diff --git a/src/ResourceManager/KeyVault/AzureRM.KeyVault.psd1 b/src/ResourceManager/KeyVault/AzureRM.KeyVault.psd1
index b181b3bb95f1..fa56479d9784 100644
--- a/src/ResourceManager/KeyVault/AzureRM.KeyVault.psd1
+++ b/src/ResourceManager/KeyVault/AzureRM.KeyVault.psd1
@@ -87,20 +87,30 @@ CmdletsToExport = 'Add-AzureKeyVaultCertificate',
'Remove-AzureKeyVaultCertificateIssuer',
'Remove-AzureKeyVaultCertificateOperation',
'Set-AzureKeyVaultCertificateIssuer',
- 'Set-AzureKeyVaultCertificatePolicy', 'Get-AzureRmKeyVault',
- 'New-AzureRmKeyVault', 'Remove-AzureRmKeyVault',
- 'Undo-AzureRmKeyVaultRemoval', 'Remove-AzureRmKeyVaultAccessPolicy',
- 'Set-AzureRmKeyVaultAccessPolicy', 'Backup-AzureKeyVaultKey',
- 'Get-AzureKeyVaultKey', 'Get-AzureKeyVaultSecret',
- 'Undo-AzureKeyVaultKeyRemoval', 'Undo-AzureKeyVaultSecretRemoval',
- 'Add-AzureKeyVaultKey', 'Remove-AzureKeyVaultKey',
- 'Remove-AzureKeyVaultSecret', 'Restore-AzureKeyVaultKey',
- 'Set-AzureKeyVaultKeyAttribute', 'Set-AzureKeyVaultSecret',
+ 'Set-AzureKeyVaultCertificatePolicy',
+ 'Get-AzureRmKeyVault',
+ 'New-AzureRmKeyVault',
+ 'Remove-AzureRmKeyVault',
+ 'Undo-AzureRmKeyVaultRemoval',
+ 'Remove-AzureRmKeyVaultAccessPolicy',
+ 'Set-AzureRmKeyVaultAccessPolicy',
+ 'Backup-AzureKeyVaultKey',
+ 'Get-AzureKeyVaultKey',
+ 'Get-AzureKeyVaultSecret',
+ 'Undo-AzureKeyVaultKeyRemoval',
+ 'Undo-AzureKeyVaultSecretRemoval',
+ 'Add-AzureKeyVaultKey',
+ 'Remove-AzureKeyVaultKey',
+ 'Remove-AzureKeyVaultSecret',
+ 'Restore-AzureKeyVaultKey',
+ 'Set-AzureKeyVaultKeyAttribute',
+ 'Set-AzureKeyVaultSecret',
'Set-AzureKeyVaultSecretAttribute',
'Get-AzureKeyVaultCertificatePolicy',
'New-AzureKeyVaultCertificateAdministratorDetails',
'New-AzureKeyVaultCertificateOrganizationDetails',
- 'Backup-AzureKeyVaultSecret', 'Restore-AzureKeyVaultSecret',
+ 'Backup-AzureKeyVaultSecret',
+ 'Restore-AzureKeyVaultSecret',
'Get-AzureKeyVaultManagedStorageAccount',
'Add-AzureKeyVaultManagedStorageAccount',
'Remove-AzureKeyVaultManagedStorageAccount',
@@ -108,8 +118,8 @@ CmdletsToExport = 'Add-AzureKeyVaultCertificate',
'Update-AzureKeyVaultManagedStorageAccountKey',
'Get-AzureKeyVaultManagedStorageSasDefinition',
'Set-AzureKeyVaultManagedStorageSasDefinition',
- 'Remove-AzureKeyVaultManagedStorageSasDefinition'
-
+ 'Remove-AzureKeyVaultManagedStorageSasDefinition',
+ 'Undo-AzureKeyVaultCertificateRemoval'
# Variables to export from this module
# VariablesToExport = @()
diff --git a/src/ResourceManager/KeyVault/ChangeLog.md b/src/ResourceManager/KeyVault/ChangeLog.md
index b8018ed9ee80..5735cbd2b8a2 100644
--- a/src/ResourceManager/KeyVault/ChangeLog.md
+++ b/src/ResourceManager/KeyVault/ChangeLog.md
@@ -24,6 +24,10 @@
## Version 3.3.0
## Version 3.2.1
+* New/updated Cmdlets to support soft-delete for KeyVault certificates
+ * Get-AzureKeyVaultCertificate
+ * Remove-AzureKeyVaultCertificate
+ * Undo-AzureKeyVaultCertificateRemoval
## Version 3.2.0
* Remove email address from the directory query when -UserPrincipalName is specified to the Set-AzureRMKeyVaultAccessPolicy and Remove-AzureRMKeyVaultAccessPolicy cmdlets.
diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Commands.KeyVault.Test.csproj b/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Commands.KeyVault.Test.csproj
index 0962463dd3ff..4669669c5d6f 100644
--- a/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Commands.KeyVault.Test.csproj
+++ b/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Commands.KeyVault.Test.csproj
@@ -65,12 +65,12 @@
..\..\..\packages\Microsoft.Azure.Graph.RBAC.3.4.0-preview\lib\net452\Microsoft.Azure.Graph.RBAC.dll
-
- ..\..\..\packages\Microsoft.Azure.KeyVault.2.3.0-preview\lib\net452\Microsoft.Azure.KeyVault.dll
+
+ ..\..\..\packages\Microsoft.Azure.KeyVault.2.3.2\lib\net452\Microsoft.Azure.KeyVault.dll
True
-
- ..\..\..\packages\Microsoft.Azure.KeyVault.WebKey.2.0.6\lib\net452\Microsoft.Azure.KeyVault.WebKey.dll
+
+ ..\..\..\packages\Microsoft.Azure.KeyVault.WebKey.2.0.7\lib\net452\Microsoft.Azure.KeyVault.WebKey.dll
True
@@ -138,9 +138,9 @@
False
..\..\..\packages\Moq.4.2.1510.2205\lib\net40\Moq.dll
-
- False
+
..\..\..\packages\Newtonsoft.Json.6.0.8\lib\net45\Newtonsoft.Json.dll
+ True
False
diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/Common.ps1 b/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/Common.ps1
index b0d5d0a41b85..1fae5e025ecd 100644
--- a/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/Common.ps1
+++ b/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/Common.ps1
@@ -207,7 +207,16 @@ function Cleanup-OldCertificates
$certificatePattern = Get-CertificateName '*'
Get-AzureKeyVaultCertificate $keyVault |
Where-Object {$_.Name -like $certificatePattern} |
- Remove-AzureKeyVaultCertificate -Force -Confirm:$false
+ Remove-AzureKeyVaultCertificate -Name $_.Name -VaultName $_.VaultName -Force -Confirm:$false
+
+ if($global:softDeleteEnabled -eq $true)
+ {
+ Get-AzureKeyVaultCertificate -VaultName $keyVault -InRemovedState |
+ Where-Object {$_.Name -like $certificatePattern} | %{
+ Remove-AzureKeyVaultCertificate -Name $_.Name -VaultName $_.VaultName -InRemovedState -Force -Confirm:$false
+ Wait-Seconds 5;
+ }
+ }
}
<#
@@ -313,50 +322,49 @@ function Cleanup-SingleKeyTest
function Cleanup-Key ([string]$keyName)
{
- $oldPref = $ErrorActionPreference
- $ErrorActionPreference = "Stop"
- try
+ $oldPref = $ErrorActionPreference
+ $ErrorActionPreference = "Stop"
+ try
+ {
+ $keyVault = Get-KeyVault
+ Write-Debug "Removing key with name $_ in vault $keyVault"
+ $catch = Remove-AzureKeyVaultKey $keyVault $keyName -Force -Confirm:$false
+ if($global:softDeleteEnabled -eq $true)
{
- $keyVault = Get-KeyVault
- Write-Debug "Removing key with name $_ in vault $keyVault"
- $catch = Remove-AzureKeyVaultKey $keyVault $keyName -Force -Confirm:$false
- if($global:softDeleteEnabled -eq $true)
- {
- Wait-ForDeletedKey $keyVault $keyName
- Remove-AzureKeyVaultKey $keyVault $keyName -Force -Confirm:$false -InRemovedState
- }
+ Wait-ForDeletedKey $keyVault $keyName
+ Remove-AzureKeyVaultKey $keyVault $keyName -Force -Confirm:$false -InRemovedState
}
- catch {
-
- }
- finally
- {
- $ErrorActionPreference = $oldPref
- }
+ }
+ catch {
+
+ }
+ finally
+ {
+ $ErrorActionPreference = $oldPref
+ }
}
function Cleanup-Secret ([string]$secretName)
{
- $oldPref = $ErrorActionPreference
- $ErrorActionPreference = "Stop"
- try
- {
- $keyVault = Get-KeyVault
- Write-Debug "Removing secret with name $_ in vault $keyVault"
- $catch = Remove-AzureKeyVaultSecret $keyVault $secretName -Force -Confirm:$false
- if($global:softDeleteEnabled -eq $true)
- {
- Wait-ForDeletedSecret $keyVault $secretName
- Remove-AzureKeyVaultSecret $keyVault $secretName -Force -Confirm:$false -InRemovedState
- }
- }
- catch {
-
- }
- finally
+ $oldPref = $ErrorActionPreference
+ $ErrorActionPreference = "Stop"
+ try
+ {
+ $keyVault = Get-KeyVault
+ Write-Debug "Removing secret with name $_ in vault $keyVault"
+ $catch = Remove-AzureKeyVaultSecret $keyVault $secretName -Force -Confirm:$false
+ if($global:softDeleteEnabled -eq $true)
{
- $ErrorActionPreference = $oldPref
+ Wait-ForDeletedSecret $keyVault $secretName
+ Remove-AzureKeyVaultSecret $keyVault $secretName -Force -Confirm:$false -InRemovedState
}
+ }
+ catch {
+ }
+ finally
+ {
+ $ErrorActionPreference = $oldPref
+ }
}
<#
@@ -389,6 +397,11 @@ function Cleanup-SingleCertificateTest
$keyVault = Get-KeyVault
Write-Debug "Removing certificate with name $_ in vault $keyVault"
$catch = Remove-AzureKeyVaultCertificate $keyVault $_ -Force -Confirm:$false
+ if($global:softDeleteEnabled -eq $true)
+ {
+ Wait-ForDeletedCertificate $keyVault $_
+ Remove-AzureKeyVaultCertificate $keyVault $_ -Force -Confirm:$false -InRemovedState
+ }
}
catch
{
@@ -452,6 +465,30 @@ function Wait-ForDeletedSecret ([string] $vault, [string] $secretName)
return $secret
}
+<#
+.SYNOPSIS
+Waits for a deleted certificate to show up.
+#>
+function Wait-ForDeletedCertificate ([string] $vault, [string] $certName)
+{
+ $cert = $null
+ do {
+ try
+ {
+ $cert = Get-AzureKeyVaultCertificate -VaultName $vault -Name $certName -InRemovedState
+ }
+ catch
+ {
+ # Certificate is not found.
+ $cert = $null
+ Write-Host "Sleeping for 5 seconds to wait for deleted certificate $certName"
+ Wait-Seconds 5
+ }
+ } while($cert -ne $null)
+
+ return $cert
+}
+
<#
.SYNOPSIS
Removes all managed storage accounts.
diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/ControlPlane/KeyVaultManagementTests.ps1 b/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/ControlPlane/KeyVaultManagementTests.ps1
index ce9585fdb92b..ca79852f8700 100644
--- a/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/ControlPlane/KeyVaultManagementTests.ps1
+++ b/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/ControlPlane/KeyVaultManagementTests.ps1
@@ -62,7 +62,8 @@ function Get-AllCertPermissions
"listissuers",
"managecontacts",
"manageissuers",
- "setissuers"
+ "setissuers",
+ "recover"
)
}
diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/RunKeyVaultTests.ps1 b/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/RunKeyVaultTests.ps1
index de200e8e9088..019d0e6a806a 100644
--- a/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/RunKeyVaultTests.ps1
+++ b/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/RunKeyVaultTests.ps1
@@ -29,6 +29,10 @@ If true, then tests that require a premium vault are skipped (optional).
The object ID of the user (optional). If no object ID is provided, then
the object ID is extracted from whomever is currently logged in.
+.PARAMETER SoftDeleteEnabled
+If true, turns on 'soft-delete' mode for tests: vault is created as soft-delete-enabled (if not exists), soft-delete
+tests are executed, delete + purge sequence is used for clean-up.
+
.PARAMETER NoADCmdLetMode
If true, then active directory related tests are skipped.
@@ -249,16 +253,24 @@ function Run-AllDataPlaneTests
Run-TestProtected { Run-KeyTest {Test_GetDeletedKeys} "Test_GetDeletedKeys" } "Test_GetDeletedKeys"
Run-TestProtected { Run-KeyTest {Test_UndoRemoveKey} "Test_UndoRemoveKey" } "Test_UndoRemoveKey"
Run-TestProtected { Run-KeyTest {Test_RemoveDeletedKey} "Test_RemoveDeletedKey" } "Test_RemoveDeletedKey"
- Run-TestProtected { Run-KeyTest {Test_RemoveNonExistKey} "Test_RemoveNonExistDeletedKey" } "Test_RemoveNonExistDeletedKey"
+ Run-TestProtected { Run-KeyTest {Test_RemoveNonExistDeletedKey} "Test_RemoveNonExistDeletedKey" } "Test_RemoveNonExistDeletedKey"
Run-TestProtected { Run-KeyTest {Test_PipelineRemoveDeletedKeys} "Test_PipelineRemoveDeletedKeys" } "Test_PipelineRemoveDeletedKeys"
# Secret soft delete tests
- Run-TestProtected { Run-KeyTest {Test_GetDeletedKey} "Test_GetDeletedSecret" } "Test_GetDeletedKey"
+ Run-TestProtected { Run-KeyTest {Test_GetDeletedKey} "Test_GetDeletedSecret" } "Test_GetDeletedSecret"
Run-TestProtected { Run-KeyTest {Test_GetDeletedKeys} "Test_GetDeletedSecrets" } "Test_GetDeletedSecrets"
- Run-TestProtected { Run-KeyTest {Test_UndoRemoveKey} "Test_UndoRemoveSecret" } "Test_UndoRemoveSecret"
- Run-TestProtected { Run-KeyTest {Test_RemoveDeletedKey} "Test_RemoveDeletedSecret" } "Test_RemoveDeletedSecret"
- Run-TestProtected { Run-KeyTest {Test_RemoveNonExistKey} "Test_RemoveNonExistDeletedSecret" } "Test_RemoveNonExistDeletedSecret"
- Run-TestProtected { Run-KeyTest {Test_PipelineRemoveDeletedKeys} "Test_PipelineRemoveDeletedSecrets" } "Test_PipelineRemoveDeletedSecrets"
+ Run-TestProtected { Run-KeyTest {Test_UndoRemoveSecret} "Test_UndoRemoveSecret" } "Test_UndoRemoveSecret"
+ Run-TestProtected { Run-KeyTest {Test_RemoveDeletedSecret} "Test_RemoveDeletedSecret" } "Test_RemoveDeletedSecret"
+ Run-TestProtected { Run-KeyTest {Test_RemoveNonExistDeletedSecret} "Test_RemoveNonExistDeletedSecret" } "Test_RemoveNonExistDeletedSecret"
+ Run-TestProtected { Run-KeyTest {Test_PipelineRemoveDeletedSecrets} "Test_PipelineRemoveDeletedSecrets" } "Test_PipelineRemoveDeletedSecrets"
+
+ # certificate soft delete tests
+ Run-TestProtected { Run-KeyTest {Test_GetDeletedCertificate} "Test_GetDeletedCertificate" } "Test_GetDeletedCertificate"
+ Run-TestProtected { Run-KeyTest {Test_GetDeletedCertificates} "Test_GetDeletedCertificates" } "Test_GetDeletedCertificates"
+ Run-TestProtected { Run-KeyTest {Test_UndoRemoveCertificate} "Test_UndoRemoveCertificate" } "Test_UndoRemoveCertificate"
+ Run-TestProtected { Run-KeyTest {Test_RemoveDeletedCertificate} "Test_RemoveDeletedCertificate" } "Test_RemoveDeletedCertificate"
+ Run-TestProtected { Run-KeyTest {Test_RemoveNonExistDeletedCertificate} "Test_RemoveNonExistDeletedCertificate" } "Test_RemoveNonExistDeletedCertificate"
+ Run-TestProtected { Run-KeyTest {Test_PipelineRemoveDeletedCertificates} "Test_PipelineRemoveDeletedCertificate" } "Test_PipelineRemoveDeletedCertificates"
}
# Add-AzureKeyVaultKey tests.
diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/VaultCertificateTests.ps1 b/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/VaultCertificateTests.ps1
index 77a660ceb2d6..22b1f871a007 100644
--- a/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/VaultCertificateTests.ps1
+++ b/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/VaultCertificateTests.ps1
@@ -614,4 +614,142 @@ function Test_UpdateCertificateTags
Assert-AreEqual $retrievedCertificate.Tags["State"] "Washington"
Assert-AreEqual $retrievedCertificate.Tags.ContainsKey("City") $true
Assert-AreEqual $retrievedCertificate.Tags["City"] "Redmond"
+}
+
+
+<#
+.SYNOPSIS
+Tests getting a previously deleted certificate
+#>
+
+function Test_GetDeletedCertificate
+{
+ $keyVault = Get-KeyVault
+ $certificateName = Get-CertificateName 'getdeletedcertificate'
+
+ $createdCert = CreateAKVCertificate $keyVault $certificateName
+ Assert-NotNull $createdCert
+
+ $global:createdCertificates += $certificateName
+
+ $createdCertificate | Remove-AzureKeyVaultCertificate -Force -Confirm:$false
+
+ Wait-ForDeletedCertificate $keyVault $certificateName
+
+ $deletedCertificate = Get-AzureKeyVaultCertificate -VaultName $keyVault.VaultName -Name $certificateName -InRemovedState
+ Assert-NotNull $deletedCertificate
+ Assert-NotNull $deletedCertificate.DeletedDate
+ Assert-NotNull $deletedCertificate.ScheduledPurgeDate
+}
+
+
+<#
+.SYNOPSIS
+Tests listing all previously deleted certificates
+#>
+function Test_GetDeletedCertificates
+{
+ $keyVault = Get-KeyVault
+ $certificateName = Get-CertificateName 'getdeletedcertificates'
+ $createdCert = CreateAKVCertificate $keyVault $certificateName
+ Assert-NotNull $createdCert
+
+ $global:createdCertificates += $certificateName
+
+ $createdCertificate | Remove-AzureKeyVaultCertificate -Force -Confirm:$false
+
+ Wait-ForDeletedCertificate $keyVault $certificateName
+
+ $deletedCerts = Get-AzureKeyVaultCertificate -VaultName $keyVault.VaultName -InRemovedState
+ Assert-True {$deletedCerts.Count -ge 1}
+ Assert-True {$deletedCerts.Name -contains $key.Name}
+}
+
+<#
+.SYNOPSIS
+Tests recovering a previously deleted certificate.
+#>
+
+function Test_UndoRemoveCertificate
+{
+ $keyVault = Get-KeyVault
+ $certificateName = Get-CertificateName 'undoremovedcert'
+ $createdCert = CreateAKVCertificate $keyVault $certificateName
+ Assert-NotNull $createdCert
+
+ $global:createdCertificates += $certificateName
+
+ $createdCertificate | Remove-AzureKeyVaultCertificate -Force -Confirm:$false
+
+ Wait-ForDeletedCertificate $keyVault $certificateName
+
+ $recoveredCert = Undo-AzureKeyVaultCertificateRemoval -VaultName $keyVault.VaultName -Name $certificateName
+
+ Assert-NotNull $recoveredCert
+ Assert-AreEqual $recoveredCert.Name $createdCert.Name
+ Assert-AreEqual $recoveredCert.Version $createdCert.Version
+ #Assert-KeyAttributes $recoveredKey.Attributes 'RSA' $false $expires $nbf $ops $tags
+}
+
+<#
+.SYNOPSIS
+Tests purging a deleted certificate.
+#>
+
+function Test_RemoveDeletedCertificate
+{
+ $keyVault = Get-KeyVault
+ $certificateName = Get-CertificateName 'undoremovedcert'
+ $createdCert = CreateAKVCertificate $keyVault $certificateName
+ Assert-NotNull $createdCert
+
+ $global:createdCertificates += $certificateName
+
+ $createdCertificate | Remove-AzureKeyVaultCertificate -Force -Confirm:$false
+
+ Wait-ForDeletedCertificate $keyVault $certificateName
+
+ Remove-AzureKeyVaultCertificate -VaultName $keyVault.VaultName -Name $certificateName -InRemovedState -Force -Confirm:$false
+}
+
+<#
+.SYNOPSIS
+Tests purging an active certificate
+#>
+function Test_RemoveNonExistDeletedCertificate
+{
+ $keyVault = Get-KeyVault
+ $certName = Get-CertificateName 'purgeactivecert'
+
+ $createdCert = CreateAKVCertificate $keyVault $certName
+ Assert-NotNull $createdCert
+
+ $global:createdCertificates += $certName
+
+ Assert-Throws {Remove-AzureKeyVaultCertificate -VaultName $keyVault.VaultName -Name $certName -InRemovedState -Force -Confirm:$false}
+}
+
+<#
+.SYNOPSIS
+Tests pipeline commands to remove multiple deleted certificates
+#>
+
+function Test_PipelineRemoveDeletedCertificates
+{
+ $rootCertName = 'piperemovecert'
+ $keyVault = Get-KeyVault
+ $certName = Get-CertificateName $rootCertName + '1'
+ $createdCert1 = CreateAKVCertificate $keyVault $certName
+ Assert-NotNull $createdCert1
+
+ $certName = Get-CertificateName $rootCertName + '2'
+ $createdCert2 = CreateAKVCertificate $keyVault $certName
+ Assert-NotNull $createdCert2
+
+ Get-AzureKeyVaultCertificate $keyVault | Where-Object {$_.CertificateName -like $rootCertName + '*'} | Remove-AzureKeyVaultCertificate -Force -Confirm:$false
+ Wait-Seconds 30
+ Get-AzureKeyVaultCertificate $keyVault -InRemovedState | Where-Object {$_.CertificateName -like $rootCertName + '*'} | Remove-AzureKeyVaultCertificate -Force -Confirm:$false -InRemovedState
+
+ $certs = Get-AzureKeyVaultCertificate $keyVault -InRemovedState | Where-Object {$_.CertificateName -like $rootCertName + '*'}
+ Assert-AreEqual $keys.Count 0
}
\ No newline at end of file
diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/VaultKeyTests.ps1 b/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/VaultKeyTests.ps1
index f820b19cacb9..d8505ec3603e 100644
--- a/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/VaultKeyTests.ps1
+++ b/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/VaultKeyTests.ps1
@@ -32,7 +32,7 @@ function Assert-KeyAttributes($keyAttr, $keytype, $keyenable, $keyexp, $keynbf,
Assert-True { Equal-OperationList $keyops $keyAttr.KeyOps} "Expect $keyops. Get $keyAttr.KeyOps"
}
Assert-True { Equal-Hashtable $tags $keyAttr.Tags} "Expected $tags. Get $keyAttr.Tags"
- Assert-NotNull $keyAttr.PurgeDisabled, "Purge Disabled is null."
+ Assert-NotNull $keyAttr.RecoveryLevel, "Deletion recovery level is null."
}
function BulkCreateSoftKeys ($vault, $prefix, $total)
@@ -851,7 +851,7 @@ function Test_BackupRestoreKeyByName
$backupblob = Backup-AzureKeyVaultKey -VaultName $keyVault -KeyName $keyname
# Remove the key
Cleanup-Key $keyname
- Wait-Seconds 30 # Wait for slm to purge the key..
+ Wait-Seconds 30 # Wait for slm to purge the key..
$restoredKey = Restore-AzureKeyVaultKey -VaultName $keyVault -InputFile $backupblob
Assert-KeyAttributes $restoredKey.Attributes 'RSA' $true $null $null $null
}
@@ -1000,22 +1000,21 @@ Tests getting a previously deleted key
function Test_GetDeletedKey
{
- # Create a software key for updating
+ # Create a software key for updating
$keyVault = Get-KeyVault
$keyname=Get-KeyName 'GetDeletedKey'
$key=Add-AzureKeyVaultKey -VaultName $keyVault -Name $keyname -Destination 'Software' -Expires $expires -NotBefore $nbf -KeyOps $ops -Disable -Tag $tags
Assert-NotNull $key
$global:createdKeys += $keyname
- $key | Remove-AzureKeyVaultKey -Force -Confirm:$false
-
- Wait-ForDeletedKey $keyVault $keyname
+ $key | Remove-AzureKeyVaultKey -Force -Confirm:$false
- $deletedKey = Get-AzureKeyVaultKey -VaultName $keyVault -Name $keyname -InRemovedState
- Assert-NotNull $deletedKey
- Assert-NotNull $deletedKey.DeletedDate
- Assert-NotNull $deletedKey.ScheduledPurgeDate
+ Wait-ForDeletedKey $keyVault $keyname
+ $deletedKey = Get-AzureKeyVaultKey -VaultName $keyVault -Name $keyname -InRemovedState
+ Assert-NotNull $deletedKey
+ Assert-NotNull $deletedKey.DeletedDate
+ Assert-NotNull $deletedKey.ScheduledPurgeDate
}
<#
diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/VaultManagementTests.ps1 b/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/VaultManagementTests.ps1
index 5f223169ef76..7375e9af8c7c 100644
--- a/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/VaultManagementTests.ps1
+++ b/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/VaultManagementTests.ps1
@@ -380,6 +380,14 @@ function Initialize-TemporaryState
}
)
}
+ if ($global:softDeleteEnabled -eq $true )
+ {
+ $vaultProperties.Add("enableSoftDelete", $global:softDeleteEnabled)
+ $vaultProperties.accessPolicies.permissions.keys = @("all", "purge")
+ $vaultProperties.accessPolicies.permissions.secrets = @("all", "purge")
+ $vaultProperties.accessPolicies.permissions.certificates = @("all", "purge")
+ }
+
$keyVault = New-AzureRmResource @vaultId `
-PropertyObject $vaultProperties `
-Location $global:location `
diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/VaultSecretTests.ps1 b/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/VaultSecretTests.ps1
index 4a56a775378a..488a444ab493 100644
--- a/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/VaultSecretTests.ps1
+++ b/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/VaultSecretTests.ps1
@@ -23,6 +23,7 @@ function Assert-SecretAttributes($secretAttr, $secenable, $secexp, $secnbf, $sec
Assert-True { Equal-DateTime $secnbf $secretAttr.NotBefore} "Expect $secnbf. Get $secretAttr.NotBefore"
Assert-True { Equal-String $seccontenttype $secretAttr.ContentType} "Expect $seccontenttype. Get $secretAttr.ContentType"
Assert-True { Equal-Hashtable $sectags $secretAttr.Tags} "Expected $sectags. Get $secretAttr.Tags"
+ Assert-NotNull $secretAttr.RecoveryLevel, "Deletion recovery level is null."
}
function BulkCreateSecrets ($vault, $prefix, $total)
@@ -849,7 +850,6 @@ function Test_GetDeletedSecret
Assert-NotNull $deletedSecret
Assert-NotNull $deletedSecret.DeletedDate
Assert-NotNull $deletedSecret.ScheduledPurgeDate
-
}
<#
diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault.Test/packages.config b/src/ResourceManager/KeyVault/Commands.KeyVault.Test/packages.config
index 8c1bc2f12f3e..366f82c8917c 100644
--- a/src/ResourceManager/KeyVault/Commands.KeyVault.Test/packages.config
+++ b/src/ResourceManager/KeyVault/Commands.KeyVault.Test/packages.config
@@ -4,8 +4,8 @@
-
-
+
+
@@ -22,7 +22,7 @@
-
+
diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/Commands.KeyVault.csproj b/src/ResourceManager/KeyVault/Commands.KeyVault/Commands.KeyVault.csproj
index 2111dde8abb0..ea87dbcb1b79 100644
--- a/src/ResourceManager/KeyVault/Commands.KeyVault/Commands.KeyVault.csproj
+++ b/src/ResourceManager/KeyVault/Commands.KeyVault/Commands.KeyVault.csproj
@@ -89,9 +89,12 @@
+
+
+
@@ -178,11 +181,11 @@
..\..\..\packages\Microsoft.Azure.ActiveDirectory.GraphClient.2.1.0\lib\portable-net4+sl5+win+wpa+wp8\Microsoft.Azure.ActiveDirectory.GraphClient.dll
- ..\..\..\packages\Microsoft.Azure.KeyVault.2.3.0-preview\lib\net452\Microsoft.Azure.KeyVault.dll
+ ..\..\..\packages\Microsoft.Azure.KeyVault.2.3.2\lib\net452\Microsoft.Azure.KeyVault.dll
True
- ..\..\..\packages\Microsoft.Azure.KeyVault.WebKey.2.0.6\lib\net452\Microsoft.Azure.KeyVault.WebKey.dll
+ ..\..\..\packages\Microsoft.Azure.KeyVault.WebKey.2.0.7\lib\net452\Microsoft.Azure.KeyVault.WebKey.dll
True
diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/Commands/GetAzureKeyVaultCertificate.cs b/src/ResourceManager/KeyVault/Commands.KeyVault/Commands/GetAzureKeyVaultCertificate.cs
index aa098293d33d..954ce998e782 100644
--- a/src/ResourceManager/KeyVault/Commands.KeyVault/Commands/GetAzureKeyVaultCertificate.cs
+++ b/src/ResourceManager/KeyVault/Commands.KeyVault/Commands/GetAzureKeyVaultCertificate.cs
@@ -13,12 +13,12 @@
// ----------------------------------------------------------------------------------
using System;
-using System.Management.Automation;
-using Microsoft.Azure.Commands.KeyVault.Models;
-using KeyVaultProperties = Microsoft.Azure.Commands.KeyVault.Properties;
using System.Collections.Generic;
using System.Linq;
+using System.Management.Automation;
+using Microsoft.Azure.Commands.KeyVault.Models;
using Microsoft.Azure.KeyVault.Models;
+using KeyVaultProperties = Microsoft.Azure.Commands.KeyVault.Properties;
namespace Microsoft.Azure.Commands.KeyVault
{
@@ -28,7 +28,7 @@ namespace Microsoft.Azure.Commands.KeyVault
[Cmdlet(VerbsCommon.Get, CmdletNoun.AzureKeyVaultCertificate,
DefaultParameterSetName = ByVaultNameParameterSet,
HelpUri = Constants.KeyVaultHelpUri)]
- [OutputType(typeof(List), typeof(KeyVaultCertificate))]
+ [OutputType(typeof(List), typeof(KeyVaultCertificate), typeof(DeletedKeyVaultCertificate), typeof(List))]
public class GetAzureKeyVaultCertificate : KeyVaultCmdletBase
{
#region Parameter Set Names
@@ -36,6 +36,7 @@ public class GetAzureKeyVaultCertificate : KeyVaultCmdletBase
private const string ByCertificateNameParameterSet = "ByCertificateName";
private const string ByVaultNameParameterSet = "ByVaultName";
private const string ByCertificateVersionsParameterSet = "ByCertificateVersions";
+ private const string ByDeletedCertificateParameterSet = "ByDeletedCertificates";
#endregion
@@ -47,7 +48,7 @@ public class GetAzureKeyVaultCertificate : KeyVaultCmdletBase
[Parameter(Mandatory = true,
Position = 0,
ValueFromPipelineByPropertyName = true,
- HelpMessage = "Vault name. Cmdlet constructs the FQDN of a vault based on the name and currently selected environment.")]
+ HelpMessage = "Vault name. Cmdlet constructs the FQDN of a vault based on the name and currently selected environment.")]
[ValidateNotNullOrEmpty]
public string VaultName { get; set; }
@@ -64,6 +65,11 @@ public class GetAzureKeyVaultCertificate : KeyVaultCmdletBase
ValueFromPipelineByPropertyName = true,
ParameterSetName = ByCertificateVersionsParameterSet,
HelpMessage = "Certificate name. Cmdlet constructs the FQDN of a certificate from vault name, currently selected environment and certificate name.")]
+ [Parameter( Mandatory = false,
+ Position = 1,
+ ValueFromPipelineByPropertyName = true,
+ ParameterSetName = ByDeletedCertificateParameterSet,
+ HelpMessage = "Certificate name. Cmdlet constructs the FQDN of a certificate from vault name, currently selected environment and certificate name." )]
[ValidateNotNullOrEmpty]
[Alias(Constants.CertificateName)]
public string Name { get; set; }
@@ -84,6 +90,13 @@ public class GetAzureKeyVaultCertificate : KeyVaultCmdletBase
HelpMessage = "Specifies whether to include the versions of the certificate in the output.")]
public SwitchParameter IncludeVersions { get; set; }
+ ///
+ /// Switch specifying whether to apply the command to certificates in a deleted state.
+ ///
+ [Parameter( Mandatory = true,
+ ParameterSetName = ByDeletedCertificateParameterSet,
+ HelpMessage = "Specifies whether to show the previously deleted certificates in the output." )]
+ public SwitchParameter InRemovedState { get; set; }
#endregion
protected override void ProcessRecord()
@@ -111,6 +124,18 @@ protected override void ProcessRecord()
GetAndWriteCertificates(VaultName);
break;
+ case ByDeletedCertificateParameterSet:
+ if ( Name == null )
+ {
+ GetAndWriteDeletedCertificates( VaultName );
+ break;
+ }
+
+ DeletedKeyVaultCertificate deletedCert = DeletedKeyVaultCertificate.FromDeletedCertificateBundle( DataServiceClient.GetDeletedCertificate(VaultName, Name) );
+ WriteObject( deletedCert );
+
+ break;
+
default:
throw new ArgumentException(KeyVaultProperties.Resources.BadParameterSetName);
}
@@ -146,5 +171,20 @@ private void GetAndWriteCertificatesVersions(string vaultName, string name, stri
WriteObject(pageResults, true);
} while (!string.IsNullOrEmpty(options.NextLink));
}
+
+ private void GetAndWriteDeletedCertificates( string vaultName )
+ {
+ KeyVaultObjectFilterOptions options = new KeyVaultObjectFilterOptions
+ {
+ VaultName = VaultName,
+ NextLink = null
+ };
+
+ do
+ {
+ var pageResults = DataServiceClient.GetDeletedCertificates(options);
+ WriteObject( pageResults, true );
+ } while ( !string.IsNullOrEmpty( options.NextLink ) );
+ }
}
}
diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/Commands/RemoveAzureKeyVaultCertificate.cs b/src/ResourceManager/KeyVault/Commands.KeyVault/Commands/RemoveAzureKeyVaultCertificate.cs
index 51f5c12aa712..ad485ddcdd26 100644
--- a/src/ResourceManager/KeyVault/Commands.KeyVault/Commands/RemoveAzureKeyVaultCertificate.cs
+++ b/src/ResourceManager/KeyVault/Commands.KeyVault/Commands/RemoveAzureKeyVaultCertificate.cs
@@ -16,7 +16,6 @@
using System.Management.Automation;
using Microsoft.Azure.Commands.KeyVault.Models;
using KeyVaultProperties = Microsoft.Azure.Commands.KeyVault.Properties;
-using Microsoft.Azure.KeyVault.Models;
namespace Microsoft.Azure.Commands.KeyVault
{
@@ -27,7 +26,7 @@ namespace Microsoft.Azure.Commands.KeyVault
SupportsShouldProcess = true,
ConfirmImpact = ConfirmImpact.High,
HelpUri = Constants.KeyVaultHelpUri)]
- [OutputType(typeof(KeyVaultCertificate))]
+ [OutputType(typeof(DeletedKeyVaultCertificate))]
public class RemoveAzureKeyVaultCertificate : KeyVaultCmdletBase
{
#region Input Parameter Definitions
@@ -55,17 +54,44 @@ public class RemoveAzureKeyVaultCertificate : KeyVaultCmdletBase
///
/// If present, do not ask for confirmation
///
- [Parameter(HelpMessage = "Do not ask for confirmation.")]
+ [Parameter( Mandatory = false,
+ HelpMessage = "Do not ask for confirmation.")]
public SwitchParameter Force { get; set; }
- [Parameter(HelpMessage = "Cmdlet does not return an object by default. If this switch is specified, the cmdlet returns the certificate object that was deleted.")]
+ ///
+ /// If present, operate on the deleted key entity.
+ ///
+ [Parameter( Mandatory = false,
+ HelpMessage = "Permanently remove the previously deleted certificate." )]
+ public SwitchParameter InRemovedState { get; set; }
+
+ [Parameter( Mandatory = false,
+ HelpMessage = "Cmdlet does not return an object by default. If this switch is specified, the cmdlet returns the certificate object that was deleted.")]
public SwitchParameter PassThru { get; set; }
#endregion
protected override void ProcessRecord()
{
- CertificateBundle certBundle = null;
+ if ( InRemovedState.IsPresent )
+ {
+ ConfirmAction(
+ Force.IsPresent,
+ string.Format(
+ CultureInfo.InvariantCulture,
+ KeyVaultProperties.Resources.RemoveDeletedCertificateWarning,
+ Name ),
+ string.Format(
+ CultureInfo.InvariantCulture,
+ KeyVaultProperties.Resources.RemoveDeletedCertificateWhatIfMessage,
+ Name ),
+ Name,
+ ( ) => { DataServiceClient.PurgeCertificate( VaultName, Name ); } );
+
+ return;
+ }
+
+ DeletedKeyVaultCertificate certBundle = null;
ConfirmAction(
Force.IsPresent,
@@ -78,12 +104,11 @@ protected override void ProcessRecord()
KeyVaultProperties.Resources.RemoveCertWhatIfMessage,
Name),
Name,
- () => { certBundle = this.DataServiceClient.DeleteCertificate(VaultName, Name); });
+ () => { certBundle = DeletedKeyVaultCertificate.FromDeletedCertificateBundle( this.DataServiceClient.DeleteCertificate(VaultName, Name) ); });
if (PassThru.IsPresent)
{
- var certificate = KeyVaultCertificate.FromCertificateBundle(certBundle);
- this.WriteObject(certificate);
+ WriteObject( certBundle );
}
}
}
diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/Commands/SetAzureKeyVaultAccessPolicy.cs b/src/ResourceManager/KeyVault/Commands.KeyVault/Commands/SetAzureKeyVaultAccessPolicy.cs
index e813b5d0c219..b0de15fccf19 100644
--- a/src/ResourceManager/KeyVault/Commands.KeyVault/Commands/SetAzureKeyVaultAccessPolicy.cs
+++ b/src/ResourceManager/KeyVault/Commands.KeyVault/Commands/SetAzureKeyVaultAccessPolicy.cs
@@ -71,6 +71,7 @@ public class SetAzureKeyVaultAccessPolicy : KeyVaultManagementCmdletBase
CertPerms.Managecontacts,
CertPerms.Manageissuers,
CertPerms.Setissuers,
+ CertPerms.Recover,
};
private readonly string[] StorageAllExpansion = {
@@ -232,7 +233,7 @@ public class SetAzureKeyVaultAccessPolicy : KeyVaultManagementCmdletBase
ParameterSetName = ByEmailAddress,
ValueFromPipelineByPropertyName = true,
HelpMessage = "Specifies certificate operation permissions to grant to a user or service principal.")]
- [ValidateSet("get", "list", "delete", "create", "import", "update", "managecontacts", "getissuers", "listissuers", "setissuers", "deleteissuers", "manageissuers", "all")]
+ [ValidateSet("get", "list", "delete", "create", "import", "update", "managecontacts", "getissuers", "listissuers", "setissuers", "deleteissuers", "manageissuers", "recover", "purge", "all")]
public string[] PermissionsToCertificates { get; set; }
///
diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/Commands/UndoAzureKeyVaultCertificateRemoval.cs b/src/ResourceManager/KeyVault/Commands.KeyVault/Commands/UndoAzureKeyVaultCertificateRemoval.cs
new file mode 100644
index 000000000000..06bcc0d12837
--- /dev/null
+++ b/src/ResourceManager/KeyVault/Commands.KeyVault/Commands/UndoAzureKeyVaultCertificateRemoval.cs
@@ -0,0 +1,62 @@
+// ----------------------------------------------------------------------------------
+//
+// Copyright Microsoft Corporation
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// http://www.apache.org/licenses/LICENSE-2.0
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+// ----------------------------------------------------------------------------------
+
+using System.Management.Automation;
+using Microsoft.Azure.Commands.KeyVault.Models;
+using Microsoft.Azure.KeyVault.Models;
+
+namespace Microsoft.Azure.Commands.KeyVault
+{
+ [Cmdlet( VerbsCommon.Undo, "AzureKeyVaultCertificateRemoval",
+ SupportsShouldProcess = true,
+ HelpUri = Constants.KeyVaultHelpUri )]
+ [OutputType( typeof( CertificateBundle ) )]
+ public class UndoAzureKeyVaultCertificateRemoval : KeyVaultCmdletBase
+ {
+ #region Input Parameter Definitions
+
+ ///
+ /// Vault name
+ ///
+ [Parameter( Mandatory = true,
+ Position = 0,
+ ValueFromPipelineByPropertyName = true,
+ HelpMessage = "Vault name. Cmdlet constructs the FQDN of a vault based on the name and currently selected environment." )]
+ [ValidateNotNullOrEmpty]
+ public string VaultName { get; set; }
+
+ ///
+ /// Secret name
+ ///
+ [Parameter( Mandatory = true,
+ Position = 1,
+ ValueFromPipelineByPropertyName = true,
+ HelpMessage = "Certificate name. Cmdlet constructs the FQDN of a certificate from vault name, currently selected environment and certificate name." )]
+ [ValidateNotNullOrEmpty]
+ [Alias( Constants.CertificateName )]
+ public string Name { get; set; }
+
+ #endregion
+
+ public override void ExecuteCmdlet( )
+ {
+ if ( ShouldProcess( Name, Properties.Resources.RecoverCertificate ) )
+ {
+ CertificateBundle certificate = DataServiceClient.RecoverCertificate(VaultName, Name);
+
+ WriteObject( certificate );
+ }
+ }
+ }
+}
diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/Models/DeletedCertificateIdentityItem.cs b/src/ResourceManager/KeyVault/Commands.KeyVault/Models/DeletedCertificateIdentityItem.cs
new file mode 100644
index 000000000000..4c95fef5c2fa
--- /dev/null
+++ b/src/ResourceManager/KeyVault/Commands.KeyVault/Models/DeletedCertificateIdentityItem.cs
@@ -0,0 +1,40 @@
+// ----------------------------------------------------------------------------------
+//
+// Copyright Microsoft Corporation
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// http://www.apache.org/licenses/LICENSE-2.0
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+// ----------------------------------------------------------------------------------
+
+using System;
+using Microsoft.Azure.KeyVault.Models;
+
+namespace Microsoft.Azure.Commands.KeyVault.Models
+{
+ public class DeletedCertificateIdentityItem : CertificateIdentityItem
+ {
+ internal DeletedCertificateIdentityItem( DeletedCertificateItem certItem, VaultUriHelper vaultUriHelper )
+ :base(certItem, vaultUriHelper)
+ {
+ ScheduledPurgeDate = certItem.ScheduledPurgeDate;
+ DeletedDate = certItem.DeletedDate;
+ }
+
+ internal DeletedCertificateIdentityItem( DeletedCertificateBundle certBundle )
+ :base( certBundle )
+ {
+ ScheduledPurgeDate = certBundle.ScheduledPurgeDate;
+ DeletedDate = certBundle.DeletedDate;
+ }
+
+ public DateTime? ScheduledPurgeDate { get; set; }
+
+ public DateTime? DeletedDate { get; set; }
+ }
+}
diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/Models/DeletedKeyVaultCertificate.cs b/src/ResourceManager/KeyVault/Commands.KeyVault/Models/DeletedKeyVaultCertificate.cs
new file mode 100644
index 000000000000..feed2109eb85
--- /dev/null
+++ b/src/ResourceManager/KeyVault/Commands.KeyVault/Models/DeletedKeyVaultCertificate.cs
@@ -0,0 +1,47 @@
+// ----------------------------------------------------------------------------------
+//
+// Copyright Microsoft Corporation
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// http://www.apache.org/licenses/LICENSE-2.0
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+// ----------------------------------------------------------------------------------
+
+using System;
+
+namespace Microsoft.Azure.Commands.KeyVault.Models
+{
+ public sealed class DeletedKeyVaultCertificate : KeyVaultCertificate
+ {
+ public DeletedKeyVaultCertificate( Azure.KeyVault.Models.DeletedCertificateBundle deletedCertificateBundle )
+ :base( deletedCertificateBundle )
+ {
+ if ( deletedCertificateBundle == null )
+ {
+ throw new ArgumentNullException( nameof( deletedCertificateBundle ) );
+ }
+
+ ScheduledPurgeDate = deletedCertificateBundle.ScheduledPurgeDate;
+ DeletedDate = deletedCertificateBundle.DeletedDate;
+ }
+
+ internal static DeletedKeyVaultCertificate FromDeletedCertificateBundle( Azure.KeyVault.Models.DeletedCertificateBundle deletedCertificateBundle )
+ {
+ if ( deletedCertificateBundle == null )
+ {
+ return null;
+ }
+
+ return new DeletedKeyVaultCertificate( deletedCertificateBundle );
+ }
+
+ public DateTime? ScheduledPurgeDate { get; set; }
+
+ public DateTime? DeletedDate { get; set; }
+ }
+}
diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/Models/IKeyVaultDataServiceClient.cs b/src/ResourceManager/KeyVault/Commands.KeyVault/Models/IKeyVaultDataServiceClient.cs
index 13cd822b7b4f..5770a57bf8e5 100644
--- a/src/ResourceManager/KeyVault/Commands.KeyVault/Models/IKeyVaultDataServiceClient.cs
+++ b/src/ResourceManager/KeyVault/Commands.KeyVault/Models/IKeyVaultDataServiceClient.cs
@@ -82,8 +82,12 @@ public interface IKeyVaultDataServiceClient
CertificateBundle GetCertificate(string vaultName, string certName, string certificateVersion);
+ DeletedCertificateBundle GetDeletedCertificate( string vaultName, string certName );
+
IEnumerable GetCertificates(KeyVaultObjectFilterOptions options);
+ IEnumerable GetDeletedCertificates( KeyVaultObjectFilterOptions options );
+
IEnumerable GetCertificateVersions(KeyVaultObjectFilterOptions options);
CertificateBundle MergeCertificate(string vaultName, string certName, X509Certificate2Collection certs, IDictionary tags);
@@ -92,7 +96,11 @@ public interface IKeyVaultDataServiceClient
CertificateBundle ImportCertificate(string vaultName, string certName, X509Certificate2Collection certificateCollection, IDictionary tags);
- CertificateBundle DeleteCertificate(string vaultName, string certName);
+ DeletedCertificateBundle DeleteCertificate(string vaultName, string certName);
+
+ void PurgeCertificate( string vaultName, string certName );
+
+ CertificateBundle RecoverCertificate( string vaultName, string certName );
CertificateOperation EnrollCertificate(string vaultName, string certificateName, CertificatePolicy certificatePolicy, IDictionary tags);
diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/Models/KeyAttributes.cs b/src/ResourceManager/KeyVault/Commands.KeyVault/Models/KeyAttributes.cs
index 00cc94ca79c7..72035c223b61 100644
--- a/src/ResourceManager/KeyVault/Commands.KeyVault/Models/KeyAttributes.cs
+++ b/src/ResourceManager/KeyVault/Commands.KeyVault/Models/KeyAttributes.cs
@@ -35,10 +35,11 @@ internal KeyAttributes(bool? enabled, DateTime? expires, DateTime? notBefore, st
this.KeyType = keyType;
this.KeyOps = keyOps;
this.Tags = tags;
+ this.PurgeDisabled = false;
}
internal KeyAttributes(bool? enabled, DateTime? expires, DateTime? notBefore, string keyType,
- string[] keyOps, DateTime? created, DateTime? updated, bool purgeDisabled, IDictionary tags)
+ string[] keyOps, DateTime? created, DateTime? updated, string deletionRecoveryLevel, IDictionary tags)
{
this.Enabled = enabled;
this.Expires = expires;
@@ -47,8 +48,9 @@ internal KeyAttributes(bool? enabled, DateTime? expires, DateTime? notBefore, st
this.KeyOps = keyOps;
this.Created = created;
this.Updated = updated;
- this.PurgeDisabled = purgeDisabled;
+ this.RecoveryLevel = deletionRecoveryLevel;
this.Tags = (tags == null) ? null : tags.ConvertToHashtable();
+ this.PurgeDisabled = false;
}
public bool? Enabled { get; set; }
@@ -65,8 +67,16 @@ internal KeyAttributes(bool? enabled, DateTime? expires, DateTime? notBefore, st
public DateTime? Updated { get; private set; }
+ ///
+ /// Obsolete flag indicating that the key is protected against purge.
+ ///
+ ///
+ /// Deprecated, will be removed in the next PowerShell release.
+ ///
public bool PurgeDisabled { get; private set; }
+ public string RecoveryLevel { get; private set; }
+
public Hashtable Tags { get; set; }
public string TagsTable
{
diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/Models/KeyBundle.cs b/src/ResourceManager/KeyVault/Commands.KeyVault/Models/KeyBundle.cs
index d07486f3d7fa..d87c8b9396cf 100644
--- a/src/ResourceManager/KeyVault/Commands.KeyVault/Models/KeyBundle.cs
+++ b/src/ResourceManager/KeyVault/Commands.KeyVault/Models/KeyBundle.cs
@@ -42,7 +42,7 @@ internal KeyBundle(Azure.KeyVault.Models.KeyBundle keyBundle, VaultUriHelper vau
keyBundle.Key.KeyOps.ToArray(),
keyBundle.Attributes.Created,
keyBundle.Attributes.Updated,
- keyBundle.Attributes.PurgeDisabled,
+ keyBundle.Attributes.RecoveryLevel,
keyBundle.Tags);
}
diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/Models/KeyIdentityItem.cs b/src/ResourceManager/KeyVault/Commands.KeyVault/Models/KeyIdentityItem.cs
index d1d91de3b432..704eb3ba4c1e 100644
--- a/src/ResourceManager/KeyVault/Commands.KeyVault/Models/KeyIdentityItem.cs
+++ b/src/ResourceManager/KeyVault/Commands.KeyVault/Models/KeyIdentityItem.cs
@@ -36,8 +36,13 @@ internal KeyIdentityItem(Azure.KeyVault.Models.KeyItem keyItem, VaultUriHelper v
NotBefore = keyItem.Attributes.NotBefore;
Created = keyItem.Attributes.Created;
Updated = keyItem.Attributes.Updated;
- PurgeDisabled = keyItem.Attributes.PurgeDisabled;
+ RecoveryLevel = keyItem.Attributes.RecoveryLevel;
Tags = (keyItem.Tags == null) ? null : keyItem.Tags.ConvertToHashtable();
+
+
+ // the PurgeDisabled field was deprecated, but is kept in the
+ // PSH SDK until the first breaking-change release.
+ PurgeDisabled = false;
}
internal KeyIdentityItem(KeyBundle keyBundle)
@@ -54,8 +59,12 @@ internal KeyIdentityItem(KeyBundle keyBundle)
NotBefore = keyBundle.Attributes.NotBefore;
Created = keyBundle.Attributes.Created;
Updated = keyBundle.Attributes.Updated;
- PurgeDisabled = keyBundle.Attributes.PurgeDisabled;
+ RecoveryLevel = keyBundle.Attributes.RecoveryLevel;
Tags = keyBundle.Attributes.Tags;
+
+ // the PurgeDisabled field was deprecated, but is kept in the
+ // PSH SDK until the first breaking-change release.
+ PurgeDisabled = false;
}
public bool? Enabled { get; set; }
@@ -70,6 +79,8 @@ internal KeyIdentityItem(KeyBundle keyBundle)
public bool PurgeDisabled { get; private set; }
+ public string RecoveryLevel { get; private set; }
+
public Hashtable Tags { get; set; }
public string TagsTable
diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/Models/KeyVaultCertificate.cs b/src/ResourceManager/KeyVault/Commands.KeyVault/Models/KeyVaultCertificate.cs
index 412f95df8751..6420c5dde727 100644
--- a/src/ResourceManager/KeyVault/Commands.KeyVault/Models/KeyVaultCertificate.cs
+++ b/src/ResourceManager/KeyVault/Commands.KeyVault/Models/KeyVaultCertificate.cs
@@ -19,9 +19,10 @@
namespace Microsoft.Azure.Commands.KeyVault.Models
{
- public class KeyVaultCertificate
+ public class KeyVaultCertificate
{
public string Name { get; set; }
+ public string VaultName { get; set; }
public X509Certificate2 Certificate { get; set; }
public string Id { get; internal set; }
public string KeyId { get; internal set; }
@@ -33,50 +34,65 @@ public class KeyVaultCertificate
public DateTime? Created { get; internal set; }
public DateTime? Updated { get; internal set; }
- internal static KeyVaultCertificate FromCertificateBundle(CertificateBundle certificateBundle)
+ public string RecoveryLevel { get; private set; }
+
+ public KeyVaultCertificate( CertificateBundle certificateBundle )
{
- if (certificateBundle == null)
+ if ( certificateBundle == null )
{
- return null;
+ throw new ArgumentNullException( nameof( certificateBundle ) );
}
- var kvCertificate = new KeyVaultCertificate();
+ if ( certificateBundle.Id != null )
+ {
+ Id = certificateBundle.CertificateIdentifier.Identifier;
+ Name = certificateBundle.CertificateIdentifier.Name;
+
+ // TODO [dragosav] Bring Certificate classes on par with keys/secrets:
+ // - inherit from ObjectIdentifier
+ // - constructors should accept the VaultUriHelper as a parameter
+ var vaultUri = new Uri( certificateBundle.CertificateIdentifier.Vault );
+ VaultName = vaultUri.Host.Split( '.' ).First( );
+ }
- if (certificateBundle.Id != null)
+ if ( certificateBundle.Cer != null )
{
- kvCertificate.Id = certificateBundle.CertificateIdentifier.Identifier;
- kvCertificate.Name = certificateBundle.CertificateIdentifier.Name;
+ Certificate = new X509Certificate2( certificateBundle.Cer );
+ Thumbprint = Certificate.Thumbprint;
}
- if (certificateBundle.Cer != null)
+ if ( certificateBundle.KeyIdentifier != null )
{
- kvCertificate.Certificate = new X509Certificate2(certificateBundle.Cer);
- kvCertificate.Thumbprint = kvCertificate.Certificate.Thumbprint;
+ KeyId = certificateBundle.KeyIdentifier.Identifier;
}
- if (certificateBundle.KeyIdentifier != null)
+ if ( certificateBundle.SecretIdentifier != null )
{
- kvCertificate.KeyId = certificateBundle.KeyIdentifier.Identifier;
+ SecretId = certificateBundle.SecretIdentifier.Identifier;
}
- if (certificateBundle.SecretIdentifier != null)
+ if ( certificateBundle.Attributes != null )
{
- kvCertificate.SecretId = certificateBundle.SecretIdentifier.Identifier;
+ Created = certificateBundle.Attributes.Created;
+ Enabled = certificateBundle.Attributes.Enabled;
+ Updated = certificateBundle.Attributes.Updated;
+ RecoveryLevel = certificateBundle.Attributes.RecoveryLevel;
}
- if (certificateBundle.Attributes != null)
+ if ( certificateBundle.Tags != null )
{
- kvCertificate.Created = certificateBundle.Attributes.Created;
- kvCertificate.Enabled = certificateBundle.Attributes.Enabled;
- kvCertificate.Updated = certificateBundle.Attributes.Updated;
+ Tags = certificateBundle.Tags;
}
+ }
- if (certificateBundle.Tags != null)
+ internal static KeyVaultCertificate FromCertificateBundle(CertificateBundle certificateBundle)
+ {
+ if ( certificateBundle == null )
{
- kvCertificate.Tags = certificateBundle.Tags;
+ return null;
}
- return kvCertificate;
+ return new KeyVaultCertificate( certificateBundle );
}
internal static List FromCertificateBundles(IEnumerable certificateBundles)
diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/Models/KeyVaultDataServiceClient.cs b/src/ResourceManager/KeyVault/Commands.KeyVault/Models/KeyVaultDataServiceClient.cs
index 1cb57abf4cff..b5be52dcfc09 100644
--- a/src/ResourceManager/KeyVault/Commands.KeyVault/Models/KeyVaultDataServiceClient.cs
+++ b/src/ResourceManager/KeyVault/Commands.KeyVault/Models/KeyVaultDataServiceClient.cs
@@ -679,7 +679,7 @@ public CertificateBundle UpdateCertificate(string vaultName, string certificateN
return certificateBundle;
}
- public CertificateBundle DeleteCertificate(string vaultName, string certName)
+ public DeletedCertificateBundle DeleteCertificate(string vaultName, string certName)
{
if (string.IsNullOrEmpty(vaultName))
throw new ArgumentNullException(nameof(vaultName));
@@ -688,7 +688,7 @@ public CertificateBundle DeleteCertificate(string vaultName, string certName)
string vaultAddress = this.vaultUriHelper.CreateVaultAddress(vaultName);
- CertificateBundle certBundle;
+ DeletedCertificateBundle certBundle;
try
{
@@ -702,6 +702,25 @@ public CertificateBundle DeleteCertificate(string vaultName, string certName)
return certBundle;
}
+ public void PurgeCertificate(string vaultName, string certName)
+ {
+ if ( string.IsNullOrEmpty( vaultName ) )
+ throw new ArgumentNullException( "vaultName" );
+ if ( string.IsNullOrEmpty( certName ) )
+ throw new ArgumentNullException( "certName" );
+
+ string vaultAddress = this.vaultUriHelper.CreateVaultAddress(vaultName);
+
+ try
+ {
+ this.keyVaultClient.PurgeDeletedCertificateAsync( vaultAddress, certName ).GetAwaiter( ).GetResult( );
+ }
+ catch (Exception ex)
+ {
+ throw GetInnerException( ex );
+ }
+ }
+
public CertificateOperation GetCertificateOperation(string vaultName, string certificateName)
{
if (string.IsNullOrEmpty(vaultName))
@@ -1569,6 +1588,85 @@ public Secret RecoverSecret(string vaultName, string secretName)
return new Secret(recoveredSecret, this.vaultUriHelper);
}
+ public DeletedCertificateBundle GetDeletedCertificate( string vaultName, string certName )
+ {
+ if ( string.IsNullOrEmpty( vaultName ) )
+ throw new ArgumentNullException( nameof(vaultName) );
+ if ( string.IsNullOrEmpty( certName ) )
+ throw new ArgumentNullException( nameof(certName) );
+
+ string vaultAddress = this.vaultUriHelper.CreateVaultAddress(vaultName);
+
+ DeletedCertificateBundle deletedCertificate;
+ try
+ {
+ deletedCertificate = this.keyVaultClient.GetDeletedCertificateAsync( vaultAddress, certName ).GetAwaiter( ).GetResult( );
+ }
+ catch ( KeyVaultErrorException ex )
+ {
+ if ( ex.Response.StatusCode == HttpStatusCode.NotFound )
+ return null;
+ else
+ throw;
+ }
+ catch ( Exception ex )
+ {
+ throw GetInnerException( ex );
+ }
+
+ return deletedCertificate;
+ }
+
+ public IEnumerable GetDeletedCertificates( KeyVaultObjectFilterOptions options )
+ {
+ if ( options == null )
+ throw new ArgumentNullException( nameof( options ) );
+ if ( string.IsNullOrEmpty( options.VaultName ) )
+ throw new ArgumentException( KeyVaultProperties.Resources.InvalidVaultName );
+
+ string vaultAddress = this.vaultUriHelper.CreateVaultAddress(options.VaultName);
+
+ try
+ {
+ IPage result;
+
+ if ( string.IsNullOrEmpty( options.NextLink ) )
+ result = this.keyVaultClient.GetDeletedCertificatesAsync( vaultAddress ).GetAwaiter( ).GetResult( );
+ else
+ result = this.keyVaultClient.GetDeletedCertificatesNextAsync( options.NextLink ).GetAwaiter( ).GetResult( );
+
+ options.NextLink = result.NextPageLink;
+ return ( result == null ) ? new List( ) :
+ result.Select( ( deletedItem ) => new DeletedCertificateIdentityItem( deletedItem, this.vaultUriHelper ) );
+ }
+ catch ( Exception ex )
+ {
+ throw GetInnerException( ex );
+ }
+ }
+
+ public CertificateBundle RecoverCertificate( string vaultName, string certName )
+ {
+ if ( string.IsNullOrEmpty( vaultName ) )
+ throw new ArgumentNullException( nameof( vaultName ) );
+ if ( string.IsNullOrEmpty( certName ) )
+ throw new ArgumentNullException( nameof( certName ) );
+
+ string vaultAddress = this.vaultUriHelper.CreateVaultAddress(vaultName);
+
+ CertificateBundle recoveredCertificate;
+ try
+ {
+ recoveredCertificate = this.keyVaultClient.RecoverDeletedCertificateAsync( vaultAddress, certName ).GetAwaiter( ).GetResult( );
+ }
+ catch ( Exception ex )
+ {
+ throw GetInnerException( ex );
+ }
+
+ return recoveredCertificate;
+ }
+
private VaultUriHelper vaultUriHelper;
private KeyVaultClient keyVaultClient;
}
diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/Models/KeyVaultManagementCmdletBase.cs b/src/ResourceManager/KeyVault/Commands.KeyVault/Models/KeyVaultManagementCmdletBase.cs
index fec2a071c5cd..7a9469ac2f05 100644
--- a/src/ResourceManager/KeyVault/Commands.KeyVault/Models/KeyVaultManagementCmdletBase.cs
+++ b/src/ResourceManager/KeyVault/Commands.KeyVault/Models/KeyVaultManagementCmdletBase.cs
@@ -383,7 +383,8 @@ private Expression> FilterByEmail(string email)
CertPerms.Listissuers,
CertPerms.Managecontacts,
CertPerms.Manageissuers,
- CertPerms.Setissuers
+ CertPerms.Setissuers,
+ CertPerms.Recover
};
protected readonly string[] DefaultPermissionsToStorage =
diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/Models/Secret.cs b/src/ResourceManager/KeyVault/Commands.KeyVault/Models/Secret.cs
index 1fca010e901d..5a094251d599 100644
--- a/src/ResourceManager/KeyVault/Commands.KeyVault/Models/Secret.cs
+++ b/src/ResourceManager/KeyVault/Commands.KeyVault/Models/Secret.cs
@@ -43,6 +43,7 @@ internal Secret(Azure.KeyVault.Models.SecretBundle secret, VaultUriHelper vaultU
secret.Attributes.Created,
secret.Attributes.Updated,
secret.ContentType,
+ secret.Attributes.RecoveryLevel,
secret.Tags);
}
diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/Models/SecretAttributes.cs b/src/ResourceManager/KeyVault/Commands.KeyVault/Models/SecretAttributes.cs
index af9fd7b8a4eb..e9db106713b5 100644
--- a/src/ResourceManager/KeyVault/Commands.KeyVault/Models/SecretAttributes.cs
+++ b/src/ResourceManager/KeyVault/Commands.KeyVault/Models/SecretAttributes.cs
@@ -33,10 +33,11 @@ internal SecretAttributes(bool? enabled, DateTime? expires, DateTime? notBefore,
this.NotBefore = notBefore;
this.ContentType = contentType;
this.Tags = tags;
+ this.PurgeDisabled = false;
}
internal SecretAttributes(bool? enabled, DateTime? expires, DateTime? notBefore,
- DateTime? created, DateTime? updated, string contentType, IDictionary tags)
+ DateTime? created, DateTime? updated, string contentType, string deletionRecoveryLevel, IDictionary tags)
{
this.Enabled = enabled;
this.Expires = expires;
@@ -44,7 +45,9 @@ internal SecretAttributes(bool? enabled, DateTime? expires, DateTime? notBefore,
this.Created = created;
this.Updated = updated;
this.ContentType = contentType;
+ this.RecoveryLevel = deletionRecoveryLevel;
this.Tags = (tags == null) ? null : tags.ConvertToHashtable();
+ this.PurgeDisabled = false;
}
public bool? Enabled { get; set; }
@@ -60,6 +63,17 @@ internal SecretAttributes(bool? enabled, DateTime? expires, DateTime? notBefore,
public string ContentType { get; set; }
public Hashtable Tags { get; set; }
+
+ ///
+ /// Obsolete flag indicating that the secret is protected against purge.
+ ///
+ ///
+ /// Deprecated, will be removed in the next PowerShell release.
+ ///
+ public bool PurgeDisabled { get; private set; }
+
+ public string RecoveryLevel { get; private set; }
+
public string TagsTable
{
get
diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/Properties/Resources.Designer.cs b/src/ResourceManager/KeyVault/Commands.KeyVault/Properties/Resources.Designer.cs
index 91fb812cb50f..07737e3233c9 100644
--- a/src/ResourceManager/KeyVault/Commands.KeyVault/Properties/Resources.Designer.cs
+++ b/src/ResourceManager/KeyVault/Commands.KeyVault/Properties/Resources.Designer.cs
@@ -22,7 +22,7 @@ namespace Microsoft.Azure.Commands.KeyVault.Properties {
[global::System.CodeDom.Compiler.GeneratedCodeAttribute("System.Resources.Tools.StronglyTypedResourceBuilder", "4.0.0.0")]
[global::System.Diagnostics.DebuggerNonUserCodeAttribute()]
[global::System.Runtime.CompilerServices.CompilerGeneratedAttribute()]
- public class Resources {
+ internal class Resources {
private static global::System.Resources.ResourceManager resourceMan;
@@ -36,7 +36,7 @@ internal Resources() {
/// Returns the cached ResourceManager instance used by this class.
///
[global::System.ComponentModel.EditorBrowsableAttribute(global::System.ComponentModel.EditorBrowsableState.Advanced)]
- public static global::System.Resources.ResourceManager ResourceManager {
+ internal static global::System.Resources.ResourceManager ResourceManager {
get {
if (object.ReferenceEquals(resourceMan, null)) {
global::System.Resources.ResourceManager temp = new global::System.Resources.ResourceManager("Microsoft.Azure.Commands.KeyVault.Properties.Resources", typeof(Resources).Assembly);
@@ -51,7 +51,7 @@ internal Resources() {
/// resource lookups using this strongly typed resource class.
///
[global::System.ComponentModel.EditorBrowsableAttribute(global::System.ComponentModel.EditorBrowsableState.Advanced)]
- public static global::System.Globalization.CultureInfo Culture {
+ internal static global::System.Globalization.CultureInfo Culture {
get {
return resourceCulture;
}
@@ -63,7 +63,7 @@ internal Resources() {
///
/// Looks up a localized string similar to Add certificate.
///
- public static string AddCertificate {
+ internal static string AddCertificate {
get {
return ResourceManager.GetString("AddCertificate", resourceCulture);
}
@@ -72,7 +72,7 @@ public static string AddCertificate {
///
/// Looks up a localized string similar to Add certificate contact.
///
- public static string AddCertificateContact {
+ internal static string AddCertificateContact {
get {
return ResourceManager.GetString("AddCertificateContact", resourceCulture);
}
@@ -81,7 +81,7 @@ public static string AddCertificateContact {
///
/// Looks up a localized string similar to Add key.
///
- public static string AddKey {
+ internal static string AddKey {
get {
return ResourceManager.GetString("AddKey", resourceCulture);
}
@@ -90,16 +90,16 @@ public static string AddKey {
///
/// Looks up a localized string similar to Add Key Vault managed Storage Account.
///
- public static string AddManagedStorageAccount {
+ internal static string AddManagedStorageAccount {
get {
return ResourceManager.GetString("AddManagedStorageAccount", resourceCulture);
}
}
///
- /// Looks up a localized string similar to The Email argument specified, '{1}', matches multiple objects in the Azure Active Directory tenant '{2}'. Please use -UserPrincipalName to narrow down the the filter to a single object. The TenantID displayed by the cmdlet 'Get-AzureRmContext' is the current subscription's Azure Active directory..
+ /// Looks up a localized string similar to The Email argument specified, '{1}', matches multiple objects in the Azure Active Directory tenant '{2}'. Please use -UserPrincipalName to narrow down the filter to a single object. The TenantID displayed by the cmdlet 'Get-AzureRmContext' is the current subscription's Azure Active Directory..
///
- public static string ADObjectAmbiguous {
+ internal static string ADObjectAmbiguous {
get {
return ResourceManager.GetString("ADObjectAmbiguous", resourceCulture);
}
@@ -111,7 +111,7 @@ public static string ADObjectAmbiguous {
///Please provide object ID for the user or service principle to set a vault access policy.
///You can find the object ID using Azure Active Directory Module for Windows PowerShell..
///
- public static string ADObjectIDRetrievalFailed {
+ internal static string ADObjectIDRetrievalFailed {
get {
return ResourceManager.GetString("ADObjectIDRetrievalFailed", resourceCulture);
}
@@ -120,7 +120,7 @@ public static string ADObjectIDRetrievalFailed {
///
/// Looks up a localized string similar to Cannot find the Active Directory object '{0}' in tenant '{1}'. Please make sure that the user or application service principal you are authorizing is registered in the current subscription's Azure Active directory. The TenantID displayed by the cmdlet 'Get-AzureRmContext' is the current subscription's Azure Active directory..
///
- public static string ADObjectNotFound {
+ internal static string ADObjectNotFound {
get {
return ResourceManager.GetString("ADObjectNotFound", resourceCulture);
}
@@ -129,7 +129,7 @@ public static string ADObjectNotFound {
///
/// Looks up a localized string similar to The 'all' permission is being deprecated and does not include the 'purge' permission. 'Purge' permission must be explicitly set..
///
- public static string AllPermissionExpansionWarning {
+ internal static string AllPermissionExpansionWarning {
get {
return ResourceManager.GetString("AllPermissionExpansionWarning", resourceCulture);
}
@@ -138,7 +138,7 @@ public static string AllPermissionExpansionWarning {
///
/// Looks up a localized string similar to No account found in the context. Please login using Login-AzureRMAccount..
///
- public static string ArmAccountNotFound {
+ internal static string ArmAccountNotFound {
get {
return ResourceManager.GetString("ArmAccountNotFound", resourceCulture);
}
@@ -147,7 +147,7 @@ public static string ArmAccountNotFound {
///
/// Looks up a localized string similar to Backup key.
///
- public static string BackupKey {
+ internal static string BackupKey {
get {
return ResourceManager.GetString("BackupKey", resourceCulture);
}
@@ -156,7 +156,7 @@ public static string BackupKey {
///
/// Looks up a localized string similar to The backup key file '{0}' already exists..
///
- public static string BackupKeyFileAlreadyExists {
+ internal static string BackupKeyFileAlreadyExists {
get {
return ResourceManager.GetString("BackupKeyFileAlreadyExists", resourceCulture);
}
@@ -165,7 +165,7 @@ public static string BackupKeyFileAlreadyExists {
///
/// Looks up a localized string similar to Cannot find backup key file '{0}'.
///
- public static string BackupKeyFileNotFound {
+ internal static string BackupKeyFileNotFound {
get {
return ResourceManager.GetString("BackupKeyFileNotFound", resourceCulture);
}
@@ -174,7 +174,7 @@ public static string BackupKeyFileNotFound {
///
/// Looks up a localized string similar to Backup secret.
///
- public static string BackupSecret {
+ internal static string BackupSecret {
get {
return ResourceManager.GetString("BackupSecret", resourceCulture);
}
@@ -183,7 +183,7 @@ public static string BackupSecret {
///
/// Looks up a localized string similar to The backup secret file '{0}' already exists..
///
- public static string BackupSecretFileAlreadyExists {
+ internal static string BackupSecretFileAlreadyExists {
get {
return ResourceManager.GetString("BackupSecretFileAlreadyExists", resourceCulture);
}
@@ -192,7 +192,7 @@ public static string BackupSecretFileAlreadyExists {
///
/// Looks up a localized string similar to Cannot find backup secret file '{0}'.
///
- public static string BackupSecretFileNotFound {
+ internal static string BackupSecretFileNotFound {
get {
return ResourceManager.GetString("BackupSecretFileNotFound", resourceCulture);
}
@@ -201,7 +201,7 @@ public static string BackupSecretFileNotFound {
///
/// Looks up a localized string similar to Bad Parameter Set Name.
///
- public static string BadParameterSetName {
+ internal static string BadParameterSetName {
get {
return ResourceManager.GetString("BadParameterSetName", resourceCulture);
}
@@ -210,7 +210,7 @@ public static string BadParameterSetName {
///
/// Looks up a localized string similar to Cannot find certificate file '{0}'..
///
- public static string CertificateFileNotFound {
+ internal static string CertificateFileNotFound {
get {
return ResourceManager.GetString("CertificateFileNotFound", resourceCulture);
}
@@ -219,7 +219,7 @@ public static string CertificateFileNotFound {
///
/// Looks up a localized string similar to Create certificate administrator.
///
- public static string CreateCertificateAdministrator {
+ internal static string CreateCertificateAdministrator {
get {
return ResourceManager.GetString("CreateCertificateAdministrator", resourceCulture);
}
@@ -228,7 +228,7 @@ public static string CreateCertificateAdministrator {
///
/// Looks up a localized string similar to Create certificate organization.
///
- public static string CreateCertificateOrganization {
+ internal static string CreateCertificateOrganization {
get {
return ResourceManager.GetString("CreateCertificateOrganization", resourceCulture);
}
@@ -237,7 +237,7 @@ public static string CreateCertificateOrganization {
///
/// Looks up a localized string similar to Create certificate policy.
///
- public static string CreateCertificatePolicy {
+ internal static string CreateCertificatePolicy {
get {
return ResourceManager.GetString("CreateCertificatePolicy", resourceCulture);
}
@@ -246,7 +246,7 @@ public static string CreateCertificatePolicy {
///
/// Looks up a localized string similar to Create key vault.
///
- public static string CreateKeyVault {
+ internal static string CreateKeyVault {
get {
return ResourceManager.GetString("CreateKeyVault", resourceCulture);
}
@@ -255,7 +255,7 @@ public static string CreateKeyVault {
///
/// Looks up a localized string similar to Cannot find deleted vault '{0}' in location '{1}'.
///
- public static string DeletedVaultNotFound {
+ internal static string DeletedVaultNotFound {
get {
return ResourceManager.GetString("DeletedVaultNotFound", resourceCulture);
}
@@ -264,7 +264,7 @@ public static string DeletedVaultNotFound {
///
/// Looks up a localized string similar to Overwrite File ?.
///
- public static string FileOverwriteCaption {
+ internal static string FileOverwriteCaption {
get {
return ResourceManager.GetString("FileOverwriteCaption", resourceCulture);
}
@@ -273,7 +273,7 @@ public static string FileOverwriteCaption {
///
/// Looks up a localized string similar to Overwrite existing file at '{0}' ?.
///
- public static string FileOverwriteMessage {
+ internal static string FileOverwriteMessage {
get {
return ResourceManager.GetString("FileOverwriteMessage", resourceCulture);
}
@@ -282,7 +282,7 @@ public static string FileOverwriteMessage {
///
/// Looks up a localized string similar to BYOK key can not be imported as software key.
///
- public static string ImportByokAsSoftkeyError {
+ internal static string ImportByokAsSoftkeyError {
get {
return ResourceManager.GetString("ImportByokAsSoftkeyError", resourceCulture);
}
@@ -291,7 +291,7 @@ public static string ImportByokAsSoftkeyError {
///
/// Looks up a localized string similar to Import certificate.
///
- public static string ImportCertificate {
+ internal static string ImportCertificate {
get {
return ResourceManager.GetString("ImportCertificate", resourceCulture);
}
@@ -300,7 +300,7 @@ public static string ImportCertificate {
///
/// Looks up a localized string similar to Invalid application Id..
///
- public static string InvalidApplicationId {
+ internal static string InvalidApplicationId {
get {
return ResourceManager.GetString("InvalidApplicationId", resourceCulture);
}
@@ -309,7 +309,7 @@ public static string InvalidApplicationId {
///
/// Looks up a localized string similar to Invalid AzureEnvironment..
///
- public static string InvalidAzureEnvironment {
+ internal static string InvalidAzureEnvironment {
get {
return ResourceManager.GetString("InvalidAzureEnvironment", resourceCulture);
}
@@ -318,7 +318,7 @@ public static string InvalidAzureEnvironment {
///
/// Looks up a localized string similar to No current subscription has been designated. Use Set-AzureRmContext -SubscriptionName <subscriptionName> to set the current subscription..
///
- public static string InvalidCurrentSubscription {
+ internal static string InvalidCurrentSubscription {
get {
return ResourceManager.GetString("InvalidCurrentSubscription", resourceCulture);
}
@@ -327,7 +327,7 @@ public static string InvalidCurrentSubscription {
///
/// Looks up a localized string similar to Invalid key attributes.
///
- public static string InvalidKeyAttributes {
+ internal static string InvalidKeyAttributes {
get {
return ResourceManager.GetString("InvalidKeyAttributes", resourceCulture);
}
@@ -336,7 +336,7 @@ public static string InvalidKeyAttributes {
///
/// Looks up a localized string similar to Invalid '{0}' key blob..
///
- public static string InvalidKeyBlob {
+ internal static string InvalidKeyBlob {
get {
return ResourceManager.GetString("InvalidKeyBlob", resourceCulture);
}
@@ -345,7 +345,7 @@ public static string InvalidKeyBlob {
///
/// Looks up a localized string similar to Invalid KeyBundle..
///
- public static string InvalidKeyBundle {
+ internal static string InvalidKeyBundle {
get {
return ResourceManager.GetString("InvalidKeyBundle", resourceCulture);
}
@@ -354,7 +354,7 @@ public static string InvalidKeyBundle {
///
/// Looks up a localized string similar to Can not create given key material in specified destination..
///
- public static string InvalidKeyDestination {
+ internal static string InvalidKeyDestination {
get {
return ResourceManager.GetString("InvalidKeyDestination", resourceCulture);
}
@@ -363,7 +363,7 @@ public static string InvalidKeyDestination {
///
/// Looks up a localized string similar to Invalid key identifier.
///
- public static string InvalidKeyIdentifier {
+ internal static string InvalidKeyIdentifier {
get {
return ResourceManager.GetString("InvalidKeyIdentifier", resourceCulture);
}
@@ -372,7 +372,7 @@ public static string InvalidKeyIdentifier {
///
/// Looks up a localized string similar to Invalid key name..
///
- public static string InvalidKeyName {
+ internal static string InvalidKeyName {
get {
return ResourceManager.GetString("InvalidKeyName", resourceCulture);
}
@@ -381,7 +381,7 @@ public static string InvalidKeyName {
///
/// Looks up a localized string similar to Invalid key uri '{0}'..
///
- public static string InvalidKeyUri {
+ internal static string InvalidKeyUri {
get {
return ResourceManager.GetString("InvalidKeyUri", resourceCulture);
}
@@ -390,7 +390,7 @@ public static string InvalidKeyUri {
///
/// Looks up a localized string similar to Invalid key vault managed storage acccount name..
///
- public static string InvalidManagedStorageAccountName {
+ internal static string InvalidManagedStorageAccountName {
get {
return ResourceManager.GetString("InvalidManagedStorageAccountName", resourceCulture);
}
@@ -399,7 +399,7 @@ public static string InvalidManagedStorageAccountName {
///
/// Looks up a localized string similar to Invalid number of certificates..
///
- public static string InvalidNumberOfCertificates {
+ internal static string InvalidNumberOfCertificates {
get {
return ResourceManager.GetString("InvalidNumberOfCertificates", resourceCulture);
}
@@ -408,7 +408,7 @@ public static string InvalidNumberOfCertificates {
///
/// Looks up a localized string similar to Cannot parse ObjectId into Guid..
///
- public static string InvalidObjectIdSyntax {
+ internal static string InvalidObjectIdSyntax {
get {
return ResourceManager.GetString("InvalidObjectIdSyntax", resourceCulture);
}
@@ -417,7 +417,7 @@ public static string InvalidObjectIdSyntax {
///
/// Looks up a localized string similar to Invalid Sas permission '{0}'..
///
- public static string InvalidSasPermission {
+ internal static string InvalidSasPermission {
get {
return ResourceManager.GetString("InvalidSasPermission", resourceCulture);
}
@@ -426,7 +426,7 @@ public static string InvalidSasPermission {
///
/// Looks up a localized string similar to Invalid secret attributes.
///
- public static string InvalidSecretAttributes {
+ internal static string InvalidSecretAttributes {
get {
return ResourceManager.GetString("InvalidSecretAttributes", resourceCulture);
}
@@ -435,7 +435,7 @@ public static string InvalidSecretAttributes {
///
/// Looks up a localized string similar to Invalid secret identifier.
///
- public static string InvalidSecretIdentifier {
+ internal static string InvalidSecretIdentifier {
get {
return ResourceManager.GetString("InvalidSecretIdentifier", resourceCulture);
}
@@ -444,7 +444,7 @@ public static string InvalidSecretIdentifier {
///
/// Looks up a localized string similar to Invalid secret name..
///
- public static string InvalidSecretName {
+ internal static string InvalidSecretName {
get {
return ResourceManager.GetString("InvalidSecretName", resourceCulture);
}
@@ -453,7 +453,7 @@ public static string InvalidSecretName {
///
/// Looks up a localized string similar to Invalid secret uri '{0}'..
///
- public static string InvalidSecretUri {
+ internal static string InvalidSecretUri {
get {
return ResourceManager.GetString("InvalidSecretUri", resourceCulture);
}
@@ -462,7 +462,7 @@ public static string InvalidSecretUri {
///
/// Looks up a localized string similar to No subscription is currently selected. Use Set-AzureRmContext to activate a subscription..
///
- public static string InvalidSelectedSubscription {
+ internal static string InvalidSelectedSubscription {
get {
return ResourceManager.GetString("InvalidSelectedSubscription", resourceCulture);
}
@@ -471,7 +471,7 @@ public static string InvalidSelectedSubscription {
///
/// Looks up a localized string similar to Your Azure credentials have not been set up or have expired, please run Login-AzureRmAccount to set up your Azure credentials..
///
- public static string InvalidSubscriptionState {
+ internal static string InvalidSubscriptionState {
get {
return ResourceManager.GetString("InvalidSubscriptionState", resourceCulture);
}
@@ -480,7 +480,7 @@ public static string InvalidSubscriptionState {
///
/// Looks up a localized string similar to Invalid tag format. Expect @{Name = "tagName"} or @{Name = "tagName"; Value = "tagValue"}.
///
- public static string InvalidTagFormat {
+ internal static string InvalidTagFormat {
get {
return ResourceManager.GetString("InvalidTagFormat", resourceCulture);
}
@@ -489,7 +489,7 @@ public static string InvalidTagFormat {
///
/// Looks up a localized string similar to Invalid vault name..
///
- public static string InvalidVaultName {
+ internal static string InvalidVaultName {
get {
return ResourceManager.GetString("InvalidVaultName", resourceCulture);
}
@@ -498,7 +498,7 @@ public static string InvalidVaultName {
///
/// Looks up a localized string similar to Invalid vault uri '{0}'. Vault uri must contain valid dns host name with domain suffix '{1}'..
///
- public static string InvalidVaultUri {
+ internal static string InvalidVaultUri {
get {
return ResourceManager.GetString("InvalidVaultUri", resourceCulture);
}
@@ -507,7 +507,7 @@ public static string InvalidVaultUri {
///
/// Looks up a localized string similar to Can not find key file '{0}'..
///
- public static string KeyFileNotFound {
+ internal static string KeyFileNotFound {
get {
return ResourceManager.GetString("KeyFileNotFound", resourceCulture);
}
@@ -516,7 +516,7 @@ public static string KeyFileNotFound {
///
/// Looks up a localized string similar to There is no default user account associated with this subscription. Certificate accounts are not supported with Azure Key Vault..
///
- public static string NoDefaultUserAccount {
+ internal static string NoDefaultUserAccount {
get {
return ResourceManager.GetString("NoDefaultUserAccount", resourceCulture);
}
@@ -525,7 +525,7 @@ public static string NoDefaultUserAccount {
///
/// Looks up a localized string similar to No tenant found in the context. Please ensure that the credentials you provided are authorized to access an Azure subscription, then run Login-AzureRMAccount to login..
///
- public static string NoTenantInContext {
+ internal static string NoTenantInContext {
get {
return ResourceManager.GetString("NoTenantInContext", resourceCulture);
}
@@ -534,7 +534,7 @@ public static string NoTenantInContext {
///
/// Looks up a localized string similar to Invalid permissions to {0}. The list contains "all" along with other permissions. Please remove "all" from the list or include only "all" in the list..
///
- public static string PermissionSetIncludesAllPlusOthers {
+ internal static string PermissionSetIncludesAllPlusOthers {
get {
return ResourceManager.GetString("PermissionSetIncludesAllPlusOthers", resourceCulture);
}
@@ -543,7 +543,7 @@ public static string PermissionSetIncludesAllPlusOthers {
///
/// Looks up a localized string similar to At least one permission should be selected for key access or secret access..
///
- public static string PermissionsNotSpecified {
+ internal static string PermissionsNotSpecified {
get {
return ResourceManager.GetString("PermissionsNotSpecified", resourceCulture);
}
@@ -552,7 +552,7 @@ public static string PermissionsNotSpecified {
///
/// Looks up a localized string similar to Are you sure you want to remove vault '{0}' forever..
///
- public static string PurgeVaultWarning {
+ internal static string PurgeVaultWarning {
get {
return ResourceManager.GetString("PurgeVaultWarning", resourceCulture);
}
@@ -561,16 +561,25 @@ public static string PurgeVaultWarning {
///
/// Looks up a localized string similar to Purge vault.
///
- public static string PurgeVaultWhatIfMessage {
+ internal static string PurgeVaultWhatIfMessage {
get {
return ResourceManager.GetString("PurgeVaultWhatIfMessage", resourceCulture);
}
}
+ ///
+ /// Looks up a localized string similar to Recover certificate.
+ ///
+ internal static string RecoverCertificate {
+ get {
+ return ResourceManager.GetString("RecoverCertificate", resourceCulture);
+ }
+ }
+
///
/// Looks up a localized string similar to Recover key.
///
- public static string RecoverKey {
+ internal static string RecoverKey {
get {
return ResourceManager.GetString("RecoverKey", resourceCulture);
}
@@ -579,7 +588,7 @@ public static string RecoverKey {
///
/// Looks up a localized string similar to Recover secret.
///
- public static string RecoverSecret {
+ internal static string RecoverSecret {
get {
return ResourceManager.GetString("RecoverSecret", resourceCulture);
}
@@ -588,7 +597,7 @@ public static string RecoverSecret {
///
/// Looks up a localized string similar to Recover vault.
///
- public static string RecoverVault {
+ internal static string RecoverVault {
get {
return ResourceManager.GetString("RecoverVault", resourceCulture);
}
@@ -597,7 +606,7 @@ public static string RecoverVault {
///
/// Looks up a localized string similar to Are you sure you want to regenerate '{0}' of storage account '{1}' and make it an active key of Key Vault managed Storage Account..
///
- public static string RegenerateManagedStorageAccountKeyWarning {
+ internal static string RegenerateManagedStorageAccountKeyWarning {
get {
return ResourceManager.GetString("RegenerateManagedStorageAccountKeyWarning", resourceCulture);
}
@@ -606,7 +615,7 @@ public static string RegenerateManagedStorageAccountKeyWarning {
///
/// Looks up a localized string similar to Regenerate '{0}'.
///
- public static string RegenerateManagedStorageAccountKeyWhatIfMessage {
+ internal static string RegenerateManagedStorageAccountKeyWhatIfMessage {
get {
return ResourceManager.GetString("RegenerateManagedStorageAccountKeyWhatIfMessage", resourceCulture);
}
@@ -615,7 +624,7 @@ public static string RegenerateManagedStorageAccountKeyWhatIfMessage {
///
/// Looks up a localized string similar to Remove certificate contact.
///
- public static string RemoveCertificateContact {
+ internal static string RemoveCertificateContact {
get {
return ResourceManager.GetString("RemoveCertificateContact", resourceCulture);
}
@@ -624,7 +633,7 @@ public static string RemoveCertificateContact {
///
/// Looks up a localized string similar to Remove certificate issuer.
///
- public static string RemoveCertificateIssuer {
+ internal static string RemoveCertificateIssuer {
get {
return ResourceManager.GetString("RemoveCertificateIssuer", resourceCulture);
}
@@ -633,7 +642,7 @@ public static string RemoveCertificateIssuer {
///
/// Looks up a localized string similar to Remove certificate operation.
///
- public static string RemoveCertificateOperation {
+ internal static string RemoveCertificateOperation {
get {
return ResourceManager.GetString("RemoveCertificateOperation", resourceCulture);
}
@@ -642,7 +651,7 @@ public static string RemoveCertificateOperation {
///
/// Looks up a localized string similar to Are you sure you want to remove certificate '{0}'..
///
- public static string RemoveCertWarning {
+ internal static string RemoveCertWarning {
get {
return ResourceManager.GetString("RemoveCertWarning", resourceCulture);
}
@@ -651,16 +660,34 @@ public static string RemoveCertWarning {
///
/// Looks up a localized string similar to Remove certificate.
///
- public static string RemoveCertWhatIfMessage {
+ internal static string RemoveCertWhatIfMessage {
get {
return ResourceManager.GetString("RemoveCertWhatIfMessage", resourceCulture);
}
}
+ ///
+ /// Looks up a localized string similar to Are you sure you want to purge certificate '{0}'.
+ ///
+ internal static string RemoveDeletedCertificateWarning {
+ get {
+ return ResourceManager.GetString("RemoveDeletedCertificateWarning", resourceCulture);
+ }
+ }
+
+ ///
+ /// Looks up a localized string similar to Purge certificate.
+ ///
+ internal static string RemoveDeletedCertificateWhatIfMessage {
+ get {
+ return ResourceManager.GetString("RemoveDeletedCertificateWhatIfMessage", resourceCulture);
+ }
+ }
+
///
/// Looks up a localized string similar to Are you sure you want to purge key '{0}'..
///
- public static string RemoveDeletedKeyWarning {
+ internal static string RemoveDeletedKeyWarning {
get {
return ResourceManager.GetString("RemoveDeletedKeyWarning", resourceCulture);
}
@@ -669,7 +696,7 @@ public static string RemoveDeletedKeyWarning {
///
/// Looks up a localized string similar to Purge key.
///
- public static string RemoveDeletedKeyWhatIfMessage {
+ internal static string RemoveDeletedKeyWhatIfMessage {
get {
return ResourceManager.GetString("RemoveDeletedKeyWhatIfMessage", resourceCulture);
}
@@ -678,7 +705,7 @@ public static string RemoveDeletedKeyWhatIfMessage {
///
/// Looks up a localized string similar to Are you sure you want to purge secret '{0}'..
///
- public static string RemoveDeletedSecretWarning {
+ internal static string RemoveDeletedSecretWarning {
get {
return ResourceManager.GetString("RemoveDeletedSecretWarning", resourceCulture);
}
@@ -687,7 +714,7 @@ public static string RemoveDeletedSecretWarning {
///
/// Looks up a localized string similar to Purge secret.
///
- public static string RemoveDeletedSecretWhatIfMessage {
+ internal static string RemoveDeletedSecretWhatIfMessage {
get {
return ResourceManager.GetString("RemoveDeletedSecretWhatIfMessage", resourceCulture);
}
@@ -696,7 +723,7 @@ public static string RemoveDeletedSecretWhatIfMessage {
///
/// Looks up a localized string similar to Are you sure you want to remove key '{0}'..
///
- public static string RemoveKeyWarning {
+ internal static string RemoveKeyWarning {
get {
return ResourceManager.GetString("RemoveKeyWarning", resourceCulture);
}
@@ -705,7 +732,7 @@ public static string RemoveKeyWarning {
///
/// Looks up a localized string similar to Remove key.
///
- public static string RemoveKeyWhatIfMessage {
+ internal static string RemoveKeyWhatIfMessage {
get {
return ResourceManager.GetString("RemoveKeyWhatIfMessage", resourceCulture);
}
@@ -714,7 +741,7 @@ public static string RemoveKeyWhatIfMessage {
///
/// Looks up a localized string similar to Are you sure you want to remove managed storage account '{0}'.
///
- public static string RemoveManagedStorageAccountWarning {
+ internal static string RemoveManagedStorageAccountWarning {
get {
return ResourceManager.GetString("RemoveManagedStorageAccountWarning", resourceCulture);
}
@@ -723,7 +750,7 @@ public static string RemoveManagedStorageAccountWarning {
///
/// Looks up a localized string similar to Remove managed storage account.
///
- public static string RemoveManagedStorageAccountWhatIfMessage {
+ internal static string RemoveManagedStorageAccountWhatIfMessage {
get {
return ResourceManager.GetString("RemoveManagedStorageAccountWhatIfMessage", resourceCulture);
}
@@ -732,7 +759,7 @@ public static string RemoveManagedStorageAccountWhatIfMessage {
///
/// Looks up a localized string similar to Are you sure you want to remove managed storage sas definition '{0}'.
///
- public static string RemoveManagedStorageSasDefinitionWarning {
+ internal static string RemoveManagedStorageSasDefinitionWarning {
get {
return ResourceManager.GetString("RemoveManagedStorageSasDefinitionWarning", resourceCulture);
}
@@ -741,7 +768,7 @@ public static string RemoveManagedStorageSasDefinitionWarning {
///
/// Looks up a localized string similar to Remove managed storage sas definition.
///
- public static string RemoveManagedStorageSasDefinitionWhatIfMessage {
+ internal static string RemoveManagedStorageSasDefinitionWhatIfMessage {
get {
return ResourceManager.GetString("RemoveManagedStorageSasDefinitionWhatIfMessage", resourceCulture);
}
@@ -750,7 +777,7 @@ public static string RemoveManagedStorageSasDefinitionWhatIfMessage {
///
/// Looks up a localized string similar to Are you sure you want to remove secret '{0}'.
///
- public static string RemoveSecretWarning {
+ internal static string RemoveSecretWarning {
get {
return ResourceManager.GetString("RemoveSecretWarning", resourceCulture);
}
@@ -759,7 +786,7 @@ public static string RemoveSecretWarning {
///
/// Looks up a localized string similar to Remove secret.
///
- public static string RemoveSecretWhatIfMessage {
+ internal static string RemoveSecretWhatIfMessage {
get {
return ResourceManager.GetString("RemoveSecretWhatIfMessage", resourceCulture);
}
@@ -768,7 +795,7 @@ public static string RemoveSecretWhatIfMessage {
///
/// Looks up a localized string similar to Remove vault access policy.
///
- public static string RemoveVaultAccessPolicy {
+ internal static string RemoveVaultAccessPolicy {
get {
return ResourceManager.GetString("RemoveVaultAccessPolicy", resourceCulture);
}
@@ -777,7 +804,7 @@ public static string RemoveVaultAccessPolicy {
///
/// Looks up a localized string similar to Are you sure you want to remove vault '{0}'..
///
- public static string RemoveVaultWarning {
+ internal static string RemoveVaultWarning {
get {
return ResourceManager.GetString("RemoveVaultWarning", resourceCulture);
}
@@ -786,7 +813,7 @@ public static string RemoveVaultWarning {
///
/// Looks up a localized string similar to Remove vault.
///
- public static string RemoveVaultWhatIfMessage {
+ internal static string RemoveVaultWhatIfMessage {
get {
return ResourceManager.GetString("RemoveVaultWhatIfMessage", resourceCulture);
}
@@ -795,7 +822,7 @@ public static string RemoveVaultWhatIfMessage {
///
/// Looks up a localized string similar to Restore key.
///
- public static string RestoreKey {
+ internal static string RestoreKey {
get {
return ResourceManager.GetString("RestoreKey", resourceCulture);
}
@@ -804,7 +831,7 @@ public static string RestoreKey {
///
/// Looks up a localized string similar to Restore secret.
///
- public static string RestoreSecret {
+ internal static string RestoreSecret {
get {
return ResourceManager.GetString("RestoreSecret", resourceCulture);
}
@@ -813,7 +840,7 @@ public static string RestoreSecret {
///
/// Looks up a localized string similar to Set certificate attribute.
///
- public static string SetCertificateAttributes {
+ internal static string SetCertificateAttributes {
get {
return ResourceManager.GetString("SetCertificateAttributes", resourceCulture);
}
@@ -822,7 +849,7 @@ public static string SetCertificateAttributes {
///
/// Looks up a localized string similar to Set certificate issuer.
///
- public static string SetCertificateIssuer {
+ internal static string SetCertificateIssuer {
get {
return ResourceManager.GetString("SetCertificateIssuer", resourceCulture);
}
@@ -831,7 +858,7 @@ public static string SetCertificateIssuer {
///
/// Looks up a localized string similar to Set certificate policy.
///
- public static string SetCertificatePolicy {
+ internal static string SetCertificatePolicy {
get {
return ResourceManager.GetString("SetCertificatePolicy", resourceCulture);
}
@@ -840,7 +867,7 @@ public static string SetCertificatePolicy {
///
/// Looks up a localized string similar to Set key attribute.
///
- public static string SetKeyAttribute {
+ internal static string SetKeyAttribute {
get {
return ResourceManager.GetString("SetKeyAttribute", resourceCulture);
}
@@ -849,7 +876,7 @@ public static string SetKeyAttribute {
///
/// Looks up a localized string similar to Set Key Vault managed Storage Account attribute.
///
- public static string SetManagedStorageAccountKeysAttribute {
+ internal static string SetManagedStorageAccountKeysAttribute {
get {
return ResourceManager.GetString("SetManagedStorageAccountKeysAttribute", resourceCulture);
}
@@ -858,7 +885,7 @@ public static string SetManagedStorageAccountKeysAttribute {
///
/// Looks up a localized string similar to Set Key Vault managed Storage SAS definition.
///
- public static string SetManagedStorageSasDefinition {
+ internal static string SetManagedStorageSasDefinition {
get {
return ResourceManager.GetString("SetManagedStorageSasDefinition", resourceCulture);
}
@@ -867,7 +894,7 @@ public static string SetManagedStorageSasDefinition {
///
/// Looks up a localized string similar to Set secret.
///
- public static string SetSecret {
+ internal static string SetSecret {
get {
return ResourceManager.GetString("SetSecret", resourceCulture);
}
@@ -876,7 +903,7 @@ public static string SetSecret {
///
/// Looks up a localized string similar to Set secret attribute.
///
- public static string SetSecretAttribute {
+ internal static string SetSecretAttribute {
get {
return ResourceManager.GetString("SetSecretAttribute", resourceCulture);
}
@@ -885,7 +912,7 @@ public static string SetSecretAttribute {
///
/// Looks up a localized string similar to Set vault access policy.
///
- public static string SetVaultAccessPolicy {
+ internal static string SetVaultAccessPolicy {
get {
return ResourceManager.GetString("SetVaultAccessPolicy", resourceCulture);
}
@@ -894,7 +921,7 @@ public static string SetVaultAccessPolicy {
///
/// Looks up a localized string similar to Stop certificate operation.
///
- public static string StopCertificateOperation {
+ internal static string StopCertificateOperation {
get {
return ResourceManager.GetString("StopCertificateOperation", resourceCulture);
}
@@ -903,7 +930,7 @@ public static string StopCertificateOperation {
///
/// Looks up a localized string similar to Key vault cmdlet does not support account type '{0}'..
///
- public static string UnsupportedAccountType {
+ internal static string UnsupportedAccountType {
get {
return ResourceManager.GetString("UnsupportedAccountType", resourceCulture);
}
@@ -912,7 +939,7 @@ public static string UnsupportedAccountType {
///
/// Looks up a localized string similar to The file format of '{0}' is not supported..
///
- public static string UnsupportedFileFormat {
+ internal static string UnsupportedFileFormat {
get {
return ResourceManager.GetString("UnsupportedFileFormat", resourceCulture);
}
@@ -921,7 +948,7 @@ public static string UnsupportedFileFormat {
///
/// Looks up a localized string similar to The specified vault already exists..
///
- public static string VaultAlreadyExists {
+ internal static string VaultAlreadyExists {
get {
return ResourceManager.GetString("VaultAlreadyExists", resourceCulture);
}
@@ -930,7 +957,7 @@ public static string VaultAlreadyExists {
///
/// Looks up a localized string similar to Access policy is not set. No user or application have access permission to use this vault. This can happen if the vault was created by a service principal. Please use Set-AzureRmKeyVaultAccessPolicy to set access policies..
///
- public static string VaultNoAccessPolicyWarning {
+ internal static string VaultNoAccessPolicyWarning {
get {
return ResourceManager.GetString("VaultNoAccessPolicyWarning", resourceCulture);
}
@@ -939,7 +966,7 @@ public static string VaultNoAccessPolicyWarning {
///
/// Looks up a localized string similar to Cannot find vault '{0}' in resource group '{1}'..
///
- public static string VaultNotFound {
+ internal static string VaultNotFound {
get {
return ResourceManager.GetString("VaultNotFound", resourceCulture);
}
@@ -948,7 +975,7 @@ public static string VaultNotFound {
///
/// Looks up a localized string similar to At least one of -EnabledForDeployment, -EnabledForTemplateDeployment, or -EnabledForDiskEncryption must be specified..
///
- public static string VaultPermissionFlagMissing {
+ internal static string VaultPermissionFlagMissing {
get {
return ResourceManager.GetString("VaultPermissionFlagMissing", resourceCulture);
}
diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/Properties/Resources.resx b/src/ResourceManager/KeyVault/Commands.KeyVault/Properties/Resources.resx
index 5e0b2135e931..111d1d100142 100644
--- a/src/ResourceManager/KeyVault/Commands.KeyVault/Properties/Resources.resx
+++ b/src/ResourceManager/KeyVault/Commands.KeyVault/Properties/Resources.resx
@@ -415,6 +415,15 @@ You can find the object ID using Azure Active Directory Module for Windows Power
Invalid Sas permission '{0}'.
- The Email argument specified, '{1}', matches multiple objects in the Azure Active Directory tenant '{2}'. Please use -UserPrincipalName to narrow down the filter to a single object. The TenantID displayed by the cmdlet 'Get-AzureRmContext' is the current subscription's Azure Active Directory.
+ The Email argument specified, '{1}', matches multiple objects in the Azure Active Directory tenant '{2}'. Please use -UserPrincipalName to narrow down the filter to a single object. The TenantID displayed by the cmdlet 'Get-AzureRmContext' is the current subscription's Azure Active Directory.
+
+
+ Recover certificate
+
+
+ Are you sure you want to purge certificate '{0}'
+
+
+ Purge certificate
\ No newline at end of file
diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Add-AzureKeyVaultCertificate.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Add-AzureKeyVaultCertificate.md
index 7ee6a8054b23..7bd867cbf8fd 100644
--- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Add-AzureKeyVaultCertificate.md
+++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Add-AzureKeyVaultCertificate.md
@@ -1,7 +1,7 @@
---
external help file: Microsoft.Azure.Commands.KeyVault.dll-Help.xml
ms.assetid: 89299823-3382-402D-9458-519466748051
-online version:
+online version:
schema: 2.0.0
---
@@ -90,30 +90,15 @@ Specifies a **KeyVaultCertificatePolicy** object.
```yaml
Type: KeyVaultCertificatePolicy
Parameter Sets: (All)
-Aliases:
+Aliases:
Required: False
-Position: 2
+Position: 3
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
```
-### -Confirm
-Prompts you for confirmation before running the cmdlet.
-
-```yaml
-Type: SwitchParameter
-Parameter Sets: (All)
-Aliases: cf
-
-Required: False
-Position: Named
-Default value: None
-Accept pipeline input: False
-Accept wildcard characters: False
-```
-
### -Name
Specifies the name of the certificate to add.
@@ -123,7 +108,7 @@ Parameter Sets: (All)
Aliases: CertificateName
Required: True
-Position: 1
+Position: 2
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
@@ -152,15 +137,30 @@ Specifies the name of a key vault.
```yaml
Type: String
Parameter Sets: (All)
-Aliases:
+Aliases:
Required: True
-Position: 0
+Position: 1
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
```
+### -Confirm
+Prompts you for confirmation before running the cmdlet.
+
+```yaml
+Type: SwitchParameter
+Parameter Sets: (All)
+Aliases: cf
+
+Required: False
+Position: Named
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
### -WhatIf
Shows what would happen if the cmdlet runs.
The cmdlet is not run.
diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Add-AzureKeyVaultCertificateContact.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Add-AzureKeyVaultCertificateContact.md
index 65d4cc750393..67a8871a29ee 100644
--- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Add-AzureKeyVaultCertificateContact.md
+++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Add-AzureKeyVaultCertificateContact.md
@@ -33,21 +33,6 @@ This command adds Patti Fuller as a certificate contact for the ContosoKV01 key
## PARAMETERS
-### -Confirm
-Prompts you for confirmation before running the cmdlet.
-
-```yaml
-Type: SwitchParameter
-Parameter Sets: (All)
-Aliases: cf
-
-Required: False
-Position: Named
-Default value: None
-Accept pipeline input: False
-Accept wildcard characters: False
-```
-
### -EmailAddress
Specifies the email address of the contact.
@@ -57,7 +42,7 @@ Parameter Sets: (All)
Aliases:
Required: True
-Position: 1
+Position: 2
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
@@ -88,12 +73,27 @@ Parameter Sets: (All)
Aliases:
Required: True
-Position: 0
+Position: 1
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
```
+### -Confirm
+Prompts you for confirmation before running the cmdlet.
+
+```yaml
+Type: SwitchParameter
+Parameter Sets: (All)
+Aliases: cf
+
+Required: False
+Position: Named
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
### -WhatIf
Shows what would happen if the cmdlet runs.
The cmdlet is not run.
diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/AzureRM.KeyVault.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/AzureRM.KeyVault.md
index d95e8ed654c2..6875a91484f2 100644
--- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/AzureRM.KeyVault.md
+++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/AzureRM.KeyVault.md
@@ -20,8 +20,8 @@ Adds a contact for certificate notifications.
### [Add-AzureKeyVaultKey](Add-AzureKeyVaultKey.md)
Creates a key in a key vault or imports a key into a key vault.
-### [Add-AzureKeyVaultManagedStorageAccount](Add-AzureKeyVaultManagedStorageAccount.md)
-Adds an existing storage account to a key vault for automatic management of its storage account keys.
+### [Add-AzureKeyVaultManagedStorageAccount](Add-AzureKeyVaultManagedStorageAccount.md)
+Adds a KeyVault-managed storage account to a key vault.
### [Backup-AzureKeyVaultKey](Backup-AzureKeyVaultKey.md)
Backs up a key in a key vault.
@@ -59,8 +59,8 @@ Gets the secrets in a key vault.
### [Get-AzureRmKeyVault](Get-AzureRmKeyVault.md)
Gets key vaults.
-### [Import-AzureKeyVaultCertificate](Import-AzureKeyVaultCertificate.md)
-Imports a certificate to a key vault.
+### [Get-AzureRmKeyVault](Get-AzureRmKeyVault.md)
+Gets key vaults.
### [New-AzureKeyVaultCertificateAdministratorDetails](New-AzureKeyVaultCertificateAdministratorDetails.md)
Creates an in-memory certificate administrator details object.
@@ -119,17 +119,17 @@ Sets a certificate issuer in a key vault.
### [Set-AzureKeyVaultCertificatePolicy](Set-AzureKeyVaultCertificatePolicy.md)
Creates or updates the policy for a certificate in a key vault.
-### [Set-AzureKeyVaultKeyAttribute](Set-AzureKeyVaultKeyAttribute.md)
-Updates the attributes of a key in a key vault.
+### [Set-AzureKeyVaultCertificatePolicy](Set-AzureKeyVaultCertificatePolicy.md)
+Creates or updates the policy for a certificate in a key vault.
-### [Set-AzureKeyVaultManagedStorageSasDefinition](Set-AzureKeyVaultManagedStorageSasDefinition.md)
-Sets a Shared Access Signature (SAS) definition with Key Vault for a given Key Vault managed Azure Storage Account.
+### [Set-AzureKeyVaultCertificatePolicy](Set-AzureKeyVaultCertificatePolicy.md)
+Creates or updates the policy for a certificate in a key vault.
-### [Set-AzureKeyVaultSecret](Set-AzureKeyVaultSecret.md)
-Creates or updates a secret in a key vault.
+### [Set-AzureKeyVaultCertificatePolicy](Set-AzureKeyVaultCertificatePolicy.md)
+Creates or updates the policy for a certificate in a key vault.
-### [Set-AzureKeyVaultSecretAttribute](Set-AzureKeyVaultSecretAttribute.md)
-Updates attributes of a secret in a key vault.
+### [Set-AzureKeyVaultCertificatePolicy](Set-AzureKeyVaultCertificatePolicy.md)
+Creates or updates the policy for a certificate in a key vault.
### [Set-AzureRmKeyVaultAccessPolicy](Set-AzureRmKeyVaultAccessPolicy.md)
Grants or modifies existing permissions for a user, application, or security group to perform operations with a key vault.
@@ -137,6 +137,9 @@ Grants or modifies existing permissions for a user, application, or security gro
### [Stop-AzureKeyVaultCertificateOperation](Stop-AzureKeyVaultCertificateOperation.md)
Cancels a certificate operation in key vault.
+### [Undo-AzureKeyVaultCertificateRemoval](Undo-AzureKeyVaultCertificateRemoval.md)
+Recovers a deleted certificate in a key vault into an active state.
+
### [Undo-AzureKeyVaultKeyRemoval](Undo-AzureKeyVaultKeyRemoval.md)
Recovers a deleted key in a key vault into an active state.
@@ -146,8 +149,9 @@ Recovers a deleted secret in a key vault into an active state.
### [Undo-AzureRmKeyVaultRemoval](Undo-AzureRmKeyVaultRemoval.md)
Recovers a deleted key vault into an active state.
-### [Update-AzureKeyVaultManagedStorageAccount](Update-AzureKeyVaultManagedStorageAccount.md)
-Update editable attributes of a Key Vault managed Azure Storage Account.
+### [Undo-AzureRmKeyVaultRemoval](Undo-AzureRmKeyVaultRemoval.md)
+Recovers a deleted key vault into an active state.
### [Update-AzureKeyVaultManagedStorageAccountKey](Update-AzureKeyVaultManagedStorageAccountKey.md)
-Regenerates the storage account key associated with a storage account managed by Key Vault.
+Regenerates the specified key of Key Vault managed Azure Storage Account.
+
diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Backup-AzureKeyVaultKey.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Backup-AzureKeyVaultKey.md
index af2cb546341f..78435de8f662 100644
--- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Backup-AzureKeyVaultKey.md
+++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Backup-AzureKeyVaultKey.md
@@ -63,21 +63,6 @@ This command creates a backup of the key named $key.Name in the vault named $key
## PARAMETERS
-### -Confirm
-Prompts you for confirmation before running the cmdlet.
-
-```yaml
-Type: SwitchParameter
-Parameter Sets: (All)
-Aliases: cf
-
-Required: False
-Position: Named
-Default value: None
-Accept pipeline input: False
-Accept wildcard characters: False
-```
-
### -Force
Overwrite the given file if it exists
@@ -117,7 +102,7 @@ Parameter Sets: ByKeyName
Aliases: KeyName
Required: True
-Position: 1
+Position: 2
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
@@ -134,7 +119,7 @@ Parameter Sets: (All)
Aliases:
Required: False
-Position: 2
+Position: 3
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
@@ -149,12 +134,27 @@ Parameter Sets: ByKeyName
Aliases:
Required: True
-Position: 0
+Position: 1
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
```
+### -Confirm
+Prompts you for confirmation before running the cmdlet.
+
+```yaml
+Type: SwitchParameter
+Parameter Sets: (All)
+Aliases: cf
+
+Required: False
+Position: Named
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
### -WhatIf
Shows what would happen if the cmdlet runs.
The cmdlet is not run.
diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Backup-AzureKeyVaultSecret.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Backup-AzureKeyVaultSecret.md
index 4905a33a277f..fc89ae120cd7 100644
--- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Backup-AzureKeyVaultSecret.md
+++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Backup-AzureKeyVaultSecret.md
@@ -61,21 +61,6 @@ This command uses the $secret object's vault name and name to retrieves the secr
## PARAMETERS
-### -Confirm
-Prompts you for confirmation before running the cmdlet.
-
-```yaml
-Type: SwitchParameter
-Parameter Sets: (All)
-Aliases: cf
-
-Required: False
-Position: Named
-Default value: False
-Accept pipeline input: False
-Accept wildcard characters: False
-```
-
### -Force
Prompts you for confirmation before overwriting the output file, if that exists.
@@ -153,6 +138,21 @@ Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
```
+### -Confirm
+Prompts you for confirmation before running the cmdlet.
+
+```yaml
+Type: SwitchParameter
+Parameter Sets: (All)
+Aliases: cf
+
+Required: False
+Position: Named
+Default value: False
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
### -WhatIf
Shows what would happen if the cmdlet runs.
The cmdlet is not run.
diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureKeyVaultCertificate.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureKeyVaultCertificate.md
index 99a9246b45ee..6200a3920132 100644
--- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureKeyVaultCertificate.md
+++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureKeyVaultCertificate.md
@@ -17,6 +17,11 @@ Gets a certificate from a key vault.
Get-AzureKeyVaultCertificate [-VaultName] []
```
+### ByDeletedCertificates
+```
+Get-AzureKeyVaultCertificate [-VaultName] [-Name] [-InRemovedState] []
+```
+
### ByCertificateName
```
Get-AzureKeyVaultCertificate [-VaultName] [-Name] [[-Version] ] []
@@ -27,6 +32,11 @@ Get-AzureKeyVaultCertificate [-VaultName] [-Name] [[-Version]
Get-AzureKeyVaultCertificate [-VaultName] [-Name] [-IncludeVersions] []
```
+### ByDeletedCertificates
+```
+Get-AzureKeyVaultCertificate [-VaultName] [[-Name] ] [-InRemovedState] []
+```
+
## DESCRIPTION
The **Get-AzureKeyVaultCertificate** cmdlet gets the specified certificate or the versions of a certificate from a key vault in Azure Key Vault.
@@ -63,6 +73,21 @@ Updated : 2/8/2016 11:21:45 PM
This command gets the certificate named TestCert01 from the key vault named ContosoKV01.
+### Example 2: Get all the certificates that have been deleted but not purged for this key vault.
+```
+PS C:\>Get-AzureKeyVaultCertificate -VaultName 'Contoso' -InRemovedState
+```
+
+This command gets all the certificates that have been previously deleted, but not purged, in the key vault named Contoso.
+
+### Example 3: Gets the certificate MyCert that has been deleted but not purged for this key vault.
+```
+PS C:\>Get-AzureKeyVaultCertificate -VaultName 'Contoso' -Name 'MyCert' -InRemovedState
+```
+
+This command gets the certificate named 'MyCert' that has been previously deleted, but not purged, in the key vault named Contoso.
+This command will return metadata such as the deletion date, and the scheduled purging date of this deleted certificate.
+
## PARAMETERS
### -IncludeVersions
@@ -80,16 +105,41 @@ Accept pipeline input: False
Accept wildcard characters: False
```
+### -InRemovedState
+Specifies whether to include previously deleted certificates in the output.```yaml
+Type: SwitchParameter
+Parameter Sets: ByDeletedCertificates
+Aliases:
+
+Required: True
+Position: Named
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
### -Name
Specifies the name of the certificate to get.
```yaml
Type: String
-Parameter Sets: ByCertificateName, ByCertificateVersions
+Parameter Sets: ByDeletedCertificates, ByCertificateName, ByCertificateVersions
Aliases: CertificateName
Required: True
-Position: 1
+Position: 2
+Default value: None
+Accept pipeline input: True (ByPropertyName)
+Accept wildcard characters: False
+```
+
+```yaml
+Type: String
+Parameter Sets: ByDeletedCertificates
+Aliases: CertificateName
+
+Required: False
+Position: 2
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
@@ -104,7 +154,7 @@ Parameter Sets: (All)
Aliases:
Required: True
-Position: 0
+Position: 1
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
@@ -119,7 +169,7 @@ Parameter Sets: ByCertificateName
Aliases: CertificateVersion
Required: False
-Position: 2
+Position: 3
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
@@ -144,3 +194,6 @@ This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable
[Import-AzureKeyVaultCertificate](./Import-AzureKeyVaultCertificate.md)
+[Remove-AzureKeyVaultCertificate](./Remove-AzureKeyVaultCertificate.md)
+
+[Undo-AzureKeyVaultSecretCertificate](./Undo-AzureKeyVaultSecretCertificate.md)
diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureKeyVaultCertificateContact.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureKeyVaultCertificateContact.md
index 1f66b7af876c..9de772505807 100644
--- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureKeyVaultCertificateContact.md
+++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureKeyVaultCertificateContact.md
@@ -39,7 +39,7 @@ Parameter Sets: (All)
Aliases:
Required: True
-Position: 0
+Position: 1
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureKeyVaultCertificateIssuer.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureKeyVaultCertificateIssuer.md
index 23840a550166..e6c3ec453315 100644
--- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureKeyVaultCertificateIssuer.md
+++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureKeyVaultCertificateIssuer.md
@@ -50,7 +50,7 @@ Parameter Sets: ByName
Aliases: IssuerName
Required: True
-Position: 1
+Position: 2
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
@@ -65,7 +65,7 @@ Parameter Sets: (All)
Aliases:
Required: True
-Position: 0
+Position: 1
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureKeyVaultCertificateOperation.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureKeyVaultCertificateOperation.md
index fe378b0bc719..f03359083842 100644
--- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureKeyVaultCertificateOperation.md
+++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureKeyVaultCertificateOperation.md
@@ -49,7 +49,7 @@ Parameter Sets: (All)
Aliases: CertificateName
Required: True
-Position: 1
+Position: 2
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
@@ -64,7 +64,7 @@ Parameter Sets: (All)
Aliases:
Required: True
-Position: 0
+Position: 1
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureKeyVaultCertificatePolicy.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureKeyVaultCertificatePolicy.md
index 7ecbb05513ae..3662db8fdaab 100644
--- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureKeyVaultCertificatePolicy.md
+++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureKeyVaultCertificatePolicy.md
@@ -55,7 +55,7 @@ Parameter Sets: (All)
Aliases: CertificateName
Required: True
-Position: 1
+Position: 2
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
@@ -70,7 +70,7 @@ Parameter Sets: (All)
Aliases:
Required: True
-Position: 0
+Position: 1
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureKeyVaultKey.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureKeyVaultKey.md
index ac6c554648e0..bb57f7b628c2 100644
--- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureKeyVaultKey.md
+++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureKeyVaultKey.md
@@ -84,12 +84,16 @@ This command will return metadata such as the deletion date, and the scheduled p
## PARAMETERS
-### -InRemovedState
-Specifies whether to show the previously deleted keys in the output.
+### -IncludeVersions
+Indicates that this cmdlet gets all versions of a key.
+The current version of a key is the first one on the list.
+If you specify this parameter you must also specify the *Name* and *VaultName* parameters.
+
+If you do not specify the *IncludeVersions* parameter, this cmdlet gets the current version of the key with the specified *Name*.
```yaml
Type: SwitchParameter
-Parameter Sets: ByDeletedKey
+Parameter Sets: ByKeyVersions
Aliases:
Required: True
@@ -99,16 +103,10 @@ Accept pipeline input: False
Accept wildcard characters: False
```
-### -IncludeVersions
-Indicates that this cmdlet gets all versions of a key.
-The current version of a key is the first one on the list.
-If you specify this parameter you must also specify the *Name* and *VaultName* parameters.
-
-If you do not specify the *IncludeVersions* parameter, this cmdlet gets the current version of the key with the specified *Name*.
-
-```yaml
+### -InRemovedState
+Specifies whether to show the previously deleted keys in the output.```yaml
Type: SwitchParameter
-Parameter Sets: ByKeyVersions
+Parameter Sets: ByDeletedKey
Aliases:
Required: True
@@ -127,7 +125,7 @@ Parameter Sets: ByKeyName, ByKeyVersions
Aliases: KeyName
Required: True
-Position: 1
+Position: 2
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
@@ -139,7 +137,7 @@ Parameter Sets: ByDeletedKey
Aliases: KeyName
Required: False
-Position: 1
+Position: 2
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
@@ -155,7 +153,7 @@ Parameter Sets: (All)
Aliases:
Required: True
-Position: 0
+Position: 1
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
@@ -171,7 +169,7 @@ Parameter Sets: ByKeyName
Aliases: KeyVersion
Required: False
-Position: 2
+Position: 3
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureKeyVaultSecret.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureKeyVaultSecret.md
index 5b11a3edb10d..09f17f56e155 100644
--- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureKeyVaultSecret.md
+++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureKeyVaultSecret.md
@@ -74,7 +74,7 @@ PS C:\> Write-Host "Secret Value is: " $secret.SecretValueText
These commands get the current version of a secret named ITSecret, and then displays the plain text value of that secret.
-### Example 6: Get all the keys that have been deleted but not purged for this key vault.
+### Example 6: Get all the secrets that have been deleted but not purged for this key vault.
```
PS C:\>Get-AzureKeyVaultSecret -VaultName 'Contoso' -InRemovedState
```
@@ -91,12 +91,16 @@ This command will return metadata such as the deletion date, and the scheduled p
## PARAMETERS
-### -InRemovedState
-Specifies whether to show the previously deleted secrets in the output.
+### -IncludeVersions
+Indicates that this cmdlet gets all versions of a secret.
+The current version of a secret is the first one on the list.
+If you specify this parameter you must also specify the *Name* and *VaultName* parameters.
+
+If you do not specify the *IncludeVersions* parameter, this cmdlet gets the current version of the secret with the specified *Name*.
```yaml
Type: SwitchParameter
-Parameter Sets: ByDeletedSecrets
+Parameter Sets: BySecretVersions
Aliases:
Required: True
@@ -106,16 +110,10 @@ Accept pipeline input: False
Accept wildcard characters: False
```
-### -IncludeVersions
-Indicates that this cmdlet gets all versions of a secret.
-The current version of a secret is the first one on the list.
-If you specify this parameter you must also specify the *Name* and *VaultName* parameters.
-
-If you do not specify the *IncludeVersions* parameter, this cmdlet gets the current version of the secret with the specified *Name*.
-
-```yaml
+### -InRemovedState
+Specifies whether to show the previously deleted secrets in the output.```yaml
Type: SwitchParameter
-Parameter Sets: BySecretVersions
+Parameter Sets: ByDeletedSecrets
Aliases:
Required: True
@@ -134,7 +132,7 @@ Parameter Sets: BySecretName, BySecretVersions
Aliases: SecretName
Required: True
-Position: 1
+Position: 2
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
@@ -146,7 +144,7 @@ Parameter Sets: ByDeletedSecrets
Aliases: SecretName
Required: False
-Position: 1
+Position: 2
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
@@ -162,7 +160,7 @@ Parameter Sets: (All)
Aliases:
Required: True
-Position: 0
+Position: 1
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
@@ -178,7 +176,7 @@ Parameter Sets: BySecretName
Aliases: SecretVersion
Required: False
-Position: 2
+Position: 3
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureRmKeyVault.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureRmKeyVault.md
index 85c334095bd4..8ebd07afffa9 100644
--- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureRmKeyVault.md
+++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureRmKeyVault.md
@@ -93,7 +93,7 @@ Specifies whether to show the previously deleted vaults in the output.
```yaml
Type: SwitchParameter
Parameter Sets: ByDeletedVault, ListAllDeletedVaultsInSubscription
-Aliases:
+Aliases:
Required: True
Position: Named
@@ -108,7 +108,7 @@ The location of the deleted vault.
```yaml
Type: String
Parameter Sets: ByDeletedVault
-Aliases:
+Aliases:
Required: True
Position: 2
@@ -123,10 +123,10 @@ Specifies the name of the resource group associated with the key vault or key va
```yaml
Type: String
Parameter Sets: GetVaultByName
-Aliases:
+Aliases:
Required: False
-Position: 1
+Position: 2
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
@@ -135,10 +135,10 @@ Accept wildcard characters: False
```yaml
Type: String
Parameter Sets: ListVaultsByResourceGroup
-Aliases:
+Aliases:
Required: True
-Position: 1
+Position: 2
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
@@ -152,7 +152,7 @@ Key-value pairs in the form of a hash table. For example:
```yaml
Type: Hashtable
Parameter Sets: ListAllVaultsInSubscription
-Aliases:
+Aliases:
Required: False
Position: Named
@@ -170,7 +170,7 @@ Parameter Sets: GetVaultByName, ByDeletedVault
Aliases: Name
Required: True
-Position: 0
+Position: 1
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Import-AzureKeyVaultCertificate.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Import-AzureKeyVaultCertificate.md
index 173476a91963..b163020a1033 100644
--- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Import-AzureKeyVaultCertificate.md
+++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Import-AzureKeyVaultCertificate.md
@@ -154,7 +154,7 @@ Parameter Sets: (All)
Aliases: CertificateName
Required: True
-Position: 1
+Position: 2
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
@@ -202,7 +202,7 @@ Parameter Sets: (All)
Aliases:
Required: True
-Position: 0
+Position: 1
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/New-AzureKeyVaultCertificateAdministratorDetails.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/New-AzureKeyVaultCertificateAdministratorDetails.md
index 6d790f9a5df4..58096dc14092 100644
--- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/New-AzureKeyVaultCertificateAdministratorDetails.md
+++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/New-AzureKeyVaultCertificateAdministratorDetails.md
@@ -31,21 +31,6 @@ This command creates an in-memory certificate administrator details object, and
## PARAMETERS
-### -Confirm
-Prompts you for confirmation before running the cmdlet.
-
-```yaml
-Type: SwitchParameter
-Parameter Sets: (All)
-Aliases: cf
-
-Required: False
-Position: Named
-Default value: None
-Accept pipeline input: False
-Accept wildcard characters: False
-```
-
### -EmailAddress
Specifies the email address for the certificate administrator.
@@ -106,6 +91,21 @@ Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
```
+### -Confirm
+Prompts you for confirmation before running the cmdlet.
+
+```yaml
+Type: SwitchParameter
+Parameter Sets: (All)
+Aliases: cf
+
+Required: False
+Position: Named
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
### -WhatIf
Shows what would happen if the cmdlet runs.
The cmdlet is not run.
diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/New-AzureKeyVaultCertificateOrganizationDetails.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/New-AzureKeyVaultCertificateOrganizationDetails.md
index 2b27900a349c..646616e472bd 100644
--- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/New-AzureKeyVaultCertificateOrganizationDetails.md
+++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/New-AzureKeyVaultCertificateOrganizationDetails.md
@@ -50,33 +50,33 @@ Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
```
-### -Confirm
-Prompts you for confirmation before running the cmdlet.
+### -Id
+Specifies the identifier for the organization.
```yaml
-Type: SwitchParameter
+Type: String
Parameter Sets: (All)
-Aliases: cf
+Aliases:
Required: False
Position: Named
Default value: None
-Accept pipeline input: False
+Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
```
-### -Id
-Specifies the identifier for the organization.
+### -Confirm
+Prompts you for confirmation before running the cmdlet.
```yaml
-Type: String
+Type: SwitchParameter
Parameter Sets: (All)
-Aliases:
+Aliases: cf
Required: False
Position: Named
Default value: None
-Accept pipeline input: True (ByPropertyName)
+Accept pipeline input: False
Accept wildcard characters: False
```
diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/New-AzureKeyVaultCertificatePolicy.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/New-AzureKeyVaultCertificatePolicy.md
index da0978019571..920aa7394646 100644
--- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/New-AzureKeyVaultCertificatePolicy.md
+++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/New-AzureKeyVaultCertificatePolicy.md
@@ -51,21 +51,6 @@ Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
```
-### -Confirm
-Prompts you for confirmation before running the cmdlet.
-
-```yaml
-Type: SwitchParameter
-Parameter Sets: (All)
-Aliases: cf
-
-Required: False
-Position: Named
-Default value: None
-Accept pipeline input: False
-Accept wildcard characters: False
-```
-
### -Disabled
Indicates that the certificate policy is disabled.
@@ -301,6 +286,21 @@ Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
```
+### -Confirm
+Prompts you for confirmation before running the cmdlet.
+
+```yaml
+Type: SwitchParameter
+Parameter Sets: (All)
+Aliases: cf
+
+Required: False
+Position: Named
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
### -WhatIf
Shows what would happen if the cmdlet runs.
The cmdlet is not run.
diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/New-AzureRmKeyVault.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/New-AzureRmKeyVault.md
index 640076b50858..3c60b60003dd 100644
--- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/New-AzureRmKeyVault.md
+++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/New-AzureRmKeyVault.md
@@ -49,28 +49,14 @@ Premium for the *SKU* parameter to create a Premium key vault.
## PARAMETERS
-### -Confirm
-Prompts you for confirmation before running the cmdlet.
-
-```yaml
-Type: SwitchParameter
-Parameter Sets: (All)
-Aliases: cf
-
-Required: False
-Position: Named
-Default value: None
-Accept pipeline input: False
-Accept wildcard characters: False
-```
-
-### -EnableSoftDelete
-If specified, 'soft delete' functionality is enabled for this key vault.
+### -EnabledForDeployment
+Enables the Microsoft.Compute resource provider to retrieve secrets from this key vault when this
+key vault is referenced in resource creation, for example when creating a virtual machine.
```yaml
Type: SwitchParameter
Parameter Sets: (All)
-Aliases:
+Aliases:
Required: False
Position: Named
@@ -79,14 +65,13 @@ Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
```
-### -EnabledForDeployment
-Enables the Microsoft.Compute resource provider to retrieve secrets from this key vault when this
-key vault is referenced in resource creation, for example when creating a virtual machine.
+### -EnabledForDiskEncryption
+Enables the Azure disk encryption service to get secrets and unwrap keys from this key vault.
```yaml
Type: SwitchParameter
Parameter Sets: (All)
-Aliases:
+Aliases:
Required: False
Position: Named
@@ -95,13 +80,13 @@ Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
```
-### -EnabledForDiskEncryption
-Enables the Azure disk encryption service to get secrets and unwrap keys from this key vault.
+### -EnabledForTemplateDeployment
+Enables Azure Resource Manager to get secrets from this key vault when this key vault is referenced in a template deployment.
```yaml
Type: SwitchParameter
Parameter Sets: (All)
-Aliases:
+Aliases:
Required: False
Position: Named
@@ -110,13 +95,13 @@ Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
```
-### -EnabledForTemplateDeployment
-Enables Azure Resource Manager to get secrets from this key vault when this key vault is referenced in a template deployment.
+### -EnableSoftDelete
+If specified, 'soft delete' functionality is enabled for this key vault.
```yaml
Type: SwitchParameter
Parameter Sets: (All)
-Aliases:
+Aliases:
Required: False
Position: Named
@@ -133,10 +118,10 @@ information, type `Get-Help Get-AzureLocation`.
```yaml
Type: String
Parameter Sets: (All)
-Aliases:
+Aliases:
Required: True
-Position: 2
+Position: 3
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
@@ -148,10 +133,10 @@ Specifies the name of an existing resource group in which to create the key vaul
```yaml
Type: String
Parameter Sets: (All)
-Aliases:
+Aliases:
Required: True
-Position: 1
+Position: 2
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
@@ -164,7 +149,7 @@ each SKU, see the Azure Key Vault Pricing website (http://go.microsoft.com/fwlin
```yaml
Type: SkuName
Parameter Sets: (All)
-Aliases:
+Aliases:
Accepted values: Standard, Premium
Required: False
@@ -199,15 +184,30 @@ unique.
```yaml
Type: String
Parameter Sets: (All)
-Aliases:
+Aliases:
Required: True
-Position: 0
+Position: 1
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
```
+### -Confirm
+Prompts you for confirmation before running the cmdlet.
+
+```yaml
+Type: SwitchParameter
+Parameter Sets: (All)
+Aliases: cf
+
+Required: False
+Position: Named
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
### -WhatIf
Shows what would happen if the cmdlet runs.
The cmdlet is not run.
diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultCertificate.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultCertificate.md
index d697cc0e80ac..efcc60569a41 100644
--- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultCertificate.md
+++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultCertificate.md
@@ -13,8 +13,8 @@ Removes a certificate from a key vault.
## SYNTAX
```
-Remove-AzureKeyVaultCertificate [-VaultName] [-Name] [-Force] [-PassThru] [-WhatIf]
- [-Confirm] []
+Remove-AzureKeyVaultCertificate [-VaultName] [-Name] [-Force] [-InRemovedState] [-PassThru]
+ [-WhatIf] [-Confirm] []
```
## DESCRIPTION
@@ -38,27 +38,33 @@ This command removes the certificate named SelfSigned01 from the key vault named
This command specifies the *Force* parameter.
Therefore, the cmdlet does not prompt you for confirmation.
+### Example 3: Purge the deleted certificate from the key vault permanently
+```
+PS C:\>Remove-AzureKeyVaultCertificate -VaultName 'Contoso' -Name 'MyCert' -InRemovedState
+```
+
+This command permanently removes the certificate named 'MyCert' from the key vault named 'Contoso'.
+Executing this cmdlet requires the 'purge' permission, which must have been previously and explicitly granted to the user on this key vault.
+
## PARAMETERS
-### -Confirm
-Prompts you for confirmation before running the cmdlet.
+### -Force
+Forces the command to run without asking for user confirmation.
```yaml
Type: SwitchParameter
Parameter Sets: (All)
-Aliases: cf
+Aliases:
Required: False
Position: Named
-Default value: False
+Default value: None
Accept pipeline input: False
Accept wildcard characters: False
```
-### -Force
-Forces the command to run without asking for user confirmation.
-
-```yaml
+### -InRemovedState
+If present, removes the previously deleted certificate permanently.```yaml
Type: SwitchParameter
Parameter Sets: (All)
Aliases:
@@ -80,7 +86,7 @@ Parameter Sets: (All)
Aliases:
Required: True
-Position: 1
+Position: 2
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
@@ -112,12 +118,27 @@ Parameter Sets: (All)
Aliases:
Required: True
-Position: 0
+Position: 1
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
```
+### -Confirm
+Prompts you for confirmation before running the cmdlet.
+
+```yaml
+Type: SwitchParameter
+Parameter Sets: (All)
+Aliases: cf
+
+Required: False
+Position: Named
+Default value: False
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
### -WhatIf
Shows what would happen if the cmdlet runs.
The cmdlet is not run.Shows what would happen if the cmdlet runs.
@@ -154,3 +175,4 @@ This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable
[Import-AzureKeyVaultCertificate](./Import-AzureKeyVaultCertificate.md)
+[Undo-AzureKeyVaultCertificateRemoval](./Undo-AzureKeyVaultCertificateRemoval.md)
\ No newline at end of file
diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultCertificateContact.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultCertificateContact.md
index 59ac7d99ba77..c998d1651e92 100644
--- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultCertificateContact.md
+++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultCertificateContact.md
@@ -31,21 +31,6 @@ This command removes Patti Fuller as a certificate contact for the Contoso01 key
## PARAMETERS
-### -Confirm
-Prompts you for confirmation before running the cmdlet.
-
-```yaml
-Type: SwitchParameter
-Parameter Sets: (All)
-Aliases: cf
-
-Required: False
-Position: Named
-Default value: None
-Accept pipeline input: False
-Accept wildcard characters: False
-```
-
### -EmailAddress
Specifies the email address of the contact to remove.
@@ -55,7 +40,7 @@ Parameter Sets: (All)
Aliases:
Required: True
-Position: 1
+Position: 2
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
@@ -86,12 +71,27 @@ Parameter Sets: (All)
Aliases:
Required: True
-Position: 0
+Position: 1
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
```
+### -Confirm
+Prompts you for confirmation before running the cmdlet.
+
+```yaml
+Type: SwitchParameter
+Parameter Sets: (All)
+Aliases: cf
+
+Required: False
+Position: Named
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
### -WhatIf
Shows what would happen if the cmdlet runs.
The cmdlet is not run.
diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultCertificateIssuer.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultCertificateIssuer.md
index 966920dfcdac..9781d8ae91f0 100644
--- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultCertificateIssuer.md
+++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultCertificateIssuer.md
@@ -31,21 +31,6 @@ This command removes the certificate issuer named TestIssuer01 from the ContosoK
## PARAMETERS
-### -Confirm
-Prompts you for confirmation before running the cmdlet.
-
-```yaml
-Type: SwitchParameter
-Parameter Sets: (All)
-Aliases: cf
-
-Required: False
-Position: Named
-Default value: False
-Accept pipeline input: False
-Accept wildcard characters: False
-```
-
### -Force
Forces the command to run without asking for user confirmation.
@@ -70,7 +55,7 @@ Parameter Sets: (All)
Aliases: IssuerName
Required: True
-Position: 1
+Position: 2
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
@@ -101,12 +86,27 @@ Parameter Sets: (All)
Aliases:
Required: True
-Position: 0
+Position: 1
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
```
+### -Confirm
+Prompts you for confirmation before running the cmdlet.
+
+```yaml
+Type: SwitchParameter
+Parameter Sets: (All)
+Aliases: cf
+
+Required: False
+Position: Named
+Default value: False
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
### -WhatIf
Shows what would happen if the cmdlet runs.
The cmdlet is not run.Shows what would happen if the cmdlet runs.
diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultCertificateOperation.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultCertificateOperation.md
index 7c4174e18217..ab9f44a44549 100644
--- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultCertificateOperation.md
+++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultCertificateOperation.md
@@ -31,21 +31,6 @@ This command removes the certificate operation named TestCert01 from the Contoso
## PARAMETERS
-### -Confirm
-Prompts you for confirmation before running the cmdlet.
-
-```yaml
-Type: SwitchParameter
-Parameter Sets: (All)
-Aliases: cf
-
-Required: False
-Position: Named
-Default value: False
-Accept pipeline input: False
-Accept wildcard characters: False
-```
-
### -Force
Forces the command to run without asking for user confirmation.
@@ -70,7 +55,7 @@ Parameter Sets: (All)
Aliases: CertificateName
Required: True
-Position: 1
+Position: 2
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
@@ -101,12 +86,27 @@ Parameter Sets: (All)
Aliases:
Required: True
-Position: 0
+Position: 1
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
```
+### -Confirm
+Prompts you for confirmation before running the cmdlet.
+
+```yaml
+Type: SwitchParameter
+Parameter Sets: (All)
+Aliases: cf
+
+Required: False
+Position: Named
+Default value: False
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
### -WhatIf
Shows what would happen if the cmdlet runs.
The cmdlet is not run.Shows what would happen if the cmdlet runs.
diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultKey.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultKey.md
index 68ec15835434..bfdc09b1c7d4 100644
--- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultKey.md
+++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultKey.md
@@ -45,7 +45,7 @@ PS C:\>Remove-AzureKeyVaultKey -VaultName 'Contoso' -Name 'ITSoftware' -InRemove
```
This command removes the key named ITSoftware from the key vault named Contoso permanently.
-This flag requires the user to have special 'purge' persmissions on the key vault.
+Executing this cmdlet requires the 'purge' permission, which must have been previously and explicitly granted to the user for this key vault.
### Example 4: Remove keys by using the pipeline operator
```
@@ -58,21 +58,6 @@ That cmdlet removes those keys.
## PARAMETERS
-### -Confirm
-Prompts you for confirmation before running the cmdlet.
-
-```yaml
-Type: SwitchParameter
-Parameter Sets: (All)
-Aliases: cf
-
-Required: False
-Position: Named
-Default value: False
-Accept pipeline input: False
-Accept wildcard characters: False
-```
-
### -Force
Forces the command to run without asking for user confirmation.
@@ -113,7 +98,7 @@ Parameter Sets: (All)
Aliases: KeyName
Required: True
-Position: 1
+Position: 2
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
@@ -145,12 +130,27 @@ Parameter Sets: (All)
Aliases:
Required: True
-Position: 0
+Position: 1
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
```
+### -Confirm
+Prompts you for confirmation before running the cmdlet.
+
+```yaml
+Type: SwitchParameter
+Parameter Sets: (All)
+Aliases: cf
+
+Required: False
+Position: Named
+Default value: False
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
### -WhatIf
Shows what would happen if the cmdlet runs.
The cmdlet is not run.Shows what would happen if the cmdlet runs.
diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultManagedStorageAccount.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultManagedStorageAccount.md
index 0af48802ace2..b6a9cbae2094 100644
--- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultManagedStorageAccount.md
+++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultManagedStorageAccount.md
@@ -52,21 +52,6 @@ Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
```
-### -Confirm
-Prompts you for confirmation before running the cmdlet.
-
-```yaml
-Type: SwitchParameter
-Parameter Sets: (All)
-Aliases: cf
-
-Required: False
-Position: Named
-Default value: None
-Accept pipeline input: False
-Accept wildcard characters: False
-```
-
### -Force
Do not ask for confirmation.
@@ -114,6 +99,21 @@ Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
```
+### -Confirm
+Prompts you for confirmation before running the cmdlet.
+
+```yaml
+Type: SwitchParameter
+Parameter Sets: (All)
+Aliases: cf
+
+Required: False
+Position: Named
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
### -WhatIf
Shows what would happen if the cmdlet runs.
The cmdlet is not run.
diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultManagedStorageSasDefinition.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultManagedStorageSasDefinition.md
index 2455b6927c33..5927db1d7005 100644
--- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultManagedStorageSasDefinition.md
+++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultManagedStorageSasDefinition.md
@@ -53,21 +53,6 @@ Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
```
-### -Confirm
-Prompts you for confirmation before running the cmdlet.
-
-```yaml
-Type: SwitchParameter
-Parameter Sets: (All)
-Aliases: cf
-
-Required: False
-Position: Named
-Default value: None
-Accept pipeline input: False
-Accept wildcard characters: False
-```
-
### -Force
Do not ask for confirmation.
@@ -131,6 +116,21 @@ Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
```
+### -Confirm
+Prompts you for confirmation before running the cmdlet.
+
+```yaml
+Type: SwitchParameter
+Parameter Sets: (All)
+Aliases: cf
+
+Required: False
+Position: Named
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
### -WhatIf
Shows what would happen if the cmdlet runs.
The cmdlet is not run.
diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultSecret.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultSecret.md
index 3df782d9322e..a2039f6dd6b3 100644
--- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultSecret.md
+++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultSecret.md
@@ -43,26 +43,11 @@ The command specifies the *Force* and *Confirm* parameters, and, therefore, the
PS C:\>Remove-AzureKeyVaultSecret -VaultName 'Contoso' -Name 'FinanceSecret' -InRemovedState
```
-This command removes the secret named FinanceSecret from the key vault named Contoso permanently.
-This flag requires the user to have special 'purge' persmissions on the key vault.
+This command premoves the secret named FinanceSecret from the key vault named Contoso permanently.
+Executing this cmdlet requires the 'purge' permission, which must have been previously and explicitly granted to the user for this key vault.
## PARAMETERS
-### -Confirm
-Prompts you for confirmation before running the cmdlet.
-
-```yaml
-Type: SwitchParameter
-Parameter Sets: (All)
-Aliases: cf
-
-Required: False
-Position: Named
-Default value: False
-Accept pipeline input: False
-Accept wildcard characters: False
-```
-
### -Force
Forces the command to run without asking for user confirmation.
@@ -103,7 +88,7 @@ Parameter Sets: (All)
Aliases: SecretName
Required: True
-Position: 1
+Position: 2
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
@@ -135,12 +120,27 @@ Parameter Sets: (All)
Aliases:
Required: True
-Position: 0
+Position: 1
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
```
+### -Confirm
+Prompts you for confirmation before running the cmdlet.
+
+```yaml
+Type: SwitchParameter
+Parameter Sets: (All)
+Aliases: cf
+
+Required: False
+Position: Named
+Default value: False
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
### -WhatIf
Shows what would happen if the cmdlet runs.
The cmdlet is not run.Shows what would happen if the cmdlet runs.
diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureRmKeyVault.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureRmKeyVault.md
index d8c1112d38d8..724c50e3835a 100644
--- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureRmKeyVault.md
+++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureRmKeyVault.md
@@ -49,21 +49,6 @@ If you do not specify the resource group name, the cmdlet searches for the named
## PARAMETERS
-### -Confirm
-Prompts you for confirmation before running the cmdlet.
-
-```yaml
-Type: SwitchParameter
-Parameter Sets: (All)
-Aliases: cf
-
-Required: False
-Position: Named
-Default value: False
-Accept pipeline input: False
-Accept wildcard characters: False
-```
-
### -Force
Indicates that the cmdlet does not prompt you for confirmation.
By default, this cmdlet prompts you to confirm that you want to delete the key vault.
@@ -131,7 +116,7 @@ Parameter Sets: ByAvailableVault
Aliases:
Required: False
-Position: 1
+Position: 2
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
@@ -146,12 +131,27 @@ Parameter Sets: (All)
Aliases:
Required: True
-Position: 0
+Position: 1
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
```
+### -Confirm
+Prompts you for confirmation before running the cmdlet.
+
+```yaml
+Type: SwitchParameter
+Parameter Sets: (All)
+Aliases: cf
+
+Required: False
+Position: Named
+Default value: False
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
### -WhatIf
Shows what would happen if the cmdlet runs.
The cmdlet is not run.Shows what would happen if the cmdlet runs.
diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureRmKeyVaultAccessPolicy.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureRmKeyVaultAccessPolicy.md
index 807c967db335..b2bcee43beb5 100644
--- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureRmKeyVaultAccessPolicy.md
+++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureRmKeyVaultAccessPolicy.md
@@ -24,18 +24,18 @@ Remove-AzureRmKeyVaultAccessPolicy [-VaultName] [[-ResourceGroupName] <
-UserPrincipalName [-PassThru] [-WhatIf] [-Confirm] []
```
-### ByUserEmailAddress
-```
-Remove-AzureRmKeyVaultAccessPolicy [-VaultName] [[-ResourceGroupName] ]
- -EmailAddress [-PassThru] [-WhatIf] [-Confirm] []
-```
-
### ByObjectId
```
Remove-AzureRmKeyVaultAccessPolicy [-VaultName] [[-ResourceGroupName] ] -ObjectId
[-ApplicationId ] [-PassThru] [-WhatIf] [-Confirm] []
```
+### ByEmail
+```
+Remove-AzureRmKeyVaultAccessPolicy [-VaultName] [[-ResourceGroupName] ] -EmailAddress
+ [-PassThru] [-WhatIf] [-Confirm] []
+```
+
### ForVault
```
Remove-AzureRmKeyVaultAccessPolicy [-VaultName] [[-ResourceGroupName] ]
@@ -98,18 +98,18 @@ Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
```
-### -Confirm
-Prompts you for confirmation before running the cmdlet.
+### -EmailAddress
+Specifies the user email address of the user whose access you want to remove.
```yaml
-Type: SwitchParameter
-Parameter Sets: (All)
-Aliases: cf
+Type: String
+Parameter Sets: ByEmail
+Aliases:
-Required: False
+Required: True
Position: Named
Default value: None
-Accept pipeline input: False
+Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
```
@@ -199,7 +199,7 @@ Parameter Sets: (All)
Aliases:
Required: False
-Position: 1
+Position: 2
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
@@ -236,33 +236,34 @@ Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
```
-### -EmailAddress
-Specifies the user email address of the user whose access you want to remove.
+### -VaultName
+Specifies the name of the key vault.
+This cmdlet removes permissions for the key vault that this parameter specifies.
```yaml
Type: String
-Parameter Sets: ByUserEmailAddress
+Parameter Sets: (All)
+Aliases:
Required: True
-Position: Named
+Position: 0
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
```
-### -VaultName
-Specifies the name of the key vault.
-This cmdlet removes permissions for the key vault that this parameter specifies.
+### -Confirm
+Prompts you for confirmation before running the cmdlet.
```yaml
-Type: String
+Type: SwitchParameter
Parameter Sets: (All)
-Aliases:
+Aliases: cf
-Required: True
-Position: 0
+Required: False
+Position: Named
Default value: None
-Accept pipeline input: True (ByPropertyName)
+Accept pipeline input: False
Accept wildcard characters: False
```
diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Restore-AzureKeyVaultKey.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Restore-AzureKeyVaultKey.md
index 7942e75d639a..e00def2ee643 100644
--- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Restore-AzureKeyVaultKey.md
+++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Restore-AzureKeyVaultKey.md
@@ -37,23 +37,23 @@ This command restores a key, including all of its versions, from the backup file
## PARAMETERS
-### -Confirm
-Prompts you for confirmation before running the cmdlet.
+### -InputFile
+Specifies the input file that contains the backup of the key to restore.
```yaml
-Type: SwitchParameter
+Type: String
Parameter Sets: (All)
-Aliases: cf
+Aliases:
-Required: False
-Position: Named
+Required: True
+Position: 2
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
```
-### -InputFile
-Specifies the input file that contains the backup of the key to restore.
+### -VaultName
+Specifies the name of the key vault into which to restore the key.
```yaml
Type: String
@@ -63,22 +63,22 @@ Aliases:
Required: True
Position: 1
Default value: None
-Accept pipeline input: False
+Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
```
-### -VaultName
-Specifies the name of the key vault into which to restore the key.
+### -Confirm
+Prompts you for confirmation before running the cmdlet.
```yaml
-Type: String
+Type: SwitchParameter
Parameter Sets: (All)
-Aliases:
+Aliases: cf
-Required: True
-Position: 0
+Required: False
+Position: Named
Default value: None
-Accept pipeline input: True (ByPropertyName)
+Accept pipeline input: False
Accept wildcard characters: False
```
diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Restore-AzureKeyVaultSecret.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Restore-AzureKeyVaultSecret.md
index fa140cce8d97..7e7c54f08544 100644
--- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Restore-AzureKeyVaultSecret.md
+++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Restore-AzureKeyVaultSecret.md
@@ -38,21 +38,6 @@ This command restores a secret, including all of its versions, from the backup f
## PARAMETERS
-### -Confirm
-Prompts you for confirmation before running the cmdlet.
-
-```yaml
-Type: SwitchParameter
-Parameter Sets: (All)
-Aliases: cf
-
-Required: False
-Position: Named
-Default value: False
-Accept pipeline input: False
-Accept wildcard characters: False
-```
-
### -InputFile
Specifies the input file that contains the backup of the secret to restore.
@@ -83,6 +68,21 @@ Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
```
+### -Confirm
+Prompts you for confirmation before running the cmdlet.
+
+```yaml
+Type: SwitchParameter
+Parameter Sets: (All)
+Aliases: cf
+
+Required: False
+Position: Named
+Default value: False
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
### -WhatIf
Shows what would happen if the cmdlet runs.
The cmdlet is not run.
diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Set-AzureKeyVaultCertificateAttribute.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Set-AzureKeyVaultCertificateAttribute.md
index 59251de03b68..500d1a1d2b39 100644
--- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Set-AzureKeyVaultCertificateAttribute.md
+++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Set-AzureKeyVaultCertificateAttribute.md
@@ -64,21 +64,6 @@ The final command displays the TestCert01 certificate by using the Get-AzureKeyV
## PARAMETERS
-### -Confirm
-Prompts you for confirmation before running the cmdlet.
-
-```yaml
-Type: SwitchParameter
-Parameter Sets: (All)
-Aliases: cf
-
-Required: False
-Position: Named
-Default value: None
-Accept pipeline input: False
-Accept wildcard characters: False
-```
-
### -Enable
Indicates whether to enable or disable a certificate.
Specify $True to enable or $False to disable.
@@ -86,7 +71,7 @@ Specify $True to enable or $False to disable.
```yaml
Type: Boolean
Parameter Sets: (All)
-Aliases:
+Aliases:
Required: False
Position: Named
@@ -106,7 +91,7 @@ Parameter Sets: (All)
Aliases: CertificateName
Required: True
-Position: 1
+Position: 2
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
@@ -119,7 +104,7 @@ By default, this cmdlet does not generate any output.
```yaml
Type: SwitchParameter
Parameter Sets: (All)
-Aliases:
+Aliases:
Required: False
Position: Named
@@ -136,7 +121,7 @@ Key-value pairs in the form of a hash table. For example:
```yaml
Type: Hashtable
Parameter Sets: (All)
-Aliases:
+Aliases:
Required: False
Position: Named
@@ -152,10 +137,10 @@ This cmdlet constructs the FQDN of a key vault based on the name and currently s
```yaml
Type: String
Parameter Sets: (All)
-Aliases:
+Aliases:
Required: True
-Position: 0
+Position: 1
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
@@ -171,12 +156,27 @@ Parameter Sets: (All)
Aliases: CertificateVersion
Required: False
-Position: 2
+Position: 3
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
```
+### -Confirm
+Prompts you for confirmation before running the cmdlet.
+
+```yaml
+Type: SwitchParameter
+Parameter Sets: (All)
+Aliases: cf
+
+Required: False
+Position: Named
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
### -WhatIf
Shows what would happen if the cmdlet runs.
The cmdlet is not run.
diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Set-AzureKeyVaultCertificateIssuer.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Set-AzureKeyVaultCertificateIssuer.md
index 200782ac1404..e83aee9670dd 100644
--- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Set-AzureKeyVaultCertificateIssuer.md
+++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Set-AzureKeyVaultCertificateIssuer.md
@@ -69,21 +69,6 @@ Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
```
-### -Confirm
-Prompts you for confirmation before running the cmdlet.
-
-```yaml
-Type: SwitchParameter
-Parameter Sets: (All)
-Aliases: cf
-
-Required: False
-Position: Named
-Default value: None
-Accept pipeline input: False
-Accept wildcard characters: False
-```
-
### -Issuer
Specifies the certificate issuer to update.
@@ -123,7 +108,7 @@ Parameter Sets: (All)
Aliases: IssuerName
Required: True
-Position: 1
+Position: 2
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
@@ -169,12 +154,27 @@ Parameter Sets: (All)
Aliases:
Required: True
-Position: 0
+Position: 1
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
```
+### -Confirm
+Prompts you for confirmation before running the cmdlet.
+
+```yaml
+Type: SwitchParameter
+Parameter Sets: (All)
+Aliases: cf
+
+Required: False
+Position: Named
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
### -WhatIf
Shows what would happen if the cmdlet runs.
The cmdlet is not run.
diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Set-AzureKeyVaultCertificatePolicy.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Set-AzureKeyVaultCertificatePolicy.md
index ece046b3ac3f..70977fa03c82 100644
--- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Set-AzureKeyVaultCertificatePolicy.md
+++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Set-AzureKeyVaultCertificatePolicy.md
@@ -54,7 +54,7 @@ Parameter Sets: ByValue
Aliases:
Required: False
-Position: 2
+Position: 3
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
@@ -75,21 +75,6 @@ Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
```
-### -Confirm
-Prompts you for confirmation before running the cmdlet.
-
-```yaml
-Type: SwitchParameter
-Parameter Sets: (All)
-Aliases: cf
-
-Required: False
-Position: Named
-Default value: None
-Accept pipeline input: False
-Accept wildcard characters: False
-```
-
### -Disabled
Indicates that the certificate policy is disabled.
@@ -239,7 +224,7 @@ Parameter Sets: (All)
Aliases: CertificateName
Required: True
-Position: 1
+Position: 2
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
@@ -365,12 +350,27 @@ Parameter Sets: (All)
Aliases:
Required: True
-Position: 0
+Position: 1
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
```
+### -Confirm
+Prompts you for confirmation before running the cmdlet.
+
+```yaml
+Type: SwitchParameter
+Parameter Sets: (All)
+Aliases: cf
+
+Required: False
+Position: Named
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
### -WhatIf
Shows what would happen if the cmdlet runs.
The cmdlet is not run.
diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Set-AzureKeyVaultKeyAttribute.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Set-AzureKeyVaultKeyAttribute.md
index cd250b957fdc..ca4afffcf3a4 100644
--- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Set-AzureKeyVaultKeyAttribute.md
+++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Set-AzureKeyVaultKeyAttribute.md
@@ -135,7 +135,7 @@ Parameter Sets: (All)
Aliases: KeyName
Required: True
-Position: 1
+Position: 2
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
@@ -201,7 +201,7 @@ Parameter Sets: (All)
Aliases:
Required: True
-Position: 0
+Position: 1
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
@@ -217,7 +217,7 @@ Parameter Sets: (All)
Aliases: KeyVersion
Required: False
-Position: 2
+Position: 3
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Set-AzureKeyVaultSecret.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Set-AzureKeyVaultSecret.md
index cc162f2a485c..3ea9bccd8bee 100644
--- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Set-AzureKeyVaultSecret.md
+++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Set-AzureKeyVaultSecret.md
@@ -134,7 +134,7 @@ Parameter Sets: (All)
Aliases: SecretName
Required: True
-Position: 1
+Position: 2
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
@@ -167,7 +167,7 @@ Parameter Sets: (All)
Aliases:
Required: True
-Position: 2
+Position: 3
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
@@ -200,7 +200,7 @@ Parameter Sets: (All)
Aliases:
Required: True
-Position: 0
+Position: 1
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Set-AzureKeyVaultSecretAttribute.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Set-AzureKeyVaultSecretAttribute.md
index 9ef0581d8783..07679917ce8e 100644
--- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Set-AzureKeyVaultSecretAttribute.md
+++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Set-AzureKeyVaultSecretAttribute.md
@@ -151,7 +151,7 @@ Parameter Sets: (All)
Aliases: SecretName
Required: True
-Position: 1
+Position: 2
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
@@ -216,7 +216,7 @@ Parameter Sets: (All)
Aliases:
Required: True
-Position: 0
+Position: 1
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
@@ -232,7 +232,7 @@ Parameter Sets: (All)
Aliases: SecretVersion
Required: False
-Position: 2
+Position: 3
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Set-AzureRmKeyVaultAccessPolicy.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Set-AzureRmKeyVaultAccessPolicy.md
index b4e68b07a3c8..abe66d6fab03 100644
--- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Set-AzureRmKeyVaultAccessPolicy.md
+++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Set-AzureRmKeyVaultAccessPolicy.md
@@ -28,14 +28,6 @@ Set-AzureRmKeyVaultAccessPolicy [-VaultName] [[-ResourceGroupName] ]
```
-### ByUserEmailAddress
-```
-Set-AzureRmKeyVaultAccessPolicy [-VaultName] [[-ResourceGroupName] ]
- -EmailAddress [-PermissionsToKeys ] [-PermissionsToSecrets ]
- [-PermissionsToCertificates ] [-PermissionsToStorage ] [-PassThru] [-WhatIf] [-Confirm]
- []
-```
-
### ByObjectId
```
Set-AzureRmKeyVaultAccessPolicy [-VaultName] [[-ResourceGroupName] ] -ObjectId
@@ -44,6 +36,13 @@ Set-AzureRmKeyVaultAccessPolicy [-VaultName] [[-ResourceGroupName] ]
```
+### ByEmailAddress
+```
+Set-AzureRmKeyVaultAccessPolicy [-VaultName] [[-ResourceGroupName] ] -EmailAddress
+ [-PermissionsToKeys ] [-PermissionsToSecrets ] [-PermissionsToCertificates ]
+ [-PermissionsToStorage ] [-PassThru] [-WhatIf] [-Confirm] []
+```
+
### ForVault
```
Set-AzureRmKeyVaultAccessPolicy [-VaultName] [[-ResourceGroupName] ] [-EnabledForDeployment]
@@ -185,18 +184,19 @@ Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
```
-### -Confirm
-Prompts you for confirmation before running the cmdlet.
+### -EmailAddress
+Specifies the user email address of the user to whom to grant permissions.
+This email address must exist in the directory associated with the current subscription and be unique.
```yaml
-Type: SwitchParameter
-Parameter Sets: (All)
-Aliases: cf
+Type: String
+Parameter Sets: ByEmailAddress
+Aliases:
-Required: False
+Required: True
Position: Named
Default value: None
-Accept pipeline input: False
+Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
```
@@ -295,7 +295,7 @@ The acceptable values for this parameter are:
```yaml
Type: String[]
-Parameter Sets: ByServicePrincipalName, ByUserPrincipalName, ByObjectId
+Parameter Sets: ByServicePrincipalName, ByUserPrincipalName, ByObjectId, ByEmailAddress
Aliases:
Accepted values: get, list, delete, create, import, update, managecontacts, getissuers, listissuers, setissuers, deleteissuers, manageissuers, all
@@ -329,7 +329,7 @@ The acceptable values for this parameter are:
```yaml
Type: String[]
-Parameter Sets: ByServicePrincipalName, ByUserPrincipalName, ByObjectId
+Parameter Sets: ByServicePrincipalName, ByUserPrincipalName, ByObjectId, ByEmailAddress
Aliases:
Accepted values: decrypt, encrypt, unwrapKey, wrapKey, verify, sign, get, list, update, create, import, delete, backup, restore, recover, purge, all
@@ -355,7 +355,7 @@ The acceptable values for this parameter are:
```yaml
Type: String[]
-Parameter Sets: ByServicePrincipalName, ByUserPrincipalName, ByObjectId
+Parameter Sets: ByServicePrincipalName, ByUserPrincipalName, ByObjectId, ByEmailAddress
Aliases:
Accepted values: get, list, set, delete, backup, restore, recover, purge, all
@@ -371,7 +371,7 @@ Specifies managed storage account and sas definition operation permissions to gr
```yaml
Type: String[]
-Parameter Sets: ByServicePrincipalName, ByUserPrincipalName, ByObjectId
+Parameter Sets: ByServicePrincipalName, ByUserPrincipalName, ByObjectId, ByEmailAddress
Aliases:
Accepted values: get, list, delete, set, update, regeneratekey, getsas, listsas, deletesas, setsas, all
@@ -391,7 +391,7 @@ Parameter Sets: (All)
Aliases:
Required: False
-Position: 1
+Position: 2
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
@@ -430,34 +430,34 @@ Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
```
-### -EmailAddress
-Specifies the user email address of the user to whom to grant permissions.
-This email address must exist in the directory associated with the current subscription and be unique.
+### -VaultName
+Specifies the name of a key vault.
+This cmdlet modifies the access policy for the key vault that this parameter specifies.
```yaml
Type: String
-Parameter Sets: ByUserEmailAddress
+Parameter Sets: (All)
+Aliases:
Required: True
-Position: Named
+Position: 0
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
```
-### -VaultName
-Specifies the name of a key vault.
-This cmdlet modifies the access policy for the key vault that this parameter specifies.
+### -Confirm
+Prompts you for confirmation before running the cmdlet.
```yaml
-Type: String
+Type: SwitchParameter
Parameter Sets: (All)
-Aliases:
+Aliases: cf
-Required: True
-Position: 0
+Required: False
+Position: Named
Default value: None
-Accept pipeline input: True (ByPropertyName)
+Accept pipeline input: False
Accept wildcard characters: False
```
diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Stop-AzureKeyVaultCertificateOperation.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Stop-AzureKeyVaultCertificateOperation.md
index 229bbbd22250..73b30218de42 100644
--- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Stop-AzureKeyVaultCertificateOperation.md
+++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Stop-AzureKeyVaultCertificateOperation.md
@@ -41,21 +41,6 @@ This command cancels the TestCert02 certificate operation.
## PARAMETERS
-### -Confirm
-Prompts you for confirmation before running the cmdlet.
-
-```yaml
-Type: SwitchParameter
-Parameter Sets: (All)
-Aliases: cf
-
-Required: False
-Position: Named
-Default value: False
-Accept pipeline input: False
-Accept wildcard characters: False
-```
-
### -Force
Forces the command to run without asking for user confirmation.
@@ -80,7 +65,7 @@ Parameter Sets: (All)
Aliases: CertificateName
Required: True
-Position: 1
+Position: 2
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
@@ -95,12 +80,27 @@ Parameter Sets: (All)
Aliases:
Required: True
-Position: 0
+Position: 1
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
```
+### -Confirm
+Prompts you for confirmation before running the cmdlet.
+
+```yaml
+Type: SwitchParameter
+Parameter Sets: (All)
+Aliases: cf
+
+Required: False
+Position: Named
+Default value: False
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
### -WhatIf
Shows what would happen if the cmdlet runs.
The cmdlet is not run.Shows what would happen if the cmdlet runs.
diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Undo-AzureKeyVaultCertificateRemoval.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Undo-AzureKeyVaultCertificateRemoval.md
new file mode 100644
index 000000000000..d68de1bc3ad0
--- /dev/null
+++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Undo-AzureKeyVaultCertificateRemoval.md
@@ -0,0 +1,115 @@
+---
+external help file: Microsoft.Azure.Commands.KeyVault.dll-Help.xml
+online version: https://msdn.microsoft.com/en-us/library/dn868052.aspx
+schema: 2.0.0
+---
+
+# Undo-AzureKeyVaultCertificateRemoval
+
+## SYNOPSIS
+Recovers a deleted certificate in a key vault into an active state.
+
+## SYNTAX
+
+```
+Undo-AzureKeyVaultCertificateRemoval [-VaultName] [-Name] [-WhatIf] [-Confirm]
+ []
+```
+
+## DESCRIPTION
+The **Undo-AzureKeyVaultCertificateRemoval** cmdlet will recover a previously deleted certificate.
+The recovered certificate will be active and can be used for all operations.
+Caller needs to have 'recover' permission in order to perform this operation.
+
+## EXAMPLES
+
+### Example 1
+```
+PS C:\> Undo-AzureKeyVaultCertificateRemoval -VaultName 'MyKeyVault' -Name 'MyCertificate'
+```
+
+This command will recover the certificate 'MyCertificate' that was previously deleted, into an active and usable state.
+
+## PARAMETERS
+
+### -Name
+Certificate name.
+Cmdlet constructs the FQDN of a certificate from vault name, currently selected environment and certificate name.
+
+```yaml
+Type: String
+Parameter Sets: (All)
+Aliases: CertificateName
+
+Required: True
+Position: 1
+Default value: None
+Accept pipeline input: True (ByPropertyName)
+Accept wildcard characters: False
+```
+
+### -VaultName
+Vault name.
+Cmdlet constructs the FQDN of a vault based on the name and currently selected environment.
+
+```yaml
+Type: String
+Parameter Sets: (All)
+Aliases:
+
+Required: True
+Position: 0
+Default value: None
+Accept pipeline input: True (ByPropertyName)
+Accept wildcard characters: False
+```
+
+### -Confirm
+Prompts you for confirmation before running the cmdlet.
+
+```yaml
+Type: SwitchParameter
+Parameter Sets: (All)
+Aliases: cf
+
+Required: False
+Position: Named
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
+### -WhatIf
+Shows what would happen if the cmdlet runs.
+The cmdlet is not run.
+
+```yaml
+Type: SwitchParameter
+Parameter Sets: (All)
+Aliases: wi
+
+Required: False
+Position: Named
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
+### CommonParameters
+This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters (http://go.microsoft.com/fwlink/?LinkID=113216).
+
+## INPUTS
+
+### System.String
+
+## OUTPUTS
+
+### Microsoft.Azure.Commands.KeyVault.Models.Certificate
+
+## NOTES
+
+## RELATED LINKS
+
+[Remove-AzureKeyVaultCertificate](./Remove-AzureKeyVaultCertificate.md)
+
+[Get-AzureKeyVaultCertificate](./Get-AzureKeyVaultCertificate.md)
diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Undo-AzureKeyVaultKeyRemoval.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Undo-AzureKeyVaultKeyRemoval.md
index dcf4911ee970..519aa6aa6264 100644
--- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Undo-AzureKeyVaultKeyRemoval.md
+++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Undo-AzureKeyVaultKeyRemoval.md
@@ -31,21 +31,6 @@ This command will recover the key 'MyKey' that was previously deleted, into an a
## PARAMETERS
-### -Confirm
-Prompts you for confirmation before running the cmdlet.
-
-```yaml
-Type: SwitchParameter
-Parameter Sets: (All)
-Aliases: cf
-
-Required: False
-Position: Named
-Default value: None
-Accept pipeline input: False
-Accept wildcard characters: False
-```
-
### -Name
Key name.
Cmdlet constructs the FQDN of a key from vault name, currently selected environment and key name.
@@ -78,6 +63,21 @@ Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
```
+### -Confirm
+Prompts you for confirmation before running the cmdlet.
+
+```yaml
+Type: SwitchParameter
+Parameter Sets: (All)
+Aliases: cf
+
+Required: False
+Position: Named
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
### -WhatIf
Shows what would happen if the cmdlet runs.
The cmdlet is not run.
diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Undo-AzureKeyVaultSecretRemoval.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Undo-AzureKeyVaultSecretRemoval.md
index 75f1a5adfd25..cbeae9a7ea2b 100644
--- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Undo-AzureKeyVaultSecretRemoval.md
+++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Undo-AzureKeyVaultSecretRemoval.md
@@ -32,21 +32,6 @@ This command will recover the secret 'MySecret' that was previously deleted, int
## PARAMETERS
-### -Confirm
-Prompts you for confirmation before running the cmdlet.
-
-```yaml
-Type: SwitchParameter
-Parameter Sets: (All)
-Aliases: cf
-
-Required: False
-Position: Named
-Default value: None
-Accept pipeline input: False
-Accept wildcard characters: False
-```
-
### -Name
Secret name.
Cmdlet constructs the FQDN of a secret from vault name, currently selected environment and secret name.
@@ -79,6 +64,21 @@ Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
```
+### -Confirm
+Prompts you for confirmation before running the cmdlet.
+
+```yaml
+Type: SwitchParameter
+Parameter Sets: (All)
+Aliases: cf
+
+Required: False
+Position: Named
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
### -WhatIf
Shows what would happen if the cmdlet runs.
The cmdlet is not run.
diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Undo-AzureRmKeyVaultRemoval.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Undo-AzureRmKeyVaultRemoval.md
index 555dc023c879..2806fe581726 100644
--- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Undo-AzureRmKeyVaultRemoval.md
+++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Undo-AzureRmKeyVaultRemoval.md
@@ -33,28 +33,13 @@ tags with new tag.
## PARAMETERS
-### -Confirm
-Prompts you for confirmation before running the cmdlet.
-
-```yaml
-Type: SwitchParameter
-Parameter Sets: (All)
-Aliases: cf
-
-Required: False
-Position: Named
-Default value: None
-Accept pipeline input: False
-Accept wildcard characters: False
-```
-
### -Location
Specifies the deleted vault original Azure region.
```yaml
Type: String
Parameter Sets: (All)
-Aliases:
+Aliases:
Required: True
Position: 2
@@ -69,7 +54,7 @@ Specifies the name of an existing resource group in which to create the key vaul
```yaml
Type: String
Parameter Sets: (All)
-Aliases:
+Aliases:
Required: True
Position: 1
@@ -86,7 +71,7 @@ Key-value pairs in the form of a hash table. For example:
```yaml
Type: Hashtable
Parameter Sets: (All)
-Aliases:
+Aliases:
Required: False
Position: Named
@@ -102,7 +87,7 @@ Cmdlet constructs the FQDN of a vault based on the name and currently selected e
```yaml
Type: String
Parameter Sets: (All)
-Aliases:
+Aliases:
Required: True
Position: 0
@@ -111,6 +96,21 @@ Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
```
+### -Confirm
+Prompts you for confirmation before running the cmdlet.
+
+```yaml
+Type: SwitchParameter
+Parameter Sets: (All)
+Aliases: cf
+
+Required: False
+Position: Named
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
### -WhatIf
Shows what would happen if the cmdlet runs. The cmdlet is not run.
diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Update-AzureKeyVaultManagedStorageAccountKey.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Update-AzureKeyVaultManagedStorageAccountKey.md
index ce559f92d78b..6adad3e2634e 100644
--- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Update-AzureKeyVaultManagedStorageAccountKey.md
+++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Update-AzureKeyVaultManagedStorageAccountKey.md
@@ -45,21 +45,6 @@ Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
```
-### -Confirm
-Prompts you for confirmation before running the cmdlet.
-
-```yaml
-Type: SwitchParameter
-Parameter Sets: (All)
-Aliases: cf
-
-Required: False
-Position: Named
-Default value: None
-Accept pipeline input: False
-Accept wildcard characters: False
-```
-
### -Force
Do not ask for confirmation.
@@ -122,6 +107,21 @@ Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
```
+### -Confirm
+Prompts you for confirmation before running the cmdlet.
+
+```yaml
+Type: SwitchParameter
+Parameter Sets: (All)
+Aliases: cf
+
+Required: False
+Position: Named
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
### -WhatIf
Shows what would happen if the cmdlet runs.
The cmdlet is not run.
diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/packages.config b/src/ResourceManager/KeyVault/Commands.KeyVault/packages.config
index 0a130e0dde3d..d10da5b20109 100644
--- a/src/ResourceManager/KeyVault/Commands.KeyVault/packages.config
+++ b/src/ResourceManager/KeyVault/Commands.KeyVault/packages.config
@@ -1,7 +1,7 @@
-
-
+
+
\ No newline at end of file
diff --git a/tools/StaticAnalysis/Exceptions/BreakingChangeIssues.csv b/tools/StaticAnalysis/Exceptions/BreakingChangeIssues.csv
index 300d647e32a6..e1a07ba700ef 100644
--- a/tools/StaticAnalysis/Exceptions/BreakingChangeIssues.csv
+++ b/tools/StaticAnalysis/Exceptions/BreakingChangeIssues.csv
@@ -346,4 +346,5 @@
"D:\workspace\powershell\src\Package\Debug\ResourceManager\AzureResourceManager\AzureRM.Sql\Microsoft.Azure.Commands.Sql.dll","Microsoft.Azure.Commands.Sql.Auditing.Cmdlet.UseAzureSqlServerAuditingPolicy","Use-AzureRmSqlServerAuditingPolicy","0","3010","The property 'AuditType' of type 'Microsoft.Azure.Commands.Sql.Auditing.Model.AuditingPolicyModel' has been removed.","Add the property 'AuditType' back to type 'Microsoft.Azure.Commands.Sql.Auditing.Model.AuditingPolicyModel'."
"C:\azure\az-pwrshll\src\Package\Debug\ResourceManager\AzureResourceManager\AzureRM.Automation\Microsoft.Azure.Commands.ResourceManager.Automation.dll","Microsoft.Azure.Commands.Automation.Cmdlet.ImportAzureAutomationDscNodeConfiguration","Import-AzureRmAutomationDscNodeConfiguration","0","2100","The parameter 'Path' in cmdlet 'Import-AzureRmAutomationDscNodeConfiguration' is no longer in the parameter set '__AllParameterSets'.","Add parameter 'Path' back to the parameter set '__AllParameterSets'."
"C:\azure\az-pwrshll\src\Package\Debug\ResourceManager\AzureResourceManager\AzureRM.Automation\Microsoft.Azure.Commands.ResourceManager.Automation.dll","Microsoft.Azure.Commands.Automation.Cmdlet.ImportAzureAutomationDscNodeConfiguration","Import-AzureRmAutomationDscNodeConfiguration","0","2100","The parameter 'ConfigurationName' in cmdlet 'Import-AzureRmAutomationDscNodeConfiguration' is no longer in the parameter set '__AllParameterSets'.","Add parameter 'ConfigurationName' back to the parameter set '__AllParameterSets'."
-"C:\azure\az-pwrshll\src\Package\Debug\ResourceManager\AzureResourceManager\AzureRM.Automation\Microsoft.Azure.Commands.ResourceManager.Automation.dll","Microsoft.Azure.Commands.Automation.Cmdlet.ImportAzureAutomationDscNodeConfiguration","Import-AzureRmAutomationDscNodeConfiguration","0","2100","The parameter 'Force' in cmdlet 'Import-AzureRmAutomationDscNodeConfiguration' is no longer in the parameter set '__AllParameterSets'.","Add parameter 'Force' back to the parameter set '__AllParameterSets'."
\ No newline at end of file
+"C:\azure\az-pwrshll\src\Package\Debug\ResourceManager\AzureResourceManager\AzureRM.Automation\Microsoft.Azure.Commands.ResourceManager.Automation.dll","Microsoft.Azure.Commands.Automation.Cmdlet.ImportAzureAutomationDscNodeConfiguration","Import-AzureRmAutomationDscNodeConfiguration","0","2100","The parameter 'Force' in cmdlet 'Import-AzureRmAutomationDscNodeConfiguration' is no longer in the parameter set '__AllParameterSets'.","Add parameter 'Force' back to the parameter set '__AllParameterSets'."
+"D:\workspace\powershell\src\Package\Debug\ResourceManager\AzureResourceManager\AzureRM.KeyVault\Microsoft.Azure.Commands.KeyVault.dll","Microsoft.Azure.Commands.KeyVault.RemoveAzureKeyVaultCertificate","Remove-AzureKeyVaultCertificate","0","1020","The cmdlet 'Remove-AzureKeyVaultCertificate' no longer has output type 'Microsoft.Azure.Commands.KeyVault.Models.KeyVaultCertificate'.","Make cmdlet 'Remove-AzureKeyVaultCertificate' return type 'Microsoft.Azure.Commands.KeyVault.Models.KeyVaultCertificate'."
\ No newline at end of file