diff --git a/src/KeyVault/KeyVault/ChangeLog.md b/src/KeyVault/KeyVault/ChangeLog.md index b930cc19e674..33670e1db55d 100644 --- a/src/KeyVault/KeyVault/ChangeLog.md +++ b/src/KeyVault/KeyVault/ChangeLog.md @@ -18,6 +18,7 @@ - Additional information about change #1 --> ## Upcoming Release +* Added `Rotate` into the list of permissions to keys [#17970] ## Version 4.4.0 * Supported getting random number from managed HSM by `Get-AzKeyVaultRandomNumber` diff --git a/src/KeyVault/KeyVault/Commands/SetAzureKeyVaultAccessPolicy.cs b/src/KeyVault/KeyVault/Commands/SetAzureKeyVaultAccessPolicy.cs index 1fdb724794f5..2bac5e2b40b9 100644 --- a/src/KeyVault/KeyVault/Commands/SetAzureKeyVaultAccessPolicy.cs +++ b/src/KeyVault/KeyVault/Commands/SetAzureKeyVaultAccessPolicy.cs @@ -282,7 +282,7 @@ public class SetAzureKeyVaultAccessPolicy : KeyVaultManagementCmdletBase [Parameter(Mandatory = false, ParameterSetName = ResourceIdByEmailAddress, HelpMessage = "Specifies key operation permissions to grant to a user or service principal.")] - [ValidateSet("all", "decrypt", "encrypt", "unwrapKey", "wrapKey", "verify", "sign", "get", "list", "update", "create", "import", "delete", "backup", "restore", "recover", "purge")] + [PSArgumentCompleter("all", "decrypt", "encrypt", "unwrapKey", "wrapKey", "verify", "sign", "get", "list", "update", "create", "import", "delete", "backup", "restore", "recover", "purge", "rotate")] public string[] PermissionsToKeys { get; set; } /// @@ -324,7 +324,7 @@ public class SetAzureKeyVaultAccessPolicy : KeyVaultManagementCmdletBase [Parameter(Mandatory = false, ParameterSetName = ResourceIdByEmailAddress, HelpMessage = "Specifies secret operation permissions to grant to a user or service principal.")] - [ValidateSet("all", "get", "list", "set", "delete", "backup", "restore", "recover", "purge")] + [PSArgumentCompleter("all", "get", "list", "set", "delete", "backup", "restore", "recover", "purge")] public string[] PermissionsToSecrets { get; set; } /// @@ -366,7 +366,7 @@ public class SetAzureKeyVaultAccessPolicy : KeyVaultManagementCmdletBase [Parameter(Mandatory = false, ParameterSetName = ResourceIdByEmailAddress, HelpMessage = "Specifies certificate operation permissions to grant to a user or service principal.")] - [ValidateSet("all", "get", "list", "delete", "create", "import", "update", "managecontacts", "getissuers", "listissuers", "setissuers", "deleteissuers", "manageissuers", "recover", "purge", "backup", "restore")] + [PSArgumentCompleter("all", "get", "list", "delete", "create", "import", "update", "managecontacts", "getissuers", "listissuers", "setissuers", "deleteissuers", "manageissuers", "recover", "purge", "backup", "restore")] public string[] PermissionsToCertificates { get; set; } /// @@ -408,7 +408,7 @@ public class SetAzureKeyVaultAccessPolicy : KeyVaultManagementCmdletBase [Parameter(Mandatory = false, ParameterSetName = ResourceIdByEmailAddress, HelpMessage = "Specifies managed storage account and sas definition operation permissions to grant to a user or service principal.")] - [ValidateSet("all", "get", "list", "delete", "set", "update", "regeneratekey", "getsas", "listsas", "deletesas", "setsas", "recover", "backup", "restore", "purge")] + [PSArgumentCompleter("all", "get", "list", "delete", "set", "update", "regeneratekey", "getsas", "listsas", "deletesas", "setsas", "recover", "backup", "restore", "purge")] public string[] PermissionsToStorage { get; set; } [Parameter(Mandatory = false, diff --git a/src/KeyVault/KeyVault/help/Set-AzKeyVaultAccessPolicy.md b/src/KeyVault/KeyVault/help/Set-AzKeyVaultAccessPolicy.md index cae0d6fd9f9e..458084230ed6 100644 --- a/src/KeyVault/KeyVault/help/Set-AzKeyVaultAccessPolicy.md +++ b/src/KeyVault/KeyVault/help/Set-AzKeyVaultAccessPolicy.md @@ -479,7 +479,6 @@ The acceptable values for this parameter: Type: System.String[] Parameter Sets: ByUserPrincipalName, ByObjectId, ByServicePrincipalName, ByEmailAddress, InputObjectByObjectId, InputObjectByServicePrincipalName, InputObjectByUserPrincipalName, InputObjectByEmailAddress, ResourceIdByObjectId, ResourceIdByServicePrincipalName, ResourceIdByUserPrincipalName, ResourceIdByEmailAddress Aliases: -Accepted values: all, get, list, delete, create, import, update, managecontacts, getissuers, listissuers, setissuers, deleteissuers, manageissuers, recover, purge, backup, restore Required: False Position: Named @@ -509,12 +508,12 @@ The acceptable values for this parameter: - Restore - Recover - Purge +- Rotate ```yaml Type: System.String[] Parameter Sets: ByUserPrincipalName, ByObjectId, ByServicePrincipalName, ByEmailAddress, InputObjectByObjectId, InputObjectByServicePrincipalName, InputObjectByUserPrincipalName, InputObjectByEmailAddress, ResourceIdByObjectId, ResourceIdByServicePrincipalName, ResourceIdByUserPrincipalName, ResourceIdByEmailAddress Aliases: -Accepted values: all, decrypt, encrypt, unwrapKey, wrapKey, verify, sign, get, list, update, create, import, delete, backup, restore, recover, purge Required: False Position: Named @@ -541,7 +540,6 @@ The acceptable values for this parameter: Type: System.String[] Parameter Sets: ByUserPrincipalName, ByObjectId, ByServicePrincipalName, ByEmailAddress, InputObjectByObjectId, InputObjectByServicePrincipalName, InputObjectByUserPrincipalName, InputObjectByEmailAddress, ResourceIdByObjectId, ResourceIdByServicePrincipalName, ResourceIdByUserPrincipalName, ResourceIdByEmailAddress Aliases: -Accepted values: all, get, list, set, delete, backup, restore, recover, purge Required: False Position: Named @@ -574,7 +572,6 @@ The acceptable values for this parameter: Type: System.String[] Parameter Sets: ByUserPrincipalName, ByObjectId, ByServicePrincipalName, ByEmailAddress, InputObjectByObjectId, InputObjectByServicePrincipalName, InputObjectByUserPrincipalName, InputObjectByEmailAddress, ResourceIdByObjectId, ResourceIdByServicePrincipalName, ResourceIdByUserPrincipalName, ResourceIdByEmailAddress Aliases: -Accepted values: all, get, list, delete, set, update, regeneratekey, getsas, listsas, deletesas, setsas, recover, backup, restore, purge Required: False Position: Named