Skip to content

Commit

Permalink
Resolve archboard feedback for Key Vault (#21678)
Browse files Browse the repository at this point in the history
* Hide some methods from Key Vault Identifier structs
* Ignore 404s and return no value for DeleteRoleAssignment/Definition
  • Loading branch information
heaths authored Jun 8, 2021
1 parent 216c0d6 commit 658a9c8
Show file tree
Hide file tree
Showing 21 changed files with 418 additions and 55 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,8 @@
### Breaking Changes

- Changed `KeyVaultBackupClient.StartSelectiveRestore` and `StartSelectiveRestoreAsync` to `StartSelectiveKeyRestore` and `StartSelectiveKeyRestoreAsync`.
- Return only a `Response` from `KeyVaultAccessControlClient.DeleteRoleAssignment` and `DeleteRoleAssignmentAsync`. HTTP 404 responses no longer throw a `RequestFailedException`.
- Return only a `Response` from `KeyVaultAccessControlClient.DeleteRoleDefinition` and `DeleteRoleDefinitionAsync`. HTTP 404 responses no longer throw a `RequestFailedException`.

## 4.0.0-beta.5 (2021-05-11)

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -23,10 +23,10 @@ public KeyVaultAccessControlClient(System.Uri vaultUri, Azure.Core.TokenCredenti
public virtual System.Threading.Tasks.Task<Azure.Response<Azure.Security.KeyVault.Administration.KeyVaultRoleDefinition>> CreateOrUpdateRoleDefinitionAsync(Azure.Security.KeyVault.Administration.KeyVaultRoleScope roleScope, System.Guid? roleDefinitionName = default(System.Guid?), System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; }
public virtual Azure.Response<Azure.Security.KeyVault.Administration.KeyVaultRoleAssignment> CreateRoleAssignment(Azure.Security.KeyVault.Administration.KeyVaultRoleScope roleScope, string roleDefinitionId, string principalId, System.Guid? roleAssignmentName = default(System.Guid?), System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; }
public virtual System.Threading.Tasks.Task<Azure.Response<Azure.Security.KeyVault.Administration.KeyVaultRoleAssignment>> CreateRoleAssignmentAsync(Azure.Security.KeyVault.Administration.KeyVaultRoleScope roleScope, string roleDefinitionId, string principalId, System.Guid? roleAssignmentName = default(System.Guid?), System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; }
public virtual Azure.Response<Azure.Security.KeyVault.Administration.KeyVaultRoleAssignment> DeleteRoleAssignment(Azure.Security.KeyVault.Administration.KeyVaultRoleScope roleScope, string roleAssignmentName, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; }
public virtual System.Threading.Tasks.Task<Azure.Response<Azure.Security.KeyVault.Administration.KeyVaultRoleAssignment>> DeleteRoleAssignmentAsync(Azure.Security.KeyVault.Administration.KeyVaultRoleScope roleScope, string roleAssignmentName, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; }
public virtual Azure.Response<Azure.Security.KeyVault.Administration.KeyVaultRoleDefinition> DeleteRoleDefinition(Azure.Security.KeyVault.Administration.KeyVaultRoleScope roleScope, System.Guid roleDefinitionName, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; }
public virtual System.Threading.Tasks.Task<Azure.Response<Azure.Security.KeyVault.Administration.KeyVaultRoleDefinition>> DeleteRoleDefinitionAsync(Azure.Security.KeyVault.Administration.KeyVaultRoleScope roleScope, System.Guid roleDefinitionName, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; }
public virtual Azure.Response DeleteRoleAssignment(Azure.Security.KeyVault.Administration.KeyVaultRoleScope roleScope, string roleAssignmentName, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; }
public virtual System.Threading.Tasks.Task<Azure.Response> DeleteRoleAssignmentAsync(Azure.Security.KeyVault.Administration.KeyVaultRoleScope roleScope, string roleAssignmentName, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; }
public virtual Azure.Response DeleteRoleDefinition(Azure.Security.KeyVault.Administration.KeyVaultRoleScope roleScope, System.Guid roleDefinitionName, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; }
public virtual System.Threading.Tasks.Task<Azure.Response> DeleteRoleDefinitionAsync(Azure.Security.KeyVault.Administration.KeyVaultRoleScope roleScope, System.Guid roleDefinitionName, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; }
public virtual Azure.Response<Azure.Security.KeyVault.Administration.KeyVaultRoleAssignment> GetRoleAssignment(Azure.Security.KeyVault.Administration.KeyVaultRoleScope roleScope, string roleAssignmentName, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; }
public virtual System.Threading.Tasks.Task<Azure.Response<Azure.Security.KeyVault.Administration.KeyVaultRoleAssignment>> GetRoleAssignmentAsync(Azure.Security.KeyVault.Administration.KeyVaultRoleScope roleScope, string roleAssignmentName, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; }
public virtual Azure.Pageable<Azure.Security.KeyVault.Administration.KeyVaultRoleAssignment> GetRoleAssignments(Azure.Security.KeyVault.Administration.KeyVaultRoleScope roleScope, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; }
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -69,7 +69,7 @@ KeyVaultRoleAssignment fetchedAssignment = await client.GetRoleAssignmentAsync(K
To remove a role assignment from a service principal, the role assignment must be deleted. Let's delete the `createdAssignment` from the previous example.

```C# Snippet:DeleteRoleAssignmentAsync
KeyVaultRoleAssignment deletedAssignment = await client.DeleteRoleAssignmentAsync(KeyVaultRoleScope.Global, createdAssignment.Name);
await client.DeleteRoleAssignmentAsync(KeyVaultRoleScope.Global, createdAssignment.Name);
```

<!-- LINKS -->
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -61,7 +61,7 @@ KeyVaultRoleAssignment fetchedAssignment = client.GetRoleAssignment(KeyVaultRole
To remove a role assignment from a service principal, the role assignment must be deleted. Let's delete the `createdAssignment` from the previous example.

```C# Snippet:DeleteRoleAssignment
KeyVaultRoleAssignment deletedAssignment = client.DeleteRoleAssignment(KeyVaultRoleScope.Global, createdAssignment.Name);
client.DeleteRoleAssignment(KeyVaultRoleScope.Global, createdAssignment.Name);
```

<!-- LINKS -->
Expand Down

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Original file line number Diff line number Diff line change
Expand Up @@ -287,7 +287,7 @@ public virtual Response<KeyVaultRoleDefinition> CreateOrUpdateRoleDefinition(Cre
/// <param name="roleDefinitionName">The name used of the role definition to delete.</param>
/// <param name="cancellationToken">A <see cref="CancellationToken"/> controlling the request lifetime.</param>
/// <returns>A <see cref="Task{TResult}"/> representing the result of the asynchronous operation.</returns>
public virtual async Task<Response<KeyVaultRoleDefinition>> DeleteRoleDefinitionAsync(KeyVaultRoleScope roleScope, Guid roleDefinitionName, CancellationToken cancellationToken = default)
public virtual async Task<Response> DeleteRoleDefinitionAsync(KeyVaultRoleScope roleScope, Guid roleDefinitionName, CancellationToken cancellationToken = default)
{
using DiagnosticScope scope = _diagnostics.CreateScope($"{nameof(KeyVaultAccessControlClient)}.{nameof(DeleteRoleDefinition)}");
scope.Start();
Expand All @@ -309,7 +309,7 @@ public virtual async Task<Response<KeyVaultRoleDefinition>> DeleteRoleDefinition
/// <param name="roleDefinitionName"></param>
/// <param name="cancellationToken">A <see cref="CancellationToken"/> controlling the request lifetime.</param>
/// <returns>A <see cref="Response{TResult}"/> containing the result of the operation.</returns>
public virtual Response<KeyVaultRoleDefinition> DeleteRoleDefinition(KeyVaultRoleScope roleScope, Guid roleDefinitionName, CancellationToken cancellationToken = default)
public virtual Response DeleteRoleDefinition(KeyVaultRoleScope roleScope, Guid roleDefinitionName, CancellationToken cancellationToken = default)
{
using DiagnosticScope scope = _diagnostics.CreateScope($"{nameof(KeyVaultAccessControlClient)}.{nameof(DeleteRoleDefinition)}");
scope.Start();
Expand Down Expand Up @@ -538,7 +538,7 @@ public virtual async Task<Response<KeyVaultRoleAssignment>> GetRoleAssignmentAsy
/// <exception cref="ArgumentNullException"><paramref name="roleAssignmentName"/> is null.</exception>
/// <exception cref="ArgumentException"><paramref name="roleAssignmentName"/> is empty.</exception>
/// <returns>A <see cref="Response{TResult}"/> containing the result of the operation.</returns>
public virtual Response<KeyVaultRoleAssignment> DeleteRoleAssignment(KeyVaultRoleScope roleScope, string roleAssignmentName, CancellationToken cancellationToken = default)
public virtual Response DeleteRoleAssignment(KeyVaultRoleScope roleScope, string roleAssignmentName, CancellationToken cancellationToken = default)
{
Argument.AssertNotNullOrEmpty(roleAssignmentName, nameof(roleAssignmentName));

Expand All @@ -565,7 +565,7 @@ public virtual Response<KeyVaultRoleAssignment> DeleteRoleAssignment(KeyVaultRol
/// <exception cref="ArgumentNullException"><paramref name="roleAssignmentName"/> is null.</exception>
/// <exception cref="ArgumentException"><paramref name="roleAssignmentName"/> is empty.</exception>
/// <returns>A <see cref="Task{TResult}"/> containing the result of the asynchronous operation.</returns>
public virtual async Task<Response<KeyVaultRoleAssignment>> DeleteRoleAssignmentAsync(KeyVaultRoleScope roleScope, string roleAssignmentName, CancellationToken cancellationToken = default)
public virtual async Task<Response> DeleteRoleAssignmentAsync(KeyVaultRoleScope roleScope, string roleAssignmentName, CancellationToken cancellationToken = default)
{
Argument.AssertNotNullOrEmpty(roleAssignmentName, nameof(roleAssignmentName));

Expand Down
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
# Azure.Security.KeyVault.Administration

### AutoRest Configuration
> see https://aka.ms/autorest
## AutoRest Configuration
> See https://aka.ms/autorest
Run `dotnet build /t:GenerateCode` in src directory to re-generate.

Expand All @@ -13,3 +13,43 @@ input-file:
namespace: Azure.Security.KeyVault.Administration
include-csproj: disable
```
## Swagger customization
These changes should eventually be included in the swagger or at least centralized in Azure/azure-rest-api-specs.
### Ignore 404s for DELETE operations
Treat HTTP 404 responses for DELETE operations for RBAC as non-errors.
``` yaml
directive:
- where-operation: RoleAssignments_Delete
transform: >
$.responses["404"] = {
"description": "The resource to delete does not exist.",
"x-ms-error-response": false
};
- where-operation: RoleDefinitions_Delete
transform: >
$.responses["404"] = {
"description": "The resource to delete does not exist.",
"x-ms-error-response": false
};
```
### Return void for DELETE operations
Do not parse response bodies unnecessarily.
``` yaml
directive:
- where-operation: RoleAssignments_Delete
transform: >
delete $.responses["200"].schema;
- where-operation: RoleDefinitions_Delete
transform: >
delete $.responses["200"].schema;
```
Loading

0 comments on commit 658a9c8

Please sign in to comment.