "Body" : "{\"azureStorageBlobContainerUri\":null,\"endTime\":null,\"error\":{\"code\":null,\"innererror\":null,\"message\":null},\"jobId\":\"55bb480d6c6b4fd9ae302696f35c3f5e\",\"startTime\":1620352761,\"status\":\"InProgress\",\"statusDetails\":null}" }, "Exception" : null }, { "Method" : "GET", - "Uri" : "https://REDACTED.chriss-eu2.managedhsm-int.azure-int.net/backup/41b6e77196cb46f8a1eafe715312d672/pending?api-version=7.2-preview", + "Uri" : "https://REDACTED.managedhsm.azure.net/backup/55bb480d6c6b4fd9ae302696f35c3f5e/pending?api-version=7.2", "Headers" : { "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" }, "Response" : { - "date" : "Sat, 05 Sep 2020 02:10:52 GMT", + "date" : "Fri, 07 May 2021 01:59:29 GMT", "server" : "Kestrel", - "content-length" : "263", + "content-length" : "271", "x-frame-options" : "SAMEORIGIN", - "x-ms-build-version" : "1.0.20200904-1-42b8eab8-develop", + "x-ms-build-version" : "1.0.20210407-3-27236ed1-develop", "retry-after" : "0", "StatusCode" : "200", "strict-transport-security" : "max-age=31536000; includeSubDomains", - "x-ms-server-latency" : "586", + "x-ms-server-latency" : "1296", "content-security-policy" : "default-src 'self'", "x-content-type-options" : "nosniff", - "x-ms-keyvault-region" : "EASTUS", + "x-ms-keyvault-region" : "westus", "content-type" : "application/json; charset=utf-8", - "x-ms-keyvault-network-info" : "addr=174.127.169.154", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", "cache-control" : "no-cache", - "x-ms-request-id" : "0a92d500-eeee-11ea-ad45-0242ac120005", - "Body" : "{\"azureStorageBlobContainerUri\":\"https://testaccount.blob.core.windows.net/backup/testKeyVault\",\"endTime\":1599271853,\"error\":null,\"jobId\":\"41b6e77196cb46f8a1eafe715312d672\",\"startTime\":1599271842,\"status\":\"Succeeded\",\"statusDetails\":null}" + "x-ms-request-id" : "db3806e0-aed7-11eb-a15d-000d3a59ae40", + "Body" : "{\"azureStorageBlobContainerUri\":\"https://testaccount.blob.core.windows.net/backup/REDACTED-2021050701592162\",\"endTime\":1620352769,\"error\":null,\"jobId\":\"55bb480d6c6b4fd9ae302696f35c3f5e\",\"startTime\":1620352761,\"status\":\"Succeeded\",\"statusDetails\":null}" }, "Exception" : null }, { "Method" : "PUT", - "Uri" : "https://REDACTED.chriss-eu2.managedhsm-int.azure-int.net/restore?api-version=7.2-preview", + "Uri" : "https://REDACTED.managedhsm.azure.net/restore?api-version=7.2", "Headers" : { "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)", "Content-Type" : "application/json" }, "Response" : { - "date" : "Sat, 05 Sep 2020 02:11:04 GMT", + "date" : "Fri, 07 May 2021 01:59:34 GMT", "server" : "Kestrel", "content-length" : "180", "x-frame-options" : "SAMEORIGIN", "retry-after" : "0", "StatusCode" : "202", - "x-ms-server-latency" : "722", + "x-ms-server-latency" : "4289", "strict-transport-security" : "max-age=31536000; includeSubDomains", "content-security-policy" : "default-src 'self'", "x-content-type-options" : "nosniff", - "x-ms-keyvault-region" : "EASTUS", + "x-ms-keyvault-region" : "westus", "content-type" : "application/json; charset=utf-8", - "x-ms-keyvault-network-info" : "addr=174.127.169.154", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", "cache-control" : "no-cache", - "x-ms-request-id" : "0a92d500-eeee-11ea-ad45-0242ac120005", - "Body" : "{\"endTime\":null,\"error\":{\"code\":null,\"innererror\":null,\"message\":null},\"jobId\":\"39009818fe314387916f1513179d12cd\",\"startTime\":1599271865,\"status\":\"InProgress\",\"statusDetails\":null}", - "azure-asyncoperation" : "https://eastus2.chriss-eu2.managedhsm-int.azure-int.net/restore/39009818fe314387916f1513179d12cd/pending" + "x-ms-request-id" : "dc1821d0-aed7-11eb-a15d-000d3a59ae40", + "Body" : "{\"endTime\":null,\"error\":{\"code\":null,\"innererror\":null,\"message\":null},\"jobId\":\"a5ebd32dce1b44308029a0711bd6d5ea\",\"startTime\":1620352771,\"status\":\"InProgress\",\"statusDetails\":null}", + "azure-asyncoperation" : "https://REDACTED.managedhsm.azure.net/restore/a5ebd32dce1b44308029a0711bd6d5ea/pending" }, "Exception" : null }, { "Method" : "GET", - "Uri" : "https://REDACTED.chriss-eu2.managedhsm-int.azure-int.net/restore/39009818fe314387916f1513179d12cd/pending?api-version=7.2-preview", + "Uri" : "https://REDACTED.managedhsm.azure.net/restore/a5ebd32dce1b44308029a0711bd6d5ea/pending?api-version=7.2", "Headers" : { "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" }, "Response" : { - "date" : "Sat, 05 Sep 2020 02:11:06 GMT", + "date" : "Fri, 07 May 2021 01:59:47 GMT", "server" : "Kestrel", "content-length" : "180", "x-frame-options" : "SAMEORIGIN", - "x-ms-build-version" : "1.0.20200904-1-42b8eab8-develop", + "x-ms-build-version" : "1.0.20210407-3-27236ed1-develop", "retry-after" : "0", "StatusCode" : "200", "strict-transport-security" : "max-age=31536000; includeSubDomains", - "x-ms-server-latency" : "600", + "x-ms-server-latency" : "1211", "content-security-policy" : "default-src 'self'", "x-content-type-options" : "nosniff", - "x-ms-keyvault-region" : "EASTUS", + "x-ms-keyvault-region" : "westus", "content-type" : "application/json; charset=utf-8", - "x-ms-keyvault-network-info" : "addr=174.127.169.154", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", "cache-control" : "no-cache", - "x-ms-request-id" : "0a92d500-eeee-11ea-ad45-0242ac120005", - "Body" : "{\"endTime\":null,\"error\":{\"code\":null,\"innererror\":null,\"message\":null},\"jobId\":\"39009818fe314387916f1513179d12cd\",\"startTime\":1599271865,\"status\":\"InProgress\",\"statusDetails\":null}" + "x-ms-request-id" : "e6ab9bae-aed7-11eb-a15d-000d3a59ae40", + "Body" : "{\"endTime\":null,\"error\":{\"code\":null,\"innererror\":null,\"message\":null},\"jobId\":\"a5ebd32dce1b44308029a0711bd6d5ea\",\"startTime\":1620352771,\"status\":\"InProgress\",\"statusDetails\":null}" }, "Exception" : null }, { "Method" : "GET", - "Uri" : "https://REDACTED.chriss-eu2.managedhsm-int.azure-int.net/restore/39009818fe314387916f1513179d12cd/pending?api-version=7.2-preview", + "Uri" : "https://REDACTED.managedhsm.azure.net/restore/a5ebd32dce1b44308029a0711bd6d5ea/pending?api-version=7.2", "Headers" : { "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" }, "Response" : { - "date" : "Sat, 05 Sep 2020 02:11:23 GMT", + "date" : "Fri, 07 May 2021 01:59:50 GMT", "server" : "Kestrel", "content-length" : "143", "x-frame-options" : "SAMEORIGIN", - "x-ms-build-version" : "1.0.20200904-1-42b8eab8-develop", + "x-ms-build-version" : "1.0.20210407-3-27236ed1-develop", "retry-after" : "0", "StatusCode" : "200", "strict-transport-security" : "max-age=31536000; includeSubDomains", - "x-ms-server-latency" : "558", + "x-ms-server-latency" : "1214", "content-security-policy" : "default-src 'self'", "x-content-type-options" : "nosniff", - "x-ms-keyvault-region" : "EASTUS", + "x-ms-keyvault-region" : "westus", "content-type" : "application/json; charset=utf-8", - "x-ms-keyvault-network-info" : "addr=174.127.169.154", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", "cache-control" : "no-cache", - "x-ms-request-id" : "0a92d500-eeee-11ea-ad45-0242ac120005", - "Body" : "{\"endTime\":1599271882,\"error\":null,\"jobId\":\"39009818fe314387916f1513179d12cd\",\"startTime\":1599271865,\"status\":\"Succeeded\",\"statusDetails\":null}" + "x-ms-request-id" : "e8163bd4-aed7-11eb-a15d-000d3a59ae40", + "Body" : "{\"endTime\":1620352789,\"error\":null,\"jobId\":\"a5ebd32dce1b44308029a0711bd6d5ea\",\"startTime\":1620352771,\"status\":\"Succeeded\",\"statusDetails\":null}" }, "Exception" : null }, { "Method" : "GET", - "Uri" : "https://REDACTED.chriss-eu2.managedhsm-int.azure-int.net/restore/39009818fe314387916f1513179d12cd/pending?api-version=7.2-preview", + "Uri" : "https://REDACTED.managedhsm.azure.net/restore/a5ebd32dce1b44308029a0711bd6d5ea/pending?api-version=7.2", "Headers" : { "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" }, "Response" : { - "date" : "Sat, 05 Sep 2020 02:11:23 GMT", + "date" : "Fri, 07 May 2021 01:59:52 GMT", "server" : "Kestrel", "content-length" : "143", "x-frame-options" : "SAMEORIGIN", - "x-ms-build-version" : "1.0.20200904-1-42b8eab8-develop", + "x-ms-build-version" : "1.0.20210407-3-27236ed1-develop", "retry-after" : "0", "StatusCode" : "200", "strict-transport-security" : "max-age=31536000; includeSubDomains", - "x-ms-server-latency" : "543", + "x-ms-server-latency" : "1160", "content-security-policy" : "default-src 'self'", "x-content-type-options" : "nosniff", - "x-ms-keyvault-region" : "EASTUS", + "x-ms-keyvault-region" : "westus", "content-type" : "application/json; charset=utf-8", - "x-ms-keyvault-network-info" : "addr=174.127.169.154", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", "cache-control" : "no-cache", - "x-ms-request-id" : "0a92d500-eeee-11ea-ad45-0242ac120005", - "Body" : "{\"endTime\":1599271882,\"error\":null,\"jobId\":\"39009818fe314387916f1513179d12cd\",\"startTime\":1599271865,\"status\":\"Succeeded\",\"statusDetails\":null}" + "x-ms-request-id" : "e8e6117e-aed7-11eb-a15d-000d3a59ae40", + "Body" : "{\"endTime\":1620352789,\"error\":null,\"jobId\":\"a5ebd32dce1b44308029a0711bd6d5ea\",\"startTime\":1620352771,\"status\":\"Succeeded\",\"statusDetails\":null}" }, "Exception" : null } ], "variables" : [ ] -} +} \ No newline at end of file diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultBackupAsyncClientTest.beginSelectiveRestore[1].json b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultBackupAsyncClientTest.beginSelectiveRestore[1].json new file mode 100644 index 000000000000..779a13550283 --- /dev/null +++ b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultBackupAsyncClientTest.beginSelectiveRestore[1].json @@ -0,0 +1,188 @@ +{ + "networkCallRecords" : [ { + "Method" : "POST", + "Uri" : "https://REDACTED.managedhsm.azure.net/backup?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)", + "Content-Type" : "application/json" + }, + "Response" : { + "date" : "Fri, 07 May 2021 01:52:05 GMT", + "server" : "Kestrel", + "content-length" : "216", + "x-frame-options" : "SAMEORIGIN", + "retry-after" : "0", + "StatusCode" : "202", + "x-ms-server-latency" : "2452", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "x-ms-keyvault-region" : "westus", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "d17ecef0-aed6-11eb-9af8-000d3a3b7b4c", + "Body" : "{\"status\":\"InProgress\",\"statusDetails\":null,\"error\":{\"code\":null,\"message\":null,\"innererror\":null},\"startTime\":1620352324,\"endTime\":null,\"jobId\":\"160d3dfa124249b1b693a6dd3b8fcd13\",\"azureStorageBlobContainerUri\":null}", + "azure-asyncoperation" : "https://REACTED.managedhsm.azure.net/backup/160d3dfa124249b1b693a6dd3b8fcd13/pending" + }, + "Exception" : null + }, { + "Method" : "GET", + "Uri" : "https://REDACTED.managedhsm.azure.net/backup/160d3dfa124249b1b693a6dd3b8fcd13/pending?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" + }, + "Response" : { + "date" : "Fri, 07 May 2021 01:52:07 GMT", + "server" : "Kestrel", + "content-length" : "216", + "x-frame-options" : "SAMEORIGIN", + "x-ms-build-version" : "1.0.20210407-3-27236ed1-develop", + "retry-after" : "0", + "StatusCode" : "200", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "1475", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "x-ms-keyvault-region" : "westus", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "d403a948-aed6-11eb-9b69-000d3a31c437", + "Body" : "{\"azureStorageBlobContainerUri\":null,\"endTime\":null,\"error\":{\"code\":null,\"innererror\":null,\"message\":null},\"jobId\":\"160d3dfa124249b1b693a6dd3b8fcd13\",\"startTime\":1620352324,\"status\":\"InProgress\",\"statusDetails\":null}" + }, + "Exception" : null + }, { + "Method" : "GET", + "Uri" : "https://REDACTED.managedhsm.azure.net/backup/160d3dfa124249b1b693a6dd3b8fcd13/pending?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" + }, + "Response" : { + "date" : "Fri, 07 May 2021 01:52:12 GMT", + "server" : "Kestrel", + "content-length" : "271", + "x-frame-options" : "SAMEORIGIN", + "x-ms-build-version" : "1.0.20210407-3-27236ed1-develop", + "retry-after" : "0", + "StatusCode" : "200", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "1474", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "x-ms-keyvault-region" : "westus", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "d70d14e4-aed6-11eb-9b69-000d3a31c437", + "Body" : "{\"azureStorageBlobContainerUri\":\"https://testaccount.blob.core.windows.net/backup/REACTED-2021050701520489\",\"endTime\":1620352332,\"error\":null,\"jobId\":\"160d3dfa124249b1b693a6dd3b8fcd13\",\"startTime\":1620352324,\"status\":\"Succeeded\",\"statusDetails\":null}" + }, + "Exception" : null + }, { + "Method" : "PUT", + "Uri" : "https://REDACTED.managedhsm.azure.net/keys/testKey/restore?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)", + "Content-Type" : "application/json" + }, + "Response" : { + "date" : "Fri, 07 May 2021 01:52:16 GMT", + "server" : "Kestrel", + "content-length" : "180", + "x-frame-options" : "SAMEORIGIN", + "retry-after" : "0", + "StatusCode" : "202", + "x-ms-server-latency" : "4222", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "x-ms-keyvault-region" : "westus", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "d80bed2a-aed6-11eb-9b69-000d3a31c437", + "Body" : "{\"endTime\":null,\"error\":{\"code\":null,\"innererror\":null,\"message\":null},\"jobId\":\"5c54c6c556d1408ba0d0b7e315a77a09\",\"startTime\":1620352334,\"status\":\"InProgress\",\"statusDetails\":null}", + "azure-asyncoperation" : "https://REACTED.managedhsm.azure.net/restore/5c54c6c556d1408ba0d0b7e315a77a09/pending" + }, + "Exception" : null + }, { + "Method" : "GET", + "Uri" : "https://REDACTED.managedhsm.azure.net/restore/5c54c6c556d1408ba0d0b7e315a77a09/pending?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" + }, + "Response" : { + "date" : "Fri, 07 May 2021 01:52:32 GMT", + "server" : "Kestrel", + "content-length" : "180", + "x-frame-options" : "SAMEORIGIN", + "x-ms-build-version" : "1.0.20210407-3-27236ed1-develop", + "retry-after" : "0", + "StatusCode" : "200", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "1908", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "x-ms-keyvault-region" : "westus", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "e243ed4c-aed6-11eb-9b69-000d3a31c437", + "Body" : "{\"endTime\":null,\"error\":{\"code\":null,\"innererror\":null,\"message\":null},\"jobId\":\"5c54c6c556d1408ba0d0b7e315a77a09\",\"startTime\":1620352334,\"status\":\"InProgress\",\"statusDetails\":null}" + }, + "Exception" : null + }, { + "Method" : "GET", + "Uri" : "https://REDACTED.managedhsm.azure.net/restore/5c54c6c556d1408ba0d0b7e315a77a09/pending?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" + }, + "Response" : { + "date" : "Fri, 07 May 2021 01:52:34 GMT", + "server" : "Kestrel", + "content-length" : "219", + "x-frame-options" : "SAMEORIGIN", + "x-ms-build-version" : "1.0.20210407-3-27236ed1-develop", + "retry-after" : "0", + "StatusCode" : "200", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "1282", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "x-ms-keyvault-region" : "westus", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "e416621c-aed6-11eb-9b69-000d3a31c437", + "Body" : "{\"endTime\":1620352353,\"error\":{\"code\":null,\"innererror\":null,\"message\":null},\"jobId\":\"5c54c6c556d1408ba0d0b7e315a77a09\",\"startTime\":1620352334,\"status\":\"Succeeded\",\"statusDetails\":\"Number of successful key versions restored: 0, Number of key versions could not overwrite: 1\"}" + }, + "Exception" : null + }, { + "Method" : "GET", + "Uri" : "https://REDACTED.managedhsm.azure.net/restore/5c54c6c556d1408ba0d0b7e315a77a09/pending?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" + }, + "Response" : { + "date" : "Fri, 07 May 2021 01:52:36 GMT", + "server" : "Kestrel", + "content-length" : "219", + "x-frame-options" : "SAMEORIGIN", + "x-ms-build-version" : "1.0.20210407-3-27236ed1-develop", + "retry-after" : "0", + "StatusCode" : "200", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "1282", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "x-ms-keyvault-region" : "westus", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "e4f09996-aed6-11eb-9b69-000d3a31c437", + "Body" : "{\"endTime\":1620352353,\"error\":{\"code\":null,\"innererror\":null,\"message\":null},\"jobId\":\"5c54c6c556d1408ba0d0b7e315a77a09\",\"startTime\":1620352334,\"status\":\"Succeeded\",\"statusDetails\":\"Number of successful key versions restored: 0, Number of key versions could not overwrite: 1\"}" + }, + "Exception" : null + } ], + "variables" : [ ] +} \ No newline at end of file diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultBackupClientTest.beginBackup[1].json b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultBackupClientTest.beginBackup[1].json new file mode 100644 index 000000000000..5824625282cd --- /dev/null +++ b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultBackupClientTest.beginBackup[1].json @@ -0,0 +1,83 @@ +{ + "networkCallRecords" : [ { + "Method" : "POST", + "Uri" : "https://REDACTED.managedhsm.azure.net/backup?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)", + "Content-Type" : "application/json" + }, + "Response" : { + "date" : "Fri, 07 May 2021 01:51:07 GMT", + "server" : "Kestrel", + "content-length" : "216", + "x-frame-options" : "SAMEORIGIN", + "retry-after" : "0", + "StatusCode" : "202", + "x-ms-server-latency" : "4296", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "x-ms-keyvault-region" : "westus", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "ae9333d6-aed6-11eb-9ab0-000d3a59ae40", + "Body" : "{\"status\":\"InProgress\",\"statusDetails\":null,\"error\":{\"code\":null,\"message\":null,\"innererror\":null},\"startTime\":1620352268,\"endTime\":null,\"jobId\":\"8dc2fec887814b6ab5a1807277d81d05\",\"azureStorageBlobContainerUri\":null}", + "azure-asyncoperation" : "https://REDACTED.managedhsm.azure.net/backup/8dc2fec887814b6ab5a1807277d81d05/pending" + }, + "Exception" : null + }, { + "Method" : "GET", + "Uri" : "https://REDACTED.managedhsm.azure.net/backup/8dc2fec887814b6ab5a1807277d81d05/pending?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" + }, + "Response" : { + "date" : "Fri, 07 May 2021 01:51:10 GMT", + "server" : "Kestrel", + "content-length" : "216", + "x-frame-options" : "SAMEORIGIN", + "x-ms-build-version" : "1.0.20210407-3-27236ed1-develop", + "retry-after" : "0", + "StatusCode" : "200", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "1336", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "x-ms-keyvault-region" : "westus", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "b21a12fe-aed6-11eb-a2cd-000d3a31c437", + "Body" : "{\"azureStorageBlobContainerUri\":null,\"endTime\":null,\"error\":{\"code\":null,\"innererror\":null,\"message\":null},\"jobId\":\"8dc2fec887814b6ab5a1807277d81d05\",\"startTime\":1620352268,\"status\":\"InProgress\",\"statusDetails\":null}" + }, + "Exception" : null + }, { + "Method" : "GET", + "Uri" : "https://REDACTED.managedhsm.azure.net/backup/8dc2fec887814b6ab5a1807277d81d05/pending?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" + }, + "Response" : { + "date" : "Fri, 07 May 2021 01:51:15 GMT", + "server" : "Kestrel", + "content-length" : "271", + "x-frame-options" : "SAMEORIGIN", + "x-ms-build-version" : "1.0.20210407-3-27236ed1-develop", + "retry-after" : "0", + "StatusCode" : "200", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "1292", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "x-ms-keyvault-region" : "westus", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "b528dcd2-aed6-11eb-a2cd-000d3a31c437", + "Body" : "{\"azureStorageBlobContainerUri\":\"https://testaccount.blob.core.windows.net/backup/REDACTED-2021050701510807\",\"endTime\":1620352276,\"error\":null,\"jobId\":\"8dc2fec887814b6ab5a1807277d81d05\",\"startTime\":1620352268,\"status\":\"Succeeded\",\"statusDetails\":null}" + }, + "Exception" : null + } ], + "variables" : [ ] +} \ No newline at end of file diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/beginSelectiveRestore.json b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultBackupClientTest.beginRestore[1].json similarity index 51% rename from sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/beginSelectiveRestore.json rename to sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultBackupClientTest.beginRestore[1].json index e5c8e3ed5430..77ca93d99d3c 100644 --- a/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/beginSelectiveRestore.json +++ b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultBackupClientTest.beginRestore[1].json @@ -1,188 +1,188 @@ { "networkCallRecords" : [ { "Method" : "POST", - "Uri" : "https://REDACTED.chriss-eu2.managedhsm-int.azure-int.net/backup?api-version=7.2-preview", + "Uri" : "https://REDACTED.managedhsm.azure.net/backup?api-version=7.2", "Headers" : { "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)", "Content-Type" : "application/json" }, "Response" : { - "date" : "Sat, 05 Sep 2020 02:18:09 GMT", + "date" : "Fri, 07 May 2021 01:59:21 GMT", "server" : "Kestrel", "content-length" : "216", "x-frame-options" : "SAMEORIGIN", "retry-after" : "0", "StatusCode" : "202", - "x-ms-server-latency" : "738", + "x-ms-server-latency" : "1588", "strict-transport-security" : "max-age=31536000; includeSubDomains", "content-security-policy" : "default-src 'self'", "x-content-type-options" : "nosniff", - "x-ms-keyvault-region" : "EASTUS", + "x-ms-keyvault-region" : "westus", "content-type" : "application/json; charset=utf-8", - "x-ms-keyvault-network-info" : "addr=174.127.169.154", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", "cache-control" : "no-cache", - "x-ms-request-id" : "5a8f20bc-eee5-11ea-bf6e-0242ac120003", - "Body" : "{\"status\":\"InProgress\",\"statusDetails\":null,\"error\":{\"code\":null,\"message\":null,\"innererror\":null},\"startTime\":1599272289,\"endTime\":null,\"jobId\":\"9221e3b978b64dc089d74a64ca5bfbb8\",\"azureStorageBlobContainerUri\":null}", - "azure-asyncoperation" : "https://eastus2.chriss-eu2.managedhsm-int.azure-int.net/backup/9221e3b978b64dc089d74a64ca5bfbb8/pending" + "x-ms-request-id" : "d64faa20-aed7-11eb-bc0f-000d3a59ae40", + "Body" : "{\"status\":\"InProgress\",\"statusDetails\":null,\"error\":{\"code\":null,\"message\":null,\"innererror\":null},\"startTime\":1620352761,\"endTime\":null,\"jobId\":\"55bb480d6c6b4fd9ae302696f35c3f5e\",\"azureStorageBlobContainerUri\":null}", + "azure-asyncoperation" : "https://REDACTED.managedhsm.azure.net/backup/55bb480d6c6b4fd9ae302696f35c3f5e/pending" }, "Exception" : null }, { "Method" : "GET", - "Uri" : "https://REDACTED.chriss-eu2.managedhsm-int.azure-int.net/backup/9221e3b978b64dc089d74a64ca5bfbb8/pending?api-version=7.2-preview", + "Uri" : "https://REDACTED.managedhsm.azure.net/backup/55bb480d6c6b4fd9ae302696f35c3f5e/pending?api-version=7.2", "Headers" : { "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" }, "Response" : { - "date" : "Sat, 05 Sep 2020 02:18:10 GMT", + "date" : "Fri, 07 May 2021 01:59:23 GMT", "server" : "Kestrel", "content-length" : "216", "x-frame-options" : "SAMEORIGIN", - "x-ms-build-version" : "1.0.20200904-1-42b8eab8-develop", + "x-ms-build-version" : "1.0.20210407-3-27236ed1-develop", "retry-after" : "0", "StatusCode" : "200", "strict-transport-security" : "max-age=31536000; includeSubDomains", - "x-ms-server-latency" : "486", + "x-ms-server-latency" : "1502", "content-security-policy" : "default-src 'self'", "x-content-type-options" : "nosniff", - "x-ms-keyvault-region" : "EASTUS", + "x-ms-keyvault-region" : "westus", "content-type" : "application/json; charset=utf-8", - "x-ms-keyvault-network-info" : "addr=174.127.169.154", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", "cache-control" : "no-cache", - "x-ms-request-id" : "5a8f20bc-eee5-11ea-bf6e-0242ac120003", - "Body" : "{\"azureStorageBlobContainerUri\":null,\"endTime\":null,\"error\":{\"code\":null,\"innererror\":null,\"message\":null},\"jobId\":\"9221e3b978b64dc089d74a64ca5bfbb8\",\"startTime\":1599272289,\"status\":\"InProgress\",\"statusDetails\":null}" + "x-ms-request-id" : "d8372b6a-aed7-11eb-a15d-000d3a59ae40", + "Body" : "{\"azureStorageBlobContainerUri\":null,\"endTime\":null,\"error\":{\"code\":null,\"innererror\":null,\"message\":null},\"jobId\":\"55bb480d6c6b4fd9ae302696f35c3f5e\",\"startTime\":1620352761,\"status\":\"InProgress\",\"statusDetails\":null}" }, "Exception" : null }, { "Method" : "GET", - "Uri" : "https://REDACTED.chriss-eu2.managedhsm-int.azure-int.net/backup/9221e3b978b64dc089d74a64ca5bfbb8/pending?api-version=7.2-preview", + "Uri" : "https://REDACTED.managedhsm.azure.net/backup/55bb480d6c6b4fd9ae302696f35c3f5e/pending?api-version=7.2", "Headers" : { "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" }, "Response" : { - "date" : "Sat, 05 Sep 2020 02:18:21 GMT", + "date" : "Fri, 07 May 2021 01:59:29 GMT", "server" : "Kestrel", - "content-length" : "263", + "content-length" : "271", "x-frame-options" : "SAMEORIGIN", - "x-ms-build-version" : "1.0.20200904-1-42b8eab8-develop", + "x-ms-build-version" : "1.0.20210407-3-27236ed1-develop", "retry-after" : "0", "StatusCode" : "200", "strict-transport-security" : "max-age=31536000; includeSubDomains", - "x-ms-server-latency" : "452", + "x-ms-server-latency" : "1296", "content-security-policy" : "default-src 'self'", "x-content-type-options" : "nosniff", - "x-ms-keyvault-region" : "EASTUS", + "x-ms-keyvault-region" : "westus", "content-type" : "application/json; charset=utf-8", - "x-ms-keyvault-network-info" : "addr=174.127.169.154", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", "cache-control" : "no-cache", - "x-ms-request-id" : "5a8f20bc-eee5-11ea-bf6e-0242ac120003", - "Body" : "{\"azureStorageBlobContainerUri\":\"https://testaccount.blob.core.windows.net/backup/testKeyVault\",\"endTime\":1599272300,\"error\":null,\"jobId\":\"9221e3b978b64dc089d74a64ca5bfbb8\",\"startTime\":1599272289,\"status\":\"Succeeded\",\"statusDetails\":null}" + "x-ms-request-id" : "db3806e0-aed7-11eb-a15d-000d3a59ae40", + "Body" : "{\"azureStorageBlobContainerUri\":\"https://testaccount.blob.core.windows.net/backup/REDACTED-2021050701592162\",\"endTime\":1620352769,\"error\":null,\"jobId\":\"55bb480d6c6b4fd9ae302696f35c3f5e\",\"startTime\":1620352761,\"status\":\"Succeeded\",\"statusDetails\":null}" }, "Exception" : null }, { "Method" : "PUT", - "Uri" : "https://REDACTED.chriss-eu2.managedhsm-int.azure-int.net/keys/testKey/restore?api-version=7.2-preview", + "Uri" : "https://REDACTED.managedhsm.azure.net/restore?api-version=7.2", "Headers" : { "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)", "Content-Type" : "application/json" }, "Response" : { - "date" : "Sat, 05 Sep 2020 02:18:24 GMT", + "date" : "Fri, 07 May 2021 01:59:34 GMT", "server" : "Kestrel", "content-length" : "180", "x-frame-options" : "SAMEORIGIN", "retry-after" : "0", "StatusCode" : "202", - "x-ms-server-latency" : "3633", + "x-ms-server-latency" : "4289", "strict-transport-security" : "max-age=31536000; includeSubDomains", "content-security-policy" : "default-src 'self'", "x-content-type-options" : "nosniff", - "x-ms-keyvault-region" : "EASTUS", + "x-ms-keyvault-region" : "westus", "content-type" : "application/json; charset=utf-8", - "x-ms-keyvault-network-info" : "addr=174.127.169.154", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", "cache-control" : "no-cache", - "x-ms-request-id" : "5a8f20bc-eee5-11ea-bf6e-0242ac120003", - "Body" : "{\"endTime\":null,\"error\":{\"code\":null,\"innererror\":null,\"message\":null},\"jobId\":\"46ec38dfbb4b463b8d2f2d971e393cfa\",\"startTime\":1599272302,\"status\":\"InProgress\",\"statusDetails\":null}", - "azure-asyncoperation" : "https://eastus2.chriss-eu2.managedhsm-int.azure-int.net/restore/46ec38dfbb4b463b8d2f2d971e393cfa/pending" + "x-ms-request-id" : "dc1821d0-aed7-11eb-a15d-000d3a59ae40", + "Body" : "{\"endTime\":null,\"error\":{\"code\":null,\"innererror\":null,\"message\":null},\"jobId\":\"a5ebd32dce1b44308029a0711bd6d5ea\",\"startTime\":1620352771,\"status\":\"InProgress\",\"statusDetails\":null}", + "azure-asyncoperation" : "https://REDACTED.managedhsm.azure.net/restore/a5ebd32dce1b44308029a0711bd6d5ea/pending" }, "Exception" : null }, { "Method" : "GET", - "Uri" : "https://REDACTED.chriss-eu2.managedhsm-int.azure-int.net/restore/46ec38dfbb4b463b8d2f2d971e393cfa/pending?api-version=7.2-preview", + "Uri" : "https://REDACTED.managedhsm.azure.net/restore/a5ebd32dce1b44308029a0711bd6d5ea/pending?api-version=7.2", "Headers" : { "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" }, "Response" : { - "date" : "Sat, 05 Sep 2020 02:18:25 GMT", + "date" : "Fri, 07 May 2021 01:59:47 GMT", "server" : "Kestrel", "content-length" : "180", "x-frame-options" : "SAMEORIGIN", - "x-ms-build-version" : "1.0.20200904-1-42b8eab8-develop", + "x-ms-build-version" : "1.0.20210407-3-27236ed1-develop", "retry-after" : "0", "StatusCode" : "200", "strict-transport-security" : "max-age=31536000; includeSubDomains", - "x-ms-server-latency" : "465", + "x-ms-server-latency" : "1211", "content-security-policy" : "default-src 'self'", "x-content-type-options" : "nosniff", - "x-ms-keyvault-region" : "EASTUS", + "x-ms-keyvault-region" : "westus", "content-type" : "application/json; charset=utf-8", - "x-ms-keyvault-network-info" : "addr=174.127.169.154", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", "cache-control" : "no-cache", - "x-ms-request-id" : "5a8f20bc-eee5-11ea-bf6e-0242ac120003", - "Body" : "{\"endTime\":null,\"error\":{\"code\":null,\"innererror\":null,\"message\":null},\"jobId\":\"46ec38dfbb4b463b8d2f2d971e393cfa\",\"startTime\":1599272302,\"status\":\"InProgress\",\"statusDetails\":null}" + "x-ms-request-id" : "e6ab9bae-aed7-11eb-a15d-000d3a59ae40", + "Body" : "{\"endTime\":null,\"error\":{\"code\":null,\"innererror\":null,\"message\":null},\"jobId\":\"a5ebd32dce1b44308029a0711bd6d5ea\",\"startTime\":1620352771,\"status\":\"InProgress\",\"statusDetails\":null}" }, "Exception" : null }, { "Method" : "GET", - "Uri" : "https://REDACTED.chriss-eu2.managedhsm-int.azure-int.net/restore/46ec38dfbb4b463b8d2f2d971e393cfa/pending?api-version=7.2-preview", + "Uri" : "https://REDACTED.managedhsm.azure.net/restore/a5ebd32dce1b44308029a0711bd6d5ea/pending?api-version=7.2", "Headers" : { "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" }, "Response" : { - "date" : "Sat, 05 Sep 2020 02:18:43 GMT", + "date" : "Fri, 07 May 2021 01:59:50 GMT", "server" : "Kestrel", - "content-length" : "233", + "content-length" : "143", "x-frame-options" : "SAMEORIGIN", - "x-ms-build-version" : "1.0.20200904-1-42b8eab8-develop", + "x-ms-build-version" : "1.0.20210407-3-27236ed1-develop", "retry-after" : "0", "StatusCode" : "200", "strict-transport-security" : "max-age=31536000; includeSubDomains", - "x-ms-server-latency" : "447", + "x-ms-server-latency" : "1214", "content-security-policy" : "default-src 'self'", "x-content-type-options" : "nosniff", - "x-ms-keyvault-region" : "EASTUS", + "x-ms-keyvault-region" : "westus", "content-type" : "application/json; charset=utf-8", - "x-ms-keyvault-network-info" : "addr=174.127.169.154", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", "cache-control" : "no-cache", - "x-ms-request-id" : "5a8f20bc-eee5-11ea-bf6e-0242ac120003", - "Body" : "{\"endTime\":1599272322,\"error\":null,\"jobId\":\"46ec38dfbb4b463b8d2f2d971e393cfa\",\"startTime\":1599272302,\"status\":\"Succeeded\",\"statusDetails\":\"Number of successful key versions restored: 0, Number of key versions could not overwrite: 4\"}" + "x-ms-request-id" : "e8163bd4-aed7-11eb-a15d-000d3a59ae40", + "Body" : "{\"endTime\":1620352789,\"error\":null,\"jobId\":\"a5ebd32dce1b44308029a0711bd6d5ea\",\"startTime\":1620352771,\"status\":\"Succeeded\",\"statusDetails\":null}" }, "Exception" : null }, { "Method" : "GET", - "Uri" : "https://REDACTED.chriss-eu2.managedhsm-int.azure-int.net/restore/46ec38dfbb4b463b8d2f2d971e393cfa/pending?api-version=7.2-preview", + "Uri" : "https://REDACTED.managedhsm.azure.net/restore/a5ebd32dce1b44308029a0711bd6d5ea/pending?api-version=7.2", "Headers" : { "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" }, "Response" : { - "date" : "Sat, 05 Sep 2020 02:18:43 GMT", + "date" : "Fri, 07 May 2021 01:59:52 GMT", "server" : "Kestrel", - "content-length" : "233", + "content-length" : "143", "x-frame-options" : "SAMEORIGIN", - "x-ms-build-version" : "1.0.20200904-1-42b8eab8-develop", + "x-ms-build-version" : "1.0.20210407-3-27236ed1-develop", "retry-after" : "0", "StatusCode" : "200", "strict-transport-security" : "max-age=31536000; includeSubDomains", - "x-ms-server-latency" : "449", + "x-ms-server-latency" : "1160", "content-security-policy" : "default-src 'self'", "x-content-type-options" : "nosniff", - "x-ms-keyvault-region" : "EASTUS", + "x-ms-keyvault-region" : "westus", "content-type" : "application/json; charset=utf-8", - "x-ms-keyvault-network-info" : "addr=174.127.169.154", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", "cache-control" : "no-cache", - "x-ms-request-id" : "5a8f20bc-eee5-11ea-bf6e-0242ac120003", - "Body" : "{\"endTime\":1599272322,\"error\":null,\"jobId\":\"46ec38dfbb4b463b8d2f2d971e393cfa\",\"startTime\":1599272302,\"status\":\"Succeeded\",\"statusDetails\":\"Number of successful key versions restored: 0, Number of key versions could not overwrite: 4\"}" + "x-ms-request-id" : "e8e6117e-aed7-11eb-a15d-000d3a59ae40", + "Body" : "{\"endTime\":1620352789,\"error\":null,\"jobId\":\"a5ebd32dce1b44308029a0711bd6d5ea\",\"startTime\":1620352771,\"status\":\"Succeeded\",\"statusDetails\":null}" }, "Exception" : null } ], "variables" : [ ] -} +} \ No newline at end of file diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultBackupClientTest.beginSelectiveRestore[1].json b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultBackupClientTest.beginSelectiveRestore[1].json new file mode 100644 index 000000000000..779a13550283 --- /dev/null +++ b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/KeyVaultBackupClientTest.beginSelectiveRestore[1].json @@ -0,0 +1,188 @@ +{ + "networkCallRecords" : [ { + "Method" : "POST", + "Uri" : "https://REDACTED.managedhsm.azure.net/backup?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)", + "Content-Type" : "application/json" + }, + "Response" : { + "date" : "Fri, 07 May 2021 01:52:05 GMT", + "server" : "Kestrel", + "content-length" : "216", + "x-frame-options" : "SAMEORIGIN", + "retry-after" : "0", + "StatusCode" : "202", + "x-ms-server-latency" : "2452", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "x-ms-keyvault-region" : "westus", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "d17ecef0-aed6-11eb-9af8-000d3a3b7b4c", + "Body" : "{\"status\":\"InProgress\",\"statusDetails\":null,\"error\":{\"code\":null,\"message\":null,\"innererror\":null},\"startTime\":1620352324,\"endTime\":null,\"jobId\":\"160d3dfa124249b1b693a6dd3b8fcd13\",\"azureStorageBlobContainerUri\":null}", + "azure-asyncoperation" : "https://REACTED.managedhsm.azure.net/backup/160d3dfa124249b1b693a6dd3b8fcd13/pending" + }, + "Exception" : null + }, { + "Method" : "GET", + "Uri" : "https://REDACTED.managedhsm.azure.net/backup/160d3dfa124249b1b693a6dd3b8fcd13/pending?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" + }, + "Response" : { + "date" : "Fri, 07 May 2021 01:52:07 GMT", + "server" : "Kestrel", + "content-length" : "216", + "x-frame-options" : "SAMEORIGIN", + "x-ms-build-version" : "1.0.20210407-3-27236ed1-develop", + "retry-after" : "0", + "StatusCode" : "200", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "1475", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "x-ms-keyvault-region" : "westus", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "d403a948-aed6-11eb-9b69-000d3a31c437", + "Body" : "{\"azureStorageBlobContainerUri\":null,\"endTime\":null,\"error\":{\"code\":null,\"innererror\":null,\"message\":null},\"jobId\":\"160d3dfa124249b1b693a6dd3b8fcd13\",\"startTime\":1620352324,\"status\":\"InProgress\",\"statusDetails\":null}" + }, + "Exception" : null + }, { + "Method" : "GET", + "Uri" : "https://REDACTED.managedhsm.azure.net/backup/160d3dfa124249b1b693a6dd3b8fcd13/pending?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" + }, + "Response" : { + "date" : "Fri, 07 May 2021 01:52:12 GMT", + "server" : "Kestrel", + "content-length" : "271", + "x-frame-options" : "SAMEORIGIN", + "x-ms-build-version" : "1.0.20210407-3-27236ed1-develop", + "retry-after" : "0", + "StatusCode" : "200", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "1474", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "x-ms-keyvault-region" : "westus", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "d70d14e4-aed6-11eb-9b69-000d3a31c437", + "Body" : "{\"azureStorageBlobContainerUri\":\"https://testaccount.blob.core.windows.net/backup/REACTED-2021050701520489\",\"endTime\":1620352332,\"error\":null,\"jobId\":\"160d3dfa124249b1b693a6dd3b8fcd13\",\"startTime\":1620352324,\"status\":\"Succeeded\",\"statusDetails\":null}" + }, + "Exception" : null + }, { + "Method" : "PUT", + "Uri" : "https://REDACTED.managedhsm.azure.net/keys/testKey/restore?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)", + "Content-Type" : "application/json" + }, + "Response" : { + "date" : "Fri, 07 May 2021 01:52:16 GMT", + "server" : "Kestrel", + "content-length" : "180", + "x-frame-options" : "SAMEORIGIN", + "retry-after" : "0", + "StatusCode" : "202", + "x-ms-server-latency" : "4222", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "x-ms-keyvault-region" : "westus", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "d80bed2a-aed6-11eb-9b69-000d3a31c437", + "Body" : "{\"endTime\":null,\"error\":{\"code\":null,\"innererror\":null,\"message\":null},\"jobId\":\"5c54c6c556d1408ba0d0b7e315a77a09\",\"startTime\":1620352334,\"status\":\"InProgress\",\"statusDetails\":null}", + "azure-asyncoperation" : "https://REACTED.managedhsm.azure.net/restore/5c54c6c556d1408ba0d0b7e315a77a09/pending" + }, + "Exception" : null + }, { + "Method" : "GET", + "Uri" : "https://REDACTED.managedhsm.azure.net/restore/5c54c6c556d1408ba0d0b7e315a77a09/pending?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" + }, + "Response" : { + "date" : "Fri, 07 May 2021 01:52:32 GMT", + "server" : "Kestrel", + "content-length" : "180", + "x-frame-options" : "SAMEORIGIN", + "x-ms-build-version" : "1.0.20210407-3-27236ed1-develop", + "retry-after" : "0", + "StatusCode" : "200", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "1908", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "x-ms-keyvault-region" : "westus", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "e243ed4c-aed6-11eb-9b69-000d3a31c437", + "Body" : "{\"endTime\":null,\"error\":{\"code\":null,\"innererror\":null,\"message\":null},\"jobId\":\"5c54c6c556d1408ba0d0b7e315a77a09\",\"startTime\":1620352334,\"status\":\"InProgress\",\"statusDetails\":null}" + }, + "Exception" : null + }, { + "Method" : "GET", + "Uri" : "https://REDACTED.managedhsm.azure.net/restore/5c54c6c556d1408ba0d0b7e315a77a09/pending?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" + }, + "Response" : { + "date" : "Fri, 07 May 2021 01:52:34 GMT", + "server" : "Kestrel", + "content-length" : "219", + "x-frame-options" : "SAMEORIGIN", + "x-ms-build-version" : "1.0.20210407-3-27236ed1-develop", + "retry-after" : "0", + "StatusCode" : "200", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "1282", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "x-ms-keyvault-region" : "westus", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "e416621c-aed6-11eb-9b69-000d3a31c437", + "Body" : "{\"endTime\":1620352353,\"error\":{\"code\":null,\"innererror\":null,\"message\":null},\"jobId\":\"5c54c6c556d1408ba0d0b7e315a77a09\",\"startTime\":1620352334,\"status\":\"Succeeded\",\"statusDetails\":\"Number of successful key versions restored: 0, Number of key versions could not overwrite: 1\"}" + }, + "Exception" : null + }, { + "Method" : "GET", + "Uri" : "https://REDACTED.managedhsm.azure.net/restore/5c54c6c556d1408ba0d0b7e315a77a09/pending?api-version=7.2", + "Headers" : { + "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" + }, + "Response" : { + "date" : "Fri, 07 May 2021 01:52:36 GMT", + "server" : "Kestrel", + "content-length" : "219", + "x-frame-options" : "SAMEORIGIN", + "x-ms-build-version" : "1.0.20210407-3-27236ed1-develop", + "retry-after" : "0", + "StatusCode" : "200", + "strict-transport-security" : "max-age=31536000; includeSubDomains", + "x-ms-server-latency" : "1282", + "content-security-policy" : "default-src 'self'", + "x-content-type-options" : "nosniff", + "x-ms-keyvault-region" : "westus", + "content-type" : "application/json; charset=utf-8", + "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=189.181.114.0;act_addr_fam=Ipv4;", + "cache-control" : "no-cache", + "x-ms-request-id" : "e4f09996-aed6-11eb-9b69-000d3a31c437", + "Body" : "{\"endTime\":1620352353,\"error\":{\"code\":null,\"innererror\":null,\"message\":null},\"jobId\":\"5c54c6c556d1408ba0d0b7e315a77a09\",\"startTime\":1620352334,\"status\":\"Succeeded\",\"statusDetails\":\"Number of successful key versions restored: 0, Number of key versions could not overwrite: 1\"}" + }, + "Exception" : null + } ], + "variables" : [ ] +} \ No newline at end of file diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/createRoleAssignment.json b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/createRoleAssignment.json deleted file mode 100644 index ec3f5e763add..000000000000 --- a/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/createRoleAssignment.json +++ /dev/null @@ -1,52 +0,0 @@ -{ - "networkCallRecords" : [ { - "Method" : "GET", - "Uri" : "https://REDACTED.chriss-eu2.managedhsm-int.azure-int.net///providers/Microsoft.Authorization/roleDefinitions?api-version=7.2-preview", - "Headers" : { - "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" - }, - "Response" : { - "content-length" : "6428", - "x-frame-options" : "SAMEORIGIN", - "x-ms-build-version" : "1.0.20200903-1-42b8eab8-develop", - "retry-after" : "0", - "StatusCode" : "200", - "strict-transport-security" : "max-age=31536000; includeSubDomains", - "x-ms-server-latency" : "1", - "content-security-policy" : "default-src 'self'", - "x-content-type-options" : "nosniff", - "content-type" : "application/json; charset=utf-8", - "x-ms-keyvault-region" : "EASTUS", - "x-ms-keyvault-network-info" : "addr=174.127.169.154", - "cache-control" : "no-cache", - "x-ms-request-id" : "3afdb3e2-ee38-11ea-8011-0242ac120004", - "Body" : "{\"value\":[{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/a290e904-7015-4bba-90c8-60543313cdb4\",\"name\":\"a290e904-7015-4bba-90c8-60543313cdb4\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/write/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/recover/action\",\"Microsoft.KeyVault/managedHsm/keys/backup/action\",\"Microsoft.KeyVault/managedHsm/keys/restore/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/keys/encrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/decrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/wrap/action\",\"Microsoft.KeyVault/managedHsm/keys/unwrap/action\",\"Microsoft.KeyVault/managedHsm/keys/sign/action\",\"Microsoft.KeyVault/managedHsm/keys/verify/action\",\"Microsoft.KeyVault/managedHsm/keys/create\",\"Microsoft.KeyVault/managedHsm/keys/delete\",\"Microsoft.KeyVault/managedHsm/keys/export/action\",\"Microsoft.KeyVault/managedHsm/keys/import/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/delete\",\"Microsoft.KeyVault/managedHsm/securitydomain/download/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/upload/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/upload/read\",\"Microsoft.KeyVault/managedHsm/securitydomain/transferkey/read\",\"Microsoft.KeyVault/managedHsm/backup/start/action\",\"Microsoft.KeyVault/managedHsm/restore/start/action\",\"Microsoft.KeyVault/managedHsm/backup/status/action\",\"Microsoft.KeyVault/managedHsm/restore/status/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Administrator\",\"type\":\"\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"name\":\"515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/write/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/recover/action\",\"Microsoft.KeyVault/managedHsm/keys/backup/action\",\"Microsoft.KeyVault/managedHsm/keys/restore/action\",\"Microsoft.KeyVault/managedHsm/keys/encrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/decrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/sign/action\",\"Microsoft.KeyVault/managedHsm/keys/verify/action\",\"Microsoft.KeyVault/managedHsm/keys/wrap/action\",\"Microsoft.KeyVault/managedHsm/keys/unwrap/action\",\"Microsoft.KeyVault/managedHsm/keys/create\",\"Microsoft.KeyVault/managedHsm/keys/delete\",\"Microsoft.KeyVault/managedHsm/keys/export/action\",\"Microsoft.KeyVault/managedHsm/keys/import/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/delete\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Officer\",\"type\":\"\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625b\",\"name\":\"21dbd100-6940-42c2-9190-5d6cb909625b\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/write/action\",\"Microsoft.KeyVault/managedHsm/keys/backup/action\",\"Microsoft.KeyVault/managedHsm/keys/create\",\"Microsoft.KeyVault/managedHsm/keys/encrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/decrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/wrap/action\",\"Microsoft.KeyVault/managedHsm/keys/unwrap/action\",\"Microsoft.KeyVault/managedHsm/keys/sign/action\",\"Microsoft.KeyVault/managedHsm/keys/verify/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto User\",\"type\":\"\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/4bd23610-cdcf-4971-bdee-bdc562cc28e4\",\"name\":\"4bd23610-cdcf-4971-bdee-bdc562cc28e4\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Policy Administrator\",\"type\":\"\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/2c18b078-7c48-4d3a-af88-5a3a1b3f82b3\",\"name\":\"2c18b078-7c48-4d3a-af88-5a3a1b3f82b3\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Auditor\",\"type\":\"\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/33413926-3206-4cdd-b39a-83574fe37a17\",\"name\":\"33413926-3206-4cdd-b39a-83574fe37a17\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/wrap/action\",\"Microsoft.KeyVault/managedHsm/keys/unwrap/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Service Encryption\",\"type\":\"\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8\",\"name\":\"7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/backup/start/action\",\"Microsoft.KeyVault/managedHsm/backup/status/action\",\"Microsoft.KeyVault/managedHsm/keys/backup/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Backup\",\"type\":\"\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"}]}" - }, - "Exception" : null - }, { - "Method" : "PUT", - "Uri" : "https://REDACTED.chriss-eu2.managedhsm-int.azure-int.net///providers/Microsoft.Authorization/roleAssignments/d0bedeb4-7431-407d-81cd-278929c98218?api-version=7.2-preview", - "Headers" : { - "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)", - "Content-Type" : "application/json" - }, - "Response" : { - "content-length" : "398", - "x-frame-options" : "SAMEORIGIN", - "retry-after" : "0", - "StatusCode" : "201", - "strict-transport-security" : "max-age=31536000; includeSubDomains", - "x-ms-server-latency" : "347", - "content-security-policy" : "default-src 'self'", - "x-content-type-options" : "nosniff", - "content-type" : "application/json; charset=utf-8", - "x-ms-keyvault-region" : "EASTUS", - "x-ms-keyvault-network-info" : "addr=174.127.169.154", - "cache-control" : "no-cache", - "x-ms-request-id" : "3afdb3e2-ee38-11ea-8011-0242ac120004", - "Body" : "{\"id\":\"/providers/Microsoft.Authorization/roleAssignments/d0bedeb4-7431-407d-81cd-278929c98218\",\"name\":\"d0bedeb4-7431-407d-81cd-278929c98218\",\"properties\":{\"principalId\":\"49acc88b-8f9e-4619-9856-16691db66767\",\"roleDefinitionId\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625b\",\"scope\":\"/\"},\"type\":\"Microsoft.Authorization/roleAssignments\"}" - }, - "Exception" : null - } ], - "variables" : [ ] -} diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/deleteRoleAssignment.json b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/deleteRoleAssignment.json deleted file mode 100644 index f9cc1e2e3e25..000000000000 --- a/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/deleteRoleAssignment.json +++ /dev/null @@ -1,75 +0,0 @@ -{ - "networkCallRecords" : [ { - "Method" : "GET", - "Uri" : "https://REDACTED.chriss-eu2.managedhsm-int.azure-int.net///providers/Microsoft.Authorization/roleDefinitions?api-version=7.2-preview", - "Headers" : { - "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" - }, - "Response" : { - "content-length" : "6428", - "x-frame-options" : "SAMEORIGIN", - "x-ms-build-version" : "1.0.20200903-1-42b8eab8-develop", - "retry-after" : "0", - "StatusCode" : "200", - "strict-transport-security" : "max-age=31536000; includeSubDomains", - "x-ms-server-latency" : "1", - "content-security-policy" : "default-src 'self'", - "x-content-type-options" : "nosniff", - "content-type" : "application/json; charset=utf-8", - "x-ms-keyvault-region" : "EASTUS", - "x-ms-keyvault-network-info" : "addr=174.127.169.154", - "cache-control" : "no-cache", - "x-ms-request-id" : "e0fcdf70-ee33-11ea-934a-0242ac120003", - "Body" : "{\"value\":[{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/a290e904-7015-4bba-90c8-60543313cdb4\",\"name\":\"a290e904-7015-4bba-90c8-60543313cdb4\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/write/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/recover/action\",\"Microsoft.KeyVault/managedHsm/keys/backup/action\",\"Microsoft.KeyVault/managedHsm/keys/restore/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/keys/encrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/decrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/wrap/action\",\"Microsoft.KeyVault/managedHsm/keys/unwrap/action\",\"Microsoft.KeyVault/managedHsm/keys/sign/action\",\"Microsoft.KeyVault/managedHsm/keys/verify/action\",\"Microsoft.KeyVault/managedHsm/keys/create\",\"Microsoft.KeyVault/managedHsm/keys/delete\",\"Microsoft.KeyVault/managedHsm/keys/export/action\",\"Microsoft.KeyVault/managedHsm/keys/import/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/delete\",\"Microsoft.KeyVault/managedHsm/securitydomain/download/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/upload/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/upload/read\",\"Microsoft.KeyVault/managedHsm/securitydomain/transferkey/read\",\"Microsoft.KeyVault/managedHsm/backup/start/action\",\"Microsoft.KeyVault/managedHsm/restore/start/action\",\"Microsoft.KeyVault/managedHsm/backup/status/action\",\"Microsoft.KeyVault/managedHsm/restore/status/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Administrator\",\"type\":\"\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"name\":\"515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/write/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/recover/action\",\"Microsoft.KeyVault/managedHsm/keys/backup/action\",\"Microsoft.KeyVault/managedHsm/keys/restore/action\",\"Microsoft.KeyVault/managedHsm/keys/encrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/decrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/sign/action\",\"Microsoft.KeyVault/managedHsm/keys/verify/action\",\"Microsoft.KeyVault/managedHsm/keys/wrap/action\",\"Microsoft.KeyVault/managedHsm/keys/unwrap/action\",\"Microsoft.KeyVault/managedHsm/keys/create\",\"Microsoft.KeyVault/managedHsm/keys/delete\",\"Microsoft.KeyVault/managedHsm/keys/export/action\",\"Microsoft.KeyVault/managedHsm/keys/import/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/delete\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Officer\",\"type\":\"\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625b\",\"name\":\"21dbd100-6940-42c2-9190-5d6cb909625b\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/write/action\",\"Microsoft.KeyVault/managedHsm/keys/backup/action\",\"Microsoft.KeyVault/managedHsm/keys/create\",\"Microsoft.KeyVault/managedHsm/keys/encrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/decrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/wrap/action\",\"Microsoft.KeyVault/managedHsm/keys/unwrap/action\",\"Microsoft.KeyVault/managedHsm/keys/sign/action\",\"Microsoft.KeyVault/managedHsm/keys/verify/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto User\",\"type\":\"\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/4bd23610-cdcf-4971-bdee-bdc562cc28e4\",\"name\":\"4bd23610-cdcf-4971-bdee-bdc562cc28e4\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Policy Administrator\",\"type\":\"\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/2c18b078-7c48-4d3a-af88-5a3a1b3f82b3\",\"name\":\"2c18b078-7c48-4d3a-af88-5a3a1b3f82b3\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Auditor\",\"type\":\"\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/33413926-3206-4cdd-b39a-83574fe37a17\",\"name\":\"33413926-3206-4cdd-b39a-83574fe37a17\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/wrap/action\",\"Microsoft.KeyVault/managedHsm/keys/unwrap/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Service Encryption\",\"type\":\"\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8\",\"name\":\"7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/backup/start/action\",\"Microsoft.KeyVault/managedHsm/backup/status/action\",\"Microsoft.KeyVault/managedHsm/keys/backup/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Backup\",\"type\":\"\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"}]}" - }, - "Exception" : null - }, { - "Method" : "PUT", - "Uri" : "https://REDACTED.chriss-eu2.managedhsm-int.azure-int.net///providers/Microsoft.Authorization/roleAssignments/33785c35-4196-46b5-9d99-d5bcb2b9ca1d?api-version=7.2-preview", - "Headers" : { - "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)", - "Content-Type" : "application/json" - }, - "Response" : { - "content-length" : "398", - "x-frame-options" : "SAMEORIGIN", - "retry-after" : "0", - "StatusCode" : "201", - "strict-transport-security" : "max-age=31536000; includeSubDomains", - "x-ms-server-latency" : "362", - "content-security-policy" : "default-src 'self'", - "x-content-type-options" : "nosniff", - "content-type" : "application/json; charset=utf-8", - "x-ms-keyvault-region" : "EASTUS", - "x-ms-keyvault-network-info" : "addr=174.127.169.154", - "cache-control" : "no-cache", - "x-ms-request-id" : "e0fcdf70-ee33-11ea-934a-0242ac120003", - "Body" : "{\"id\":\"/providers/Microsoft.Authorization/roleAssignments/33785c35-4196-46b5-9d99-d5bcb2b9ca1d\",\"name\":\"33785c35-4196-46b5-9d99-d5bcb2b9ca1d\",\"properties\":{\"principalId\":\"49acc88b-8f9e-4619-9856-16691db66767\",\"roleDefinitionId\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625b\",\"scope\":\"/\"},\"type\":\"Microsoft.Authorization/roleAssignments\"}" - }, - "Exception" : null - }, { - "Method" : "DELETE", - "Uri" : "https://REDACTED.chriss-eu2.managedhsm-int.azure-int.net///providers/Microsoft.Authorization/roleAssignments/33785c35-4196-46b5-9d99-d5bcb2b9ca1d?api-version=7.2-preview", - "Headers" : { - "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" - }, - "Response" : { - "content-length" : "398", - "x-frame-options" : "SAMEORIGIN", - "retry-after" : "0", - "StatusCode" : "200", - "strict-transport-security" : "max-age=31536000; includeSubDomains", - "x-ms-server-latency" : "338", - "content-security-policy" : "default-src 'self'", - "x-content-type-options" : "nosniff", - "content-type" : "application/json; charset=utf-8", - "x-ms-keyvault-region" : "EASTUS", - "x-ms-keyvault-network-info" : "addr=174.127.169.154", - "cache-control" : "no-cache", - "x-ms-request-id" : "e0fcdf70-ee33-11ea-934a-0242ac120003", - "Body" : "{\"id\":\"/providers/Microsoft.Authorization/roleAssignments/33785c35-4196-46b5-9d99-d5bcb2b9ca1d\",\"name\":\"33785c35-4196-46b5-9d99-d5bcb2b9ca1d\",\"properties\":{\"principalId\":\"49acc88b-8f9e-4619-9856-16691db66767\",\"roleDefinitionId\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625b\",\"scope\":\"/\"},\"type\":\"Microsoft.Authorization/roleAssignments\"}" - }, - "Exception" : null - } ], - "variables" : [ ] -} diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/getRoleAssignment.json b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/getRoleAssignment.json deleted file mode 100644 index 1f9e1187ff44..000000000000 --- a/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/getRoleAssignment.json +++ /dev/null @@ -1,76 +0,0 @@ -{ - "networkCallRecords" : [ { - "Method" : "GET", - "Uri" : "https://REDACTED.chriss-eu2.managedhsm-int.azure-int.net///providers/Microsoft.Authorization/roleDefinitions?api-version=7.2-preview", - "Headers" : { - "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" - }, - "Response" : { - "content-length" : "6428", - "x-frame-options" : "SAMEORIGIN", - "x-ms-build-version" : "1.0.20200903-1-42b8eab8-develop", - "retry-after" : "0", - "StatusCode" : "200", - "strict-transport-security" : "max-age=31536000; includeSubDomains", - "x-ms-server-latency" : "1", - "content-security-policy" : "default-src 'self'", - "x-content-type-options" : "nosniff", - "content-type" : "application/json; charset=utf-8", - "x-ms-keyvault-region" : "EASTUS", - "x-ms-keyvault-network-info" : "addr=174.127.169.154", - "cache-control" : "no-cache", - "x-ms-request-id" : "6f025072-ee3c-11ea-b181-0242ac120006", - "Body" : "{\"value\":[{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/a290e904-7015-4bba-90c8-60543313cdb4\",\"name\":\"a290e904-7015-4bba-90c8-60543313cdb4\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/write/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/recover/action\",\"Microsoft.KeyVault/managedHsm/keys/backup/action\",\"Microsoft.KeyVault/managedHsm/keys/restore/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/keys/encrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/decrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/wrap/action\",\"Microsoft.KeyVault/managedHsm/keys/unwrap/action\",\"Microsoft.KeyVault/managedHsm/keys/sign/action\",\"Microsoft.KeyVault/managedHsm/keys/verify/action\",\"Microsoft.KeyVault/managedHsm/keys/create\",\"Microsoft.KeyVault/managedHsm/keys/delete\",\"Microsoft.KeyVault/managedHsm/keys/export/action\",\"Microsoft.KeyVault/managedHsm/keys/import/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/delete\",\"Microsoft.KeyVault/managedHsm/securitydomain/download/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/upload/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/upload/read\",\"Microsoft.KeyVault/managedHsm/securitydomain/transferkey/read\",\"Microsoft.KeyVault/managedHsm/backup/start/action\",\"Microsoft.KeyVault/managedHsm/restore/start/action\",\"Microsoft.KeyVault/managedHsm/backup/status/action\",\"Microsoft.KeyVault/managedHsm/restore/status/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Administrator\",\"type\":\"\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"name\":\"515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/write/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/recover/action\",\"Microsoft.KeyVault/managedHsm/keys/backup/action\",\"Microsoft.KeyVault/managedHsm/keys/restore/action\",\"Microsoft.KeyVault/managedHsm/keys/encrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/decrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/sign/action\",\"Microsoft.KeyVault/managedHsm/keys/verify/action\",\"Microsoft.KeyVault/managedHsm/keys/wrap/action\",\"Microsoft.KeyVault/managedHsm/keys/unwrap/action\",\"Microsoft.KeyVault/managedHsm/keys/create\",\"Microsoft.KeyVault/managedHsm/keys/delete\",\"Microsoft.KeyVault/managedHsm/keys/export/action\",\"Microsoft.KeyVault/managedHsm/keys/import/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/delete\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Officer\",\"type\":\"\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625b\",\"name\":\"21dbd100-6940-42c2-9190-5d6cb909625b\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/write/action\",\"Microsoft.KeyVault/managedHsm/keys/backup/action\",\"Microsoft.KeyVault/managedHsm/keys/create\",\"Microsoft.KeyVault/managedHsm/keys/encrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/decrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/wrap/action\",\"Microsoft.KeyVault/managedHsm/keys/unwrap/action\",\"Microsoft.KeyVault/managedHsm/keys/sign/action\",\"Microsoft.KeyVault/managedHsm/keys/verify/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto User\",\"type\":\"\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/4bd23610-cdcf-4971-bdee-bdc562cc28e4\",\"name\":\"4bd23610-cdcf-4971-bdee-bdc562cc28e4\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Policy Administrator\",\"type\":\"\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/2c18b078-7c48-4d3a-af88-5a3a1b3f82b3\",\"name\":\"2c18b078-7c48-4d3a-af88-5a3a1b3f82b3\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Auditor\",\"type\":\"\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/33413926-3206-4cdd-b39a-83574fe37a17\",\"name\":\"33413926-3206-4cdd-b39a-83574fe37a17\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/wrap/action\",\"Microsoft.KeyVault/managedHsm/keys/unwrap/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Service Encryption\",\"type\":\"\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8\",\"name\":\"7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/backup/start/action\",\"Microsoft.KeyVault/managedHsm/backup/status/action\",\"Microsoft.KeyVault/managedHsm/keys/backup/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Backup\",\"type\":\"\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"}]}" - }, - "Exception" : null - }, { - "Method" : "PUT", - "Uri" : "https://REDACTED.chriss-eu2.managedhsm-int.azure-int.net///providers/Microsoft.Authorization/roleAssignments/658d6c14-98c2-4a53-a523-be8609eb7f8b?api-version=7.2-preview", - "Headers" : { - "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)", - "Content-Type" : "application/json" - }, - "Response" : { - "content-length" : "398", - "x-frame-options" : "SAMEORIGIN", - "retry-after" : "0", - "StatusCode" : "201", - "strict-transport-security" : "max-age=31536000; includeSubDomains", - "x-ms-server-latency" : "265", - "content-security-policy" : "default-src 'self'", - "x-content-type-options" : "nosniff", - "content-type" : "application/json; charset=utf-8", - "x-ms-keyvault-region" : "EASTUS", - "x-ms-keyvault-network-info" : "addr=174.127.169.154", - "cache-control" : "no-cache", - "x-ms-request-id" : "6f025072-ee3c-11ea-b181-0242ac120006", - "Body" : "{\"id\":\"/providers/Microsoft.Authorization/roleAssignments/658d6c14-98c2-4a53-a523-be8609eb7f8b\",\"name\":\"658d6c14-98c2-4a53-a523-be8609eb7f8b\",\"properties\":{\"principalId\":\"49acc88b-8f9e-4619-9856-16691db66767\",\"roleDefinitionId\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625b\",\"scope\":\"/\"},\"type\":\"Microsoft.Authorization/roleAssignments\"}" - }, - "Exception" : null - }, { - "Method" : "GET", - "Uri" : "https://REDACTED.chriss-eu2.managedhsm-int.azure-int.net///providers/Microsoft.Authorization/roleAssignments/658d6c14-98c2-4a53-a523-be8609eb7f8b?api-version=7.2-preview", - "Headers" : { - "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" - }, - "Response" : { - "content-length" : "398", - "x-frame-options" : "SAMEORIGIN", - "x-ms-build-version" : "1.0.20200903-1-42b8eab8-develop", - "retry-after" : "0", - "StatusCode" : "200", - "strict-transport-security" : "max-age=31536000; includeSubDomains", - "x-ms-server-latency" : "0", - "content-security-policy" : "default-src 'self'", - "x-content-type-options" : "nosniff", - "content-type" : "application/json; charset=utf-8", - "x-ms-keyvault-region" : "EASTUS", - "x-ms-keyvault-network-info" : "addr=174.127.169.154", - "cache-control" : "no-cache", - "x-ms-request-id" : "6f025072-ee3c-11ea-b181-0242ac120006", - "Body" : "{\"id\":\"/providers/Microsoft.Authorization/roleAssignments/658d6c14-98c2-4a53-a523-be8609eb7f8b\",\"name\":\"658d6c14-98c2-4a53-a523-be8609eb7f8b\",\"properties\":{\"principalId\":\"49acc88b-8f9e-4619-9856-16691db66767\",\"roleDefinitionId\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625b\",\"scope\":\"/\"},\"type\":\"Microsoft.Authorization/roleAssignments\"}" - }, - "Exception" : null - } ], - "variables" : [ ] -} diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/listRoleAssignments.json b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/listRoleAssignments.json deleted file mode 100644 index 319affbd9440..000000000000 --- a/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/listRoleAssignments.json +++ /dev/null @@ -1,52 +0,0 @@ -{ - "networkCallRecords" : [ { - "Method" : "GET", - "Uri" : "https://REDACTED.chriss-eu2.managedhsm-int.azure-int.net///providers/Microsoft.Authorization/roleAssignments?api-version=7.2-preview", - "Headers" : { - "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" - }, - "Response" : { - "content-length" : "2804", - "x-frame-options" : "SAMEORIGIN", - "x-ms-build-version" : "1.0.20200903-1-42b8eab8-develop", - "retry-after" : "0", - "StatusCode" : "200", - "strict-transport-security" : "max-age=31536000; includeSubDomains", - "x-ms-server-latency" : "1", - "content-security-policy" : "default-src 'self'", - "x-content-type-options" : "nosniff", - "content-type" : "application/json; charset=utf-8", - "x-ms-keyvault-region" : "EASTUS", - "x-ms-keyvault-network-info" : "addr=174.127.169.154", - "cache-control" : "no-cache", - "x-ms-request-id" : "3afdb3e2-ee38-11ea-8011-0242ac120004", - "Body" : "{\"value\":[{\"id\":\"/providers/Microsoft.Authorization/roleAssignments/c2883562-e186-42ef-aff3-0acbe297c1ca\",\"name\":\"c2883562-e186-42ef-aff3-0acbe297c1ca\",\"properties\":{\"principalId\":\"c9cea829-776d-41db-9bd6-8bc6f63b507a\",\"roleDefinitionId\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/a290e904-7015-4bba-90c8-60543313cdb4\",\"scope\":\"/\"},\"type\":\"Microsoft.Authorization/roleAssignments\"},{\"id\":\"/providers/Microsoft.Authorization/roleAssignments/967a0ebd-73a1-0145-85fc-3b6514ac2581\",\"name\":\"967a0ebd-73a1-0145-85fc-3b6514ac2581\",\"properties\":{\"principalId\":\"e7941875-b7e4-4ba2-9527-d3ef2a9b58fa\",\"roleDefinitionId\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/a290e904-7015-4bba-90c8-60543313cdb4\",\"scope\":\"/\"},\"type\":\"Microsoft.Authorization/roleAssignments\"},{\"id\":\"/providers/Microsoft.Authorization/roleAssignments/ca7d5f7e-130d-43e1-b6a4-644c0e18f457\",\"name\":\"ca7d5f7e-130d-43e1-b6a4-644c0e18f457\",\"properties\":{\"principalId\":\"c2101ce9-648a-4bbe-8f0e-3e891ff1658d\",\"roleDefinitionId\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/a290e904-7015-4bba-90c8-60543313cdb4\",\"scope\":\"/\"},\"type\":\"Microsoft.Authorization/roleAssignments\"},{\"id\":\"/providers/Microsoft.Authorization/roleAssignments/8e7fe831-35fe-0488-beaf-5b0866306cbb\",\"name\":\"8e7fe831-35fe-0488-beaf-5b0866306cbb\",\"properties\":{\"principalId\":\"4f584d72-47b3-48d1-971c-ce0ae8a47560\",\"roleDefinitionId\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/a290e904-7015-4bba-90c8-60543313cdb4\",\"scope\":\"/\"},\"type\":\"Microsoft.Authorization/roleAssignments\"},{\"id\":\"/providers/Microsoft.Authorization/roleAssignments/65e1be51-aa38-4250-967a-8658fdfb260b\",\"name\":\"65e1be51-aa38-4250-967a-8658fdfb260b\",\"properties\":{\"principalId\":\"49acc88b-8f9e-4619-9856-16691db66767\",\"roleDefinitionId\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/a290e904-7015-4bba-90c8-60543313cdb4\",\"scope\":\"/\"},\"type\":\"Microsoft.Authorization/roleAssignments\"},{\"id\":\"/providers/Microsoft.Authorization/roleAssignments/1587adcd-1227-4799-03dc-a4194c659c07\",\"name\":\"1587adcd-1227-4799-03dc-a4194c659c07\",\"properties\":{\"principalId\":\"2bca474d-4fac-495d-919a-30376e0fe515\",\"roleDefinitionId\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/a290e904-7015-4bba-90c8-60543313cdb4\",\"scope\":\"/\"},\"type\":\"Microsoft.Authorization/roleAssignments\"},{\"id\":\"/providers/Microsoft.Authorization/roleAssignments/129c2001-45e7-0814-13d0-9d933e794b37\",\"name\":\"129c2001-45e7-0814-13d0-9d933e794b37\",\"properties\":{\"principalId\":\"d0596a07-8d8d-433f-a25e-5c6f46787784\",\"roleDefinitionId\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/a290e904-7015-4bba-90c8-60543313cdb4\",\"scope\":\"/\"},\"type\":\"Microsoft.Authorization/roleAssignments\"}]}" - }, - "Exception" : null - }, { - "Method" : "GET", - "Uri" : "https://REDACTED.chriss-eu2.managedhsm-int.azure-int.net///providers/Microsoft.Authorization/roleAssignments?api-version=7.2-preview", - "Headers" : { - "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" - }, - "Response" : { - "content-length" : "2804", - "x-frame-options" : "SAMEORIGIN", - "x-ms-build-version" : "1.0.20200903-1-42b8eab8-develop", - "retry-after" : "0", - "StatusCode" : "200", - "strict-transport-security" : "max-age=31536000; includeSubDomains", - "x-ms-server-latency" : "1", - "content-security-policy" : "default-src 'self'", - "x-content-type-options" : "nosniff", - "content-type" : "application/json; charset=utf-8", - "x-ms-keyvault-region" : "EASTUS", - "x-ms-keyvault-network-info" : "addr=174.127.169.154", - "cache-control" : "no-cache", - "x-ms-request-id" : "3afdb3e2-ee38-11ea-8011-0242ac120004", - "Body" : "{\"value\":[{\"id\":\"/providers/Microsoft.Authorization/roleAssignments/c2883562-e186-42ef-aff3-0acbe297c1ca\",\"name\":\"c2883562-e186-42ef-aff3-0acbe297c1ca\",\"properties\":{\"principalId\":\"c9cea829-776d-41db-9bd6-8bc6f63b507a\",\"roleDefinitionId\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/a290e904-7015-4bba-90c8-60543313cdb4\",\"scope\":\"/\"},\"type\":\"Microsoft.Authorization/roleAssignments\"},{\"id\":\"/providers/Microsoft.Authorization/roleAssignments/967a0ebd-73a1-0145-85fc-3b6514ac2581\",\"name\":\"967a0ebd-73a1-0145-85fc-3b6514ac2581\",\"properties\":{\"principalId\":\"e7941875-b7e4-4ba2-9527-d3ef2a9b58fa\",\"roleDefinitionId\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/a290e904-7015-4bba-90c8-60543313cdb4\",\"scope\":\"/\"},\"type\":\"Microsoft.Authorization/roleAssignments\"},{\"id\":\"/providers/Microsoft.Authorization/roleAssignments/ca7d5f7e-130d-43e1-b6a4-644c0e18f457\",\"name\":\"ca7d5f7e-130d-43e1-b6a4-644c0e18f457\",\"properties\":{\"principalId\":\"c2101ce9-648a-4bbe-8f0e-3e891ff1658d\",\"roleDefinitionId\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/a290e904-7015-4bba-90c8-60543313cdb4\",\"scope\":\"/\"},\"type\":\"Microsoft.Authorization/roleAssignments\"},{\"id\":\"/providers/Microsoft.Authorization/roleAssignments/8e7fe831-35fe-0488-beaf-5b0866306cbb\",\"name\":\"8e7fe831-35fe-0488-beaf-5b0866306cbb\",\"properties\":{\"principalId\":\"4f584d72-47b3-48d1-971c-ce0ae8a47560\",\"roleDefinitionId\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/a290e904-7015-4bba-90c8-60543313cdb4\",\"scope\":\"/\"},\"type\":\"Microsoft.Authorization/roleAssignments\"},{\"id\":\"/providers/Microsoft.Authorization/roleAssignments/65e1be51-aa38-4250-967a-8658fdfb260b\",\"name\":\"65e1be51-aa38-4250-967a-8658fdfb260b\",\"properties\":{\"principalId\":\"49acc88b-8f9e-4619-9856-16691db66767\",\"roleDefinitionId\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/a290e904-7015-4bba-90c8-60543313cdb4\",\"scope\":\"/\"},\"type\":\"Microsoft.Authorization/roleAssignments\"},{\"id\":\"/providers/Microsoft.Authorization/roleAssignments/1587adcd-1227-4799-03dc-a4194c659c07\",\"name\":\"1587adcd-1227-4799-03dc-a4194c659c07\",\"properties\":{\"principalId\":\"2bca474d-4fac-495d-919a-30376e0fe515\",\"roleDefinitionId\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/a290e904-7015-4bba-90c8-60543313cdb4\",\"scope\":\"/\"},\"type\":\"Microsoft.Authorization/roleAssignments\"},{\"id\":\"/providers/Microsoft.Authorization/roleAssignments/129c2001-45e7-0814-13d0-9d933e794b37\",\"name\":\"129c2001-45e7-0814-13d0-9d933e794b37\",\"properties\":{\"principalId\":\"d0596a07-8d8d-433f-a25e-5c6f46787784\",\"roleDefinitionId\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/a290e904-7015-4bba-90c8-60543313cdb4\",\"scope\":\"/\"},\"type\":\"Microsoft.Authorization/roleAssignments\"}]}" - }, - "Exception" : null - } ], - "variables" : [ ] -} diff --git a/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/listRoleDefinitions.json b/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/listRoleDefinitions.json deleted file mode 100644 index 898fcc156451..000000000000 --- a/sdk/keyvault/azure-security-keyvault-administration/src/test/resources/session-records/listRoleDefinitions.json +++ /dev/null @@ -1,52 +0,0 @@ -{ - "networkCallRecords" : [ { - "Method" : "GET", - "Uri" : "https://REDACTED.chriss-eu2.managedhsm-int.azure-int.net///providers/Microsoft.Authorization/roleDefinitions?api-version=7.2-preview", - "Headers" : { - "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" - }, - "Response" : { - "content-length" : "6428", - "x-frame-options" : "SAMEORIGIN", - "x-ms-build-version" : "1.0.20200903-1-42b8eab8-develop", - "retry-after" : "0", - "StatusCode" : "200", - "strict-transport-security" : "max-age=31536000; includeSubDomains", - "x-ms-server-latency" : "1", - "content-security-policy" : "default-src 'self'", - "x-content-type-options" : "nosniff", - "content-type" : "application/json; charset=utf-8", - "x-ms-keyvault-region" : "EASTUS", - "x-ms-keyvault-network-info" : "addr=174.127.169.154", - "cache-control" : "no-cache", - "x-ms-request-id" : "e0fcdf70-ee33-11ea-934a-0242ac120003", - "Body" : "{\"value\":[{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/a290e904-7015-4bba-90c8-60543313cdb4\",\"name\":\"a290e904-7015-4bba-90c8-60543313cdb4\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/write/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/recover/action\",\"Microsoft.KeyVault/managedHsm/keys/backup/action\",\"Microsoft.KeyVault/managedHsm/keys/restore/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/keys/encrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/decrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/wrap/action\",\"Microsoft.KeyVault/managedHsm/keys/unwrap/action\",\"Microsoft.KeyVault/managedHsm/keys/sign/action\",\"Microsoft.KeyVault/managedHsm/keys/verify/action\",\"Microsoft.KeyVault/managedHsm/keys/create\",\"Microsoft.KeyVault/managedHsm/keys/delete\",\"Microsoft.KeyVault/managedHsm/keys/export/action\",\"Microsoft.KeyVault/managedHsm/keys/import/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/delete\",\"Microsoft.KeyVault/managedHsm/securitydomain/download/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/upload/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/upload/read\",\"Microsoft.KeyVault/managedHsm/securitydomain/transferkey/read\",\"Microsoft.KeyVault/managedHsm/backup/start/action\",\"Microsoft.KeyVault/managedHsm/restore/start/action\",\"Microsoft.KeyVault/managedHsm/backup/status/action\",\"Microsoft.KeyVault/managedHsm/restore/status/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Administrator\",\"type\":\"\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"name\":\"515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/write/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/recover/action\",\"Microsoft.KeyVault/managedHsm/keys/backup/action\",\"Microsoft.KeyVault/managedHsm/keys/restore/action\",\"Microsoft.KeyVault/managedHsm/keys/encrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/decrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/sign/action\",\"Microsoft.KeyVault/managedHsm/keys/verify/action\",\"Microsoft.KeyVault/managedHsm/keys/wrap/action\",\"Microsoft.KeyVault/managedHsm/keys/unwrap/action\",\"Microsoft.KeyVault/managedHsm/keys/create\",\"Microsoft.KeyVault/managedHsm/keys/delete\",\"Microsoft.KeyVault/managedHsm/keys/export/action\",\"Microsoft.KeyVault/managedHsm/keys/import/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/delete\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Officer\",\"type\":\"\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625b\",\"name\":\"21dbd100-6940-42c2-9190-5d6cb909625b\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/write/action\",\"Microsoft.KeyVault/managedHsm/keys/backup/action\",\"Microsoft.KeyVault/managedHsm/keys/create\",\"Microsoft.KeyVault/managedHsm/keys/encrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/decrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/wrap/action\",\"Microsoft.KeyVault/managedHsm/keys/unwrap/action\",\"Microsoft.KeyVault/managedHsm/keys/sign/action\",\"Microsoft.KeyVault/managedHsm/keys/verify/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto User\",\"type\":\"\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/4bd23610-cdcf-4971-bdee-bdc562cc28e4\",\"name\":\"4bd23610-cdcf-4971-bdee-bdc562cc28e4\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Policy Administrator\",\"type\":\"\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/2c18b078-7c48-4d3a-af88-5a3a1b3f82b3\",\"name\":\"2c18b078-7c48-4d3a-af88-5a3a1b3f82b3\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Auditor\",\"type\":\"\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/33413926-3206-4cdd-b39a-83574fe37a17\",\"name\":\"33413926-3206-4cdd-b39a-83574fe37a17\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/wrap/action\",\"Microsoft.KeyVault/managedHsm/keys/unwrap/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Service Encryption\",\"type\":\"\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8\",\"name\":\"7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/backup/start/action\",\"Microsoft.KeyVault/managedHsm/backup/status/action\",\"Microsoft.KeyVault/managedHsm/keys/backup/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Backup\",\"type\":\"\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"}]}" - }, - "Exception" : null - }, { - "Method" : "GET", - "Uri" : "https://REDACTED.chriss-eu2.managedhsm-int.azure-int.net///providers/Microsoft.Authorization/roleDefinitions?api-version=7.2-preview", - "Headers" : { - "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)" - }, - "Response" : { - "content-length" : "6428", - "x-frame-options" : "SAMEORIGIN", - "x-ms-build-version" : "1.0.20200903-1-42b8eab8-develop", - "retry-after" : "0", - "StatusCode" : "200", - "strict-transport-security" : "max-age=31536000; includeSubDomains", - "x-ms-server-latency" : "0", - "content-security-policy" : "default-src 'self'", - "x-content-type-options" : "nosniff", - "content-type" : "application/json; charset=utf-8", - "x-ms-keyvault-region" : "EASTUS", - "x-ms-keyvault-network-info" : "addr=174.127.169.154", - "cache-control" : "no-cache", - "x-ms-request-id" : "e0fcdf70-ee33-11ea-934a-0242ac120003", - "Body" : "{\"value\":[{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/a290e904-7015-4bba-90c8-60543313cdb4\",\"name\":\"a290e904-7015-4bba-90c8-60543313cdb4\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/write/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/recover/action\",\"Microsoft.KeyVault/managedHsm/keys/backup/action\",\"Microsoft.KeyVault/managedHsm/keys/restore/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/keys/encrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/decrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/wrap/action\",\"Microsoft.KeyVault/managedHsm/keys/unwrap/action\",\"Microsoft.KeyVault/managedHsm/keys/sign/action\",\"Microsoft.KeyVault/managedHsm/keys/verify/action\",\"Microsoft.KeyVault/managedHsm/keys/create\",\"Microsoft.KeyVault/managedHsm/keys/delete\",\"Microsoft.KeyVault/managedHsm/keys/export/action\",\"Microsoft.KeyVault/managedHsm/keys/import/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/delete\",\"Microsoft.KeyVault/managedHsm/securitydomain/download/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/upload/action\",\"Microsoft.KeyVault/managedHsm/securitydomain/upload/read\",\"Microsoft.KeyVault/managedHsm/securitydomain/transferkey/read\",\"Microsoft.KeyVault/managedHsm/backup/start/action\",\"Microsoft.KeyVault/managedHsm/restore/start/action\",\"Microsoft.KeyVault/managedHsm/backup/status/action\",\"Microsoft.KeyVault/managedHsm/restore/status/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Administrator\",\"type\":\"\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"name\":\"515eb02d-2335-4d2d-92f2-b1cbdf9c3778\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/write/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/recover/action\",\"Microsoft.KeyVault/managedHsm/keys/backup/action\",\"Microsoft.KeyVault/managedHsm/keys/restore/action\",\"Microsoft.KeyVault/managedHsm/keys/encrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/decrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/sign/action\",\"Microsoft.KeyVault/managedHsm/keys/verify/action\",\"Microsoft.KeyVault/managedHsm/keys/wrap/action\",\"Microsoft.KeyVault/managedHsm/keys/unwrap/action\",\"Microsoft.KeyVault/managedHsm/keys/create\",\"Microsoft.KeyVault/managedHsm/keys/delete\",\"Microsoft.KeyVault/managedHsm/keys/export/action\",\"Microsoft.KeyVault/managedHsm/keys/import/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/delete\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Officer\",\"type\":\"\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625b\",\"name\":\"21dbd100-6940-42c2-9190-5d6cb909625b\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/write/action\",\"Microsoft.KeyVault/managedHsm/keys/backup/action\",\"Microsoft.KeyVault/managedHsm/keys/create\",\"Microsoft.KeyVault/managedHsm/keys/encrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/decrypt/action\",\"Microsoft.KeyVault/managedHsm/keys/wrap/action\",\"Microsoft.KeyVault/managedHsm/keys/unwrap/action\",\"Microsoft.KeyVault/managedHsm/keys/sign/action\",\"Microsoft.KeyVault/managedHsm/keys/verify/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto User\",\"type\":\"\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/4bd23610-cdcf-4971-bdee-bdc562cc28e4\",\"name\":\"4bd23610-cdcf-4971-bdee-bdc562cc28e4\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/roleDefinitions/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/read/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/write/action\",\"Microsoft.KeyVault/managedHsm/roleAssignments/delete/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Policy Administrator\",\"type\":\"\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/2c18b078-7c48-4d3a-af88-5a3a1b3f82b3\",\"name\":\"2c18b078-7c48-4d3a-af88-5a3a1b3f82b3\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Auditor\",\"type\":\"\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/33413926-3206-4cdd-b39a-83574fe37a17\",\"name\":\"33413926-3206-4cdd-b39a-83574fe37a17\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/keys/read/action\",\"Microsoft.KeyVault/managedHsm/keys/wrap/action\",\"Microsoft.KeyVault/managedHsm/keys/unwrap/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Crypto Service Encryption\",\"type\":\"\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"},{\"id\":\"Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8\",\"name\":\"7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8\",\"properties\":{\"assignableScopes\":[\"/\"],\"description\":\"\",\"permissions\":[{\"actions\":[],\"dataActions\":[\"Microsoft.KeyVault/managedHsm/backup/start/action\",\"Microsoft.KeyVault/managedHsm/backup/status/action\",\"Microsoft.KeyVault/managedHsm/keys/backup/action\"],\"notActions\":[],\"notDataActions\":[]}],\"roleName\":\"Managed HSM Backup\",\"type\":\"\"},\"type\":\"Microsoft.Authorization/roleDefinitions\"}]}" - }, - "Exception" : null - } ], - "variables" : [ ] -} diff --git a/sdk/keyvault/azure-security-keyvault-administration/swagger/autorest.md b/sdk/keyvault/azure-security-keyvault-administration/swagger/autorest.md index a34b4fdac9e0..8eb32fc1dd22 100644 --- a/sdk/keyvault/azure-security-keyvault-administration/swagger/autorest.md +++ b/sdk/keyvault/azure-security-keyvault-administration/swagger/autorest.md @@ -16,7 +16,7 @@ To see additional help and options, run: > `autorest --help` ### Generation -There are two swagger specifications for KeyVault Administration: rbac and backuprestore. They use the following tags: `--tag=rbac-preview` & `--tag=backuprestore-preview`. +There are two swagger specifications for KeyVault Administration: rbac and backuprestore. They use the following tags: `--tag=rbac` & `--tag=backuprestore`. ```ps cd @@ -26,12 +26,12 @@ autorest --use=@microsoft.azure/autorest.java@4.0.0 --tag=${package} e.g. ```ps cd -autorest --use=@microsoft.azure/autorest.java@4.0.0 --tag=rbac-preview +autorest --use=@microsoft.azure/autorest.java@4.0.0 --tag=rbac ``` ```ps cd -autorest --use=@microsoft.azure/autorest.java@4.0.0 --tag=backuprestore-preview +autorest --use=@microsoft.azure/autorest.java@4.0.0 --tag=backuprestore ``` ## Code generation settings @@ -48,18 +48,18 @@ add-context-parameter: true context-client-method-parameter: true ``` -### Tag: rbac-preview -These settings apply only when `--tag=rbac-preview` is specified on the command line. +### Tag: rbac +These settings apply only when `--tag=rbac` is specified on the command line. -``` yaml $(tag) == 'rbac-preview' -input-file: https://github.com/Azure/azure-rest-api-specs/blob/master/specification/keyvault/data-plane/Microsoft.KeyVault/preview/7.2-preview/rbac.json +``` yaml $(tag) == 'rbac' +input-file: https://github.com/Azure/azure-rest-api-specs/blob/master/specification/keyvault/data-plane/Microsoft.KeyVault/stable/7.2/rbac.json title: KeyVaultAccessControlClient ``` -### Tag: backuprestore-preview -These settings apply only when `--tag=backuprestore-preview` is specified on the command line. +### Tag: backuprestore +These settings apply only when `--tag=backuprestore` is specified on the command line. -``` yaml $(tag) == 'backuprestore-preview' -input-file: https://github.com/Azure/azure-rest-api-specs/blob/master/specification/keyvault/data-plane/Microsoft.KeyVault/preview/7.2-preview/backuprestore.json +``` yaml $(tag) == 'backuprestore' +input-file: https://github.com/Azure/azure-rest-api-specs/blob/master/specification/keyvault/data-plane/Microsoft.KeyVault/stable/7.2/backuprestore.json title: KeyVaultBackupClient ```