From 699c7de7d021ff66327434ed53a357d95804547e Mon Sep 17 00:00:00 2001 From: Nisha Bhatia <67986960+nisha-bhatia@users.noreply.github.com> Date: Mon, 26 Aug 2024 16:49:22 -0700 Subject: [PATCH] [KeyVault] Add support for service version 7.6-preview.1 (#43811) * wip * wip * Update Azure.Security.KeyVault.Secrets.netstandard2.0.cs * update generation * Update Azure.Security.KeyVault.Administration.netstandard2.0.cs * Update CONTRIBUTING.md * Add new version in ClientOptions and tests for Administration * Export API * Remove server-side fix from changelog * Update sdk/keyvault/Azure.Security.KeyVault.Certificates/CHANGELOG.md * Add new endpoints definitions to readme * Add new Pre-backup methods * Documentation for PreBackup methods * Update method names in KeyVaultBackupClient for clarity * Add pre-restore methods * Export API * Use a flag to handle different headers in RestoreOperation * Update Administration Changelog * Add tests for Administration * Update preBackup and preRestore tests * Missing new version in CertificatesClientOptions * Re-record CertificateClientLiveTests * Remove unninteded line in Keys Changelog * Improve admin changelod message and clean samples in readme * nit changes * Format Changelog md files * Add null argument checks in KeyVaultBackupClient methods and document exceptions * Introducing the KeyVaultPreBackupOperation and KeyVaultPreRestoreOperation classes. * Ignore tests for preview version * Revert changes in KeyVaultRestoreOperation * Include possible exceptions to pre-operation classes * Record Secrets * Record Keys tests * Record admin * Re-record failing tests for Secrets * Update test-resources json to output the Tenant ID too * Export API and remove unused snippets --------- Co-authored-by: Jonathan Cardenas --- .../CHANGELOG.md | 9 +- .../README.md | 6 + ....KeyVault.Administration.netstandard2.0.cs | 49 ++++- .../assets.json | 2 +- ...VaultAdministrationPreFullBackupHeaders.cs | 24 +++ ...istrationPreFullRestoreOperationHeaders.cs | 24 +++ .../src/Generated/BackupRestoreRestClient.cs | 140 +++++++++++++- ...BackupOperationParameters.Serialization.cs | 44 +++++ .../Models/PreBackupOperationParameters.cs | 36 ++++ ...estoreOperationParameters.Serialization.cs | 39 ++++ .../Models/PreRestoreOperationParameters.cs | 32 ++++ .../Generated/RoleAssignmentsRestClient.cs | 2 +- .../Generated/RoleDefinitionsRestClient.cs | 2 +- .../src/Generated/SettingsRestClient.cs | 2 +- .../KeyVaultAdministrationClientOptions.cs | 8 +- .../src/KeyVaultBackupClient.cs | 157 +++++++++++++++ .../src/KeyVaultPreBackupOperation.cs | 179 ++++++++++++++++++ .../src/KeyVaultPreRestoreOperation.cs | 107 +++++++++++ .../src/OperationHeadersExtensions.cs | 18 ++ .../src/PreRestoreOperationParameters.cs | 9 + .../src/RestoreOperationInternal.cs | 5 + .../src/autorest.md | 6 +- .../tests/AdministrationTestBase.cs | 1 + .../tests/FullBackupClientLiveTests.cs | 30 +++ .../tests/samples/Sample1_BackupHelloWorld.cs | 55 ++++++ .../CHANGELOG.md | 10 +- ...ty.KeyVault.Certificates.netstandard2.0.cs | 3 +- .../assets.json | 2 +- .../src/CertificateClientOptions.cs | 8 +- .../tests/CertificatesTestBase.cs | 1 + .../Azure.Security.KeyVault.Keys/CHANGELOG.md | 8 +- ...e.Security.KeyVault.Keys.netstandard2.0.cs | 6 +- .../Azure.Security.KeyVault.Keys/assets.json | 2 +- .../Cryptography/CryptographyClientOptions.cs | 8 +- .../src/KeyClientOptions.cs | 8 +- .../src/KeyRotationLifetimeAction.cs | 1 + .../tests/KeysTestBase.cs | 1 + .../CHANGELOG.md | 19 +- ...ecurity.KeyVault.Secrets.netstandard2.0.cs | 3 +- .../assets.json | 2 +- .../src/SecretClientOptions.cs | 8 +- .../tests/SecretsTestBase.cs | 1 + sdk/keyvault/test-resources.json | 74 ++++---- 43 files changed, 1079 insertions(+), 72 deletions(-) create mode 100644 sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/AzureSecurityKeyVaultAdministrationPreFullBackupHeaders.cs create mode 100644 sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/AzureSecurityKeyVaultAdministrationPreFullRestoreOperationHeaders.cs create mode 100644 sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/PreBackupOperationParameters.Serialization.cs create mode 100644 sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/PreBackupOperationParameters.cs create mode 100644 sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/PreRestoreOperationParameters.Serialization.cs create mode 100644 sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/PreRestoreOperationParameters.cs create mode 100644 sdk/keyvault/Azure.Security.KeyVault.Administration/src/KeyVaultPreBackupOperation.cs create mode 100644 sdk/keyvault/Azure.Security.KeyVault.Administration/src/KeyVaultPreRestoreOperation.cs create mode 100644 sdk/keyvault/Azure.Security.KeyVault.Administration/src/PreRestoreOperationParameters.cs diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/CHANGELOG.md b/sdk/keyvault/Azure.Security.KeyVault.Administration/CHANGELOG.md index 265085526e798..4b08ca6035e40 100644 --- a/sdk/keyvault/Azure.Security.KeyVault.Administration/CHANGELOG.md +++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/CHANGELOG.md @@ -4,12 +4,17 @@ ### Features Added +- Added support for service API version `7.6-preview.1`. +- Added new methods `StartPreRestoreAsync`, `StartPreRestore`, `StartPreBackupAsync`, and `StartPreBackupAsync` to the `KeyVaultBackupClient`. + ### Breaking Changes ### Bugs Fixed ### Other Changes +- The default service version is now "V7_6_Preview_1". + ## 4.4.0 (2024-02-14) Changes from both the last release and the last beta include: @@ -83,8 +88,8 @@ The following changes are only breaking from the previous beta. They are not bre ### Breaking Changes - Verify the challenge resource matches the vault domain. - This should affect few customers who can set `KeyVaultAdministrationClientOptions.DisableChallengeResourceVerification` to `true` to disable. - See https://aka.ms/azsdk/blog/vault-uri for more information. + This should affect few customers who can set `KeyVaultAdministrationClientOptions.DisableChallengeResourceVerification` to `true` to disable. + See for more information. ## 4.1.0 (2022-03-24) diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/README.md b/sdk/keyvault/Azure.Security.KeyVault.Administration/README.md index c05c0ad094bde..dc452003b702a 100644 --- a/sdk/keyvault/Azure.Security.KeyVault.Administration/README.md +++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/README.md @@ -141,10 +141,16 @@ A `KeyVaultAccessControlClient` provides both synchronous and asynchronous opera A `KeyVaultBackupClient` provides both synchronous and asynchronous operations for performing full key backups, full key restores, and selective key restores. +### PreBackupOperation +A `PreBackupOperation` represents a long-running operation that checks if it is possible to perform a full key backup. + ### BackupOperation A `BackupOperation` represents a long running operation for a full key backup. +### PreRestoreOperation +A `PreRestoreOperation` represents a long-running operation that checks if it is possible to perform a full key restore from a backup. + ### RestoreOperation A `RestoreOperation` represents a long running operation for both a full key and selective key restore. diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/api/Azure.Security.KeyVault.Administration.netstandard2.0.cs b/sdk/keyvault/Azure.Security.KeyVault.Administration/api/Azure.Security.KeyVault.Administration.netstandard2.0.cs index 32a5847b1b3e6..0c1a09a9ad6f5 100644 --- a/sdk/keyvault/Azure.Security.KeyVault.Administration/api/Azure.Security.KeyVault.Administration.netstandard2.0.cs +++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/api/Azure.Security.KeyVault.Administration.netstandard2.0.cs @@ -43,7 +43,7 @@ public KeyVaultAccessControlClient(System.Uri vaultUri, Azure.Core.TokenCredenti } public partial class KeyVaultAdministrationClientOptions : Azure.Core.ClientOptions { - public KeyVaultAdministrationClientOptions(Azure.Security.KeyVault.Administration.KeyVaultAdministrationClientOptions.ServiceVersion version = Azure.Security.KeyVault.Administration.KeyVaultAdministrationClientOptions.ServiceVersion.V7_5) { } + public KeyVaultAdministrationClientOptions(Azure.Security.KeyVault.Administration.KeyVaultAdministrationClientOptions.ServiceVersion version = Azure.Security.KeyVault.Administration.KeyVaultAdministrationClientOptions.ServiceVersion.V7_6_Preview_1) { } public bool DisableChallengeResourceVerification { get { throw null; } set { } } public Azure.Security.KeyVault.Administration.KeyVaultAdministrationClientOptions.ServiceVersion Version { get { throw null; } } public enum ServiceVersion @@ -52,6 +52,7 @@ public enum ServiceVersion V7_3 = 2, V7_4 = 3, V7_5 = 4, + V7_6_Preview_1 = 5, } } public static partial class KeyVaultAdministrationModelFactory @@ -79,6 +80,10 @@ public KeyVaultBackupClient(System.Uri vaultUri, Azure.Core.TokenCredential cred public virtual System.Uri VaultUri { get { throw null; } } public virtual Azure.Security.KeyVault.Administration.KeyVaultBackupOperation StartBackup(System.Uri blobStorageUri, string sasToken = null, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; } public virtual System.Threading.Tasks.Task StartBackupAsync(System.Uri blobStorageUri, string sasToken = null, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; } + public virtual Azure.Security.KeyVault.Administration.KeyVaultPreBackupOperation StartPreBackup(System.Uri blobStorageUri, string sasToken = null, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; } + public virtual System.Threading.Tasks.Task StartPreBackupAsync(System.Uri blobStorageUri, string sasToken = null, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; } + public virtual Azure.Security.KeyVault.Administration.KeyVaultPreRestoreOperation StartPreRestore(System.Uri folderUri, string sasToken = null, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; } + public virtual System.Threading.Tasks.Task StartPreRestoreAsync(System.Uri folderUri, string sasToken = null, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; } public virtual Azure.Security.KeyVault.Administration.KeyVaultRestoreOperation StartRestore(System.Uri folderUri, string sasToken = null, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; } public virtual System.Threading.Tasks.Task StartRestoreAsync(System.Uri folderUri, string sasToken = null, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; } public virtual Azure.Security.KeyVault.Administration.KeyVaultSelectiveKeyRestoreOperation StartSelectiveKeyRestore(string keyName, System.Uri folderUri, string sasToken = null, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; } @@ -165,6 +170,38 @@ public KeyVaultPermission() { } public System.Collections.Generic.IList NotActions { get { throw null; } } public System.Collections.Generic.IList NotDataActions { get { throw null; } } } + public partial class KeyVaultPreBackupOperation : Azure.Operation + { + protected KeyVaultPreBackupOperation() { } + public KeyVaultPreBackupOperation(Azure.Security.KeyVault.Administration.KeyVaultBackupClient client, string id) { } + public System.DateTimeOffset? EndTime { get { throw null; } } + public override bool HasCompleted { get { throw null; } } + public override bool HasValue { get { throw null; } } + public override string Id { get { throw null; } } + public System.DateTimeOffset? StartTime { get { throw null; } } + public override Azure.Security.KeyVault.Administration.KeyVaultBackupResult Value { get { throw null; } } + public override Azure.Response GetRawResponse() { throw null; } + public override Azure.Response UpdateStatus(System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; } + public override System.Threading.Tasks.ValueTask UpdateStatusAsync(System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; } + public override System.Threading.Tasks.ValueTask> WaitForCompletionAsync(System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; } + public override System.Threading.Tasks.ValueTask> WaitForCompletionAsync(System.TimeSpan pollingInterval, System.Threading.CancellationToken cancellationToken) { throw null; } + } + public partial class KeyVaultPreRestoreOperation : Azure.Operation + { + protected KeyVaultPreRestoreOperation() { } + public KeyVaultPreRestoreOperation(Azure.Security.KeyVault.Administration.KeyVaultBackupClient client, string id) { } + public System.DateTimeOffset? EndTime { get { throw null; } } + public override bool HasCompleted { get { throw null; } } + public override bool HasValue { get { throw null; } } + public override string Id { get { throw null; } } + public System.DateTimeOffset? StartTime { get { throw null; } } + public override Azure.Security.KeyVault.Administration.KeyVaultRestoreResult Value { get { throw null; } } + public override Azure.Response GetRawResponse() { throw null; } + public override Azure.Response UpdateStatus(System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; } + public override System.Threading.Tasks.ValueTask UpdateStatusAsync(System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; } + public override System.Threading.Tasks.ValueTask> WaitForCompletionAsync(System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; } + public override System.Threading.Tasks.ValueTask> WaitForCompletionAsync(System.TimeSpan pollingInterval, System.Threading.CancellationToken cancellationToken) { throw null; } + } public partial class KeyVaultRestoreOperation : Azure.Operation { protected KeyVaultRestoreOperation() { } @@ -337,3 +374,13 @@ public readonly partial struct KeyVaultSettingValue public override string ToString() { throw null; } } } +namespace Azure.Security.KeyVault.Administration.Models +{ + public partial class PreBackupOperationParameters + { + public PreBackupOperationParameters() { } + public string StorageResourceUri { get { throw null; } set { } } + public string Token { get { throw null; } set { } } + public bool? UseManagedIdentity { get { throw null; } set { } } + } +} diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/assets.json b/sdk/keyvault/Azure.Security.KeyVault.Administration/assets.json index 3072779aaa8ae..28336ec072ed2 100644 --- a/sdk/keyvault/Azure.Security.KeyVault.Administration/assets.json +++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/assets.json @@ -2,5 +2,5 @@ "AssetsRepo": "Azure/azure-sdk-assets", "AssetsRepoPrefixPath": "net", "TagPrefix": "net/keyvault/Azure.Security.KeyVault.Administration", - "Tag": "net/keyvault/Azure.Security.KeyVault.Administration_4951f6b8e1" + "Tag": "net/keyvault/Azure.Security.KeyVault.Administration_2b51d5440c" } diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/AzureSecurityKeyVaultAdministrationPreFullBackupHeaders.cs b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/AzureSecurityKeyVaultAdministrationPreFullBackupHeaders.cs new file mode 100644 index 0000000000000..e98c641e04228 --- /dev/null +++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/AzureSecurityKeyVaultAdministrationPreFullBackupHeaders.cs @@ -0,0 +1,24 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using Azure.Core; + +namespace Azure.Security.KeyVault.Administration +{ + internal partial class AzureSecurityKeyVaultAdministrationPreFullBackupHeaders + { + private readonly Response _response; + public AzureSecurityKeyVaultAdministrationPreFullBackupHeaders(Response response) + { + _response = response; + } + /// The recommended number of seconds to wait before calling the URI specified in Azure-AsyncOperation. + public long? RetryAfter => _response.Headers.TryGetValue("Retry-After", out long? value) ? value : null; + /// The URI to poll for completion status. + public string AzureAsyncOperation => _response.Headers.TryGetValue("Azure-AsyncOperation", out string value) ? value : null; + } +} diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/AzureSecurityKeyVaultAdministrationPreFullRestoreOperationHeaders.cs b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/AzureSecurityKeyVaultAdministrationPreFullRestoreOperationHeaders.cs new file mode 100644 index 0000000000000..f706130099577 --- /dev/null +++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/AzureSecurityKeyVaultAdministrationPreFullRestoreOperationHeaders.cs @@ -0,0 +1,24 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using Azure.Core; + +namespace Azure.Security.KeyVault.Administration +{ + internal partial class AzureSecurityKeyVaultAdministrationPreFullRestoreOperationHeaders + { + private readonly Response _response; + public AzureSecurityKeyVaultAdministrationPreFullRestoreOperationHeaders(Response response) + { + _response = response; + } + /// The recommended number of seconds to wait before calling the URI specified in Azure-AsyncOperation. + public long? RetryAfter => _response.Headers.TryGetValue("Retry-After", out long? value) ? value : null; + /// The URI to poll for completion status. + public string AzureAsyncOperation => _response.Headers.TryGetValue("Azure-AsyncOperation", out string value) ? value : null; + } +} diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/BackupRestoreRestClient.cs b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/BackupRestoreRestClient.cs index b30181ba2e982..794f0d4189865 100644 --- a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/BackupRestoreRestClient.cs +++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/BackupRestoreRestClient.cs @@ -28,7 +28,7 @@ internal partial class BackupRestoreRestClient /// The HTTP pipeline for sending and receiving REST requests and responses. /// Api Version. /// , or is null. - public BackupRestoreRestClient(ClientDiagnostics clientDiagnostics, HttpPipeline pipeline, string apiVersion = "7.5") + public BackupRestoreRestClient(ClientDiagnostics clientDiagnostics, HttpPipeline pipeline, string apiVersion = "7.6-preview.1") { ClientDiagnostics = clientDiagnostics ?? throw new ArgumentNullException(nameof(clientDiagnostics)); _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); @@ -104,6 +104,75 @@ public ResponseWithHeaders } } + internal HttpMessage CreatePreFullBackupRequest(string vaultBaseUrl, PreBackupOperationParameters preBackupOperationParameters) + { + var message = _pipeline.CreateMessage(); + var request = message.Request; + request.Method = RequestMethod.Post; + var uri = new RawRequestUriBuilder(); + uri.AppendRaw(vaultBaseUrl, false); + uri.AppendPath("/prebackup", false); + uri.AppendQuery("api-version", _apiVersion, true); + request.Uri = uri; + request.Headers.Add("Accept", "application/json"); + if (preBackupOperationParameters != null) + { + request.Headers.Add("Content-Type", "application/json"); + var content = new Utf8JsonRequestContent(); + content.JsonWriter.WriteObjectValue(preBackupOperationParameters); + request.Content = content; + } + return message; + } + + /// Pre-backup operation for checking whether the customer can perform a full backup operation. + /// The vault name, for example https://myvault.vault.azure.net. + /// Optional parameters to validate prior to performing a full backup operation. + /// The cancellation token to use. + /// is null. + public async Task> PreFullBackupAsync(string vaultBaseUrl, PreBackupOperationParameters preBackupOperationParameters = null, CancellationToken cancellationToken = default) + { + if (vaultBaseUrl == null) + { + throw new ArgumentNullException(nameof(vaultBaseUrl)); + } + + using var message = CreatePreFullBackupRequest(vaultBaseUrl, preBackupOperationParameters); + await _pipeline.SendAsync(message, cancellationToken).ConfigureAwait(false); + var headers = new AzureSecurityKeyVaultAdministrationPreFullBackupHeaders(message.Response); + switch (message.Response.Status) + { + case 202: + return ResponseWithHeaders.FromValue(headers, message.Response); + default: + throw new RequestFailedException(message.Response); + } + } + + /// Pre-backup operation for checking whether the customer can perform a full backup operation. + /// The vault name, for example https://myvault.vault.azure.net. + /// Optional parameters to validate prior to performing a full backup operation. + /// The cancellation token to use. + /// is null. + public ResponseWithHeaders PreFullBackup(string vaultBaseUrl, PreBackupOperationParameters preBackupOperationParameters = null, CancellationToken cancellationToken = default) + { + if (vaultBaseUrl == null) + { + throw new ArgumentNullException(nameof(vaultBaseUrl)); + } + + using var message = CreatePreFullBackupRequest(vaultBaseUrl, preBackupOperationParameters); + _pipeline.Send(message, cancellationToken); + var headers = new AzureSecurityKeyVaultAdministrationPreFullBackupHeaders(message.Response); + switch (message.Response.Status) + { + case 202: + return ResponseWithHeaders.FromValue(headers, message.Response); + default: + throw new RequestFailedException(message.Response); + } + } + internal HttpMessage CreateFullBackupStatusRequest(string vaultBaseUrl, string jobId) { var message = _pipeline.CreateMessage(); @@ -184,6 +253,75 @@ public Response FullBackupStatus(string vaultBaseUrl, } } + internal HttpMessage CreatePreFullRestoreOperationRequest(string vaultBaseUrl, PreRestoreOperationParameters preRestoreOperationParameters) + { + var message = _pipeline.CreateMessage(); + var request = message.Request; + request.Method = RequestMethod.Put; + var uri = new RawRequestUriBuilder(); + uri.AppendRaw(vaultBaseUrl, false); + uri.AppendPath("/prerestore", false); + uri.AppendQuery("api-version", _apiVersion, true); + request.Uri = uri; + request.Headers.Add("Accept", "application/json"); + if (preRestoreOperationParameters != null) + { + request.Headers.Add("Content-Type", "application/json"); + var content = new Utf8JsonRequestContent(); + content.JsonWriter.WriteObjectValue(preRestoreOperationParameters); + request.Content = content; + } + return message; + } + + /// Pre-restore operation for checking whether the customer can perform a full restore operation. + /// The vault name, for example https://myvault.vault.azure.net. + /// Optional pre restore parameters to validate prior to performing a full restore operation. + /// The cancellation token to use. + /// is null. + public async Task> PreFullRestoreOperationAsync(string vaultBaseUrl, PreRestoreOperationParameters preRestoreOperationParameters = null, CancellationToken cancellationToken = default) + { + if (vaultBaseUrl == null) + { + throw new ArgumentNullException(nameof(vaultBaseUrl)); + } + + using var message = CreatePreFullRestoreOperationRequest(vaultBaseUrl, preRestoreOperationParameters); + await _pipeline.SendAsync(message, cancellationToken).ConfigureAwait(false); + var headers = new AzureSecurityKeyVaultAdministrationPreFullRestoreOperationHeaders(message.Response); + switch (message.Response.Status) + { + case 202: + return ResponseWithHeaders.FromValue(headers, message.Response); + default: + throw new RequestFailedException(message.Response); + } + } + + /// Pre-restore operation for checking whether the customer can perform a full restore operation. + /// The vault name, for example https://myvault.vault.azure.net. + /// Optional pre restore parameters to validate prior to performing a full restore operation. + /// The cancellation token to use. + /// is null. + public ResponseWithHeaders PreFullRestoreOperation(string vaultBaseUrl, PreRestoreOperationParameters preRestoreOperationParameters = null, CancellationToken cancellationToken = default) + { + if (vaultBaseUrl == null) + { + throw new ArgumentNullException(nameof(vaultBaseUrl)); + } + + using var message = CreatePreFullRestoreOperationRequest(vaultBaseUrl, preRestoreOperationParameters); + _pipeline.Send(message, cancellationToken); + var headers = new AzureSecurityKeyVaultAdministrationPreFullRestoreOperationHeaders(message.Response); + switch (message.Response.Status) + { + case 202: + return ResponseWithHeaders.FromValue(headers, message.Response); + default: + throw new RequestFailedException(message.Response); + } + } + internal HttpMessage CreateFullRestoreOperationRequest(string vaultBaseUrl, RestoreOperationParameters restoreBlobDetails) { var message = _pipeline.CreateMessage(); diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/PreBackupOperationParameters.Serialization.cs b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/PreBackupOperationParameters.Serialization.cs new file mode 100644 index 0000000000000..e1ce1dc319935 --- /dev/null +++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/PreBackupOperationParameters.Serialization.cs @@ -0,0 +1,44 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using System.Text.Json; +using Azure.Core; + +namespace Azure.Security.KeyVault.Administration.Models +{ + public partial class PreBackupOperationParameters : IUtf8JsonSerializable + { + void IUtf8JsonSerializable.Write(Utf8JsonWriter writer) + { + writer.WriteStartObject(); + if (Optional.IsDefined(StorageResourceUri)) + { + writer.WritePropertyName("storageResourceUri"u8); + writer.WriteStringValue(StorageResourceUri); + } + if (Optional.IsDefined(Token)) + { + writer.WritePropertyName("token"u8); + writer.WriteStringValue(Token); + } + if (Optional.IsDefined(UseManagedIdentity)) + { + writer.WritePropertyName("useManagedIdentity"u8); + writer.WriteBooleanValue(UseManagedIdentity.Value); + } + writer.WriteEndObject(); + } + + /// Convert into a . + internal virtual RequestContent ToRequestContent() + { + var content = new Utf8JsonRequestContent(); + content.JsonWriter.WriteObjectValue(this); + return content; + } + } +} diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/PreBackupOperationParameters.cs b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/PreBackupOperationParameters.cs new file mode 100644 index 0000000000000..c12e9e3d32652 --- /dev/null +++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/PreBackupOperationParameters.cs @@ -0,0 +1,36 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +namespace Azure.Security.KeyVault.Administration.Models +{ + /// The PreBackupOperationParameters. + public partial class PreBackupOperationParameters + { + /// Initializes a new instance of . + public PreBackupOperationParameters() + { + } + + /// Initializes a new instance of . + /// Azure Blob storage container Uri. + /// The SAS token pointing to an Azure Blob storage container. + /// Indicates which authentication method should be used. If set to true, Managed HSM will use the configured user-assigned managed identity to authenticate with Azure Storage. Otherwise, a SAS token has to be specified. + internal PreBackupOperationParameters(string storageResourceUri, string token, bool? useManagedIdentity) + { + StorageResourceUri = storageResourceUri; + Token = token; + UseManagedIdentity = useManagedIdentity; + } + + /// Azure Blob storage container Uri. + public string StorageResourceUri { get; set; } + /// The SAS token pointing to an Azure Blob storage container. + public string Token { get; set; } + /// Indicates which authentication method should be used. If set to true, Managed HSM will use the configured user-assigned managed identity to authenticate with Azure Storage. Otherwise, a SAS token has to be specified. + public bool? UseManagedIdentity { get; set; } + } +} diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/PreRestoreOperationParameters.Serialization.cs b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/PreRestoreOperationParameters.Serialization.cs new file mode 100644 index 0000000000000..45d6d2d44270a --- /dev/null +++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/PreRestoreOperationParameters.Serialization.cs @@ -0,0 +1,39 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using System.Text.Json; +using Azure.Core; + +namespace Azure.Security.KeyVault.Administration.Models +{ + internal partial class PreRestoreOperationParameters : IUtf8JsonSerializable + { + void IUtf8JsonSerializable.Write(Utf8JsonWriter writer) + { + writer.WriteStartObject(); + if (Optional.IsDefined(SasTokenParameters)) + { + writer.WritePropertyName("sasTokenParameters"u8); + writer.WriteObjectValue(SasTokenParameters); + } + if (Optional.IsDefined(FolderToRestore)) + { + writer.WritePropertyName("folderToRestore"u8); + writer.WriteStringValue(FolderToRestore); + } + writer.WriteEndObject(); + } + + /// Convert into a . + internal virtual RequestContent ToRequestContent() + { + var content = new Utf8JsonRequestContent(); + content.JsonWriter.WriteObjectValue(this); + return content; + } + } +} diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/PreRestoreOperationParameters.cs b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/PreRestoreOperationParameters.cs new file mode 100644 index 0000000000000..f2985849bc639 --- /dev/null +++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/PreRestoreOperationParameters.cs @@ -0,0 +1,32 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +namespace Azure.Security.KeyVault.Administration.Models +{ + /// The PreRestoreOperationParameters. + internal partial class PreRestoreOperationParameters + { + /// Initializes a new instance of . + public PreRestoreOperationParameters() + { + } + + /// Initializes a new instance of . + /// + /// The Folder name of the blob where the previous successful full backup was stored. + internal PreRestoreOperationParameters(SASTokenParameter sasTokenParameters, string folderToRestore) + { + SasTokenParameters = sasTokenParameters; + FolderToRestore = folderToRestore; + } + + /// Gets or sets the sas token parameters. + public SASTokenParameter SasTokenParameters { get; set; } + /// The Folder name of the blob where the previous successful full backup was stored. + public string FolderToRestore { get; set; } + } +} diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/RoleAssignmentsRestClient.cs b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/RoleAssignmentsRestClient.cs index 8cdf96815723c..60475edd03da5 100644 --- a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/RoleAssignmentsRestClient.cs +++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/RoleAssignmentsRestClient.cs @@ -28,7 +28,7 @@ internal partial class RoleAssignmentsRestClient /// The HTTP pipeline for sending and receiving REST requests and responses. /// Api Version. /// , or is null. - public RoleAssignmentsRestClient(ClientDiagnostics clientDiagnostics, HttpPipeline pipeline, string apiVersion = "7.5") + public RoleAssignmentsRestClient(ClientDiagnostics clientDiagnostics, HttpPipeline pipeline, string apiVersion = "7.6-preview.1") { ClientDiagnostics = clientDiagnostics ?? throw new ArgumentNullException(nameof(clientDiagnostics)); _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/RoleDefinitionsRestClient.cs b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/RoleDefinitionsRestClient.cs index 6221ad1e783cb..9b47b644ea830 100644 --- a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/RoleDefinitionsRestClient.cs +++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/RoleDefinitionsRestClient.cs @@ -28,7 +28,7 @@ internal partial class RoleDefinitionsRestClient /// The HTTP pipeline for sending and receiving REST requests and responses. /// Api Version. /// , or is null. - public RoleDefinitionsRestClient(ClientDiagnostics clientDiagnostics, HttpPipeline pipeline, string apiVersion = "7.5") + public RoleDefinitionsRestClient(ClientDiagnostics clientDiagnostics, HttpPipeline pipeline, string apiVersion = "7.6-preview.1") { ClientDiagnostics = clientDiagnostics ?? throw new ArgumentNullException(nameof(clientDiagnostics)); _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/SettingsRestClient.cs b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/SettingsRestClient.cs index 7a898bfb4b4b5..924e65f68b0fa 100644 --- a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/SettingsRestClient.cs +++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/SettingsRestClient.cs @@ -28,7 +28,7 @@ internal partial class SettingsRestClient /// The HTTP pipeline for sending and receiving REST requests and responses. /// Api Version. /// , or is null. - public SettingsRestClient(ClientDiagnostics clientDiagnostics, HttpPipeline pipeline, string apiVersion = "7.5") + public SettingsRestClient(ClientDiagnostics clientDiagnostics, HttpPipeline pipeline, string apiVersion = "7.6-preview.1") { ClientDiagnostics = clientDiagnostics ?? throw new ArgumentNullException(nameof(clientDiagnostics)); _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/KeyVaultAdministrationClientOptions.cs b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/KeyVaultAdministrationClientOptions.cs index baf00abf0c86e..8e2144f9ac424 100644 --- a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/KeyVaultAdministrationClientOptions.cs +++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/KeyVaultAdministrationClientOptions.cs @@ -18,7 +18,7 @@ public class KeyVaultAdministrationClientOptions : ClientOptions /// For more information, see /// Key Vault versions. /// - internal const ServiceVersion LatestVersion = ServiceVersion.V7_5; + internal const ServiceVersion LatestVersion = ServiceVersion.V7_6_Preview_1; /// /// The versions of Azure Key Vault supported by this client @@ -46,6 +46,11 @@ public enum ServiceVersion /// The Key Vault API version 7.5. /// V7_5 = 4, + + /// + /// The Key Vault API version 7.6-preview.1. + /// + V7_6_Preview_1 = 5, #pragma warning restore CA1707 // Identifiers should not contain underscores } @@ -83,6 +88,7 @@ internal string GetVersionString() ServiceVersion.V7_3 => "7.3", ServiceVersion.V7_4 => "7.4", ServiceVersion.V7_5 => "7.5", + ServiceVersion.V7_6_Preview_1 => "7.6-preview.1", _ => throw new ArgumentException(Version.ToString()), }; } diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/KeyVaultBackupClient.cs b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/KeyVaultBackupClient.cs index 36a06b4f3bec3..9c3ea0d922c13 100644 --- a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/KeyVaultBackupClient.cs +++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/KeyVaultBackupClient.cs @@ -123,6 +123,80 @@ public virtual KeyVaultBackupOperation StartBackup(Uri blobStorageUri, string sa } } + /// + /// Initiates a pre-backup check on the Key Vault. This operation checks if it is possible to back up the entire collection of keys from a Key Vault. + /// + /// The for the blob storage resource. + /// Optional Shared Access Signature (SAS) token to authorize access to the blob. If null, Managed Identity will be used to authenticate instead. + /// A controlling the request lifetime. + /// or is null. + /// The server returned an error. See for details returned from the server. + /// A representing the result of the asynchronous operation. + public virtual async Task StartPreBackupAsync(Uri blobStorageUri, string sasToken = default, CancellationToken cancellationToken = default) + { + Argument.AssertNotNull(blobStorageUri, nameof(blobStorageUri)); + Argument.AssertNotNull(sasToken, nameof(sasToken)); + + using DiagnosticScope scope = _diagnostics.CreateScope($"{nameof(KeyVaultBackupClient)}.{nameof(StartPreBackupAsync)}"); + scope.Start(); + try + { + var response = await _restClient.PreFullBackupAsync( + VaultUri.AbsoluteUri, + new PreBackupOperationParameters( + blobStorageUri.AbsoluteUri, + sasToken, + useManagedIdentity: sasToken == null + ), + cancellationToken).ConfigureAwait(false); + + // Should this return a KeyVaultBackupOperation? + return new KeyVaultPreBackupOperation(this, response); + } + catch (Exception ex) + { + scope.Failed(ex); + throw; + } + } + + /// + /// Initiates a pre-backup check on the Key Vault. This operation checks if it is possible to back up the entire collection of keys from a Key Vault. + /// + /// The for the blob storage resource. + /// Optional Shared Access Signature (SAS) token to authorize access to the blob. If null, Managed Identity will be used to authenticate instead. + /// A controlling the request lifetime. + /// or is null. + /// The server returned an error. See for details returned from the server. + /// A representing the result of the operation. + public virtual KeyVaultPreBackupOperation StartPreBackup(Uri blobStorageUri, string sasToken = default, CancellationToken cancellationToken = default) + { + Argument.AssertNotNull(blobStorageUri, nameof(blobStorageUri)); + Argument.AssertNotNull(sasToken, nameof(sasToken)); + + using DiagnosticScope scope = _diagnostics.CreateScope($"{nameof(KeyVaultBackupClient)}.{nameof(StartPreBackup)}"); + scope.Start(); + try + { + var response = _restClient.PreFullBackup( + VaultUri.AbsoluteUri, + new PreBackupOperationParameters( + blobStorageUri.AbsoluteUri, + sasToken, + useManagedIdentity: sasToken == null + ), + cancellationToken); + + // Should this return a KeyVaultBackupOperation? + return new KeyVaultPreBackupOperation(this, response); + } + catch (Exception ex) + { + scope.Failed(ex); + throw; + } + } + /// /// Initiates a full key restore of the Key Vault. /// @@ -163,6 +237,89 @@ public virtual async Task StartRestoreAsync(Uri folder } } + /// + /// Initiate a pre-restore check on a Key Vault. This operation checks if it is possible to restore the entire collection of keys from a Key Vault. + /// + /// + /// The for the blob storage resource, including the path to the blob container where the backup resides. + /// This would be the exact value that is returned as the result of a . + /// An example Uri may look like the following: https://contoso.blob.core.windows.net/backup/mhsm-contoso-2020090117323313. + /// + /// Optional Shared Access Signature (SAS) token to authorize access to the blob. If null, Managed Identity will be used to authenticate instead. + /// A controlling the request lifetime. + /// or is null. + /// The server returned an error. See for details returned from the server. + /// A representing the result of the asynchronous operation. + public virtual async Task StartPreRestoreAsync(Uri folderUri, string sasToken = default, CancellationToken cancellationToken = default) + { + Argument.AssertNotNull(folderUri, nameof(folderUri)); + Argument.AssertNotNull(sasToken, nameof(sasToken)); + + using DiagnosticScope scope = _diagnostics.CreateScope($"{nameof(KeyVaultBackupClient)}.{nameof(StartRestore)}"); + scope.Start(); + try + { + // Get the folder name from the backupBlobUri returned from a previous BackupOperation + ParseFolderName(folderUri, out string containerUriString, out string folderName); + + var response = await _restClient.PreFullRestoreOperationAsync( + VaultUri.AbsoluteUri, + new PreRestoreOperationParameters( + new SASTokenParameter(containerUriString, sasToken), + folderUri.AbsoluteUri + ), + cancellationToken).ConfigureAwait(false); + + return new KeyVaultPreRestoreOperation(this, response); + } + catch (Exception ex) + { + scope.Failed(ex); + throw; + } + } + + /// + /// Initiate a pre-restore check on a Key Vault. This operation checks if it is possible to restore the entire collection of keys from a Key Vault. + /// + /// + /// The for the blob storage resource, including the path to the blob container where the backup resides. + /// This would be the exact value that is returned as the result of a . + /// An example Uri path may look like the following: https://contoso.blob.core.windows.net/backup/mhsm-contoso-2020090117323313. + /// + /// Optional Shared Access Signature (SAS) token to authorize access to the blob. If null, Managed Identity will be used to authenticate instead. + /// A controlling the request lifetime. + /// or is null. + /// The server returned an error. See for details returned from the server. + /// A to wait on this long-running operation. + public virtual KeyVaultPreRestoreOperation StartPreRestore(Uri folderUri, string sasToken = default, CancellationToken cancellationToken = default) + { + Argument.AssertNotNull(folderUri, nameof(folderUri)); + Argument.AssertNotNull(sasToken, nameof(sasToken)); + + using DiagnosticScope scope = _diagnostics.CreateScope($"{nameof(KeyVaultBackupClient)}.{nameof(StartRestore)}"); + scope.Start(); + try + { + // Get the folder name from the backupBlobUri returned from a previous BackupOperation + ParseFolderName(folderUri, out string containerUriString, out string folderName); + + var response = _restClient.PreFullRestoreOperation( + VaultUri.AbsoluteUri, + new PreRestoreOperationParameters( + new SASTokenParameter(containerUriString, sasToken), + folderUri.AbsoluteUri + ), + cancellationToken); + return new KeyVaultPreRestoreOperation(this, response); + } + catch (Exception ex) + { + scope.Failed(ex); + throw; + } + } + /// /// Initiates a full key restore of the Key Vault. /// diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/KeyVaultPreBackupOperation.cs b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/KeyVaultPreBackupOperation.cs new file mode 100644 index 0000000000000..92ed12ee8f5ae --- /dev/null +++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/KeyVaultPreBackupOperation.cs @@ -0,0 +1,179 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +using System; +using Azure.Core; +using Azure.Security.KeyVault.Administration.Models; +using System.Threading.Tasks; +using System.Threading; +using Azure.Core.Pipeline; + +namespace Azure.Security.KeyVault.Administration +{ + /// + /// A long-running operation for or . + /// + public class KeyVaultPreBackupOperation : Operation + { + /// + /// The number of seconds recommended by the service to delay before checking on completion status. + /// + internal long? _retryAfterSeconds; + private readonly KeyVaultBackupClient _client; + private Response _response; + private FullBackupDetailsInternal _value; + private readonly string _id; + private RequestFailedException _requestFailedException; + + /// + /// Creates an instance of a KeyVaultPreBackupOperation from a previously started operation. , , + /// , or must be called + /// to re-populate the details of this operation. + /// + /// An instance of . + /// The from a previous . + /// or is null. + /// is empty. + public KeyVaultPreBackupOperation(KeyVaultBackupClient client, string id) + { + Argument.AssertNotNullOrEmpty(id, nameof(id)); + Argument.AssertNotNull(client, nameof(client)); + + _client = client; + _id = id; + } + + /// + /// Initializes a new instance of a KeyVaultPreBackupOperation. + /// + /// An instance of . + /// The returned from or . + /// The server operation does not contains an Id + internal KeyVaultPreBackupOperation(KeyVaultBackupClient client, ResponseWithHeaders response) + { + _client = client; + _response = response; + _retryAfterSeconds = response.Headers.RetryAfter; + _id = response.Headers.JobId() ?? throw new InvalidOperationException("The response does not contain an Id"); + } + + /// + /// Initializes a new instance of a KeyVaultPreBackupOperation for mocking purposes. + /// + /// The that will be returned from . + /// The that will be returned from . + /// An instance of . + /// , , or is null. + internal KeyVaultPreBackupOperation(FullBackupDetailsInternal value, Response response, KeyVaultBackupClient client) + { + Argument.AssertNotNull(value, nameof(value)); + Argument.AssertNotNull(response, nameof(response)); + Argument.AssertNotNull(client, nameof(client)); + + _response = response; + _value = value; + _id = value.JobId; + _client = client; + } + + /// Initializes a new instance of for mocking. + protected KeyVaultPreBackupOperation() { } + + /// + /// The start time of the backup operation. + /// + public DateTimeOffset? StartTime => _value?.StartTime; + + /// + /// The end time of the backup operation. + /// + public DateTimeOffset? EndTime => _value?.EndTime; + + /// + public override string Id => _id; + + /// + /// Gets the of the backup operation. + /// You should await before attempting to use a key in this pending state. + /// + public override KeyVaultBackupResult Value + { + get + { +#pragma warning disable CA1065 // Do not raise exceptions in unexpected locations + if (!HasCompleted) + { + throw new InvalidOperationException("The operation is not complete."); + } + if (_requestFailedException != null) + { + throw _requestFailedException; + } +#pragma warning restore CA1065 // Do not raise exceptions in unexpected locations + return new KeyVaultBackupResult(new Uri(_value.AzureStorageBlobContainerUri), _value.StartTime.Value, _value.EndTime.Value); + } + } + + /// + public override bool HasCompleted => _value?.EndTime.HasValue ?? false; + + /// + public override bool HasValue => _response != null && _value?.Error == null && HasCompleted; + + /// + public override Response GetRawResponse() => _response; + + /// + public override Response UpdateStatus(CancellationToken cancellationToken = default) => + UpdateStatusAsync(false, cancellationToken).EnsureCompleted(); + + /// + public override async ValueTask UpdateStatusAsync(CancellationToken cancellationToken = default) => + await UpdateStatusAsync(true, cancellationToken).ConfigureAwait(false); + + private async ValueTask UpdateStatusAsync(bool async, CancellationToken cancellationToken = default) + { + if (!HasCompleted) + { + try + { + Response response = async ? + await _client.GetBackupDetailsAsync(Id, cancellationToken).ConfigureAwait(false) + : _client.GetBackupDetails(Id, cancellationToken); + + _value = response.Value; + _response = response.GetRawResponse(); + } + catch (RequestFailedException ex) + { + _requestFailedException = ex; + throw; + } + catch (Exception ex) + { + _requestFailedException = new RequestFailedException("Unexpected failure", ex); + throw _requestFailedException; + } + + if (_value != null && _value.EndTime.HasValue && _value.Error != null) + { + _requestFailedException = _response != null ? + new RequestFailedException(_response) + : new RequestFailedException($"{_value.Error.Message}\nInnerError: {_value.Error.InnerError}\nCode: {_value.Error.Code}"); + throw _requestFailedException; + } + } + + return GetRawResponse(); + } + + /// + public override ValueTask> WaitForCompletionAsync(CancellationToken cancellationToken = default) => + _retryAfterSeconds.HasValue ? this.DefaultWaitForCompletionAsync(TimeSpan.FromSeconds(_retryAfterSeconds.Value), cancellationToken) : + this.DefaultWaitForCompletionAsync(cancellationToken); + + /// + public override ValueTask> WaitForCompletionAsync(TimeSpan pollingInterval, CancellationToken cancellationToken) => + this.DefaultWaitForCompletionAsync(pollingInterval, cancellationToken); + } +} diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/KeyVaultPreRestoreOperation.cs b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/KeyVaultPreRestoreOperation.cs new file mode 100644 index 0000000000000..f0e236b47af77 --- /dev/null +++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/KeyVaultPreRestoreOperation.cs @@ -0,0 +1,107 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +using System; +using System.Threading; +using System.Threading.Tasks; +using Azure.Core; +using Azure.Security.KeyVault.Administration.Models; + +namespace Azure.Security.KeyVault.Administration +{ + /// + /// A long-running operation for or . + /// + public class KeyVaultPreRestoreOperation : Operation + { + internal readonly RestoreOperationInternal _operationInternal; + + /// + /// Creates an instance of a KeyVaultPreRestoreOperation from a previously started operation. , , + /// , or must be called + /// to re-populate the details of this operation. + /// + /// An instance of . + /// The from a previous . + /// or is null. + /// is empty. + public KeyVaultPreRestoreOperation(KeyVaultBackupClient client, string id) + { + Argument.AssertNotNull(client, nameof(client)); + Argument.AssertNotNullOrEmpty(id, nameof(id)); + + _operationInternal = new RestoreOperationInternal(client, id); + } + + /// + /// Initializes a new instance of the class. + /// + /// An instance of . + /// The returned from or . + /// or is null. + internal KeyVaultPreRestoreOperation(KeyVaultBackupClient client, ResponseWithHeaders response) + { + Argument.AssertNotNull(client, nameof(client)); + Argument.AssertNotNull(response, nameof(response)); + + _operationInternal = new RestoreOperationInternal(client, response); + } + + /// + /// Initializes a new instance of a KeyVaultPreRestoreOperation for mocking purposes. + /// + /// The that will be used to populate various properties. + /// The that will be returned from . + /// An instance of . + /// or or is null. + internal KeyVaultPreRestoreOperation(RestoreDetailsInternal value, Response response, KeyVaultBackupClient client) + { + Argument.AssertNotNull(value, nameof(value)); + Argument.AssertNotNull(response, nameof(response)); + Argument.AssertNotNull(client, nameof(client)); + + _operationInternal = new RestoreOperationInternal(value, response, client); + } + + /// Initializes a new instance of for mocking. + protected KeyVaultPreRestoreOperation() {} + + /// + /// The start time of the restore operation. + /// + public DateTimeOffset? StartTime => _operationInternal.StartTime; + + /// + /// The end time of the restore operation. + /// + public DateTimeOffset? EndTime => _operationInternal.EndTime; + + /// + public override string Id => _operationInternal.Id; + /// + public override KeyVaultRestoreResult Value => _operationInternal.Value; + + /// + public override bool HasCompleted => _operationInternal.HasCompleted; + + /// + public override bool HasValue => _operationInternal.HasValue; + + /// + public override Response GetRawResponse() => _operationInternal.GetRawResponse(); + + /// + public override Response UpdateStatus(CancellationToken cancellationToken = default) => _operationInternal.UpdateStatus(cancellationToken); + + /// + public override async ValueTask UpdateStatusAsync(CancellationToken cancellationToken = default) => await _operationInternal.UpdateStatusAsync(cancellationToken).ConfigureAwait(false); + + /// + public override ValueTask> WaitForCompletionAsync(CancellationToken cancellationToken = default) => + _operationInternal.WaitForCompletionAsync(cancellationToken); + + /// + public override ValueTask> WaitForCompletionAsync(TimeSpan pollingInterval, CancellationToken cancellationToken) => + _operationInternal.WaitForCompletionAsync(pollingInterval, cancellationToken); + } +} diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/OperationHeadersExtensions.cs b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/OperationHeadersExtensions.cs index aa3687c4c5f46..dba73a3eb4438 100644 --- a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/OperationHeadersExtensions.cs +++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/OperationHeadersExtensions.cs @@ -16,6 +16,24 @@ public static string JobId(this AzureSecurityKeyVaultAdministrationFullBackupHea return GetJobIdFromAzureAsyncOperation(header.AzureAsyncOperation); } + /// + /// Extracts the operation JobId from the AzureAsyncOperation. + /// + /// The operation JobId. + public static string JobId(this AzureSecurityKeyVaultAdministrationPreFullBackupHeaders header) + { + return GetJobIdFromAzureAsyncOperation(header.AzureAsyncOperation); + } + + /// + /// Extracts the operation JobId from the AzureAsyncOperation. + /// + /// The operation JobId. + public static string JobId(this AzureSecurityKeyVaultAdministrationPreFullRestoreOperationHeaders header) + { + return GetJobIdFromAzureAsyncOperation(header.AzureAsyncOperation); + } + /// /// Extracts the operation JobId from the AzureAsyncOperation. /// diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/PreRestoreOperationParameters.cs b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/PreRestoreOperationParameters.cs new file mode 100644 index 0000000000000..aac8dd35968d8 --- /dev/null +++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/PreRestoreOperationParameters.cs @@ -0,0 +1,9 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +namespace Azure.Security.KeyVault.Administration.Models +{ + // Transform the PreBackupOperationParameters model to an internal class. + internal partial class PreRestoreOperationParameters + { } +} diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/RestoreOperationInternal.cs b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/RestoreOperationInternal.cs index dfff9a1866469..bfb7d460b44bd 100644 --- a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/RestoreOperationInternal.cs +++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/RestoreOperationInternal.cs @@ -65,6 +65,11 @@ internal RestoreOperationInternal(KeyVaultBackupClient client, ResponseWithHeade _id = selectiveRestoreHeaders.Headers.JobId() ?? throw new InvalidOperationException("The response does not contain an Id"); _retryAfterSeconds = selectiveRestoreHeaders.Headers.RetryAfter; } + else if (response is ResponseWithHeaders preRestoreHeaders) + { + _id = preRestoreHeaders.Headers.JobId() ?? throw new InvalidOperationException("The response does not contain an Id"); + _retryAfterSeconds = (int)preRestoreHeaders.Headers.RetryAfter; + } else { throw new ArgumentException("Invalid header type", nameof(response)); diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/autorest.md b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/autorest.md index 4135789b16a20..58678e5a06528 100644 --- a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/autorest.md +++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/autorest.md @@ -9,9 +9,9 @@ Run `dotnet build /t:GenerateCode` in src directory to re-generate. ``` yaml title: Azure.Security.KeyVault.Administration input-file: -- https://raw.githubusercontent.com/Azure/azure-rest-api-specs/7452e1cc7db72fbc6cd9539b390d8b8e5c2a1864/specification/keyvault/data-plane/Microsoft.KeyVault/stable/7.5/rbac.json -- https://raw.githubusercontent.com/Azure/azure-rest-api-specs/7452e1cc7db72fbc6cd9539b390d8b8e5c2a1864/specification/keyvault/data-plane/Microsoft.KeyVault/stable/7.5/backuprestore.json -- https://raw.githubusercontent.com/Azure/azure-rest-api-specs/7452e1cc7db72fbc6cd9539b390d8b8e5c2a1864/specification/keyvault/data-plane/Microsoft.KeyVault/stable/7.5/settings.json +- https://raw.githubusercontent.com/Azure/azure-rest-api-specs/8af9817c15d688c941cda106758045b5deb9a069/specification/keyvault/data-plane/Microsoft.KeyVault/preview/7.6-preview.1/rbac.json +- https://raw.githubusercontent.com/Azure/azure-rest-api-specs/8af9817c15d688c941cda106758045b5deb9a069/specification/keyvault/data-plane/Microsoft.KeyVault/preview/7.6-preview.1/backuprestore.json +- https://raw.githubusercontent.com/Azure/azure-rest-api-specs/8af9817c15d688c941cda106758045b5deb9a069/specification/keyvault/data-plane/Microsoft.KeyVault/preview/7.6-preview.1/settings.json namespace: Azure.Security.KeyVault.Administration generation1-convenience-client: true include-csproj: disable diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/AdministrationTestBase.cs b/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/AdministrationTestBase.cs index 9cd66922f4728..57860b6ff99bb 100644 --- a/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/AdministrationTestBase.cs +++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/AdministrationTestBase.cs @@ -16,6 +16,7 @@ namespace Azure.Security.KeyVault.Administration.Tests /// Base class for recorded Administration tests. /// [ClientTestFixture( + KeyVaultAdministrationClientOptions.ServiceVersion.V7_6_Preview_1, KeyVaultAdministrationClientOptions.ServiceVersion.V7_5, KeyVaultAdministrationClientOptions.ServiceVersion.V7_4, KeyVaultAdministrationClientOptions.ServiceVersion.V7_3, diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/FullBackupClientLiveTests.cs b/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/FullBackupClientLiveTests.cs index 17087ce4e5519..bc4e404c519cc 100644 --- a/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/FullBackupClientLiveTests.cs +++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/FullBackupClientLiveTests.cs @@ -50,6 +50,36 @@ public async Task BackupAndRestore() Assert.That(restoreOperation.HasValue, Is.True); } + [RecordedTest] + [Ignore("Service preview is not available yet.")] + public async Task PreBackupAndPreRestore() + { + var source = new CancellationTokenSource(Timeout); + + UriBuilder builder = new UriBuilder(TestEnvironment.StorageUri); + builder.Path = BlobContainerName; + + // Start the pre-backup operation. + KeyVaultPreBackupOperation preBackupOperation = await Client.StartPreBackupAsync(builder.Uri, "?" + SasToken, source.Token); + + KeyVaultBackupResult preBackupResult = await preBackupOperation.WaitForCompletionAsync(source.Token); + + await WaitForOperationAsync(); + + Assert.That(source.IsCancellationRequested, Is.False); + Assert.That(preBackupResult, Is.Not.Null); + Assert.That(preBackupOperation.HasValue, Is.True); + + // Start the pre-restore operation. + KeyVaultPreRestoreOperation preRestoreOperation = await Client.StartPreRestoreAsync(preBackupResult.FolderUri, "?" + SasToken, source.Token); + KeyVaultRestoreResult preRestoreResult = await preRestoreOperation.WaitForCompletionAsync(source.Token); + await WaitForOperationAsync(); + + Assert.That(source.IsCancellationRequested, Is.False); + Assert.That(preRestoreResult, Is.Not.Null); + Assert.That(preRestoreOperation.HasValue, Is.True); + } + [RecordedTest] [LiveOnly] [Ignore("https://github.com/Azure/azure-sdk-for-net/issues/35614")] diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/samples/Sample1_BackupHelloWorld.cs b/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/samples/Sample1_BackupHelloWorld.cs index 139819a4b0991..b070f3048b934 100644 --- a/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/samples/Sample1_BackupHelloWorld.cs +++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/samples/Sample1_BackupHelloWorld.cs @@ -71,6 +71,61 @@ public async Task BackupAndRestoreSampleAsync() await WaitForOperationAsync(); } + [RecordedTest] + [AsyncOnly] + [Ignore("Service preview is not available yet")] + public async Task PreBackupAndPreRestoreSampleAsync() + { + var blobStorageUrl = TestEnvironment.StorageUri; + var blobContainerName = BlobContainerName; + var sasToken = "?" + SasToken; + + // Create a Uri with the storage container + UriBuilder builder = new UriBuilder(blobStorageUrl) + { + Path = blobContainerName, + }; + + // Check for backup readiness. + KeyVaultPreBackupOperation backupOperation = await Client.StartPreBackupAsync(builder.Uri, sasToken); + + // Wait for completion of the PreBackupOperation. + Response backupResult = await backupOperation.WaitForCompletionAsync(); + + // Check if the PreBackupOperation has completed successfully. + Uri folderUri = backupOperation.HasValue ? backupResult.Value.FolderUri : null; + + if (folderUri is null) + { + Console.WriteLine($"Backup operation failed. Status: {backupOperation.GetRawResponse().Status}, Reason: {backupOperation.GetRawResponse().ReasonPhrase}"); + } + + Assert.That(folderUri, Is.Not.Null); + Assert.That(backupOperation.HasValue, Is.True); + + await WaitForOperationAsync(); + + // Check for restore readiness using the backupBlobUri returned from a previous BackupOperation. + KeyVaultPreRestoreOperation preRestoreOperation = await Client.StartPreRestoreAsync(folderUri, sasToken); + + // Wait for completion of the PreRestoreOperation. + Response preRestoreResult = await preRestoreOperation.WaitForCompletionAsync(); + + // Check if the PreRestoreOperation has completed successfully. + if (preRestoreOperation.HasValue) + { + Console.WriteLine($"Pre-restore operation completed successfully. Status: {preRestoreOperation.GetRawResponse().Status}"); + } + else + { + Console.WriteLine($"Pre-restore operation failed. Status: {preRestoreOperation.GetRawResponse().Status}, Reason: {preRestoreOperation.GetRawResponse().ReasonPhrase}"); + } + + Assert.That(preRestoreOperation.HasValue, Is.True); + Assert.That(preRestoreResult.Value.StartTime, Is.Not.EqualTo(default)); + Assert.That(preRestoreResult.Value.EndTime, Is.Not.EqualTo(default)); + } + [RecordedTest] [SyncOnly] public async Task BackupAndRestoreSampleSync() diff --git a/sdk/keyvault/Azure.Security.KeyVault.Certificates/CHANGELOG.md b/sdk/keyvault/Azure.Security.KeyVault.Certificates/CHANGELOG.md index e040932d1035a..917ca4d22e1da 100644 --- a/sdk/keyvault/Azure.Security.KeyVault.Certificates/CHANGELOG.md +++ b/sdk/keyvault/Azure.Security.KeyVault.Certificates/CHANGELOG.md @@ -10,6 +10,8 @@ ### Other Changes +- The default service version is now "V7_6_Preview_1". + ## 4.6.0 (2024-02-14) Changes from both the last release and the last beta include: @@ -17,7 +19,7 @@ Changes from both the last release and the last beta include: ### Features Added - Added `CertificateProperties.X509ThumbprintString` to return the hexadecimal string representation of the SHA-1 hash of the certificate. - `CertificateProperties.X509Thumbprint` has been hidden but is still available. + `CertificateProperties.X509Thumbprint` has been hidden but is still available. ### Breaking Changes @@ -46,7 +48,7 @@ Changes from both the last release and the last beta include: ### Features Added - Added `CertificateProperties.X509ThumbprintString` to return the hexadecimal string representation of the SHA-1 hash of the certificate. - `CertificateProperties.X509Thumbprint` has been hidden but is still available. + `CertificateProperties.X509Thumbprint` has been hidden but is still available. ### Breaking Changes @@ -94,8 +96,8 @@ Changes from both the last release and the last beta include: ### Breaking Changes - Verify the challenge resource matches the vault domain. - This should affect few customers who can set `CertificateClientOptions.DisableChallengeResourceVerification` to `true` to disable. - See https://aka.ms/azsdk/blog/vault-uri for more information. + This should affect few customers who can set `CertificateClientOptions.DisableChallengeResourceVerification` to `true` to disable. + See for more information. ## 4.3.0 (2022-03-24) diff --git a/sdk/keyvault/Azure.Security.KeyVault.Certificates/api/Azure.Security.KeyVault.Certificates.netstandard2.0.cs b/sdk/keyvault/Azure.Security.KeyVault.Certificates/api/Azure.Security.KeyVault.Certificates.netstandard2.0.cs index 8ba696e10ee1a..f24667ced66e8 100644 --- a/sdk/keyvault/Azure.Security.KeyVault.Certificates/api/Azure.Security.KeyVault.Certificates.netstandard2.0.cs +++ b/sdk/keyvault/Azure.Security.KeyVault.Certificates/api/Azure.Security.KeyVault.Certificates.netstandard2.0.cs @@ -73,7 +73,7 @@ public CertificateClient(System.Uri vaultUri, Azure.Core.TokenCredential credent } public partial class CertificateClientOptions : Azure.Core.ClientOptions { - public CertificateClientOptions(Azure.Security.KeyVault.Certificates.CertificateClientOptions.ServiceVersion version = Azure.Security.KeyVault.Certificates.CertificateClientOptions.ServiceVersion.V7_5) { } + public CertificateClientOptions(Azure.Security.KeyVault.Certificates.CertificateClientOptions.ServiceVersion version = Azure.Security.KeyVault.Certificates.CertificateClientOptions.ServiceVersion.V7_6_Preview_1) { } public bool DisableChallengeResourceVerification { get { throw null; } set { } } public Azure.Security.KeyVault.Certificates.CertificateClientOptions.ServiceVersion Version { get { throw null; } } public enum ServiceVersion @@ -84,6 +84,7 @@ public enum ServiceVersion V7_3 = 3, V7_4 = 4, V7_5 = 5, + V7_6_Preview_1 = 6, } } public partial class CertificateContact diff --git a/sdk/keyvault/Azure.Security.KeyVault.Certificates/assets.json b/sdk/keyvault/Azure.Security.KeyVault.Certificates/assets.json index 3d555e91ec263..ceae51646e6a2 100644 --- a/sdk/keyvault/Azure.Security.KeyVault.Certificates/assets.json +++ b/sdk/keyvault/Azure.Security.KeyVault.Certificates/assets.json @@ -2,5 +2,5 @@ "AssetsRepo": "Azure/azure-sdk-assets", "AssetsRepoPrefixPath": "net", "TagPrefix": "net/keyvault/Azure.Security.KeyVault.Certificates", - "Tag": "net/keyvault/Azure.Security.KeyVault.Certificates_320abaee9a" + "Tag": "net/keyvault/Azure.Security.KeyVault.Certificates_11a73707a2" } diff --git a/sdk/keyvault/Azure.Security.KeyVault.Certificates/src/CertificateClientOptions.cs b/sdk/keyvault/Azure.Security.KeyVault.Certificates/src/CertificateClientOptions.cs index b63f82c4cf569..d90bf176b648c 100644 --- a/sdk/keyvault/Azure.Security.KeyVault.Certificates/src/CertificateClientOptions.cs +++ b/sdk/keyvault/Azure.Security.KeyVault.Certificates/src/CertificateClientOptions.cs @@ -16,7 +16,7 @@ public class CertificateClientOptions : ClientOptions /// For more information, see /// Key Vault versions. /// - internal const ServiceVersion LatestVersion = ServiceVersion.V7_5; + internal const ServiceVersion LatestVersion = ServiceVersion.V7_6_Preview_1; /// /// The versions of Azure Key Vault supported by this client @@ -54,6 +54,11 @@ public enum ServiceVersion /// The Key Vault API version 7.5. /// V7_5 = 5, + + /// + /// The Key Vault API version V7_6_Preview_1. + /// + V7_6_Preview_1 = 6, #pragma warning restore CA1707 // Identifiers should not contain underscores } @@ -94,6 +99,7 @@ internal string GetVersionString() ServiceVersion.V7_3 => "7.3", ServiceVersion.V7_4 => "7.4", ServiceVersion.V7_5 => "7.5", + ServiceVersion.V7_6_Preview_1 => "7.6-preview.1", _ => throw new ArgumentException(Version.ToString()), }; } diff --git a/sdk/keyvault/Azure.Security.KeyVault.Certificates/tests/CertificatesTestBase.cs b/sdk/keyvault/Azure.Security.KeyVault.Certificates/tests/CertificatesTestBase.cs index b38b255f8363b..6620b70d41c54 100644 --- a/sdk/keyvault/Azure.Security.KeyVault.Certificates/tests/CertificatesTestBase.cs +++ b/sdk/keyvault/Azure.Security.KeyVault.Certificates/tests/CertificatesTestBase.cs @@ -13,6 +13,7 @@ namespace Azure.Security.KeyVault.Certificates.Tests { [ClientTestFixture( + CertificateClientOptions.ServiceVersion.V7_6_Preview_1, CertificateClientOptions.ServiceVersion.V7_5, CertificateClientOptions.ServiceVersion.V7_4, CertificateClientOptions.ServiceVersion.V7_3, diff --git a/sdk/keyvault/Azure.Security.KeyVault.Keys/CHANGELOG.md b/sdk/keyvault/Azure.Security.KeyVault.Keys/CHANGELOG.md index 00f3e43cec7e9..1734a9546135d 100644 --- a/sdk/keyvault/Azure.Security.KeyVault.Keys/CHANGELOG.md +++ b/sdk/keyvault/Azure.Security.KeyVault.Keys/CHANGELOG.md @@ -10,6 +10,8 @@ ### Other Changes +- The default service version is now "V7_6_Preview_1". + ## 4.6.0 (2024-02-14) Changes from both the last release and the last beta include: @@ -106,7 +108,7 @@ The following changes are only breaking from the previous beta. They are not bre - Verify the challenge resource matches the vault domain. This should affect few customers who can set `KeyClientOptions.DisableChallengeResourceVerification` or `CryptographyClientOptions.DisableChallengeResourceVerification` to `true` to disable. - See https://aka.ms/azsdk/blog/vault-uri for more information. + See for more information. ## 4.3.0 (2022-03-24) @@ -397,7 +399,7 @@ Changes from both the last release and the last beta include: Version 4.0.0-preview.1 is the first preview of our efforts to create a user-friendly client library for Azure Key Vault. For more information about preview releases of other Azure SDK libraries, please visit -https://aka.ms/azure-sdk-preview1-net. +. This library is not a direct replacement for `Microsoft.Azure.KeyVault`. Applications using that library would require code changes to use `Azure.Security.KeyVault.Keys`. @@ -422,7 +424,7 @@ only). [Azure Identity documentation](https://github.com/Azure/azure-sdk-for-net/tree/main/sdk/identity/Azure.Identity) for more information -### `Microsoft.Azure.KeyVault` features not implemented in this release: +### `Microsoft.Azure.KeyVault` features not implemented in this release - Certificate management APIs - Cryptographic operations, e.g. sign, un/wrap, verify, en- and diff --git a/sdk/keyvault/Azure.Security.KeyVault.Keys/api/Azure.Security.KeyVault.Keys.netstandard2.0.cs b/sdk/keyvault/Azure.Security.KeyVault.Keys/api/Azure.Security.KeyVault.Keys.netstandard2.0.cs index c33c46631e8aa..77b3469313e9c 100644 --- a/sdk/keyvault/Azure.Security.KeyVault.Keys/api/Azure.Security.KeyVault.Keys.netstandard2.0.cs +++ b/sdk/keyvault/Azure.Security.KeyVault.Keys/api/Azure.Security.KeyVault.Keys.netstandard2.0.cs @@ -159,7 +159,7 @@ public KeyClient(System.Uri vaultUri, Azure.Core.TokenCredential credential, Azu } public partial class KeyClientOptions : Azure.Core.ClientOptions { - public KeyClientOptions(Azure.Security.KeyVault.Keys.KeyClientOptions.ServiceVersion version = Azure.Security.KeyVault.Keys.KeyClientOptions.ServiceVersion.V7_5) { } + public KeyClientOptions(Azure.Security.KeyVault.Keys.KeyClientOptions.ServiceVersion version = Azure.Security.KeyVault.Keys.KeyClientOptions.ServiceVersion.V7_6_Preview_1) { } public bool DisableChallengeResourceVerification { get { throw null; } set { } } public Azure.Security.KeyVault.Keys.KeyClientOptions.ServiceVersion Version { get { throw null; } } public enum ServiceVersion @@ -170,6 +170,7 @@ public enum ServiceVersion V7_3 = 3, V7_4 = 4, V7_5 = 5, + V7_6_Preview_1 = 6, } } [System.Runtime.InteropServices.StructLayoutAttribute(System.Runtime.InteropServices.LayoutKind.Sequential)] @@ -429,7 +430,7 @@ public CryptographyClient(System.Uri keyId, Azure.Core.TokenCredential credentia } public partial class CryptographyClientOptions : Azure.Core.ClientOptions { - public CryptographyClientOptions(Azure.Security.KeyVault.Keys.Cryptography.CryptographyClientOptions.ServiceVersion version = Azure.Security.KeyVault.Keys.Cryptography.CryptographyClientOptions.ServiceVersion.V7_5) { } + public CryptographyClientOptions(Azure.Security.KeyVault.Keys.Cryptography.CryptographyClientOptions.ServiceVersion version = Azure.Security.KeyVault.Keys.Cryptography.CryptographyClientOptions.ServiceVersion.V7_6_Preview_1) { } public bool DisableChallengeResourceVerification { get { throw null; } set { } } public Azure.Security.KeyVault.Keys.Cryptography.CryptographyClientOptions.ServiceVersion Version { get { throw null; } } public enum ServiceVersion @@ -440,6 +441,7 @@ public enum ServiceVersion V7_3 = 3, V7_4 = 4, V7_5 = 5, + V7_6_Preview_1 = 6, } } public partial class DecryptParameters diff --git a/sdk/keyvault/Azure.Security.KeyVault.Keys/assets.json b/sdk/keyvault/Azure.Security.KeyVault.Keys/assets.json index 59c5d87f82ee4..23e1dd31e6317 100644 --- a/sdk/keyvault/Azure.Security.KeyVault.Keys/assets.json +++ b/sdk/keyvault/Azure.Security.KeyVault.Keys/assets.json @@ -2,5 +2,5 @@ "AssetsRepo": "Azure/azure-sdk-assets", "AssetsRepoPrefixPath": "net", "TagPrefix": "net/keyvault/Azure.Security.KeyVault.Keys", - "Tag": "net/keyvault/Azure.Security.KeyVault.Keys_a8557a0a67" + "Tag": "net/keyvault/Azure.Security.KeyVault.Keys_5dc33e5113" } diff --git a/sdk/keyvault/Azure.Security.KeyVault.Keys/src/Cryptography/CryptographyClientOptions.cs b/sdk/keyvault/Azure.Security.KeyVault.Keys/src/Cryptography/CryptographyClientOptions.cs index ebc5f47514f5a..e4e3d9f681054 100644 --- a/sdk/keyvault/Azure.Security.KeyVault.Keys/src/Cryptography/CryptographyClientOptions.cs +++ b/sdk/keyvault/Azure.Security.KeyVault.Keys/src/Cryptography/CryptographyClientOptions.cs @@ -16,7 +16,7 @@ public class CryptographyClientOptions : ClientOptions /// For more information, see /// Key Vault versions. /// - internal const ServiceVersion LatestVersion = ServiceVersion.V7_5; + internal const ServiceVersion LatestVersion = ServiceVersion.V7_6_Preview_1; /// /// The versions of Azure Key Vault supported by this client @@ -54,6 +54,11 @@ public enum ServiceVersion /// The Key Vault API version 7.5. /// V7_5 = 5, + + /// + /// The Key Vault API version 7.6-preview.1. + /// + V7_6_Preview_1 = 6, #pragma warning restore CA1707 // Identifiers should not contain underscores } @@ -94,6 +99,7 @@ internal string GetVersionString() ServiceVersion.V7_3 => "7.3", ServiceVersion.V7_4 => "7.4", ServiceVersion.V7_5 => "7.5", + ServiceVersion.V7_6_Preview_1 => "7.6-preview.1", _ => throw new ArgumentException(Version.ToString()), }; } diff --git a/sdk/keyvault/Azure.Security.KeyVault.Keys/src/KeyClientOptions.cs b/sdk/keyvault/Azure.Security.KeyVault.Keys/src/KeyClientOptions.cs index 0a423f9734386..53af4ace6a14d 100644 --- a/sdk/keyvault/Azure.Security.KeyVault.Keys/src/KeyClientOptions.cs +++ b/sdk/keyvault/Azure.Security.KeyVault.Keys/src/KeyClientOptions.cs @@ -16,7 +16,7 @@ public class KeyClientOptions : ClientOptions /// For more information, see /// Key Vault versions. /// - internal const ServiceVersion LatestVersion = ServiceVersion.V7_5; + internal const ServiceVersion LatestVersion = ServiceVersion.V7_6_Preview_1; /// /// The versions of Azure Key Vault supported by this client @@ -54,6 +54,11 @@ public enum ServiceVersion /// The Key Vault API version 7.5. /// V7_5 = 5, + + /// + /// The Key Vault API version V7_6_Preview_1. + /// + V7_6_Preview_1 = 6, #pragma warning restore CA1707 // Identifiers should not contain underscores } @@ -94,6 +99,7 @@ internal string GetVersionString() ServiceVersion.V7_3 => "7.3", ServiceVersion.V7_4 => "7.4", ServiceVersion.V7_5 => "7.5", + ServiceVersion.V7_6_Preview_1 => "7.6-preview.1", _ => throw new ArgumentException(Version.ToString()), }; } diff --git a/sdk/keyvault/Azure.Security.KeyVault.Keys/src/KeyRotationLifetimeAction.cs b/sdk/keyvault/Azure.Security.KeyVault.Keys/src/KeyRotationLifetimeAction.cs index 8b6baff2d3254..34499114c71d5 100644 --- a/sdk/keyvault/Azure.Security.KeyVault.Keys/src/KeyRotationLifetimeAction.cs +++ b/sdk/keyvault/Azure.Security.KeyVault.Keys/src/KeyRotationLifetimeAction.cs @@ -37,6 +37,7 @@ internal KeyRotationLifetimeAction() /// /// Gets the that will be executed. + /// The value is compared case-insensitively by the service. /// public KeyRotationPolicyAction Action { get; private set; } diff --git a/sdk/keyvault/Azure.Security.KeyVault.Keys/tests/KeysTestBase.cs b/sdk/keyvault/Azure.Security.KeyVault.Keys/tests/KeysTestBase.cs index 5de9d50e622d6..a2dd49ddea8ce 100644 --- a/sdk/keyvault/Azure.Security.KeyVault.Keys/tests/KeysTestBase.cs +++ b/sdk/keyvault/Azure.Security.KeyVault.Keys/tests/KeysTestBase.cs @@ -13,6 +13,7 @@ namespace Azure.Security.KeyVault.Keys.Tests { [ClientTestFixture( + KeyClientOptions.ServiceVersion.V7_6_Preview_1, KeyClientOptions.ServiceVersion.V7_5, KeyClientOptions.ServiceVersion.V7_4, KeyClientOptions.ServiceVersion.V7_3, diff --git a/sdk/keyvault/Azure.Security.KeyVault.Secrets/CHANGELOG.md b/sdk/keyvault/Azure.Security.KeyVault.Secrets/CHANGELOG.md index c5f0e76d6ea0d..6e2354363b267 100644 --- a/sdk/keyvault/Azure.Security.KeyVault.Secrets/CHANGELOG.md +++ b/sdk/keyvault/Azure.Security.KeyVault.Secrets/CHANGELOG.md @@ -10,6 +10,8 @@ ### Other Changes +- The default service version is now "V7_6_Preview_1". + ## 4.6.0 (2024-02-14) Changes from both the last release and the last beta include: @@ -74,7 +76,7 @@ Changes from both the last release and the last beta include: - Verify the challenge resource matches the vault domain. This should affect few customers who can set `SecretClientOptions.DisableChallengeResourceVerification` to `true` to disable. - See https://aka.ms/azsdk/blog/vault-uri for more information. + See for more information. ## 4.3.0 (2022-03-24) @@ -218,14 +220,14 @@ Changes from both the last release and the last beta include: - `SecretClient.DeleteSecret` has been renamed to `SecretClient.StartDeleteSecret` and now returns a `DeleteSecretOperation` to track this long-running operation. - `SecretClient.RecoverDeletedSecret` has been renamed to `SecretClient.StartRecoverDeletedSecret` and now returns a `RecoverDeletedSecretOperation` to track this long-running operation. -### Major changes +### Major changes - Updated to work with the 1.0.0 release versions of Azure.Core and Azure.Identity. - `KeyModelFactory` added to create mocks of model types for testing. ## 4.0.0-preview.5 (2019-10-07) -### Breaking changes +### Breaking changes - `SecretBase` has been renamed to `SecretProperties`. - `Secret` and `DeletedSecret` no longer extend `SecretProperties`, but instead contain a `SecretProperties` property named `Properties`. @@ -234,9 +236,10 @@ Changes from both the last release and the last beta include: - All methods in `SecretClient` now include the word "Secret" consistent with `KeyClient` and `CertificateClient`. ## 4.0.0-preview.1 (2019-06-28) + Version 4.0.0-preview.1 is the first preview of our efforts to create a user-friendly client library for Azure Key Vault. For more information about preview releases of other Azure SDK libraries, please visit -https://aka.ms/azure-sdk-preview1-net. +. This library is not a direct replacement for `Microsoft.Azure.KeyVault`. Applications using that library would require code changes to use `Azure.Security.KeyVault.Secrets`. @@ -247,9 +250,10 @@ and demonstrate the new API. ### Major changes from `Microsoft.Azure.KeyVault` + - Packages scoped by functionality - - `Azure.Security.KeyVault.Secrets` contains a client for secret operations. - - `Azure.Security.KeyVault.Keys` contains a client for key operations. + - `Azure.Security.KeyVault.Secrets` contains a client for secret operations. + - `Azure.Security.KeyVault.Keys` contains a client for key operations. - Client instances are scoped to vaults (an instance interacts with one vault only). - Asynchronous and synchronous APIs in the `Azure.Security.KeyVault.Secrets` package. @@ -260,7 +264,8 @@ only). [Azure Identity documentation](https://github.com/Azure/azure-sdk-for-net/tree/main/sdk/identity/Azure.Identity) for more information -### `Microsoft.Azure.KeyVault` features not implemented in this release: +### `Microsoft.Azure.KeyVault` features not implemented in this release + - Certificate management APIs - National cloud support. This release supports public global cloud vaults, e.g. https://{vault-name}.vault.azure.net diff --git a/sdk/keyvault/Azure.Security.KeyVault.Secrets/api/Azure.Security.KeyVault.Secrets.netstandard2.0.cs b/sdk/keyvault/Azure.Security.KeyVault.Secrets/api/Azure.Security.KeyVault.Secrets.netstandard2.0.cs index c231ef8a47bd2..fffa9c1137641 100644 --- a/sdk/keyvault/Azure.Security.KeyVault.Secrets/api/Azure.Security.KeyVault.Secrets.netstandard2.0.cs +++ b/sdk/keyvault/Azure.Security.KeyVault.Secrets/api/Azure.Security.KeyVault.Secrets.netstandard2.0.cs @@ -95,7 +95,7 @@ public SecretClient(System.Uri vaultUri, Azure.Core.TokenCredential credential, } public partial class SecretClientOptions : Azure.Core.ClientOptions { - public SecretClientOptions(Azure.Security.KeyVault.Secrets.SecretClientOptions.ServiceVersion version = Azure.Security.KeyVault.Secrets.SecretClientOptions.ServiceVersion.V7_5) { } + public SecretClientOptions(Azure.Security.KeyVault.Secrets.SecretClientOptions.ServiceVersion version = Azure.Security.KeyVault.Secrets.SecretClientOptions.ServiceVersion.V7_6_Preview_1) { } public bool DisableChallengeResourceVerification { get { throw null; } set { } } public Azure.Security.KeyVault.Secrets.SecretClientOptions.ServiceVersion Version { get { throw null; } } public enum ServiceVersion @@ -106,6 +106,7 @@ public enum ServiceVersion V7_3 = 3, V7_4 = 4, V7_5 = 5, + V7_6_Preview_1 = 6, } } public static partial class SecretModelFactory diff --git a/sdk/keyvault/Azure.Security.KeyVault.Secrets/assets.json b/sdk/keyvault/Azure.Security.KeyVault.Secrets/assets.json index 73d76b643745d..2f5fc05d04bfe 100644 --- a/sdk/keyvault/Azure.Security.KeyVault.Secrets/assets.json +++ b/sdk/keyvault/Azure.Security.KeyVault.Secrets/assets.json @@ -2,5 +2,5 @@ "AssetsRepo": "Azure/azure-sdk-assets", "AssetsRepoPrefixPath": "net", "TagPrefix": "net/keyvault/Azure.Security.KeyVault.Secrets", - "Tag": "net/keyvault/Azure.Security.KeyVault.Secrets_18b0beab8a" + "Tag": "net/keyvault/Azure.Security.KeyVault.Secrets_835634e403" } diff --git a/sdk/keyvault/Azure.Security.KeyVault.Secrets/src/SecretClientOptions.cs b/sdk/keyvault/Azure.Security.KeyVault.Secrets/src/SecretClientOptions.cs index 86022586ccb4f..66dc3d1b60723 100644 --- a/sdk/keyvault/Azure.Security.KeyVault.Secrets/src/SecretClientOptions.cs +++ b/sdk/keyvault/Azure.Security.KeyVault.Secrets/src/SecretClientOptions.cs @@ -16,7 +16,7 @@ public class SecretClientOptions : ClientOptions /// For more information, see /// Key Vault versions. /// - internal const ServiceVersion LatestVersion = ServiceVersion.V7_5; + internal const ServiceVersion LatestVersion = ServiceVersion.V7_6_Preview_1; /// /// The versions of Azure Key Vault supported by this client library. @@ -53,6 +53,11 @@ public enum ServiceVersion /// The Key Vault API version 7.5. /// V7_5 = 5, + + /// + /// The Key Vault API version 7.6-preview.1. + /// + V7_6_Preview_1 = 6, #pragma warning restore CA1707 // Identifiers should not contain underscores } @@ -92,6 +97,7 @@ internal string GetVersionString() ServiceVersion.V7_3 => "7.3", ServiceVersion.V7_4 => "7.4", ServiceVersion.V7_5 => "7.5", + ServiceVersion.V7_6_Preview_1 => "7.6-preview.1", _ => throw new ArgumentException(Version.ToString()), }; } diff --git a/sdk/keyvault/Azure.Security.KeyVault.Secrets/tests/SecretsTestBase.cs b/sdk/keyvault/Azure.Security.KeyVault.Secrets/tests/SecretsTestBase.cs index 4b3f24fe846f4..1b5f7577b81ca 100644 --- a/sdk/keyvault/Azure.Security.KeyVault.Secrets/tests/SecretsTestBase.cs +++ b/sdk/keyvault/Azure.Security.KeyVault.Secrets/tests/SecretsTestBase.cs @@ -14,6 +14,7 @@ namespace Azure.Security.KeyVault.Secrets.Tests { [ClientTestFixture( + SecretClientOptions.ServiceVersion.V7_6_Preview_1, SecretClientOptions.ServiceVersion.V7_5, SecretClientOptions.ServiceVersion.V7_4, SecretClientOptions.ServiceVersion.V7_3, diff --git a/sdk/keyvault/test-resources.json b/sdk/keyvault/test-resources.json index 6f70888a84511..f8d5d93e57113 100644 --- a/sdk/keyvault/test-resources.json +++ b/sdk/keyvault/test-resources.json @@ -283,40 +283,44 @@ } } ], - "outputs": { - "AZURE_KEYVAULT_URL": { - "type": "string", - "value": "[reference(variables('kvName')).vaultUri]" - }, - "AZURE_MANAGEDHSM_URL": { - "type": "string", - "condition": "[parameters('enableHsm')]", - "value": "[reference(variables('hsmName')).hsmUri]" - }, - "KEYVAULT_SKU": { - "type": "string", - "value": "[reference(parameters('baseName')).sku.name]" - }, - "CLIENT_OBJECTID": { - "type": "string", - "value": "[parameters('testApplicationOid')]" - }, - "BLOB_STORAGE_ACCOUNT_NAME": { - "type": "string", - "value": "[variables('primaryAccountName')]" - }, - "BLOB_PRIMARY_STORAGE_ACCOUNT_KEY": { - "type": "string", - "value": "[listKeys(variables('primaryAccountName'), variables('mgmtApiVersion')).keys[0].value]" - }, - "BLOB_CONTAINER_NAME" : { - "type": "string", - "value": "[variables('blobContainerName')]" - }, - "AZURE_KEYVAULT_ATTESTATION_URL": { - "type": "string", - "condition": "[parameters('enableAttestation')]", - "value": "[format('https://{0}/', reference(variables('attestationSite')).defaultHostName)]" - } + "outputs": { + "AZURE_KEYVAULT_URL": { + "type": "string", + "value": "[reference(variables('kvName')).vaultUri]" + }, + "AZURE_MANAGEDHSM_URL": { + "type": "string", + "condition": "[parameters('enableHsm')]", + "value": "[reference(variables('hsmName')).hsmUri]" + }, + "KEYVAULT_SKU": { + "type": "string", + "value": "[reference(parameters('baseName')).sku.name]" + }, + "CLIENT_OBJECTID": { + "type": "string", + "value": "[parameters('testApplicationOid')]" + }, + "BLOB_STORAGE_ACCOUNT_NAME": { + "type": "string", + "value": "[variables('primaryAccountName')]" + }, + "BLOB_PRIMARY_STORAGE_ACCOUNT_KEY": { + "type": "string", + "value": "[listKeys(variables('primaryAccountName'), variables('mgmtApiVersion')).keys[0].value]" + }, + "BLOB_CONTAINER_NAME": { + "type": "string", + "value": "[variables('blobContainerName')]" + }, + "AZURE_KEYVAULT_ATTESTATION_URL": { + "type": "string", + "condition": "[parameters('enableAttestation')]", + "value": "[format('https://{0}/', reference(variables('attestationSite')).defaultHostName)]" + }, + "KEYVAULT_TENANT_ID": { + "type": "string", + "value": "[parameters('tenantId')]" } + } }