From de268021aade8dc7329dac8b2df48ed32b9a8e66 Mon Sep 17 00:00:00 2001 From: Dragos Avadanei Date: Tue, 25 Jul 2017 17:19:59 -0700 Subject: [PATCH 01/10] adding support for soft deletion of certificates enabling soft-delete for KeyVault certificates: updating tests, help adding missing config file including Name parameter in ByDeletedCertificate parameter set picking up latest KV .net SDK --- .../KeyVault/AzureRM.KeyVault.psd1 | 34 ++- src/ResourceManager/KeyVault/ChangeLog.md | 4 + .../Commands.KeyVault.Test.csproj | 15 +- .../Commands.KeyVault.Test/Scripts/Common.ps1 | 111 ++++--- .../ControlPlane/KeyVaultManagementTests.ps1 | 3 +- .../Scripts/RunKeyVaultTests.ps1 | 24 +- .../Scripts/VaultCertificateTests.ps1 | 138 +++++++++ .../Scripts/VaultKeyTests.ps1 | 19 +- .../Scripts/VaultManagementTests.ps1 | 1 + .../Scripts/VaultSecretTests.ps1 | 2 +- .../Commands.KeyVault.Test/app.config | 11 + .../Commands.KeyVault.Test/packages.config | 6 +- .../Commands.KeyVault.csproj | 7 +- .../Commands/GetAzureKeyVaultCertificate.cs | 50 +++- .../RemoveAzureKeyVaultCertificate.cs | 29 +- .../Commands/SetAzureKeyVaultAccessPolicy.cs | 3 +- .../UndoAzureKeyVaultCertificateRemoval.cs | 63 ++++ .../Models/DeletedCertificateIdentityItem.cs | 40 +++ .../Models/DeletedKeyVaultCertificate.cs | 47 +++ .../Models/IKeyVaultDataServiceClient.cs | 10 +- .../Commands.KeyVault/Models/KeyAttributes.cs | 6 +- .../Commands.KeyVault/Models/KeyBundle.cs | 2 +- .../Models/KeyIdentityItem.cs | 6 +- .../Models/KeyVaultCertificate.cs | 51 ++-- .../Models/KeyVaultDataServiceClient.cs | 102 ++++++- .../Models/KeyVaultManagementCmdletBase.cs | 3 +- .../Commands.KeyVault/Models/Secret.cs | 1 + .../Models/SecretAttributes.cs | 6 +- .../Properties/Resources.Designer.cs | 233 ++++++++------- .../Properties/Resources.resx | 11 +- .../KeyVault/Commands.KeyVault/app.config | 11 + .../help/Add-AzureKeyVaultCertificate.md | 42 +-- .../Add-AzureKeyVaultCertificateContact.md | 34 +-- .../help/Add-AzureKeyVaultKey.md | 276 ++++-------------- .../help/AzureRM.KeyVault.md | 33 ++- .../help/Backup-AzureKeyVaultKey.md | 36 +-- .../help/Backup-AzureKeyVaultSecret.md | 30 +- .../help/Get-AzureKeyVaultCertificate.md | 61 +++- .../Get-AzureKeyVaultCertificateContact.md | 2 +- .../Get-AzureKeyVaultCertificateIssuer.md | 4 +- .../Get-AzureKeyVaultCertificateOperation.md | 4 +- .../Get-AzureKeyVaultCertificatePolicy.md | 4 +- .../help/Get-AzureKeyVaultKey.md | 32 +- .../help/Get-AzureKeyVaultSecret.md | 34 +-- .../help/Get-AzureRmKeyVault.md | 16 +- .../help/Import-AzureKeyVaultCertificate.md | 4 +- ...KeyVaultCertificateAdministratorDetails.md | 30 +- ...eKeyVaultCertificateOrganizationDetails.md | 20 +- .../New-AzureKeyVaultCertificatePolicy.md | 30 +- .../help/New-AzureRmKeyVault.md | 70 ++--- .../help/Remove-AzureKeyVaultCertificate.md | 46 ++- .../Remove-AzureKeyVaultCertificateContact.md | 34 +-- .../Remove-AzureKeyVaultCertificateIssuer.md | 34 +-- ...emove-AzureKeyVaultCertificateOperation.md | 34 +-- .../help/Remove-AzureKeyVaultKey.md | 36 +-- ...move-AzureKeyVaultManagedStorageAccount.md | 30 +- ...zureKeyVaultManagedStorageSasDefinition.md | 30 +- .../help/Remove-AzureKeyVaultSecret.md | 38 +-- .../help/Remove-AzureRmKeyVault.md | 34 +-- .../Remove-AzureRmKeyVaultAccessPolicy.md | 53 ++-- .../help/Restore-AzureKeyVaultKey.md | 32 +- .../help/Restore-AzureKeyVaultSecret.md | 30 +- .../Set-AzureKeyVaultCertificateAttribute.md | 44 +-- .../Set-AzureKeyVaultCertificateIssuer.md | 34 +-- .../Set-AzureKeyVaultCertificatePolicy.md | 36 +-- .../help/Set-AzureKeyVaultKeyAttribute.md | 6 +- .../help/Set-AzureKeyVaultSecret.md | 6 +- .../help/Set-AzureKeyVaultSecretAttribute.md | 6 +- .../help/Set-AzureRmKeyVaultAccessPolicy.md | 66 ++--- .../Stop-AzureKeyVaultCertificateOperation.md | 34 +-- .../Undo-AzureKeyVaultCertificateRemoval.md | 115 ++++++++ .../help/Undo-AzureKeyVaultKeyRemoval.md | 30 +- .../help/Undo-AzureKeyVaultSecretRemoval.md | 30 +- .../help/Undo-AzureRmKeyVaultRemoval.md | 38 +-- ...e-AzureKeyVaultManagedStorageAccountKey.md | 30 +- .../Commands.KeyVault/packages.config | 8 +- 76 files changed, 1673 insertions(+), 1052 deletions(-) create mode 100644 src/ResourceManager/KeyVault/Commands.KeyVault.Test/app.config create mode 100644 src/ResourceManager/KeyVault/Commands.KeyVault/Commands/UndoAzureKeyVaultCertificateRemoval.cs create mode 100644 src/ResourceManager/KeyVault/Commands.KeyVault/Models/DeletedCertificateIdentityItem.cs create mode 100644 src/ResourceManager/KeyVault/Commands.KeyVault/Models/DeletedKeyVaultCertificate.cs create mode 100644 src/ResourceManager/KeyVault/Commands.KeyVault/app.config create mode 100644 src/ResourceManager/KeyVault/Commands.KeyVault/help/Undo-AzureKeyVaultCertificateRemoval.md diff --git a/src/ResourceManager/KeyVault/AzureRM.KeyVault.psd1 b/src/ResourceManager/KeyVault/AzureRM.KeyVault.psd1 index 28f743054c0f..797e5686fa13 100644 --- a/src/ResourceManager/KeyVault/AzureRM.KeyVault.psd1 +++ b/src/ResourceManager/KeyVault/AzureRM.KeyVault.psd1 @@ -87,20 +87,30 @@ CmdletsToExport = 'Add-AzureKeyVaultCertificate', 'Remove-AzureKeyVaultCertificateIssuer', 'Remove-AzureKeyVaultCertificateOperation', 'Set-AzureKeyVaultCertificateIssuer', - 'Set-AzureKeyVaultCertificatePolicy', 'Get-AzureRmKeyVault', - 'New-AzureRmKeyVault', 'Remove-AzureRmKeyVault', - 'Undo-AzureRmKeyVaultRemoval', 'Remove-AzureRmKeyVaultAccessPolicy', - 'Set-AzureRmKeyVaultAccessPolicy', 'Backup-AzureKeyVaultKey', - 'Get-AzureKeyVaultKey', 'Get-AzureKeyVaultSecret', - 'Undo-AzureKeyVaultKeyRemoval', 'Undo-AzureKeyVaultSecretRemoval', - 'Add-AzureKeyVaultKey', 'Remove-AzureKeyVaultKey', - 'Remove-AzureKeyVaultSecret', 'Restore-AzureKeyVaultKey', - 'Set-AzureKeyVaultKeyAttribute', 'Set-AzureKeyVaultSecret', + 'Set-AzureKeyVaultCertificatePolicy', + 'Get-AzureRmKeyVault', + 'New-AzureRmKeyVault', + 'Remove-AzureRmKeyVault', + 'Undo-AzureRmKeyVaultRemoval', + 'Remove-AzureRmKeyVaultAccessPolicy', + 'Set-AzureRmKeyVaultAccessPolicy', + 'Backup-AzureKeyVaultKey', + 'Get-AzureKeyVaultKey', + 'Get-AzureKeyVaultSecret', + 'Undo-AzureKeyVaultKeyRemoval', + 'Undo-AzureKeyVaultSecretRemoval', + 'Add-AzureKeyVaultKey', + 'Remove-AzureKeyVaultKey', + 'Remove-AzureKeyVaultSecret', + 'Restore-AzureKeyVaultKey', + 'Set-AzureKeyVaultKeyAttribute', + 'Set-AzureKeyVaultSecret', 'Set-AzureKeyVaultSecretAttribute', 'Get-AzureKeyVaultCertificatePolicy', 'New-AzureKeyVaultCertificateAdministratorDetails', 'New-AzureKeyVaultCertificateOrganizationDetails', - 'Backup-AzureKeyVaultSecret', 'Restore-AzureKeyVaultSecret', + 'Backup-AzureKeyVaultSecret', + 'Restore-AzureKeyVaultSecret', 'Get-AzureKeyVaultManagedStorageAccount', 'Add-AzureKeyVaultManagedStorageAccount', 'Remove-AzureKeyVaultManagedStorageAccount', @@ -108,8 +118,8 @@ CmdletsToExport = 'Add-AzureKeyVaultCertificate', 'Update-AzureKeyVaultManagedStorageAccountKey', 'Get-AzureKeyVaultManagedStorageSasDefinition', 'Set-AzureKeyVaultManagedStorageSasDefinition', - 'Remove-AzureKeyVaultManagedStorageSasDefinition' - + 'Remove-AzureKeyVaultManagedStorageSasDefinition', + 'Undo-AzureKeyVaultCertificateRemoval' # Variables to export from this module # VariablesToExport = @() diff --git a/src/ResourceManager/KeyVault/ChangeLog.md b/src/ResourceManager/KeyVault/ChangeLog.md index acaa528262c3..96202066b8f7 100644 --- a/src/ResourceManager/KeyVault/ChangeLog.md +++ b/src/ResourceManager/KeyVault/ChangeLog.md @@ -20,6 +20,10 @@ ## Current Release ## Version 3.2.1 +* New/updated Cmdlets to support soft-delete for KeyVault certificates + * Get-AzureKeyVaultCertificate + * Remove-AzureKeyVaultCertificate + * Undo-AzureKeyVaultCertificateRemoval ## Version 3.2.0 * Remove email address from the directory query when -UserPrincipalName is specified to the Set-AzureRMKeyVaultAccessPolicy and Remove-AzureRMKeyVaultAccessPolicy cmdlets. diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Commands.KeyVault.Test.csproj b/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Commands.KeyVault.Test.csproj index 0962463dd3ff..90d267a2965c 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Commands.KeyVault.Test.csproj +++ b/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Commands.KeyVault.Test.csproj @@ -65,12 +65,12 @@ ..\..\..\packages\Microsoft.Azure.Graph.RBAC.3.4.0-preview\lib\net452\Microsoft.Azure.Graph.RBAC.dll - - ..\..\..\packages\Microsoft.Azure.KeyVault.2.3.0-preview\lib\net452\Microsoft.Azure.KeyVault.dll + + ..\..\..\packages\Microsoft.Azure.KeyVault.2.3.2\lib\net452\Microsoft.Azure.KeyVault.dll True - - ..\..\..\packages\Microsoft.Azure.KeyVault.WebKey.2.0.6\lib\net452\Microsoft.Azure.KeyVault.WebKey.dll + + ..\..\..\packages\Microsoft.Azure.KeyVault.WebKey.2.0.7\lib\net452\Microsoft.Azure.KeyVault.WebKey.dll True @@ -138,9 +138,9 @@ False ..\..\..\packages\Moq.4.2.1510.2205\lib\net40\Moq.dll - - False - ..\..\..\packages\Newtonsoft.Json.6.0.8\lib\net45\Newtonsoft.Json.dll + + ..\..\..\packages\Newtonsoft.Json.9.0.1\lib\net45\Newtonsoft.Json.dll + True False @@ -196,6 +196,7 @@ + Designer diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/Common.ps1 b/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/Common.ps1 index b0d5d0a41b85..1fae5e025ecd 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/Common.ps1 +++ b/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/Common.ps1 @@ -207,7 +207,16 @@ function Cleanup-OldCertificates $certificatePattern = Get-CertificateName '*' Get-AzureKeyVaultCertificate $keyVault | Where-Object {$_.Name -like $certificatePattern} | - Remove-AzureKeyVaultCertificate -Force -Confirm:$false + Remove-AzureKeyVaultCertificate -Name $_.Name -VaultName $_.VaultName -Force -Confirm:$false + + if($global:softDeleteEnabled -eq $true) + { + Get-AzureKeyVaultCertificate -VaultName $keyVault -InRemovedState | + Where-Object {$_.Name -like $certificatePattern} | %{ + Remove-AzureKeyVaultCertificate -Name $_.Name -VaultName $_.VaultName -InRemovedState -Force -Confirm:$false + Wait-Seconds 5; + } + } } <# @@ -313,50 +322,49 @@ function Cleanup-SingleKeyTest function Cleanup-Key ([string]$keyName) { - $oldPref = $ErrorActionPreference - $ErrorActionPreference = "Stop" - try + $oldPref = $ErrorActionPreference + $ErrorActionPreference = "Stop" + try + { + $keyVault = Get-KeyVault + Write-Debug "Removing key with name $_ in vault $keyVault" + $catch = Remove-AzureKeyVaultKey $keyVault $keyName -Force -Confirm:$false + if($global:softDeleteEnabled -eq $true) { - $keyVault = Get-KeyVault - Write-Debug "Removing key with name $_ in vault $keyVault" - $catch = Remove-AzureKeyVaultKey $keyVault $keyName -Force -Confirm:$false - if($global:softDeleteEnabled -eq $true) - { - Wait-ForDeletedKey $keyVault $keyName - Remove-AzureKeyVaultKey $keyVault $keyName -Force -Confirm:$false -InRemovedState - } + Wait-ForDeletedKey $keyVault $keyName + Remove-AzureKeyVaultKey $keyVault $keyName -Force -Confirm:$false -InRemovedState } - catch { - - } - finally - { - $ErrorActionPreference = $oldPref - } + } + catch { + + } + finally + { + $ErrorActionPreference = $oldPref + } } function Cleanup-Secret ([string]$secretName) { - $oldPref = $ErrorActionPreference - $ErrorActionPreference = "Stop" - try - { - $keyVault = Get-KeyVault - Write-Debug "Removing secret with name $_ in vault $keyVault" - $catch = Remove-AzureKeyVaultSecret $keyVault $secretName -Force -Confirm:$false - if($global:softDeleteEnabled -eq $true) - { - Wait-ForDeletedSecret $keyVault $secretName - Remove-AzureKeyVaultSecret $keyVault $secretName -Force -Confirm:$false -InRemovedState - } - } - catch { - - } - finally + $oldPref = $ErrorActionPreference + $ErrorActionPreference = "Stop" + try + { + $keyVault = Get-KeyVault + Write-Debug "Removing secret with name $_ in vault $keyVault" + $catch = Remove-AzureKeyVaultSecret $keyVault $secretName -Force -Confirm:$false + if($global:softDeleteEnabled -eq $true) { - $ErrorActionPreference = $oldPref + Wait-ForDeletedSecret $keyVault $secretName + Remove-AzureKeyVaultSecret $keyVault $secretName -Force -Confirm:$false -InRemovedState } + } + catch { + } + finally + { + $ErrorActionPreference = $oldPref + } } <# @@ -389,6 +397,11 @@ function Cleanup-SingleCertificateTest $keyVault = Get-KeyVault Write-Debug "Removing certificate with name $_ in vault $keyVault" $catch = Remove-AzureKeyVaultCertificate $keyVault $_ -Force -Confirm:$false + if($global:softDeleteEnabled -eq $true) + { + Wait-ForDeletedCertificate $keyVault $_ + Remove-AzureKeyVaultCertificate $keyVault $_ -Force -Confirm:$false -InRemovedState + } } catch { @@ -452,6 +465,30 @@ function Wait-ForDeletedSecret ([string] $vault, [string] $secretName) return $secret } +<# +.SYNOPSIS +Waits for a deleted certificate to show up. +#> +function Wait-ForDeletedCertificate ([string] $vault, [string] $certName) +{ + $cert = $null + do { + try + { + $cert = Get-AzureKeyVaultCertificate -VaultName $vault -Name $certName -InRemovedState + } + catch + { + # Certificate is not found. + $cert = $null + Write-Host "Sleeping for 5 seconds to wait for deleted certificate $certName" + Wait-Seconds 5 + } + } while($cert -ne $null) + + return $cert +} + <# .SYNOPSIS Removes all managed storage accounts. diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/ControlPlane/KeyVaultManagementTests.ps1 b/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/ControlPlane/KeyVaultManagementTests.ps1 index ce9585fdb92b..ca79852f8700 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/ControlPlane/KeyVaultManagementTests.ps1 +++ b/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/ControlPlane/KeyVaultManagementTests.ps1 @@ -62,7 +62,8 @@ function Get-AllCertPermissions "listissuers", "managecontacts", "manageissuers", - "setissuers" + "setissuers", + "recover" ) } diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/RunKeyVaultTests.ps1 b/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/RunKeyVaultTests.ps1 index de200e8e9088..019d0e6a806a 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/RunKeyVaultTests.ps1 +++ b/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/RunKeyVaultTests.ps1 @@ -29,6 +29,10 @@ If true, then tests that require a premium vault are skipped (optional). The object ID of the user (optional). If no object ID is provided, then the object ID is extracted from whomever is currently logged in. +.PARAMETER SoftDeleteEnabled +If true, turns on 'soft-delete' mode for tests: vault is created as soft-delete-enabled (if not exists), soft-delete +tests are executed, delete + purge sequence is used for clean-up. + .PARAMETER NoADCmdLetMode If true, then active directory related tests are skipped. @@ -249,16 +253,24 @@ function Run-AllDataPlaneTests Run-TestProtected { Run-KeyTest {Test_GetDeletedKeys} "Test_GetDeletedKeys" } "Test_GetDeletedKeys" Run-TestProtected { Run-KeyTest {Test_UndoRemoveKey} "Test_UndoRemoveKey" } "Test_UndoRemoveKey" Run-TestProtected { Run-KeyTest {Test_RemoveDeletedKey} "Test_RemoveDeletedKey" } "Test_RemoveDeletedKey" - Run-TestProtected { Run-KeyTest {Test_RemoveNonExistKey} "Test_RemoveNonExistDeletedKey" } "Test_RemoveNonExistDeletedKey" + Run-TestProtected { Run-KeyTest {Test_RemoveNonExistDeletedKey} "Test_RemoveNonExistDeletedKey" } "Test_RemoveNonExistDeletedKey" Run-TestProtected { Run-KeyTest {Test_PipelineRemoveDeletedKeys} "Test_PipelineRemoveDeletedKeys" } "Test_PipelineRemoveDeletedKeys" # Secret soft delete tests - Run-TestProtected { Run-KeyTest {Test_GetDeletedKey} "Test_GetDeletedSecret" } "Test_GetDeletedKey" + Run-TestProtected { Run-KeyTest {Test_GetDeletedKey} "Test_GetDeletedSecret" } "Test_GetDeletedSecret" Run-TestProtected { Run-KeyTest {Test_GetDeletedKeys} "Test_GetDeletedSecrets" } "Test_GetDeletedSecrets" - Run-TestProtected { Run-KeyTest {Test_UndoRemoveKey} "Test_UndoRemoveSecret" } "Test_UndoRemoveSecret" - Run-TestProtected { Run-KeyTest {Test_RemoveDeletedKey} "Test_RemoveDeletedSecret" } "Test_RemoveDeletedSecret" - Run-TestProtected { Run-KeyTest {Test_RemoveNonExistKey} "Test_RemoveNonExistDeletedSecret" } "Test_RemoveNonExistDeletedSecret" - Run-TestProtected { Run-KeyTest {Test_PipelineRemoveDeletedKeys} "Test_PipelineRemoveDeletedSecrets" } "Test_PipelineRemoveDeletedSecrets" + Run-TestProtected { Run-KeyTest {Test_UndoRemoveSecret} "Test_UndoRemoveSecret" } "Test_UndoRemoveSecret" + Run-TestProtected { Run-KeyTest {Test_RemoveDeletedSecret} "Test_RemoveDeletedSecret" } "Test_RemoveDeletedSecret" + Run-TestProtected { Run-KeyTest {Test_RemoveNonExistDeletedSecret} "Test_RemoveNonExistDeletedSecret" } "Test_RemoveNonExistDeletedSecret" + Run-TestProtected { Run-KeyTest {Test_PipelineRemoveDeletedSecrets} "Test_PipelineRemoveDeletedSecrets" } "Test_PipelineRemoveDeletedSecrets" + + # certificate soft delete tests + Run-TestProtected { Run-KeyTest {Test_GetDeletedCertificate} "Test_GetDeletedCertificate" } "Test_GetDeletedCertificate" + Run-TestProtected { Run-KeyTest {Test_GetDeletedCertificates} "Test_GetDeletedCertificates" } "Test_GetDeletedCertificates" + Run-TestProtected { Run-KeyTest {Test_UndoRemoveCertificate} "Test_UndoRemoveCertificate" } "Test_UndoRemoveCertificate" + Run-TestProtected { Run-KeyTest {Test_RemoveDeletedCertificate} "Test_RemoveDeletedCertificate" } "Test_RemoveDeletedCertificate" + Run-TestProtected { Run-KeyTest {Test_RemoveNonExistDeletedCertificate} "Test_RemoveNonExistDeletedCertificate" } "Test_RemoveNonExistDeletedCertificate" + Run-TestProtected { Run-KeyTest {Test_PipelineRemoveDeletedCertificates} "Test_PipelineRemoveDeletedCertificate" } "Test_PipelineRemoveDeletedCertificates" } # Add-AzureKeyVaultKey tests. diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/VaultCertificateTests.ps1 b/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/VaultCertificateTests.ps1 index 77a660ceb2d6..22b1f871a007 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/VaultCertificateTests.ps1 +++ b/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/VaultCertificateTests.ps1 @@ -614,4 +614,142 @@ function Test_UpdateCertificateTags Assert-AreEqual $retrievedCertificate.Tags["State"] "Washington" Assert-AreEqual $retrievedCertificate.Tags.ContainsKey("City") $true Assert-AreEqual $retrievedCertificate.Tags["City"] "Redmond" +} + + +<# +.SYNOPSIS +Tests getting a previously deleted certificate +#> + +function Test_GetDeletedCertificate +{ + $keyVault = Get-KeyVault + $certificateName = Get-CertificateName 'getdeletedcertificate' + + $createdCert = CreateAKVCertificate $keyVault $certificateName + Assert-NotNull $createdCert + + $global:createdCertificates += $certificateName + + $createdCertificate | Remove-AzureKeyVaultCertificate -Force -Confirm:$false + + Wait-ForDeletedCertificate $keyVault $certificateName + + $deletedCertificate = Get-AzureKeyVaultCertificate -VaultName $keyVault.VaultName -Name $certificateName -InRemovedState + Assert-NotNull $deletedCertificate + Assert-NotNull $deletedCertificate.DeletedDate + Assert-NotNull $deletedCertificate.ScheduledPurgeDate +} + + +<# +.SYNOPSIS +Tests listing all previously deleted certificates +#> +function Test_GetDeletedCertificates +{ + $keyVault = Get-KeyVault + $certificateName = Get-CertificateName 'getdeletedcertificates' + $createdCert = CreateAKVCertificate $keyVault $certificateName + Assert-NotNull $createdCert + + $global:createdCertificates += $certificateName + + $createdCertificate | Remove-AzureKeyVaultCertificate -Force -Confirm:$false + + Wait-ForDeletedCertificate $keyVault $certificateName + + $deletedCerts = Get-AzureKeyVaultCertificate -VaultName $keyVault.VaultName -InRemovedState + Assert-True {$deletedCerts.Count -ge 1} + Assert-True {$deletedCerts.Name -contains $key.Name} +} + +<# +.SYNOPSIS +Tests recovering a previously deleted certificate. +#> + +function Test_UndoRemoveCertificate +{ + $keyVault = Get-KeyVault + $certificateName = Get-CertificateName 'undoremovedcert' + $createdCert = CreateAKVCertificate $keyVault $certificateName + Assert-NotNull $createdCert + + $global:createdCertificates += $certificateName + + $createdCertificate | Remove-AzureKeyVaultCertificate -Force -Confirm:$false + + Wait-ForDeletedCertificate $keyVault $certificateName + + $recoveredCert = Undo-AzureKeyVaultCertificateRemoval -VaultName $keyVault.VaultName -Name $certificateName + + Assert-NotNull $recoveredCert + Assert-AreEqual $recoveredCert.Name $createdCert.Name + Assert-AreEqual $recoveredCert.Version $createdCert.Version + #Assert-KeyAttributes $recoveredKey.Attributes 'RSA' $false $expires $nbf $ops $tags +} + +<# +.SYNOPSIS +Tests purging a deleted certificate. +#> + +function Test_RemoveDeletedCertificate +{ + $keyVault = Get-KeyVault + $certificateName = Get-CertificateName 'undoremovedcert' + $createdCert = CreateAKVCertificate $keyVault $certificateName + Assert-NotNull $createdCert + + $global:createdCertificates += $certificateName + + $createdCertificate | Remove-AzureKeyVaultCertificate -Force -Confirm:$false + + Wait-ForDeletedCertificate $keyVault $certificateName + + Remove-AzureKeyVaultCertificate -VaultName $keyVault.VaultName -Name $certificateName -InRemovedState -Force -Confirm:$false +} + +<# +.SYNOPSIS +Tests purging an active certificate +#> +function Test_RemoveNonExistDeletedCertificate +{ + $keyVault = Get-KeyVault + $certName = Get-CertificateName 'purgeactivecert' + + $createdCert = CreateAKVCertificate $keyVault $certName + Assert-NotNull $createdCert + + $global:createdCertificates += $certName + + Assert-Throws {Remove-AzureKeyVaultCertificate -VaultName $keyVault.VaultName -Name $certName -InRemovedState -Force -Confirm:$false} +} + +<# +.SYNOPSIS +Tests pipeline commands to remove multiple deleted certificates +#> + +function Test_PipelineRemoveDeletedCertificates +{ + $rootCertName = 'piperemovecert' + $keyVault = Get-KeyVault + $certName = Get-CertificateName $rootCertName + '1' + $createdCert1 = CreateAKVCertificate $keyVault $certName + Assert-NotNull $createdCert1 + + $certName = Get-CertificateName $rootCertName + '2' + $createdCert2 = CreateAKVCertificate $keyVault $certName + Assert-NotNull $createdCert2 + + Get-AzureKeyVaultCertificate $keyVault | Where-Object {$_.CertificateName -like $rootCertName + '*'} | Remove-AzureKeyVaultCertificate -Force -Confirm:$false + Wait-Seconds 30 + Get-AzureKeyVaultCertificate $keyVault -InRemovedState | Where-Object {$_.CertificateName -like $rootCertName + '*'} | Remove-AzureKeyVaultCertificate -Force -Confirm:$false -InRemovedState + + $certs = Get-AzureKeyVaultCertificate $keyVault -InRemovedState | Where-Object {$_.CertificateName -like $rootCertName + '*'} + Assert-AreEqual $keys.Count 0 } \ No newline at end of file diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/VaultKeyTests.ps1 b/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/VaultKeyTests.ps1 index f820b19cacb9..d8505ec3603e 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/VaultKeyTests.ps1 +++ b/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/VaultKeyTests.ps1 @@ -32,7 +32,7 @@ function Assert-KeyAttributes($keyAttr, $keytype, $keyenable, $keyexp, $keynbf, Assert-True { Equal-OperationList $keyops $keyAttr.KeyOps} "Expect $keyops. Get $keyAttr.KeyOps" } Assert-True { Equal-Hashtable $tags $keyAttr.Tags} "Expected $tags. Get $keyAttr.Tags" - Assert-NotNull $keyAttr.PurgeDisabled, "Purge Disabled is null." + Assert-NotNull $keyAttr.RecoveryLevel, "Deletion recovery level is null." } function BulkCreateSoftKeys ($vault, $prefix, $total) @@ -851,7 +851,7 @@ function Test_BackupRestoreKeyByName $backupblob = Backup-AzureKeyVaultKey -VaultName $keyVault -KeyName $keyname # Remove the key Cleanup-Key $keyname - Wait-Seconds 30 # Wait for slm to purge the key.. + Wait-Seconds 30 # Wait for slm to purge the key.. $restoredKey = Restore-AzureKeyVaultKey -VaultName $keyVault -InputFile $backupblob Assert-KeyAttributes $restoredKey.Attributes 'RSA' $true $null $null $null } @@ -1000,22 +1000,21 @@ Tests getting a previously deleted key function Test_GetDeletedKey { - # Create a software key for updating + # Create a software key for updating $keyVault = Get-KeyVault $keyname=Get-KeyName 'GetDeletedKey' $key=Add-AzureKeyVaultKey -VaultName $keyVault -Name $keyname -Destination 'Software' -Expires $expires -NotBefore $nbf -KeyOps $ops -Disable -Tag $tags Assert-NotNull $key $global:createdKeys += $keyname - $key | Remove-AzureKeyVaultKey -Force -Confirm:$false - - Wait-ForDeletedKey $keyVault $keyname + $key | Remove-AzureKeyVaultKey -Force -Confirm:$false - $deletedKey = Get-AzureKeyVaultKey -VaultName $keyVault -Name $keyname -InRemovedState - Assert-NotNull $deletedKey - Assert-NotNull $deletedKey.DeletedDate - Assert-NotNull $deletedKey.ScheduledPurgeDate + Wait-ForDeletedKey $keyVault $keyname + $deletedKey = Get-AzureKeyVaultKey -VaultName $keyVault -Name $keyname -InRemovedState + Assert-NotNull $deletedKey + Assert-NotNull $deletedKey.DeletedDate + Assert-NotNull $deletedKey.ScheduledPurgeDate } <# diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/VaultManagementTests.ps1 b/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/VaultManagementTests.ps1 index 5f223169ef76..4f054c792873 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/VaultManagementTests.ps1 +++ b/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/VaultManagementTests.ps1 @@ -361,6 +361,7 @@ function Initialize-TemporaryState } $vaultProperties = @{ "enabledForDeployment" = $false + "enableSoftDelete"=$global:softDeleteEnabled "tenantId" = $tenantId "sku" = @{ "family" = "A" diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/VaultSecretTests.ps1 b/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/VaultSecretTests.ps1 index 4a56a775378a..488a444ab493 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/VaultSecretTests.ps1 +++ b/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/VaultSecretTests.ps1 @@ -23,6 +23,7 @@ function Assert-SecretAttributes($secretAttr, $secenable, $secexp, $secnbf, $sec Assert-True { Equal-DateTime $secnbf $secretAttr.NotBefore} "Expect $secnbf. Get $secretAttr.NotBefore" Assert-True { Equal-String $seccontenttype $secretAttr.ContentType} "Expect $seccontenttype. Get $secretAttr.ContentType" Assert-True { Equal-Hashtable $sectags $secretAttr.Tags} "Expected $sectags. Get $secretAttr.Tags" + Assert-NotNull $secretAttr.RecoveryLevel, "Deletion recovery level is null." } function BulkCreateSecrets ($vault, $prefix, $total) @@ -849,7 +850,6 @@ function Test_GetDeletedSecret Assert-NotNull $deletedSecret Assert-NotNull $deletedSecret.DeletedDate Assert-NotNull $deletedSecret.ScheduledPurgeDate - } <# diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault.Test/app.config b/src/ResourceManager/KeyVault/Commands.KeyVault.Test/app.config new file mode 100644 index 000000000000..433dc9083c92 --- /dev/null +++ b/src/ResourceManager/KeyVault/Commands.KeyVault.Test/app.config @@ -0,0 +1,11 @@ + + + + + + + + + + + diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault.Test/packages.config b/src/ResourceManager/KeyVault/Commands.KeyVault.Test/packages.config index 8c1bc2f12f3e..c625cfa98851 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault.Test/packages.config +++ b/src/ResourceManager/KeyVault/Commands.KeyVault.Test/packages.config @@ -4,8 +4,8 @@ - - + + @@ -22,7 +22,7 @@ - + diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/Commands.KeyVault.csproj b/src/ResourceManager/KeyVault/Commands.KeyVault/Commands.KeyVault.csproj index 2111dde8abb0..ea87dbcb1b79 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/Commands.KeyVault.csproj +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/Commands.KeyVault.csproj @@ -89,9 +89,12 @@ + + + @@ -178,11 +181,11 @@ ..\..\..\packages\Microsoft.Azure.ActiveDirectory.GraphClient.2.1.0\lib\portable-net4+sl5+win+wpa+wp8\Microsoft.Azure.ActiveDirectory.GraphClient.dll - ..\..\..\packages\Microsoft.Azure.KeyVault.2.3.0-preview\lib\net452\Microsoft.Azure.KeyVault.dll + ..\..\..\packages\Microsoft.Azure.KeyVault.2.3.2\lib\net452\Microsoft.Azure.KeyVault.dll True - ..\..\..\packages\Microsoft.Azure.KeyVault.WebKey.2.0.6\lib\net452\Microsoft.Azure.KeyVault.WebKey.dll + ..\..\..\packages\Microsoft.Azure.KeyVault.WebKey.2.0.7\lib\net452\Microsoft.Azure.KeyVault.WebKey.dll True diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/Commands/GetAzureKeyVaultCertificate.cs b/src/ResourceManager/KeyVault/Commands.KeyVault/Commands/GetAzureKeyVaultCertificate.cs index aa098293d33d..5dc00f89c0c7 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/Commands/GetAzureKeyVaultCertificate.cs +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/Commands/GetAzureKeyVaultCertificate.cs @@ -13,12 +13,12 @@ // ---------------------------------------------------------------------------------- using System; -using System.Management.Automation; -using Microsoft.Azure.Commands.KeyVault.Models; -using KeyVaultProperties = Microsoft.Azure.Commands.KeyVault.Properties; using System.Collections.Generic; using System.Linq; +using System.Management.Automation; +using Microsoft.Azure.Commands.KeyVault.Models; using Microsoft.Azure.KeyVault.Models; +using KeyVaultProperties = Microsoft.Azure.Commands.KeyVault.Properties; namespace Microsoft.Azure.Commands.KeyVault { @@ -28,7 +28,7 @@ namespace Microsoft.Azure.Commands.KeyVault [Cmdlet(VerbsCommon.Get, CmdletNoun.AzureKeyVaultCertificate, DefaultParameterSetName = ByVaultNameParameterSet, HelpUri = Constants.KeyVaultHelpUri)] - [OutputType(typeof(List), typeof(KeyVaultCertificate))] + [OutputType(typeof(List), typeof(KeyVaultCertificate), typeof(DeletedCertificateBundle), typeof(List))] public class GetAzureKeyVaultCertificate : KeyVaultCmdletBase { #region Parameter Set Names @@ -36,6 +36,7 @@ public class GetAzureKeyVaultCertificate : KeyVaultCmdletBase private const string ByCertificateNameParameterSet = "ByCertificateName"; private const string ByVaultNameParameterSet = "ByVaultName"; private const string ByCertificateVersionsParameterSet = "ByCertificateVersions"; + private const string ByDeletedCertificateParameterSet = "ByDeletedCertificates"; #endregion @@ -47,7 +48,7 @@ public class GetAzureKeyVaultCertificate : KeyVaultCmdletBase [Parameter(Mandatory = true, Position = 0, ValueFromPipelineByPropertyName = true, - HelpMessage = "Vault name. Cmdlet constructs the FQDN of a vault based on the name and currently selected environment.")] + HelpMessage = "Vault name. Cmdlet constructs the FQDN of a vault based on the name and currently selected environment.")] [ValidateNotNullOrEmpty] public string VaultName { get; set; } @@ -64,6 +65,11 @@ public class GetAzureKeyVaultCertificate : KeyVaultCmdletBase ValueFromPipelineByPropertyName = true, ParameterSetName = ByCertificateVersionsParameterSet, HelpMessage = "Certificate name. Cmdlet constructs the FQDN of a certificate from vault name, currently selected environment and certificate name.")] + [Parameter( Mandatory = false, + Position = 1, + ValueFromPipelineByPropertyName = true, + ParameterSetName = ByDeletedCertificateParameterSet, + HelpMessage = "Certificate name. Cmdlet constructs the FQDN of a certificate from vault name, currently selected environment and certificate name." )] [ValidateNotNullOrEmpty] [Alias(Constants.CertificateName)] public string Name { get; set; } @@ -84,6 +90,13 @@ public class GetAzureKeyVaultCertificate : KeyVaultCmdletBase HelpMessage = "Specifies whether to include the versions of the certificate in the output.")] public SwitchParameter IncludeVersions { get; set; } + /// + /// Switch specifying whether to apply the command to certificates in a deleted state. + /// + [Parameter( Mandatory = true, + ParameterSetName = ByDeletedCertificateParameterSet, + HelpMessage = "Specifies whether to show the previously deleted certificates in the output." )] + public SwitchParameter InRemovedState { get; set; } #endregion protected override void ProcessRecord() @@ -111,6 +124,18 @@ protected override void ProcessRecord() GetAndWriteCertificates(VaultName); break; + case ByDeletedCertificateParameterSet: + if ( Name == null ) + { + GetAndWriteDeletedCertificates( VaultName ); + break; + } + + DeletedCertificateBundle deletedCert = DataServiceClient.GetDeletedCertificate(VaultName, Name); + WriteObject( deletedCert ); + + break; + default: throw new ArgumentException(KeyVaultProperties.Resources.BadParameterSetName); } @@ -146,5 +171,20 @@ private void GetAndWriteCertificatesVersions(string vaultName, string name, stri WriteObject(pageResults, true); } while (!string.IsNullOrEmpty(options.NextLink)); } + + private void GetAndWriteDeletedCertificates( string vaultName ) + { + KeyVaultObjectFilterOptions options = new KeyVaultObjectFilterOptions + { + VaultName = VaultName, + NextLink = null + }; + + do + { + var pageResults = DataServiceClient.GetDeletedCertificates(options); + WriteObject( pageResults, true ); + } while ( !string.IsNullOrEmpty( options.NextLink ) ); + } } } diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/Commands/RemoveAzureKeyVaultCertificate.cs b/src/ResourceManager/KeyVault/Commands.KeyVault/Commands/RemoveAzureKeyVaultCertificate.cs index 51f5c12aa712..b124ee9fa395 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/Commands/RemoveAzureKeyVaultCertificate.cs +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/Commands/RemoveAzureKeyVaultCertificate.cs @@ -27,7 +27,7 @@ namespace Microsoft.Azure.Commands.KeyVault SupportsShouldProcess = true, ConfirmImpact = ConfirmImpact.High, HelpUri = Constants.KeyVaultHelpUri)] - [OutputType(typeof(KeyVaultCertificate))] + [OutputType(typeof(DeletedCertificateBundle))] public class RemoveAzureKeyVaultCertificate : KeyVaultCmdletBase { #region Input Parameter Definitions @@ -58,6 +58,13 @@ public class RemoveAzureKeyVaultCertificate : KeyVaultCmdletBase [Parameter(HelpMessage = "Do not ask for confirmation.")] public SwitchParameter Force { get; set; } + /// + /// If present, operate on the deleted key entity. + /// + [Parameter( Mandatory = false, + HelpMessage = "Permanently remove the previously deleted certificate." )] + public SwitchParameter InRemovedState { get; set; } + [Parameter(HelpMessage = "Cmdlet does not return an object by default. If this switch is specified, the cmdlet returns the certificate object that was deleted.")] public SwitchParameter PassThru { get; set; } @@ -65,7 +72,25 @@ public class RemoveAzureKeyVaultCertificate : KeyVaultCmdletBase protected override void ProcessRecord() { - CertificateBundle certBundle = null; + if ( InRemovedState.IsPresent ) + { + ConfirmAction( + Force.IsPresent, + string.Format( + CultureInfo.InvariantCulture, + KeyVaultProperties.Resources.RemoveDeletedCertificateWarning, + Name ), + string.Format( + CultureInfo.InvariantCulture, + KeyVaultProperties.Resources.RemoveDeletedCertificateWhatIfMessage, + Name ), + Name, + ( ) => { DataServiceClient.PurgeCertificate( VaultName, Name ); } ); + + return; + } + + DeletedCertificateBundle certBundle = null; ConfirmAction( Force.IsPresent, diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/Commands/SetAzureKeyVaultAccessPolicy.cs b/src/ResourceManager/KeyVault/Commands.KeyVault/Commands/SetAzureKeyVaultAccessPolicy.cs index e813b5d0c219..b0de15fccf19 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/Commands/SetAzureKeyVaultAccessPolicy.cs +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/Commands/SetAzureKeyVaultAccessPolicy.cs @@ -71,6 +71,7 @@ public class SetAzureKeyVaultAccessPolicy : KeyVaultManagementCmdletBase CertPerms.Managecontacts, CertPerms.Manageissuers, CertPerms.Setissuers, + CertPerms.Recover, }; private readonly string[] StorageAllExpansion = { @@ -232,7 +233,7 @@ public class SetAzureKeyVaultAccessPolicy : KeyVaultManagementCmdletBase ParameterSetName = ByEmailAddress, ValueFromPipelineByPropertyName = true, HelpMessage = "Specifies certificate operation permissions to grant to a user or service principal.")] - [ValidateSet("get", "list", "delete", "create", "import", "update", "managecontacts", "getissuers", "listissuers", "setissuers", "deleteissuers", "manageissuers", "all")] + [ValidateSet("get", "list", "delete", "create", "import", "update", "managecontacts", "getissuers", "listissuers", "setissuers", "deleteissuers", "manageissuers", "recover", "purge", "all")] public string[] PermissionsToCertificates { get; set; } /// diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/Commands/UndoAzureKeyVaultCertificateRemoval.cs b/src/ResourceManager/KeyVault/Commands.KeyVault/Commands/UndoAzureKeyVaultCertificateRemoval.cs new file mode 100644 index 000000000000..23394e4185c2 --- /dev/null +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/Commands/UndoAzureKeyVaultCertificateRemoval.cs @@ -0,0 +1,63 @@ +// ---------------------------------------------------------------------------------- +// +// Copyright Microsoft Corporation +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// http://www.apache.org/licenses/LICENSE-2.0 +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// ---------------------------------------------------------------------------------- + +using System.Management.Automation; +using Microsoft.Azure.Commands.KeyVault.Models; +using Microsoft.Azure.KeyVault.Models; + +namespace Microsoft.Azure.Commands.KeyVault +{ + [Cmdlet( VerbsCommon.Undo, "AzureKeyVaultCertificateRemoval", + SupportsShouldProcess = true, + ConfirmImpact = ConfirmImpact.Low, + HelpUri = Constants.KeyVaultHelpUri )] + [OutputType( typeof( CertificateBundle ) )] + public class UndoAzureKeyVaultCertificateRemoval : KeyVaultCmdletBase + { + #region Input Parameter Definitions + + /// + /// Vault name + /// + [Parameter( Mandatory = true, + Position = 0, + ValueFromPipelineByPropertyName = true, + HelpMessage = "Vault name. Cmdlet constructs the FQDN of a vault based on the name and currently selected environment." )] + [ValidateNotNullOrEmpty] + public string VaultName { get; set; } + + /// + /// Secret name + /// + [Parameter( Mandatory = true, + Position = 1, + ValueFromPipelineByPropertyName = true, + HelpMessage = "Certificate name. Cmdlet constructs the FQDN of a certificate from vault name, currently selected environment and certificate name." )] + [ValidateNotNullOrEmpty] + [Alias( Constants.CertificateName )] + public string Name { get; set; } + + #endregion + + public override void ExecuteCmdlet( ) + { + if ( ShouldProcess( Name, Properties.Resources.RecoverCertificate ) ) + { + CertificateBundle certificate = DataServiceClient.RecoverCertificate(VaultName, Name); + + WriteObject( certificate ); + } + } + } +} diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/Models/DeletedCertificateIdentityItem.cs b/src/ResourceManager/KeyVault/Commands.KeyVault/Models/DeletedCertificateIdentityItem.cs new file mode 100644 index 000000000000..4c95fef5c2fa --- /dev/null +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/Models/DeletedCertificateIdentityItem.cs @@ -0,0 +1,40 @@ +// ---------------------------------------------------------------------------------- +// +// Copyright Microsoft Corporation +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// http://www.apache.org/licenses/LICENSE-2.0 +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// ---------------------------------------------------------------------------------- + +using System; +using Microsoft.Azure.KeyVault.Models; + +namespace Microsoft.Azure.Commands.KeyVault.Models +{ + public class DeletedCertificateIdentityItem : CertificateIdentityItem + { + internal DeletedCertificateIdentityItem( DeletedCertificateItem certItem, VaultUriHelper vaultUriHelper ) + :base(certItem, vaultUriHelper) + { + ScheduledPurgeDate = certItem.ScheduledPurgeDate; + DeletedDate = certItem.DeletedDate; + } + + internal DeletedCertificateIdentityItem( DeletedCertificateBundle certBundle ) + :base( certBundle ) + { + ScheduledPurgeDate = certBundle.ScheduledPurgeDate; + DeletedDate = certBundle.DeletedDate; + } + + public DateTime? ScheduledPurgeDate { get; set; } + + public DateTime? DeletedDate { get; set; } + } +} diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/Models/DeletedKeyVaultCertificate.cs b/src/ResourceManager/KeyVault/Commands.KeyVault/Models/DeletedKeyVaultCertificate.cs new file mode 100644 index 000000000000..feed2109eb85 --- /dev/null +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/Models/DeletedKeyVaultCertificate.cs @@ -0,0 +1,47 @@ +// ---------------------------------------------------------------------------------- +// +// Copyright Microsoft Corporation +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// http://www.apache.org/licenses/LICENSE-2.0 +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// ---------------------------------------------------------------------------------- + +using System; + +namespace Microsoft.Azure.Commands.KeyVault.Models +{ + public sealed class DeletedKeyVaultCertificate : KeyVaultCertificate + { + public DeletedKeyVaultCertificate( Azure.KeyVault.Models.DeletedCertificateBundle deletedCertificateBundle ) + :base( deletedCertificateBundle ) + { + if ( deletedCertificateBundle == null ) + { + throw new ArgumentNullException( nameof( deletedCertificateBundle ) ); + } + + ScheduledPurgeDate = deletedCertificateBundle.ScheduledPurgeDate; + DeletedDate = deletedCertificateBundle.DeletedDate; + } + + internal static DeletedKeyVaultCertificate FromDeletedCertificateBundle( Azure.KeyVault.Models.DeletedCertificateBundle deletedCertificateBundle ) + { + if ( deletedCertificateBundle == null ) + { + return null; + } + + return new DeletedKeyVaultCertificate( deletedCertificateBundle ); + } + + public DateTime? ScheduledPurgeDate { get; set; } + + public DateTime? DeletedDate { get; set; } + } +} diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/Models/IKeyVaultDataServiceClient.cs b/src/ResourceManager/KeyVault/Commands.KeyVault/Models/IKeyVaultDataServiceClient.cs index 13cd822b7b4f..5770a57bf8e5 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/Models/IKeyVaultDataServiceClient.cs +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/Models/IKeyVaultDataServiceClient.cs @@ -82,8 +82,12 @@ public interface IKeyVaultDataServiceClient CertificateBundle GetCertificate(string vaultName, string certName, string certificateVersion); + DeletedCertificateBundle GetDeletedCertificate( string vaultName, string certName ); + IEnumerable GetCertificates(KeyVaultObjectFilterOptions options); + IEnumerable GetDeletedCertificates( KeyVaultObjectFilterOptions options ); + IEnumerable GetCertificateVersions(KeyVaultObjectFilterOptions options); CertificateBundle MergeCertificate(string vaultName, string certName, X509Certificate2Collection certs, IDictionary tags); @@ -92,7 +96,11 @@ public interface IKeyVaultDataServiceClient CertificateBundle ImportCertificate(string vaultName, string certName, X509Certificate2Collection certificateCollection, IDictionary tags); - CertificateBundle DeleteCertificate(string vaultName, string certName); + DeletedCertificateBundle DeleteCertificate(string vaultName, string certName); + + void PurgeCertificate( string vaultName, string certName ); + + CertificateBundle RecoverCertificate( string vaultName, string certName ); CertificateOperation EnrollCertificate(string vaultName, string certificateName, CertificatePolicy certificatePolicy, IDictionary tags); diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/Models/KeyAttributes.cs b/src/ResourceManager/KeyVault/Commands.KeyVault/Models/KeyAttributes.cs index 00cc94ca79c7..6ae9872f3ae5 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/Models/KeyAttributes.cs +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/Models/KeyAttributes.cs @@ -38,7 +38,7 @@ internal KeyAttributes(bool? enabled, DateTime? expires, DateTime? notBefore, st } internal KeyAttributes(bool? enabled, DateTime? expires, DateTime? notBefore, string keyType, - string[] keyOps, DateTime? created, DateTime? updated, bool purgeDisabled, IDictionary tags) + string[] keyOps, DateTime? created, DateTime? updated, string deletionRecoveryLevel, IDictionary tags) { this.Enabled = enabled; this.Expires = expires; @@ -47,7 +47,7 @@ internal KeyAttributes(bool? enabled, DateTime? expires, DateTime? notBefore, st this.KeyOps = keyOps; this.Created = created; this.Updated = updated; - this.PurgeDisabled = purgeDisabled; + this.RecoveryLevel = deletionRecoveryLevel; this.Tags = (tags == null) ? null : tags.ConvertToHashtable(); } @@ -65,7 +65,7 @@ internal KeyAttributes(bool? enabled, DateTime? expires, DateTime? notBefore, st public DateTime? Updated { get; private set; } - public bool PurgeDisabled { get; private set; } + public string RecoveryLevel { get; private set; } public Hashtable Tags { get; set; } public string TagsTable diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/Models/KeyBundle.cs b/src/ResourceManager/KeyVault/Commands.KeyVault/Models/KeyBundle.cs index d07486f3d7fa..d87c8b9396cf 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/Models/KeyBundle.cs +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/Models/KeyBundle.cs @@ -42,7 +42,7 @@ internal KeyBundle(Azure.KeyVault.Models.KeyBundle keyBundle, VaultUriHelper vau keyBundle.Key.KeyOps.ToArray(), keyBundle.Attributes.Created, keyBundle.Attributes.Updated, - keyBundle.Attributes.PurgeDisabled, + keyBundle.Attributes.RecoveryLevel, keyBundle.Tags); } diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/Models/KeyIdentityItem.cs b/src/ResourceManager/KeyVault/Commands.KeyVault/Models/KeyIdentityItem.cs index d1d91de3b432..eec3c481aea4 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/Models/KeyIdentityItem.cs +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/Models/KeyIdentityItem.cs @@ -36,7 +36,7 @@ internal KeyIdentityItem(Azure.KeyVault.Models.KeyItem keyItem, VaultUriHelper v NotBefore = keyItem.Attributes.NotBefore; Created = keyItem.Attributes.Created; Updated = keyItem.Attributes.Updated; - PurgeDisabled = keyItem.Attributes.PurgeDisabled; + RecoveryLevel = keyItem.Attributes.RecoveryLevel; Tags = (keyItem.Tags == null) ? null : keyItem.Tags.ConvertToHashtable(); } @@ -54,7 +54,7 @@ internal KeyIdentityItem(KeyBundle keyBundle) NotBefore = keyBundle.Attributes.NotBefore; Created = keyBundle.Attributes.Created; Updated = keyBundle.Attributes.Updated; - PurgeDisabled = keyBundle.Attributes.PurgeDisabled; + RecoveryLevel = keyBundle.Attributes.RecoveryLevel; Tags = keyBundle.Attributes.Tags; } @@ -68,7 +68,7 @@ internal KeyIdentityItem(KeyBundle keyBundle) public DateTime? Updated { get; private set; } - public bool PurgeDisabled { get; private set; } + public string RecoveryLevel { get; private set; } public Hashtable Tags { get; set; } diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/Models/KeyVaultCertificate.cs b/src/ResourceManager/KeyVault/Commands.KeyVault/Models/KeyVaultCertificate.cs index 412f95df8751..734016b5ee62 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/Models/KeyVaultCertificate.cs +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/Models/KeyVaultCertificate.cs @@ -33,50 +33,59 @@ public class KeyVaultCertificate public DateTime? Created { get; internal set; } public DateTime? Updated { get; internal set; } - internal static KeyVaultCertificate FromCertificateBundle(CertificateBundle certificateBundle) + public string RecoveryLevel { get; private set; } + + public KeyVaultCertificate( CertificateBundle certificateBundle ) { - if (certificateBundle == null) + if ( certificateBundle == null ) { - return null; + throw new ArgumentNullException( nameof( certificateBundle ) ); } - var kvCertificate = new KeyVaultCertificate(); + if ( certificateBundle.Id != null ) + { + Id = certificateBundle.CertificateIdentifier.Identifier; + Name = certificateBundle.CertificateIdentifier.Name; + } - if (certificateBundle.Id != null) + if ( certificateBundle.Cer != null ) { - kvCertificate.Id = certificateBundle.CertificateIdentifier.Identifier; - kvCertificate.Name = certificateBundle.CertificateIdentifier.Name; + Certificate = new X509Certificate2( certificateBundle.Cer ); + Thumbprint = Certificate.Thumbprint; } - if (certificateBundle.Cer != null) + if ( certificateBundle.KeyIdentifier != null ) { - kvCertificate.Certificate = new X509Certificate2(certificateBundle.Cer); - kvCertificate.Thumbprint = kvCertificate.Certificate.Thumbprint; + KeyId = certificateBundle.KeyIdentifier.Identifier; } - if (certificateBundle.KeyIdentifier != null) + if ( certificateBundle.SecretIdentifier != null ) { - kvCertificate.KeyId = certificateBundle.KeyIdentifier.Identifier; + SecretId = certificateBundle.SecretIdentifier.Identifier; } - if (certificateBundle.SecretIdentifier != null) + if ( certificateBundle.Attributes != null ) { - kvCertificate.SecretId = certificateBundle.SecretIdentifier.Identifier; + Created = certificateBundle.Attributes.Created; + Enabled = certificateBundle.Attributes.Enabled; + Updated = certificateBundle.Attributes.Updated; + RecoveryLevel = certificateBundle.Attributes.RecoveryLevel; } - if (certificateBundle.Attributes != null) + if ( certificateBundle.Tags != null ) { - kvCertificate.Created = certificateBundle.Attributes.Created; - kvCertificate.Enabled = certificateBundle.Attributes.Enabled; - kvCertificate.Updated = certificateBundle.Attributes.Updated; + Tags = certificateBundle.Tags; } + } - if (certificateBundle.Tags != null) + internal static KeyVaultCertificate FromCertificateBundle(CertificateBundle certificateBundle) + { + if ( certificateBundle == null ) { - kvCertificate.Tags = certificateBundle.Tags; + return null; } - return kvCertificate; + return new KeyVaultCertificate( certificateBundle ); } internal static List FromCertificateBundles(IEnumerable certificateBundles) diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/Models/KeyVaultDataServiceClient.cs b/src/ResourceManager/KeyVault/Commands.KeyVault/Models/KeyVaultDataServiceClient.cs index 1cb57abf4cff..b5be52dcfc09 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/Models/KeyVaultDataServiceClient.cs +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/Models/KeyVaultDataServiceClient.cs @@ -679,7 +679,7 @@ public CertificateBundle UpdateCertificate(string vaultName, string certificateN return certificateBundle; } - public CertificateBundle DeleteCertificate(string vaultName, string certName) + public DeletedCertificateBundle DeleteCertificate(string vaultName, string certName) { if (string.IsNullOrEmpty(vaultName)) throw new ArgumentNullException(nameof(vaultName)); @@ -688,7 +688,7 @@ public CertificateBundle DeleteCertificate(string vaultName, string certName) string vaultAddress = this.vaultUriHelper.CreateVaultAddress(vaultName); - CertificateBundle certBundle; + DeletedCertificateBundle certBundle; try { @@ -702,6 +702,25 @@ public CertificateBundle DeleteCertificate(string vaultName, string certName) return certBundle; } + public void PurgeCertificate(string vaultName, string certName) + { + if ( string.IsNullOrEmpty( vaultName ) ) + throw new ArgumentNullException( "vaultName" ); + if ( string.IsNullOrEmpty( certName ) ) + throw new ArgumentNullException( "certName" ); + + string vaultAddress = this.vaultUriHelper.CreateVaultAddress(vaultName); + + try + { + this.keyVaultClient.PurgeDeletedCertificateAsync( vaultAddress, certName ).GetAwaiter( ).GetResult( ); + } + catch (Exception ex) + { + throw GetInnerException( ex ); + } + } + public CertificateOperation GetCertificateOperation(string vaultName, string certificateName) { if (string.IsNullOrEmpty(vaultName)) @@ -1569,6 +1588,85 @@ public Secret RecoverSecret(string vaultName, string secretName) return new Secret(recoveredSecret, this.vaultUriHelper); } + public DeletedCertificateBundle GetDeletedCertificate( string vaultName, string certName ) + { + if ( string.IsNullOrEmpty( vaultName ) ) + throw new ArgumentNullException( nameof(vaultName) ); + if ( string.IsNullOrEmpty( certName ) ) + throw new ArgumentNullException( nameof(certName) ); + + string vaultAddress = this.vaultUriHelper.CreateVaultAddress(vaultName); + + DeletedCertificateBundle deletedCertificate; + try + { + deletedCertificate = this.keyVaultClient.GetDeletedCertificateAsync( vaultAddress, certName ).GetAwaiter( ).GetResult( ); + } + catch ( KeyVaultErrorException ex ) + { + if ( ex.Response.StatusCode == HttpStatusCode.NotFound ) + return null; + else + throw; + } + catch ( Exception ex ) + { + throw GetInnerException( ex ); + } + + return deletedCertificate; + } + + public IEnumerable GetDeletedCertificates( KeyVaultObjectFilterOptions options ) + { + if ( options == null ) + throw new ArgumentNullException( nameof( options ) ); + if ( string.IsNullOrEmpty( options.VaultName ) ) + throw new ArgumentException( KeyVaultProperties.Resources.InvalidVaultName ); + + string vaultAddress = this.vaultUriHelper.CreateVaultAddress(options.VaultName); + + try + { + IPage result; + + if ( string.IsNullOrEmpty( options.NextLink ) ) + result = this.keyVaultClient.GetDeletedCertificatesAsync( vaultAddress ).GetAwaiter( ).GetResult( ); + else + result = this.keyVaultClient.GetDeletedCertificatesNextAsync( options.NextLink ).GetAwaiter( ).GetResult( ); + + options.NextLink = result.NextPageLink; + return ( result == null ) ? new List( ) : + result.Select( ( deletedItem ) => new DeletedCertificateIdentityItem( deletedItem, this.vaultUriHelper ) ); + } + catch ( Exception ex ) + { + throw GetInnerException( ex ); + } + } + + public CertificateBundle RecoverCertificate( string vaultName, string certName ) + { + if ( string.IsNullOrEmpty( vaultName ) ) + throw new ArgumentNullException( nameof( vaultName ) ); + if ( string.IsNullOrEmpty( certName ) ) + throw new ArgumentNullException( nameof( certName ) ); + + string vaultAddress = this.vaultUriHelper.CreateVaultAddress(vaultName); + + CertificateBundle recoveredCertificate; + try + { + recoveredCertificate = this.keyVaultClient.RecoverDeletedCertificateAsync( vaultAddress, certName ).GetAwaiter( ).GetResult( ); + } + catch ( Exception ex ) + { + throw GetInnerException( ex ); + } + + return recoveredCertificate; + } + private VaultUriHelper vaultUriHelper; private KeyVaultClient keyVaultClient; } diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/Models/KeyVaultManagementCmdletBase.cs b/src/ResourceManager/KeyVault/Commands.KeyVault/Models/KeyVaultManagementCmdletBase.cs index fec2a071c5cd..7a9469ac2f05 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/Models/KeyVaultManagementCmdletBase.cs +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/Models/KeyVaultManagementCmdletBase.cs @@ -383,7 +383,8 @@ private Expression> FilterByEmail(string email) CertPerms.Listissuers, CertPerms.Managecontacts, CertPerms.Manageissuers, - CertPerms.Setissuers + CertPerms.Setissuers, + CertPerms.Recover }; protected readonly string[] DefaultPermissionsToStorage = diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/Models/Secret.cs b/src/ResourceManager/KeyVault/Commands.KeyVault/Models/Secret.cs index 1fca010e901d..5a094251d599 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/Models/Secret.cs +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/Models/Secret.cs @@ -43,6 +43,7 @@ internal Secret(Azure.KeyVault.Models.SecretBundle secret, VaultUriHelper vaultU secret.Attributes.Created, secret.Attributes.Updated, secret.ContentType, + secret.Attributes.RecoveryLevel, secret.Tags); } diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/Models/SecretAttributes.cs b/src/ResourceManager/KeyVault/Commands.KeyVault/Models/SecretAttributes.cs index af9fd7b8a4eb..f1eca26ffabb 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/Models/SecretAttributes.cs +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/Models/SecretAttributes.cs @@ -36,7 +36,7 @@ internal SecretAttributes(bool? enabled, DateTime? expires, DateTime? notBefore, } internal SecretAttributes(bool? enabled, DateTime? expires, DateTime? notBefore, - DateTime? created, DateTime? updated, string contentType, IDictionary tags) + DateTime? created, DateTime? updated, string contentType, string deletionRecoveryLevel, IDictionary tags) { this.Enabled = enabled; this.Expires = expires; @@ -44,6 +44,7 @@ internal SecretAttributes(bool? enabled, DateTime? expires, DateTime? notBefore, this.Created = created; this.Updated = updated; this.ContentType = contentType; + this.RecoveryLevel = deletionRecoveryLevel; this.Tags = (tags == null) ? null : tags.ConvertToHashtable(); } @@ -60,6 +61,9 @@ internal SecretAttributes(bool? enabled, DateTime? expires, DateTime? notBefore, public string ContentType { get; set; } public Hashtable Tags { get; set; } + + public string RecoveryLevel { get; private set; } + public string TagsTable { get diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/Properties/Resources.Designer.cs b/src/ResourceManager/KeyVault/Commands.KeyVault/Properties/Resources.Designer.cs index 91fb812cb50f..07737e3233c9 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/Properties/Resources.Designer.cs +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/Properties/Resources.Designer.cs @@ -22,7 +22,7 @@ namespace Microsoft.Azure.Commands.KeyVault.Properties { [global::System.CodeDom.Compiler.GeneratedCodeAttribute("System.Resources.Tools.StronglyTypedResourceBuilder", "4.0.0.0")] [global::System.Diagnostics.DebuggerNonUserCodeAttribute()] [global::System.Runtime.CompilerServices.CompilerGeneratedAttribute()] - public class Resources { + internal class Resources { private static global::System.Resources.ResourceManager resourceMan; @@ -36,7 +36,7 @@ internal Resources() { /// Returns the cached ResourceManager instance used by this class. /// [global::System.ComponentModel.EditorBrowsableAttribute(global::System.ComponentModel.EditorBrowsableState.Advanced)] - public static global::System.Resources.ResourceManager ResourceManager { + internal static global::System.Resources.ResourceManager ResourceManager { get { if (object.ReferenceEquals(resourceMan, null)) { global::System.Resources.ResourceManager temp = new global::System.Resources.ResourceManager("Microsoft.Azure.Commands.KeyVault.Properties.Resources", typeof(Resources).Assembly); @@ -51,7 +51,7 @@ internal Resources() { /// resource lookups using this strongly typed resource class. /// [global::System.ComponentModel.EditorBrowsableAttribute(global::System.ComponentModel.EditorBrowsableState.Advanced)] - public static global::System.Globalization.CultureInfo Culture { + internal static global::System.Globalization.CultureInfo Culture { get { return resourceCulture; } @@ -63,7 +63,7 @@ internal Resources() { /// /// Looks up a localized string similar to Add certificate. /// - public static string AddCertificate { + internal static string AddCertificate { get { return ResourceManager.GetString("AddCertificate", resourceCulture); } @@ -72,7 +72,7 @@ public static string AddCertificate { /// /// Looks up a localized string similar to Add certificate contact. /// - public static string AddCertificateContact { + internal static string AddCertificateContact { get { return ResourceManager.GetString("AddCertificateContact", resourceCulture); } @@ -81,7 +81,7 @@ public static string AddCertificateContact { /// /// Looks up a localized string similar to Add key. /// - public static string AddKey { + internal static string AddKey { get { return ResourceManager.GetString("AddKey", resourceCulture); } @@ -90,16 +90,16 @@ public static string AddKey { /// /// Looks up a localized string similar to Add Key Vault managed Storage Account. /// - public static string AddManagedStorageAccount { + internal static string AddManagedStorageAccount { get { return ResourceManager.GetString("AddManagedStorageAccount", resourceCulture); } } /// - /// Looks up a localized string similar to The Email argument specified, '{1}', matches multiple objects in the Azure Active Directory tenant '{2}'. Please use -UserPrincipalName to narrow down the the filter to a single object. The TenantID displayed by the cmdlet 'Get-AzureRmContext' is the current subscription's Azure Active directory.. + /// Looks up a localized string similar to The Email argument specified, '{1}', matches multiple objects in the Azure Active Directory tenant '{2}'. Please use -UserPrincipalName to narrow down the filter to a single object. The TenantID displayed by the cmdlet 'Get-AzureRmContext' is the current subscription's Azure Active Directory.. /// - public static string ADObjectAmbiguous { + internal static string ADObjectAmbiguous { get { return ResourceManager.GetString("ADObjectAmbiguous", resourceCulture); } @@ -111,7 +111,7 @@ public static string ADObjectAmbiguous { ///Please provide object ID for the user or service principle to set a vault access policy. ///You can find the object ID using Azure Active Directory Module for Windows PowerShell.. /// - public static string ADObjectIDRetrievalFailed { + internal static string ADObjectIDRetrievalFailed { get { return ResourceManager.GetString("ADObjectIDRetrievalFailed", resourceCulture); } @@ -120,7 +120,7 @@ public static string ADObjectIDRetrievalFailed { /// /// Looks up a localized string similar to Cannot find the Active Directory object '{0}' in tenant '{1}'. Please make sure that the user or application service principal you are authorizing is registered in the current subscription's Azure Active directory. The TenantID displayed by the cmdlet 'Get-AzureRmContext' is the current subscription's Azure Active directory.. /// - public static string ADObjectNotFound { + internal static string ADObjectNotFound { get { return ResourceManager.GetString("ADObjectNotFound", resourceCulture); } @@ -129,7 +129,7 @@ public static string ADObjectNotFound { /// /// Looks up a localized string similar to The 'all' permission is being deprecated and does not include the 'purge' permission. 'Purge' permission must be explicitly set.. /// - public static string AllPermissionExpansionWarning { + internal static string AllPermissionExpansionWarning { get { return ResourceManager.GetString("AllPermissionExpansionWarning", resourceCulture); } @@ -138,7 +138,7 @@ public static string AllPermissionExpansionWarning { /// /// Looks up a localized string similar to No account found in the context. Please login using Login-AzureRMAccount.. /// - public static string ArmAccountNotFound { + internal static string ArmAccountNotFound { get { return ResourceManager.GetString("ArmAccountNotFound", resourceCulture); } @@ -147,7 +147,7 @@ public static string ArmAccountNotFound { /// /// Looks up a localized string similar to Backup key. /// - public static string BackupKey { + internal static string BackupKey { get { return ResourceManager.GetString("BackupKey", resourceCulture); } @@ -156,7 +156,7 @@ public static string BackupKey { /// /// Looks up a localized string similar to The backup key file '{0}' already exists.. /// - public static string BackupKeyFileAlreadyExists { + internal static string BackupKeyFileAlreadyExists { get { return ResourceManager.GetString("BackupKeyFileAlreadyExists", resourceCulture); } @@ -165,7 +165,7 @@ public static string BackupKeyFileAlreadyExists { /// /// Looks up a localized string similar to Cannot find backup key file '{0}'. /// - public static string BackupKeyFileNotFound { + internal static string BackupKeyFileNotFound { get { return ResourceManager.GetString("BackupKeyFileNotFound", resourceCulture); } @@ -174,7 +174,7 @@ public static string BackupKeyFileNotFound { /// /// Looks up a localized string similar to Backup secret. /// - public static string BackupSecret { + internal static string BackupSecret { get { return ResourceManager.GetString("BackupSecret", resourceCulture); } @@ -183,7 +183,7 @@ public static string BackupSecret { /// /// Looks up a localized string similar to The backup secret file '{0}' already exists.. /// - public static string BackupSecretFileAlreadyExists { + internal static string BackupSecretFileAlreadyExists { get { return ResourceManager.GetString("BackupSecretFileAlreadyExists", resourceCulture); } @@ -192,7 +192,7 @@ public static string BackupSecretFileAlreadyExists { /// /// Looks up a localized string similar to Cannot find backup secret file '{0}'. /// - public static string BackupSecretFileNotFound { + internal static string BackupSecretFileNotFound { get { return ResourceManager.GetString("BackupSecretFileNotFound", resourceCulture); } @@ -201,7 +201,7 @@ public static string BackupSecretFileNotFound { /// /// Looks up a localized string similar to Bad Parameter Set Name. /// - public static string BadParameterSetName { + internal static string BadParameterSetName { get { return ResourceManager.GetString("BadParameterSetName", resourceCulture); } @@ -210,7 +210,7 @@ public static string BadParameterSetName { /// /// Looks up a localized string similar to Cannot find certificate file '{0}'.. /// - public static string CertificateFileNotFound { + internal static string CertificateFileNotFound { get { return ResourceManager.GetString("CertificateFileNotFound", resourceCulture); } @@ -219,7 +219,7 @@ public static string CertificateFileNotFound { /// /// Looks up a localized string similar to Create certificate administrator. /// - public static string CreateCertificateAdministrator { + internal static string CreateCertificateAdministrator { get { return ResourceManager.GetString("CreateCertificateAdministrator", resourceCulture); } @@ -228,7 +228,7 @@ public static string CreateCertificateAdministrator { /// /// Looks up a localized string similar to Create certificate organization. /// - public static string CreateCertificateOrganization { + internal static string CreateCertificateOrganization { get { return ResourceManager.GetString("CreateCertificateOrganization", resourceCulture); } @@ -237,7 +237,7 @@ public static string CreateCertificateOrganization { /// /// Looks up a localized string similar to Create certificate policy. /// - public static string CreateCertificatePolicy { + internal static string CreateCertificatePolicy { get { return ResourceManager.GetString("CreateCertificatePolicy", resourceCulture); } @@ -246,7 +246,7 @@ public static string CreateCertificatePolicy { /// /// Looks up a localized string similar to Create key vault. /// - public static string CreateKeyVault { + internal static string CreateKeyVault { get { return ResourceManager.GetString("CreateKeyVault", resourceCulture); } @@ -255,7 +255,7 @@ public static string CreateKeyVault { /// /// Looks up a localized string similar to Cannot find deleted vault '{0}' in location '{1}'. /// - public static string DeletedVaultNotFound { + internal static string DeletedVaultNotFound { get { return ResourceManager.GetString("DeletedVaultNotFound", resourceCulture); } @@ -264,7 +264,7 @@ public static string DeletedVaultNotFound { /// /// Looks up a localized string similar to Overwrite File ?. /// - public static string FileOverwriteCaption { + internal static string FileOverwriteCaption { get { return ResourceManager.GetString("FileOverwriteCaption", resourceCulture); } @@ -273,7 +273,7 @@ public static string FileOverwriteCaption { /// /// Looks up a localized string similar to Overwrite existing file at '{0}' ?. /// - public static string FileOverwriteMessage { + internal static string FileOverwriteMessage { get { return ResourceManager.GetString("FileOverwriteMessage", resourceCulture); } @@ -282,7 +282,7 @@ public static string FileOverwriteMessage { /// /// Looks up a localized string similar to BYOK key can not be imported as software key. /// - public static string ImportByokAsSoftkeyError { + internal static string ImportByokAsSoftkeyError { get { return ResourceManager.GetString("ImportByokAsSoftkeyError", resourceCulture); } @@ -291,7 +291,7 @@ public static string ImportByokAsSoftkeyError { /// /// Looks up a localized string similar to Import certificate. /// - public static string ImportCertificate { + internal static string ImportCertificate { get { return ResourceManager.GetString("ImportCertificate", resourceCulture); } @@ -300,7 +300,7 @@ public static string ImportCertificate { /// /// Looks up a localized string similar to Invalid application Id.. /// - public static string InvalidApplicationId { + internal static string InvalidApplicationId { get { return ResourceManager.GetString("InvalidApplicationId", resourceCulture); } @@ -309,7 +309,7 @@ public static string InvalidApplicationId { /// /// Looks up a localized string similar to Invalid AzureEnvironment.. /// - public static string InvalidAzureEnvironment { + internal static string InvalidAzureEnvironment { get { return ResourceManager.GetString("InvalidAzureEnvironment", resourceCulture); } @@ -318,7 +318,7 @@ public static string InvalidAzureEnvironment { /// /// Looks up a localized string similar to No current subscription has been designated. Use Set-AzureRmContext -SubscriptionName <subscriptionName> to set the current subscription.. /// - public static string InvalidCurrentSubscription { + internal static string InvalidCurrentSubscription { get { return ResourceManager.GetString("InvalidCurrentSubscription", resourceCulture); } @@ -327,7 +327,7 @@ public static string InvalidCurrentSubscription { /// /// Looks up a localized string similar to Invalid key attributes. /// - public static string InvalidKeyAttributes { + internal static string InvalidKeyAttributes { get { return ResourceManager.GetString("InvalidKeyAttributes", resourceCulture); } @@ -336,7 +336,7 @@ public static string InvalidKeyAttributes { /// /// Looks up a localized string similar to Invalid '{0}' key blob.. /// - public static string InvalidKeyBlob { + internal static string InvalidKeyBlob { get { return ResourceManager.GetString("InvalidKeyBlob", resourceCulture); } @@ -345,7 +345,7 @@ public static string InvalidKeyBlob { /// /// Looks up a localized string similar to Invalid KeyBundle.. /// - public static string InvalidKeyBundle { + internal static string InvalidKeyBundle { get { return ResourceManager.GetString("InvalidKeyBundle", resourceCulture); } @@ -354,7 +354,7 @@ public static string InvalidKeyBundle { /// /// Looks up a localized string similar to Can not create given key material in specified destination.. /// - public static string InvalidKeyDestination { + internal static string InvalidKeyDestination { get { return ResourceManager.GetString("InvalidKeyDestination", resourceCulture); } @@ -363,7 +363,7 @@ public static string InvalidKeyDestination { /// /// Looks up a localized string similar to Invalid key identifier. /// - public static string InvalidKeyIdentifier { + internal static string InvalidKeyIdentifier { get { return ResourceManager.GetString("InvalidKeyIdentifier", resourceCulture); } @@ -372,7 +372,7 @@ public static string InvalidKeyIdentifier { /// /// Looks up a localized string similar to Invalid key name.. /// - public static string InvalidKeyName { + internal static string InvalidKeyName { get { return ResourceManager.GetString("InvalidKeyName", resourceCulture); } @@ -381,7 +381,7 @@ public static string InvalidKeyName { /// /// Looks up a localized string similar to Invalid key uri '{0}'.. /// - public static string InvalidKeyUri { + internal static string InvalidKeyUri { get { return ResourceManager.GetString("InvalidKeyUri", resourceCulture); } @@ -390,7 +390,7 @@ public static string InvalidKeyUri { /// /// Looks up a localized string similar to Invalid key vault managed storage acccount name.. /// - public static string InvalidManagedStorageAccountName { + internal static string InvalidManagedStorageAccountName { get { return ResourceManager.GetString("InvalidManagedStorageAccountName", resourceCulture); } @@ -399,7 +399,7 @@ public static string InvalidManagedStorageAccountName { /// /// Looks up a localized string similar to Invalid number of certificates.. /// - public static string InvalidNumberOfCertificates { + internal static string InvalidNumberOfCertificates { get { return ResourceManager.GetString("InvalidNumberOfCertificates", resourceCulture); } @@ -408,7 +408,7 @@ public static string InvalidNumberOfCertificates { /// /// Looks up a localized string similar to Cannot parse ObjectId into Guid.. /// - public static string InvalidObjectIdSyntax { + internal static string InvalidObjectIdSyntax { get { return ResourceManager.GetString("InvalidObjectIdSyntax", resourceCulture); } @@ -417,7 +417,7 @@ public static string InvalidObjectIdSyntax { /// /// Looks up a localized string similar to Invalid Sas permission '{0}'.. /// - public static string InvalidSasPermission { + internal static string InvalidSasPermission { get { return ResourceManager.GetString("InvalidSasPermission", resourceCulture); } @@ -426,7 +426,7 @@ public static string InvalidSasPermission { /// /// Looks up a localized string similar to Invalid secret attributes. /// - public static string InvalidSecretAttributes { + internal static string InvalidSecretAttributes { get { return ResourceManager.GetString("InvalidSecretAttributes", resourceCulture); } @@ -435,7 +435,7 @@ public static string InvalidSecretAttributes { /// /// Looks up a localized string similar to Invalid secret identifier. /// - public static string InvalidSecretIdentifier { + internal static string InvalidSecretIdentifier { get { return ResourceManager.GetString("InvalidSecretIdentifier", resourceCulture); } @@ -444,7 +444,7 @@ public static string InvalidSecretIdentifier { /// /// Looks up a localized string similar to Invalid secret name.. /// - public static string InvalidSecretName { + internal static string InvalidSecretName { get { return ResourceManager.GetString("InvalidSecretName", resourceCulture); } @@ -453,7 +453,7 @@ public static string InvalidSecretName { /// /// Looks up a localized string similar to Invalid secret uri '{0}'.. /// - public static string InvalidSecretUri { + internal static string InvalidSecretUri { get { return ResourceManager.GetString("InvalidSecretUri", resourceCulture); } @@ -462,7 +462,7 @@ public static string InvalidSecretUri { /// /// Looks up a localized string similar to No subscription is currently selected. Use Set-AzureRmContext to activate a subscription.. /// - public static string InvalidSelectedSubscription { + internal static string InvalidSelectedSubscription { get { return ResourceManager.GetString("InvalidSelectedSubscription", resourceCulture); } @@ -471,7 +471,7 @@ public static string InvalidSelectedSubscription { /// /// Looks up a localized string similar to Your Azure credentials have not been set up or have expired, please run Login-AzureRmAccount to set up your Azure credentials.. /// - public static string InvalidSubscriptionState { + internal static string InvalidSubscriptionState { get { return ResourceManager.GetString("InvalidSubscriptionState", resourceCulture); } @@ -480,7 +480,7 @@ public static string InvalidSubscriptionState { /// /// Looks up a localized string similar to Invalid tag format. Expect @{Name = "tagName"} or @{Name = "tagName"; Value = "tagValue"}. /// - public static string InvalidTagFormat { + internal static string InvalidTagFormat { get { return ResourceManager.GetString("InvalidTagFormat", resourceCulture); } @@ -489,7 +489,7 @@ public static string InvalidTagFormat { /// /// Looks up a localized string similar to Invalid vault name.. /// - public static string InvalidVaultName { + internal static string InvalidVaultName { get { return ResourceManager.GetString("InvalidVaultName", resourceCulture); } @@ -498,7 +498,7 @@ public static string InvalidVaultName { /// /// Looks up a localized string similar to Invalid vault uri '{0}'. Vault uri must contain valid dns host name with domain suffix '{1}'.. /// - public static string InvalidVaultUri { + internal static string InvalidVaultUri { get { return ResourceManager.GetString("InvalidVaultUri", resourceCulture); } @@ -507,7 +507,7 @@ public static string InvalidVaultUri { /// /// Looks up a localized string similar to Can not find key file '{0}'.. /// - public static string KeyFileNotFound { + internal static string KeyFileNotFound { get { return ResourceManager.GetString("KeyFileNotFound", resourceCulture); } @@ -516,7 +516,7 @@ public static string KeyFileNotFound { /// /// Looks up a localized string similar to There is no default user account associated with this subscription. Certificate accounts are not supported with Azure Key Vault.. /// - public static string NoDefaultUserAccount { + internal static string NoDefaultUserAccount { get { return ResourceManager.GetString("NoDefaultUserAccount", resourceCulture); } @@ -525,7 +525,7 @@ public static string NoDefaultUserAccount { /// /// Looks up a localized string similar to No tenant found in the context. Please ensure that the credentials you provided are authorized to access an Azure subscription, then run Login-AzureRMAccount to login.. /// - public static string NoTenantInContext { + internal static string NoTenantInContext { get { return ResourceManager.GetString("NoTenantInContext", resourceCulture); } @@ -534,7 +534,7 @@ public static string NoTenantInContext { /// /// Looks up a localized string similar to Invalid permissions to {0}. The list contains "all" along with other permissions. Please remove "all" from the list or include only "all" in the list.. /// - public static string PermissionSetIncludesAllPlusOthers { + internal static string PermissionSetIncludesAllPlusOthers { get { return ResourceManager.GetString("PermissionSetIncludesAllPlusOthers", resourceCulture); } @@ -543,7 +543,7 @@ public static string PermissionSetIncludesAllPlusOthers { /// /// Looks up a localized string similar to At least one permission should be selected for key access or secret access.. /// - public static string PermissionsNotSpecified { + internal static string PermissionsNotSpecified { get { return ResourceManager.GetString("PermissionsNotSpecified", resourceCulture); } @@ -552,7 +552,7 @@ public static string PermissionsNotSpecified { /// /// Looks up a localized string similar to Are you sure you want to remove vault '{0}' forever.. /// - public static string PurgeVaultWarning { + internal static string PurgeVaultWarning { get { return ResourceManager.GetString("PurgeVaultWarning", resourceCulture); } @@ -561,16 +561,25 @@ public static string PurgeVaultWarning { /// /// Looks up a localized string similar to Purge vault. /// - public static string PurgeVaultWhatIfMessage { + internal static string PurgeVaultWhatIfMessage { get { return ResourceManager.GetString("PurgeVaultWhatIfMessage", resourceCulture); } } + /// + /// Looks up a localized string similar to Recover certificate. + /// + internal static string RecoverCertificate { + get { + return ResourceManager.GetString("RecoverCertificate", resourceCulture); + } + } + /// /// Looks up a localized string similar to Recover key. /// - public static string RecoverKey { + internal static string RecoverKey { get { return ResourceManager.GetString("RecoverKey", resourceCulture); } @@ -579,7 +588,7 @@ public static string RecoverKey { /// /// Looks up a localized string similar to Recover secret. /// - public static string RecoverSecret { + internal static string RecoverSecret { get { return ResourceManager.GetString("RecoverSecret", resourceCulture); } @@ -588,7 +597,7 @@ public static string RecoverSecret { /// /// Looks up a localized string similar to Recover vault. /// - public static string RecoverVault { + internal static string RecoverVault { get { return ResourceManager.GetString("RecoverVault", resourceCulture); } @@ -597,7 +606,7 @@ public static string RecoverVault { /// /// Looks up a localized string similar to Are you sure you want to regenerate '{0}' of storage account '{1}' and make it an active key of Key Vault managed Storage Account.. /// - public static string RegenerateManagedStorageAccountKeyWarning { + internal static string RegenerateManagedStorageAccountKeyWarning { get { return ResourceManager.GetString("RegenerateManagedStorageAccountKeyWarning", resourceCulture); } @@ -606,7 +615,7 @@ public static string RegenerateManagedStorageAccountKeyWarning { /// /// Looks up a localized string similar to Regenerate '{0}'. /// - public static string RegenerateManagedStorageAccountKeyWhatIfMessage { + internal static string RegenerateManagedStorageAccountKeyWhatIfMessage { get { return ResourceManager.GetString("RegenerateManagedStorageAccountKeyWhatIfMessage", resourceCulture); } @@ -615,7 +624,7 @@ public static string RegenerateManagedStorageAccountKeyWhatIfMessage { /// /// Looks up a localized string similar to Remove certificate contact. /// - public static string RemoveCertificateContact { + internal static string RemoveCertificateContact { get { return ResourceManager.GetString("RemoveCertificateContact", resourceCulture); } @@ -624,7 +633,7 @@ public static string RemoveCertificateContact { /// /// Looks up a localized string similar to Remove certificate issuer. /// - public static string RemoveCertificateIssuer { + internal static string RemoveCertificateIssuer { get { return ResourceManager.GetString("RemoveCertificateIssuer", resourceCulture); } @@ -633,7 +642,7 @@ public static string RemoveCertificateIssuer { /// /// Looks up a localized string similar to Remove certificate operation. /// - public static string RemoveCertificateOperation { + internal static string RemoveCertificateOperation { get { return ResourceManager.GetString("RemoveCertificateOperation", resourceCulture); } @@ -642,7 +651,7 @@ public static string RemoveCertificateOperation { /// /// Looks up a localized string similar to Are you sure you want to remove certificate '{0}'.. /// - public static string RemoveCertWarning { + internal static string RemoveCertWarning { get { return ResourceManager.GetString("RemoveCertWarning", resourceCulture); } @@ -651,16 +660,34 @@ public static string RemoveCertWarning { /// /// Looks up a localized string similar to Remove certificate. /// - public static string RemoveCertWhatIfMessage { + internal static string RemoveCertWhatIfMessage { get { return ResourceManager.GetString("RemoveCertWhatIfMessage", resourceCulture); } } + /// + /// Looks up a localized string similar to Are you sure you want to purge certificate '{0}'. + /// + internal static string RemoveDeletedCertificateWarning { + get { + return ResourceManager.GetString("RemoveDeletedCertificateWarning", resourceCulture); + } + } + + /// + /// Looks up a localized string similar to Purge certificate. + /// + internal static string RemoveDeletedCertificateWhatIfMessage { + get { + return ResourceManager.GetString("RemoveDeletedCertificateWhatIfMessage", resourceCulture); + } + } + /// /// Looks up a localized string similar to Are you sure you want to purge key '{0}'.. /// - public static string RemoveDeletedKeyWarning { + internal static string RemoveDeletedKeyWarning { get { return ResourceManager.GetString("RemoveDeletedKeyWarning", resourceCulture); } @@ -669,7 +696,7 @@ public static string RemoveDeletedKeyWarning { /// /// Looks up a localized string similar to Purge key. /// - public static string RemoveDeletedKeyWhatIfMessage { + internal static string RemoveDeletedKeyWhatIfMessage { get { return ResourceManager.GetString("RemoveDeletedKeyWhatIfMessage", resourceCulture); } @@ -678,7 +705,7 @@ public static string RemoveDeletedKeyWhatIfMessage { /// /// Looks up a localized string similar to Are you sure you want to purge secret '{0}'.. /// - public static string RemoveDeletedSecretWarning { + internal static string RemoveDeletedSecretWarning { get { return ResourceManager.GetString("RemoveDeletedSecretWarning", resourceCulture); } @@ -687,7 +714,7 @@ public static string RemoveDeletedSecretWarning { /// /// Looks up a localized string similar to Purge secret. /// - public static string RemoveDeletedSecretWhatIfMessage { + internal static string RemoveDeletedSecretWhatIfMessage { get { return ResourceManager.GetString("RemoveDeletedSecretWhatIfMessage", resourceCulture); } @@ -696,7 +723,7 @@ public static string RemoveDeletedSecretWhatIfMessage { /// /// Looks up a localized string similar to Are you sure you want to remove key '{0}'.. /// - public static string RemoveKeyWarning { + internal static string RemoveKeyWarning { get { return ResourceManager.GetString("RemoveKeyWarning", resourceCulture); } @@ -705,7 +732,7 @@ public static string RemoveKeyWarning { /// /// Looks up a localized string similar to Remove key. /// - public static string RemoveKeyWhatIfMessage { + internal static string RemoveKeyWhatIfMessage { get { return ResourceManager.GetString("RemoveKeyWhatIfMessage", resourceCulture); } @@ -714,7 +741,7 @@ public static string RemoveKeyWhatIfMessage { /// /// Looks up a localized string similar to Are you sure you want to remove managed storage account '{0}'. /// - public static string RemoveManagedStorageAccountWarning { + internal static string RemoveManagedStorageAccountWarning { get { return ResourceManager.GetString("RemoveManagedStorageAccountWarning", resourceCulture); } @@ -723,7 +750,7 @@ public static string RemoveManagedStorageAccountWarning { /// /// Looks up a localized string similar to Remove managed storage account. /// - public static string RemoveManagedStorageAccountWhatIfMessage { + internal static string RemoveManagedStorageAccountWhatIfMessage { get { return ResourceManager.GetString("RemoveManagedStorageAccountWhatIfMessage", resourceCulture); } @@ -732,7 +759,7 @@ public static string RemoveManagedStorageAccountWhatIfMessage { /// /// Looks up a localized string similar to Are you sure you want to remove managed storage sas definition '{0}'. /// - public static string RemoveManagedStorageSasDefinitionWarning { + internal static string RemoveManagedStorageSasDefinitionWarning { get { return ResourceManager.GetString("RemoveManagedStorageSasDefinitionWarning", resourceCulture); } @@ -741,7 +768,7 @@ public static string RemoveManagedStorageSasDefinitionWarning { /// /// Looks up a localized string similar to Remove managed storage sas definition. /// - public static string RemoveManagedStorageSasDefinitionWhatIfMessage { + internal static string RemoveManagedStorageSasDefinitionWhatIfMessage { get { return ResourceManager.GetString("RemoveManagedStorageSasDefinitionWhatIfMessage", resourceCulture); } @@ -750,7 +777,7 @@ public static string RemoveManagedStorageSasDefinitionWhatIfMessage { /// /// Looks up a localized string similar to Are you sure you want to remove secret '{0}'. /// - public static string RemoveSecretWarning { + internal static string RemoveSecretWarning { get { return ResourceManager.GetString("RemoveSecretWarning", resourceCulture); } @@ -759,7 +786,7 @@ public static string RemoveSecretWarning { /// /// Looks up a localized string similar to Remove secret. /// - public static string RemoveSecretWhatIfMessage { + internal static string RemoveSecretWhatIfMessage { get { return ResourceManager.GetString("RemoveSecretWhatIfMessage", resourceCulture); } @@ -768,7 +795,7 @@ public static string RemoveSecretWhatIfMessage { /// /// Looks up a localized string similar to Remove vault access policy. /// - public static string RemoveVaultAccessPolicy { + internal static string RemoveVaultAccessPolicy { get { return ResourceManager.GetString("RemoveVaultAccessPolicy", resourceCulture); } @@ -777,7 +804,7 @@ public static string RemoveVaultAccessPolicy { /// /// Looks up a localized string similar to Are you sure you want to remove vault '{0}'.. /// - public static string RemoveVaultWarning { + internal static string RemoveVaultWarning { get { return ResourceManager.GetString("RemoveVaultWarning", resourceCulture); } @@ -786,7 +813,7 @@ public static string RemoveVaultWarning { /// /// Looks up a localized string similar to Remove vault. /// - public static string RemoveVaultWhatIfMessage { + internal static string RemoveVaultWhatIfMessage { get { return ResourceManager.GetString("RemoveVaultWhatIfMessage", resourceCulture); } @@ -795,7 +822,7 @@ public static string RemoveVaultWhatIfMessage { /// /// Looks up a localized string similar to Restore key. /// - public static string RestoreKey { + internal static string RestoreKey { get { return ResourceManager.GetString("RestoreKey", resourceCulture); } @@ -804,7 +831,7 @@ public static string RestoreKey { /// /// Looks up a localized string similar to Restore secret. /// - public static string RestoreSecret { + internal static string RestoreSecret { get { return ResourceManager.GetString("RestoreSecret", resourceCulture); } @@ -813,7 +840,7 @@ public static string RestoreSecret { /// /// Looks up a localized string similar to Set certificate attribute. /// - public static string SetCertificateAttributes { + internal static string SetCertificateAttributes { get { return ResourceManager.GetString("SetCertificateAttributes", resourceCulture); } @@ -822,7 +849,7 @@ public static string SetCertificateAttributes { /// /// Looks up a localized string similar to Set certificate issuer. /// - public static string SetCertificateIssuer { + internal static string SetCertificateIssuer { get { return ResourceManager.GetString("SetCertificateIssuer", resourceCulture); } @@ -831,7 +858,7 @@ public static string SetCertificateIssuer { /// /// Looks up a localized string similar to Set certificate policy. /// - public static string SetCertificatePolicy { + internal static string SetCertificatePolicy { get { return ResourceManager.GetString("SetCertificatePolicy", resourceCulture); } @@ -840,7 +867,7 @@ public static string SetCertificatePolicy { /// /// Looks up a localized string similar to Set key attribute. /// - public static string SetKeyAttribute { + internal static string SetKeyAttribute { get { return ResourceManager.GetString("SetKeyAttribute", resourceCulture); } @@ -849,7 +876,7 @@ public static string SetKeyAttribute { /// /// Looks up a localized string similar to Set Key Vault managed Storage Account attribute. /// - public static string SetManagedStorageAccountKeysAttribute { + internal static string SetManagedStorageAccountKeysAttribute { get { return ResourceManager.GetString("SetManagedStorageAccountKeysAttribute", resourceCulture); } @@ -858,7 +885,7 @@ public static string SetManagedStorageAccountKeysAttribute { /// /// Looks up a localized string similar to Set Key Vault managed Storage SAS definition. /// - public static string SetManagedStorageSasDefinition { + internal static string SetManagedStorageSasDefinition { get { return ResourceManager.GetString("SetManagedStorageSasDefinition", resourceCulture); } @@ -867,7 +894,7 @@ public static string SetManagedStorageSasDefinition { /// /// Looks up a localized string similar to Set secret. /// - public static string SetSecret { + internal static string SetSecret { get { return ResourceManager.GetString("SetSecret", resourceCulture); } @@ -876,7 +903,7 @@ public static string SetSecret { /// /// Looks up a localized string similar to Set secret attribute. /// - public static string SetSecretAttribute { + internal static string SetSecretAttribute { get { return ResourceManager.GetString("SetSecretAttribute", resourceCulture); } @@ -885,7 +912,7 @@ public static string SetSecretAttribute { /// /// Looks up a localized string similar to Set vault access policy. /// - public static string SetVaultAccessPolicy { + internal static string SetVaultAccessPolicy { get { return ResourceManager.GetString("SetVaultAccessPolicy", resourceCulture); } @@ -894,7 +921,7 @@ public static string SetVaultAccessPolicy { /// /// Looks up a localized string similar to Stop certificate operation. /// - public static string StopCertificateOperation { + internal static string StopCertificateOperation { get { return ResourceManager.GetString("StopCertificateOperation", resourceCulture); } @@ -903,7 +930,7 @@ public static string StopCertificateOperation { /// /// Looks up a localized string similar to Key vault cmdlet does not support account type '{0}'.. /// - public static string UnsupportedAccountType { + internal static string UnsupportedAccountType { get { return ResourceManager.GetString("UnsupportedAccountType", resourceCulture); } @@ -912,7 +939,7 @@ public static string UnsupportedAccountType { /// /// Looks up a localized string similar to The file format of '{0}' is not supported.. /// - public static string UnsupportedFileFormat { + internal static string UnsupportedFileFormat { get { return ResourceManager.GetString("UnsupportedFileFormat", resourceCulture); } @@ -921,7 +948,7 @@ public static string UnsupportedFileFormat { /// /// Looks up a localized string similar to The specified vault already exists.. /// - public static string VaultAlreadyExists { + internal static string VaultAlreadyExists { get { return ResourceManager.GetString("VaultAlreadyExists", resourceCulture); } @@ -930,7 +957,7 @@ public static string VaultAlreadyExists { /// /// Looks up a localized string similar to Access policy is not set. No user or application have access permission to use this vault. This can happen if the vault was created by a service principal. Please use Set-AzureRmKeyVaultAccessPolicy to set access policies.. /// - public static string VaultNoAccessPolicyWarning { + internal static string VaultNoAccessPolicyWarning { get { return ResourceManager.GetString("VaultNoAccessPolicyWarning", resourceCulture); } @@ -939,7 +966,7 @@ public static string VaultNoAccessPolicyWarning { /// /// Looks up a localized string similar to Cannot find vault '{0}' in resource group '{1}'.. /// - public static string VaultNotFound { + internal static string VaultNotFound { get { return ResourceManager.GetString("VaultNotFound", resourceCulture); } @@ -948,7 +975,7 @@ public static string VaultNotFound { /// /// Looks up a localized string similar to At least one of -EnabledForDeployment, -EnabledForTemplateDeployment, or -EnabledForDiskEncryption must be specified.. /// - public static string VaultPermissionFlagMissing { + internal static string VaultPermissionFlagMissing { get { return ResourceManager.GetString("VaultPermissionFlagMissing", resourceCulture); } diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/Properties/Resources.resx b/src/ResourceManager/KeyVault/Commands.KeyVault/Properties/Resources.resx index 5e0b2135e931..111d1d100142 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/Properties/Resources.resx +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/Properties/Resources.resx @@ -415,6 +415,15 @@ You can find the object ID using Azure Active Directory Module for Windows Power Invalid Sas permission '{0}'. - The Email argument specified, '{1}', matches multiple objects in the Azure Active Directory tenant '{2}'. Please use -UserPrincipalName to narrow down the filter to a single object. The TenantID displayed by the cmdlet 'Get-AzureRmContext' is the current subscription's Azure Active Directory. + The Email argument specified, '{1}', matches multiple objects in the Azure Active Directory tenant '{2}'. Please use -UserPrincipalName to narrow down the filter to a single object. The TenantID displayed by the cmdlet 'Get-AzureRmContext' is the current subscription's Azure Active Directory. + + + Recover certificate + + + Are you sure you want to purge certificate '{0}' + + + Purge certificate \ No newline at end of file diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/app.config b/src/ResourceManager/KeyVault/Commands.KeyVault/app.config new file mode 100644 index 000000000000..8460dd432e3c --- /dev/null +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/app.config @@ -0,0 +1,11 @@ + + + + + + + + + + + \ No newline at end of file diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Add-AzureKeyVaultCertificate.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Add-AzureKeyVaultCertificate.md index 57d67b2c4d5f..127ef71ad8a6 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Add-AzureKeyVaultCertificate.md +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Add-AzureKeyVaultCertificate.md @@ -1,7 +1,7 @@ --- external help file: Microsoft.Azure.Commands.KeyVault.dll-Help.xml ms.assetid: 89299823-3382-402D-9458-519466748051 -online version: +online version: schema: 2.0.0 --- @@ -90,30 +90,15 @@ Specifies a **KeyVaultCertificatePolicy** object. ```yaml Type: KeyVaultCertificatePolicy Parameter Sets: (All) -Aliases: +Aliases: Required: False -Position: 2 +Position: 3 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` -### -Confirm -Prompts you for confirmation before running the cmdlet. - -```yaml -Type: SwitchParameter -Parameter Sets: (All) -Aliases: cf - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - ### -Name Specifies the name of the certificate to add. @@ -123,7 +108,7 @@ Parameter Sets: (All) Aliases: CertificateName Required: True -Position: 1 +Position: 2 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False @@ -152,15 +137,30 @@ Specifies the name of a key vault. ```yaml Type: String Parameter Sets: (All) -Aliases: +Aliases: Required: True -Position: 0 +Position: 1 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` +### -Confirm +Prompts you for confirmation before running the cmdlet. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: cf + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + ### -WhatIf Shows what would happen if the cmdlet runs. The cmdlet is not run. diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Add-AzureKeyVaultCertificateContact.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Add-AzureKeyVaultCertificateContact.md index 65d4cc750393..67a8871a29ee 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Add-AzureKeyVaultCertificateContact.md +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Add-AzureKeyVaultCertificateContact.md @@ -33,21 +33,6 @@ This command adds Patti Fuller as a certificate contact for the ContosoKV01 key ## PARAMETERS -### -Confirm -Prompts you for confirmation before running the cmdlet. - -```yaml -Type: SwitchParameter -Parameter Sets: (All) -Aliases: cf - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - ### -EmailAddress Specifies the email address of the contact. @@ -57,7 +42,7 @@ Parameter Sets: (All) Aliases: Required: True -Position: 1 +Position: 2 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False @@ -88,12 +73,27 @@ Parameter Sets: (All) Aliases: Required: True -Position: 0 +Position: 1 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` +### -Confirm +Prompts you for confirmation before running the cmdlet. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: cf + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + ### -WhatIf Shows what would happen if the cmdlet runs. The cmdlet is not run. diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Add-AzureKeyVaultKey.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Add-AzureKeyVaultKey.md index a8435d0a6cc9..ea7e4f9fe2f5 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Add-AzureKeyVaultKey.md +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Add-AzureKeyVaultKey.md @@ -12,176 +12,36 @@ Creates a key in a key vault or imports a key into a key vault. ## SYNTAX -### Create (Default) ``` -Add-AzureKeyVaultKey [-VaultName] [-Name] -Destination [-Disable] - [-KeyOps ] [-Expires ] [-NotBefore ] [-Tag ] [-WhatIf] [-Confirm] - [] -``` - -### Import -``` -Add-AzureKeyVaultKey [-VaultName] [-Name] -KeyFilePath - [-KeyFilePassword ] [-Destination ] [-Disable] [-KeyOps ] - [-Expires ] [-NotBefore ] [-Tag ] [-WhatIf] [-Confirm] [] +Add-AzureKeyVaultCertificateContact [-VaultName] [-EmailAddress] [-PassThru] [-WhatIf] + [-Confirm] [] ``` ## DESCRIPTION -The **Add-AzureKeyVaultKey** cmdlet creates a key in a key vault in Azure Key Vault, or imports a key into a key vault. -Use this cmdlet to add keys by using any of the following methods: - -- Create a key in a hardware security module (HSM) in the Key Vault service. -- Create a key in software in the Key Vault service. -- Import a key from your own hardware security module (HSM) to HSMs in the Key Vault service. -- Import a key from a .pfx file on your computer. -- Import a key from a .pfx file on your computer to hardware security modules (HSMs) in the Key Vault service. - -For any of these operations, you can provide key attributes or accept default settings. - -If you create or import a key that has the same name as an existing key in your key vault, the -original key is updated with the values that you specify for the new key. You can access the -previous values by using the version-specific URI for that version of the key. To learn about key -versions and the URI structure, see [About Keys andSecrets](http://go.microsoft.com/fwlink/?linkid=518560) -in the Key Vault REST API documentation. - -Note: To import a key from your own hardware security module, you must first generate a BYOK -package (a file with a .byok file name extension) by using the Azure Key Vault BYOK toolset. For -more information, see -[How to Generate and Transfer HSM-Protected Keys for Azure Key Vault](http://go.microsoft.com/fwlink/?LinkId=522252). - -As a best practice, back up your key after it is created or updated, by using the -Backup-AzureKeyVaultKey cmdlet. There is no undelete functionality, so if you accidentally delete -your key or delete it and then change your mind, the key is not recoverable unless you have a -backup of it that you can restore. +The **Add-AzureKeyVaultCertificateContact** cmdlet adds a contact for a key vault for certificate notifications in Azure Key Vault. +The contact receives updates about events such as certificate close to expiry, certificate renewed, and so on. +These events are determined by the certificate policy. ## EXAMPLES -### Example 1: Create a key -``` -PS C:\>Add-AzureKeyVaultKey -VaultName 'Contoso' -Name 'ITSoftware' -Destination 'Software' -``` - -This command creates a software-protected key named ITSoftware in the key vault named Contoso. - -### Example 2: Create an HSM-protected key +### Example 1: Add a key vault certificate contact ``` -PS C:\>Add-AzureKeyVaultKey -VaultName 'Contoso' -Name 'ITHsm' -Destination 'HSM' +PS C:\>Add-AzureKeyVaultCertificateContact -VaultName "ContosoKV01" -EmailAddress "patti.fuller@contoso.com" -PassThru ``` -This command creates an HSM-protected key in the key vault named Contoso. - -### Example 3: Create a key with non-default values -``` -PS C:\>$KeyOperations = 'decrypt', 'verify' -PS C:\> $Expires = (Get-Date).AddYears(2).ToUniversalTime() -PS C:\> $NotBefore = (Get-Date).ToUniversalTime() -PS C:\> $Tags = @{'Severity' = 'high'; 'Accounting' = null} -PS C:\> Add-AzureKeyVaultKey -VaultName 'Contoso' -Name 'ITHsmNonDefault' -Destination 'HSM' -Expires $Expires -NotBefore $NotBefore -KeyOps $KeyOperations -Disable -Tag $Tags -``` - -The first command stores the values decrypt and verify in the $KeyOperations variable. - -The second command creates a **DateTime** object, defined in UTC, by using the **Get-Date** cmdlet. -That object specifies a time two years in the future. The command stores that date in the $Expires -variable. For more information, type `Get-Help Get-Date`. - -The third command creates a **DateTime** object by using the **Get-Date** cmdlet. That object -specifies current UTC time. The command stores that date in the $NotBefore variable. - -The final command creates a key named ITHsmNonDefault that is an HSM-protected key. The command -specifies values for allowed key operations stored $KeyOperations. The command specifies times for -the *Expires* and *NotBefore* parameters created in the previous commands, and tags for high -severity and IT. The new key is disabled. You can enable it by using the **Set-AzureKeyVaultKey** -cmdlet. - -### Example 4: Import an HSM-protected key -``` -PS C:\>Add-AzureKeyVaultKey -VaultName 'Contoso' -Name 'ITByok' -KeyFilePath 'C:\Contoso\ITByok.byok' -Destination 'HSM' -``` - -This command imports the key named ITByok from the location that the *KeyFilePath* parameter -specifies. The imported key is an HSM-protected key. - -To import a key from your own hardware security module, you must first generate a BYOK package (a file with a .byok file name extension) by using the Azure Key Vault BYOK toolset. -For more information, see -[How to Generate and Transfer HSM-Protected Keys for Azure Key Vault](http://go.microsoft.com/fwlink/?LinkId=522252). - -### Example 5: Import a software-protected key -``` -PS C:\>$Password = ConvertTo-SecureString -String 'Password' -AsPlainText -Force -PS C:\> Add-AzureKeyVaultKey -VaultName 'Contoso' -Name 'ITPfx' -KeyFilePath 'C:\Contoso\ITPfx.pfx' -KeyFilePassword $Password -``` - -The first command converts a string into a secure string by using the **ConvertTo-SecureString** -cmdlet, and then stores that string in the $Password variable. For more information, type `Get-Help -ConvertTo-SecureString`. - -The second command creates a software password in the Contoso key vault. The command specifies the -location for the key and the password stored in $Password. - -### Example 6: Import a key and assign attributes -``` -PS C:\>$Password = ConvertTo-SecureString -String 'password' -AsPlainText -Force -PS C:\> $Expires = (Get-Date).AddYears(2).ToUniversalTime() -PS C:\> $Tags = @{ 'Severity' = 'high'; 'Accounting' = null } -PS C:\> Add-AzureKeyVaultKey -VaultName 'Contoso' -Name 'ITPfxToHSM' -Destination 'HSM' -KeyFilePath 'C:\Contoso\ITPfx.pfx' -KeyFilePassword $Password -Expires $Expires -Tag $Tags -``` - -The first command converts a string into a secure string by using the **ConvertTo-SecureString** -cmdlet, and then stores that string in the $Password variable. - -The second command creates a **DateTime** object by using the **Get-Date** cmdlet, and then stores -that object in the $Expires variable. - -The third command creates the $tags variable to set tags for high severity and IT. - -The final command imports a key as an HSM key from the specified location. The command specifies -the expiration time stored in $Expires and password stored in $Password, and applies the tags -stored in $tags. +This command adds Patti Fuller as a certificate contact for the ContosoKV01 key vault and returns the **KeyVaultCertificateContact** object. ## PARAMETERS -### -Confirm -Prompts you for confirmation before running the cmdlet. - -```yaml -Type: SwitchParameter -Parameter Sets: (All) -Aliases: cf - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - ### -Destination -Specifies whether to add the key as a software-protected key or an HSM-protected key in the Key Vault service. -Valid values are: HSM and Software. - -Note: To use HSM as your destination, you must have a key vault that supports HSMs. For more -information about the service tiers and capabilities for Azure Key Vault, see the -[Azure Key Vault Pricing website](http://go.microsoft.com/fwlink/?linkid=512521). - -This parameter is required when you create a new key. If you import a key by using the -*KeyFilePath* parameter, this parameter is optional: - -- If you do not specify this parameter, and this cmdlet imports a key that has .byok file name -extension, it imports that key as an HSM-protected key. The cmdlet cannot import that key as -software-protected key. - -- If you do not specify this parameter, and this cmdlet imports a key that has a .pfx file name -extension, it imports the key as a software-protected key. - -```yaml +Specifies whether to add the key as a software-protected key or an HSM-protected key in the Key Vault service. Valid values are: HSM and Software.```yaml Type: String Parameter Sets: Create -Aliases: +Aliases: Accepted values: HSM, Software Required: True -Position: Named +Position: 2 Default value: None Accept pipeline input: False Accept wildcard characters: False @@ -190,7 +50,7 @@ Accept wildcard characters: False ```yaml Type: String Parameter Sets: Import -Aliases: +Aliases: Accepted values: HSM, Software Required: False @@ -201,13 +61,10 @@ Accept wildcard characters: False ``` ### -Disable -Indicates that the key you are adding is set to an initial state of disabled. Any attempt to use -the key will fail. Use this parameter if you are preloading keys that you intend to enable later. - -```yaml +Indicates that the key you are adding is set to an initial state of disabled. Any attempt to use the key will fail. Use this parameter if you are preloading keys that you intend to enable later.```yaml Type: SwitchParameter Parameter Sets: (All) -Aliases: +Aliases: Required: False Position: Named @@ -217,15 +74,10 @@ Accept wildcard characters: False ``` ### -Expires -Specifies the expiration time, as a **DateTime** object, for the key that this cmdlet adds. This -parameter uses Coordinated Universal Time (UTC). To obtain a **DateTime** object, use the -**Get-Date** cmdlet. For more information, type `Get-Help Get-Date`. If you do not specify this -parameter, the key does not expire. - -```yaml +Specifies the expiration time of the key in UTC. If not specified, key will not expire.```yaml Type: DateTime Parameter Sets: (All) -Aliases: +Aliases: Required: False Position: Named @@ -235,15 +87,10 @@ Accept wildcard characters: False ``` ### -KeyFilePassword -Specifies a password for the imported file as a **SecureString** object. To obtain a -**SecureString** object, use the **ConvertTo-SecureString** cmdlet. For more information, type -`Get-Help ConvertTo-SecureString`. You must specify this password to import a file with a .pfx file -name extension. - -```yaml +Password of the local file containing the key material to be imported.```yaml Type: SecureString Parameter Sets: Import -Aliases: +Aliases: Required: False Position: Named @@ -253,21 +100,10 @@ Accept wildcard characters: False ``` ### -KeyFilePath -Specifies the path of a local file that contains key material that this cmdlet imports. -The valid file name extensions are .byok and .pfx. - -- If the file is a .byok file, the key is automatically protected by HSMs after the import and you -cannot override this default. - -- If the file is a .pfx file, the key is automatically protected by software after the import. To -override this default, set the *Destination* parameter to HSM so that the key is HSM-protected. - -When you specify this parameter, the *Destination* parameter is optional. - -```yaml +Path to the local file containing the key material to be imported.```yaml Type: String Parameter Sets: Import -Aliases: +Aliases: Required: True Position: Named @@ -277,25 +113,10 @@ Accept wildcard characters: False ``` ### -KeyOps -Specifies an array of operations that can be performed by using the key that this cmdlet adds. -If you do not specify this parameter, all operations can be performed. - -The acceptable values for this parameter are a comma-separated list of key operations as defined by -the [JSON Web Key (JWK) specification](http://go.microsoft.com/fwlink/?LinkID=613300): - -- Encrypt -- Decrypt -- Wrap -- Unwrap -- Sign -- Verify -- Backup -- Restore - -```yaml +The operations that can be performed with the key. If not present, all operations can be performed.```yaml Type: String[] Parameter Sets: (All) -Aliases: +Aliases: Required: False Position: Named @@ -305,18 +126,13 @@ Accept wildcard characters: False ``` ### -Name -Specifies the name of the key to add to the key vault. This cmdlet constructs the fully qualified -domain name (FQDN) of a key based on the name that this parameter specifies, the name of the key -vault, and your current environment. The name must be a string of 1 through 63 characters in length -that contains only 0-9, a-z, A-Z, and - (the dash symbol). - -```yaml +Key name. Cmdlet constructs the FQDN of a key from vault name, currently selected environment and key name.```yaml Type: String Parameter Sets: (All) -Aliases: KeyName +Aliases: Required: True -Position: 1 +Position: 2 Default value: None Accept pipeline input: False Accept wildcard characters: False @@ -330,7 +146,7 @@ parameter, the key can be used immediately. ```yaml Type: DateTime Parameter Sets: (All) -Aliases: +Aliases: Required: False Position: Named @@ -340,14 +156,10 @@ Accept wildcard characters: False ``` ### -Tag -Key-value pairs in the form of a hash table. For example: - -@{key0="value0";key1=$null;key2="value2"} - -```yaml +A hashtable representing key tags.```yaml Type: Hashtable Parameter Sets: (All) -Aliases: Tags +Aliases: cf Required: False Position: Named @@ -357,18 +169,33 @@ Accept wildcard characters: False ``` ### -VaultName -Specifies the name of the key vault to which this cmdlet adds the key. This cmdlet constructs the -FQDN of a key vault based on the name that this parameter specifies and your current environment. +Specifies the name of the key vault. ```yaml Type: String Parameter Sets: (All) -Aliases: +Aliases: Required: True -Position: 0 +Position: 1 Default value: None Accept pipeline input: True (ByPropertyName) +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Confirm +Prompts you for confirmation before running the cmdlet. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: cf + +Required: False +Position: Named +Default value: None +Accept pipeline input: False Accept wildcard characters: False ``` @@ -395,16 +222,13 @@ This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable ## OUTPUTS -Microsoft.Azure.Commands.KeyVault.Models.KeyBundle +### List ## NOTES ## RELATED LINKS -[Backup-AzureKeyVaultKey](./Backup-AzureKeyVaultKey.md) - -[Get-AzureKeyVaultKey](./Get-AzureKeyVaultKey.md) +[Get-AzureKeyVaultCertificateContact](./Get-AzureKeyVaultCertificateContact.md) -[Remove-AzureKeyVaultKey](./Remove-AzureKeyVaultKey.md) +[Remove-AzureKeyVaultCertificateContact](./Remove-AzureKeyVaultCertificateContact.md) -[Set-AzureKeyVaultKeyAttribute](./Set-AzureKeyVaultKeyAttribute.md) \ No newline at end of file diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/AzureRM.KeyVault.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/AzureRM.KeyVault.md index d95e8ed654c2..2103d28c86c6 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/AzureRM.KeyVault.md +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/AzureRM.KeyVault.md @@ -20,9 +20,6 @@ Adds a contact for certificate notifications. ### [Add-AzureKeyVaultKey](Add-AzureKeyVaultKey.md) Creates a key in a key vault or imports a key into a key vault. -### [Add-AzureKeyVaultManagedStorageAccount](Add-AzureKeyVaultManagedStorageAccount.md) -Adds an existing storage account to a key vault for automatic management of its storage account keys. - ### [Backup-AzureKeyVaultKey](Backup-AzureKeyVaultKey.md) Backs up a key in a key vault. @@ -59,8 +56,8 @@ Gets the secrets in a key vault. ### [Get-AzureRmKeyVault](Get-AzureRmKeyVault.md) Gets key vaults. -### [Import-AzureKeyVaultCertificate](Import-AzureKeyVaultCertificate.md) -Imports a certificate to a key vault. +### [Get-AzureRmKeyVault](Get-AzureRmKeyVault.md) +Gets key vaults. ### [New-AzureKeyVaultCertificateAdministratorDetails](New-AzureKeyVaultCertificateAdministratorDetails.md) Creates an in-memory certificate administrator details object. @@ -119,17 +116,17 @@ Sets a certificate issuer in a key vault. ### [Set-AzureKeyVaultCertificatePolicy](Set-AzureKeyVaultCertificatePolicy.md) Creates or updates the policy for a certificate in a key vault. -### [Set-AzureKeyVaultKeyAttribute](Set-AzureKeyVaultKeyAttribute.md) -Updates the attributes of a key in a key vault. +### [Set-AzureKeyVaultCertificatePolicy](Set-AzureKeyVaultCertificatePolicy.md) +Creates or updates the policy for a certificate in a key vault. -### [Set-AzureKeyVaultManagedStorageSasDefinition](Set-AzureKeyVaultManagedStorageSasDefinition.md) -Sets a Shared Access Signature (SAS) definition with Key Vault for a given Key Vault managed Azure Storage Account. +### [Set-AzureKeyVaultCertificatePolicy](Set-AzureKeyVaultCertificatePolicy.md) +Creates or updates the policy for a certificate in a key vault. -### [Set-AzureKeyVaultSecret](Set-AzureKeyVaultSecret.md) -Creates or updates a secret in a key vault. +### [Set-AzureKeyVaultCertificatePolicy](Set-AzureKeyVaultCertificatePolicy.md) +Creates or updates the policy for a certificate in a key vault. -### [Set-AzureKeyVaultSecretAttribute](Set-AzureKeyVaultSecretAttribute.md) -Updates attributes of a secret in a key vault. +### [Set-AzureKeyVaultCertificatePolicy](Set-AzureKeyVaultCertificatePolicy.md) +Creates or updates the policy for a certificate in a key vault. ### [Set-AzureRmKeyVaultAccessPolicy](Set-AzureRmKeyVaultAccessPolicy.md) Grants or modifies existing permissions for a user, application, or security group to perform operations with a key vault. @@ -137,6 +134,9 @@ Grants or modifies existing permissions for a user, application, or security gro ### [Stop-AzureKeyVaultCertificateOperation](Stop-AzureKeyVaultCertificateOperation.md) Cancels a certificate operation in key vault. +### [Undo-AzureKeyVaultCertificateRemoval](Undo-AzureKeyVaultCertificateRemoval.md) +Recovers a deleted certificate in a key vault into an active state. + ### [Undo-AzureKeyVaultKeyRemoval](Undo-AzureKeyVaultKeyRemoval.md) Recovers a deleted key in a key vault into an active state. @@ -146,8 +146,9 @@ Recovers a deleted secret in a key vault into an active state. ### [Undo-AzureRmKeyVaultRemoval](Undo-AzureRmKeyVaultRemoval.md) Recovers a deleted key vault into an active state. -### [Update-AzureKeyVaultManagedStorageAccount](Update-AzureKeyVaultManagedStorageAccount.md) -Update editable attributes of a Key Vault managed Azure Storage Account. +### [Undo-AzureRmKeyVaultRemoval](Undo-AzureRmKeyVaultRemoval.md) +Recovers a deleted key vault into an active state. ### [Update-AzureKeyVaultManagedStorageAccountKey](Update-AzureKeyVaultManagedStorageAccountKey.md) -Regenerates the storage account key associated with a storage account managed by Key Vault. +Regenerates the specified key of Key Vault managed Azure Storage Account. + diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Backup-AzureKeyVaultKey.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Backup-AzureKeyVaultKey.md index 0d2e58fa0dd6..2b942afdfd9b 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Backup-AzureKeyVaultKey.md +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Backup-AzureKeyVaultKey.md @@ -63,21 +63,6 @@ This command creates a backup of the key named $key.Name in the vault named $key ## PARAMETERS -### -Confirm -Prompts you for confirmation before running the cmdlet. - -```yaml -Type: SwitchParameter -Parameter Sets: (All) -Aliases: cf - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - ### -Force Overwrite the given file if it exists```yaml Type: SwitchParameter @@ -115,7 +100,7 @@ Parameter Sets: ByKeyName Aliases: KeyName Required: True -Position: 1 +Position: 2 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False @@ -132,7 +117,7 @@ Parameter Sets: (All) Aliases: Required: False -Position: 2 +Position: 3 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False @@ -147,12 +132,27 @@ Parameter Sets: ByKeyName Aliases: Required: True -Position: 0 +Position: 1 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` +### -Confirm +Prompts you for confirmation before running the cmdlet. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: cf + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + ### -WhatIf Shows what would happen if the cmdlet runs. The cmdlet is not run. diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Backup-AzureKeyVaultSecret.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Backup-AzureKeyVaultSecret.md index 4905a33a277f..fc89ae120cd7 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Backup-AzureKeyVaultSecret.md +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Backup-AzureKeyVaultSecret.md @@ -61,21 +61,6 @@ This command uses the $secret object's vault name and name to retrieves the secr ## PARAMETERS -### -Confirm -Prompts you for confirmation before running the cmdlet. - -```yaml -Type: SwitchParameter -Parameter Sets: (All) -Aliases: cf - -Required: False -Position: Named -Default value: False -Accept pipeline input: False -Accept wildcard characters: False -``` - ### -Force Prompts you for confirmation before overwriting the output file, if that exists. @@ -153,6 +138,21 @@ Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` +### -Confirm +Prompts you for confirmation before running the cmdlet. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: cf + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + ### -WhatIf Shows what would happen if the cmdlet runs. The cmdlet is not run. diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureKeyVaultCertificate.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureKeyVaultCertificate.md index 2317a4315cfa..2b1dac1f0de9 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureKeyVaultCertificate.md +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureKeyVaultCertificate.md @@ -17,6 +17,11 @@ Gets a certificate from a key vault. Get-AzureKeyVaultCertificate [-VaultName] [] ``` +### ByDeletedCertificates +``` +Get-AzureKeyVaultCertificate [-VaultName] [-Name] [-InRemovedState] [] +``` + ### ByCertificateName ``` Get-AzureKeyVaultCertificate [-VaultName] [-Name] [[-Version] ] [] @@ -27,6 +32,11 @@ Get-AzureKeyVaultCertificate [-VaultName] [-Name] [[-Version] Get-AzureKeyVaultCertificate [-VaultName] [-Name] [-IncludeVersions] [] ``` +### ByDeletedCertificates +``` +Get-AzureKeyVaultCertificate [-VaultName] [[-Name] ] [-InRemovedState] [] +``` + ## DESCRIPTION The **Get-AzureKeyVaultCertificate** cmdlet gets the specified certificate or the versions of a certificate from a key vault in Azure Key Vault. @@ -63,6 +73,21 @@ Updated : 2/8/2016 11:21:45 PM This command gets the certificate named TestCert01 from the key vault named ContosoKV01. +### Example 2: Get all the certificates that have been deleted but not purged for this key vault. +``` +PS C:\>Get-AzureKeyVaultCertificate -VaultName 'Contoso' -InRemovedState +``` + +This command gets all the certificates that have been previously deleted, but not purged, in the key vault named Contoso. + +### Example 3: Gets the certificate MyCert that has been deleted but not purged for this key vault. +``` +PS C:\>Get-AzureKeyVaultCertificate -VaultName 'Contoso' -Name 'MyCert' -InRemovedState +``` + +This command gets the certificate named 'MyCert' that has been previously deleted, but not purged, in the key vault named Contoso. +This command will return metadata such as the deletion date, and the scheduled purging date of this deleted certificate. + ## PARAMETERS ### -IncludeVersions @@ -80,16 +105,41 @@ Accept pipeline input: False Accept wildcard characters: False ``` +### -InRemovedState +Specifies whether to include previously deleted certificates in the output.```yaml +Type: SwitchParameter +Parameter Sets: ByDeletedCertificates +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + ### -Name Specifies the name of the certificate to get. ```yaml Type: String -Parameter Sets: ByCertificateName, ByCertificateVersions +Parameter Sets: ByDeletedCertificates, ByCertificateName, ByCertificateVersions Aliases: CertificateName Required: True -Position: 1 +Position: 2 +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +```yaml +Type: String +Parameter Sets: ByDeletedCertificates +Aliases: CertificateName + +Required: False +Position: 2 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False @@ -104,7 +154,7 @@ Parameter Sets: (All) Aliases: Required: True -Position: 0 +Position: 1 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False @@ -119,7 +169,7 @@ Parameter Sets: ByCertificateName Aliases: CertificateVersion Required: False -Position: 2 +Position: 3 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False @@ -140,3 +190,6 @@ This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable [Import-AzureKeyVaultCertificate](./Import-AzureKeyVaultCertificate.md) +[Remove-AzureKeyVaultCertificate](./Remove-AzureKeyVaultCertificate.md) + +[Undo-AzureKeyVaultSecretCertificate](./Undo-AzureKeyVaultSecretCertificate.md) diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureKeyVaultCertificateContact.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureKeyVaultCertificateContact.md index 1f66b7af876c..9de772505807 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureKeyVaultCertificateContact.md +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureKeyVaultCertificateContact.md @@ -39,7 +39,7 @@ Parameter Sets: (All) Aliases: Required: True -Position: 0 +Position: 1 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureKeyVaultCertificateIssuer.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureKeyVaultCertificateIssuer.md index 23840a550166..e6c3ec453315 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureKeyVaultCertificateIssuer.md +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureKeyVaultCertificateIssuer.md @@ -50,7 +50,7 @@ Parameter Sets: ByName Aliases: IssuerName Required: True -Position: 1 +Position: 2 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False @@ -65,7 +65,7 @@ Parameter Sets: (All) Aliases: Required: True -Position: 0 +Position: 1 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureKeyVaultCertificateOperation.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureKeyVaultCertificateOperation.md index fe378b0bc719..f03359083842 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureKeyVaultCertificateOperation.md +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureKeyVaultCertificateOperation.md @@ -49,7 +49,7 @@ Parameter Sets: (All) Aliases: CertificateName Required: True -Position: 1 +Position: 2 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False @@ -64,7 +64,7 @@ Parameter Sets: (All) Aliases: Required: True -Position: 0 +Position: 1 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureKeyVaultCertificatePolicy.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureKeyVaultCertificatePolicy.md index 7ecbb05513ae..3662db8fdaab 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureKeyVaultCertificatePolicy.md +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureKeyVaultCertificatePolicy.md @@ -55,7 +55,7 @@ Parameter Sets: (All) Aliases: CertificateName Required: True -Position: 1 +Position: 2 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False @@ -70,7 +70,7 @@ Parameter Sets: (All) Aliases: Required: True -Position: 0 +Position: 1 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureKeyVaultKey.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureKeyVaultKey.md index dc802ecb00cc..bb57f7b628c2 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureKeyVaultKey.md +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureKeyVaultKey.md @@ -84,10 +84,16 @@ This command will return metadata such as the deletion date, and the scheduled p ## PARAMETERS -### -InRemovedState -Specifies whether to show the previously deleted keys in the output.```yaml +### -IncludeVersions +Indicates that this cmdlet gets all versions of a key. +The current version of a key is the first one on the list. +If you specify this parameter you must also specify the *Name* and *VaultName* parameters. + +If you do not specify the *IncludeVersions* parameter, this cmdlet gets the current version of the key with the specified *Name*. + +```yaml Type: SwitchParameter -Parameter Sets: ByDeletedKey +Parameter Sets: ByKeyVersions Aliases: Required: True @@ -97,16 +103,10 @@ Accept pipeline input: False Accept wildcard characters: False ``` -### -IncludeVersions -Indicates that this cmdlet gets all versions of a key. -The current version of a key is the first one on the list. -If you specify this parameter you must also specify the *Name* and *VaultName* parameters. - -If you do not specify the *IncludeVersions* parameter, this cmdlet gets the current version of the key with the specified *Name*. - -```yaml +### -InRemovedState +Specifies whether to show the previously deleted keys in the output.```yaml Type: SwitchParameter -Parameter Sets: ByKeyVersions +Parameter Sets: ByDeletedKey Aliases: Required: True @@ -125,7 +125,7 @@ Parameter Sets: ByKeyName, ByKeyVersions Aliases: KeyName Required: True -Position: 1 +Position: 2 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False @@ -137,7 +137,7 @@ Parameter Sets: ByDeletedKey Aliases: KeyName Required: False -Position: 1 +Position: 2 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False @@ -153,7 +153,7 @@ Parameter Sets: (All) Aliases: Required: True -Position: 0 +Position: 1 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False @@ -169,7 +169,7 @@ Parameter Sets: ByKeyName Aliases: KeyVersion Required: False -Position: 2 +Position: 3 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureKeyVaultSecret.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureKeyVaultSecret.md index c64376c6216f..09f17f56e155 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureKeyVaultSecret.md +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureKeyVaultSecret.md @@ -74,7 +74,7 @@ PS C:\> Write-Host "Secret Value is: " $secret.SecretValueText These commands get the current version of a secret named ITSecret, and then displays the plain text value of that secret. -### Example 6: Get all the keys that have been deleted but not purged for this key vault. +### Example 6: Get all the secrets that have been deleted but not purged for this key vault. ``` PS C:\>Get-AzureKeyVaultSecret -VaultName 'Contoso' -InRemovedState ``` @@ -91,10 +91,16 @@ This command will return metadata such as the deletion date, and the scheduled p ## PARAMETERS -### -InRemovedState -Specifies whether to show the previously deleted secrets in the output.```yaml +### -IncludeVersions +Indicates that this cmdlet gets all versions of a secret. +The current version of a secret is the first one on the list. +If you specify this parameter you must also specify the *Name* and *VaultName* parameters. + +If you do not specify the *IncludeVersions* parameter, this cmdlet gets the current version of the secret with the specified *Name*. + +```yaml Type: SwitchParameter -Parameter Sets: ByDeletedSecrets +Parameter Sets: BySecretVersions Aliases: Required: True @@ -104,16 +110,10 @@ Accept pipeline input: False Accept wildcard characters: False ``` -### -IncludeVersions -Indicates that this cmdlet gets all versions of a secret. -The current version of a secret is the first one on the list. -If you specify this parameter you must also specify the *Name* and *VaultName* parameters. - -If you do not specify the *IncludeVersions* parameter, this cmdlet gets the current version of the secret with the specified *Name*. - -```yaml +### -InRemovedState +Specifies whether to show the previously deleted secrets in the output.```yaml Type: SwitchParameter -Parameter Sets: BySecretVersions +Parameter Sets: ByDeletedSecrets Aliases: Required: True @@ -132,7 +132,7 @@ Parameter Sets: BySecretName, BySecretVersions Aliases: SecretName Required: True -Position: 1 +Position: 2 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False @@ -144,7 +144,7 @@ Parameter Sets: ByDeletedSecrets Aliases: SecretName Required: False -Position: 1 +Position: 2 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False @@ -160,7 +160,7 @@ Parameter Sets: (All) Aliases: Required: True -Position: 0 +Position: 1 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False @@ -176,7 +176,7 @@ Parameter Sets: BySecretName Aliases: SecretVersion Required: False -Position: 2 +Position: 3 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureRmKeyVault.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureRmKeyVault.md index 5dc506bd4465..727a64e3bfc7 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureRmKeyVault.md +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureRmKeyVault.md @@ -93,7 +93,7 @@ Specifies whether to show the previously deleted vaults in the output. ```yaml Type: SwitchParameter Parameter Sets: ByDeletedVault, ListAllDeletedVaultsInSubscription -Aliases: +Aliases: Required: True Position: Named @@ -108,7 +108,7 @@ The location of the deleted vault. ```yaml Type: String Parameter Sets: ByDeletedVault -Aliases: +Aliases: Required: True Position: 2 @@ -123,10 +123,10 @@ Specifies the name of the resource group associated with the key vault or key va ```yaml Type: String Parameter Sets: GetVaultByName -Aliases: +Aliases: Required: False -Position: 1 +Position: 2 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False @@ -135,10 +135,10 @@ Accept wildcard characters: False ```yaml Type: String Parameter Sets: ListVaultsByResourceGroup -Aliases: +Aliases: Required: True -Position: 1 +Position: 2 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False @@ -152,7 +152,7 @@ Key-value pairs in the form of a hash table. For example: ```yaml Type: Hashtable Parameter Sets: ListAllVaultsInSubscription -Aliases: +Aliases: Required: False Position: Named @@ -170,7 +170,7 @@ Parameter Sets: GetVaultByName, ByDeletedVault Aliases: Name Required: True -Position: 0 +Position: 1 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Import-AzureKeyVaultCertificate.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Import-AzureKeyVaultCertificate.md index 91c1c5718b4c..8c92065f6c90 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Import-AzureKeyVaultCertificate.md +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Import-AzureKeyVaultCertificate.md @@ -154,7 +154,7 @@ Parameter Sets: (All) Aliases: CertificateName Required: True -Position: 1 +Position: 2 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False @@ -202,7 +202,7 @@ Parameter Sets: (All) Aliases: Required: True -Position: 0 +Position: 1 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/New-AzureKeyVaultCertificateAdministratorDetails.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/New-AzureKeyVaultCertificateAdministratorDetails.md index 6d790f9a5df4..58096dc14092 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/New-AzureKeyVaultCertificateAdministratorDetails.md +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/New-AzureKeyVaultCertificateAdministratorDetails.md @@ -31,21 +31,6 @@ This command creates an in-memory certificate administrator details object, and ## PARAMETERS -### -Confirm -Prompts you for confirmation before running the cmdlet. - -```yaml -Type: SwitchParameter -Parameter Sets: (All) -Aliases: cf - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - ### -EmailAddress Specifies the email address for the certificate administrator. @@ -106,6 +91,21 @@ Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` +### -Confirm +Prompts you for confirmation before running the cmdlet. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: cf + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + ### -WhatIf Shows what would happen if the cmdlet runs. The cmdlet is not run. diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/New-AzureKeyVaultCertificateOrganizationDetails.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/New-AzureKeyVaultCertificateOrganizationDetails.md index 2b27900a349c..646616e472bd 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/New-AzureKeyVaultCertificateOrganizationDetails.md +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/New-AzureKeyVaultCertificateOrganizationDetails.md @@ -50,33 +50,33 @@ Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` -### -Confirm -Prompts you for confirmation before running the cmdlet. +### -Id +Specifies the identifier for the organization. ```yaml -Type: SwitchParameter +Type: String Parameter Sets: (All) -Aliases: cf +Aliases: Required: False Position: Named Default value: None -Accept pipeline input: False +Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` -### -Id -Specifies the identifier for the organization. +### -Confirm +Prompts you for confirmation before running the cmdlet. ```yaml -Type: String +Type: SwitchParameter Parameter Sets: (All) -Aliases: +Aliases: cf Required: False Position: Named Default value: None -Accept pipeline input: True (ByPropertyName) +Accept pipeline input: False Accept wildcard characters: False ``` diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/New-AzureKeyVaultCertificatePolicy.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/New-AzureKeyVaultCertificatePolicy.md index b34549801750..4a93f2049a1e 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/New-AzureKeyVaultCertificatePolicy.md +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/New-AzureKeyVaultCertificatePolicy.md @@ -51,21 +51,6 @@ Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` -### -Confirm -Prompts you for confirmation before running the cmdlet. - -```yaml -Type: SwitchParameter -Parameter Sets: (All) -Aliases: cf - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - ### -Disabled Indicates that the certificate policy is disabled. @@ -301,6 +286,21 @@ Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` +### -Confirm +Prompts you for confirmation before running the cmdlet. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: cf + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + ### -WhatIf Shows what would happen if the cmdlet runs. The cmdlet is not run. diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/New-AzureRmKeyVault.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/New-AzureRmKeyVault.md index 640076b50858..3c60b60003dd 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/New-AzureRmKeyVault.md +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/New-AzureRmKeyVault.md @@ -49,28 +49,14 @@ Premium for the *SKU* parameter to create a Premium key vault. ## PARAMETERS -### -Confirm -Prompts you for confirmation before running the cmdlet. - -```yaml -Type: SwitchParameter -Parameter Sets: (All) -Aliases: cf - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -EnableSoftDelete -If specified, 'soft delete' functionality is enabled for this key vault. +### -EnabledForDeployment +Enables the Microsoft.Compute resource provider to retrieve secrets from this key vault when this +key vault is referenced in resource creation, for example when creating a virtual machine. ```yaml Type: SwitchParameter Parameter Sets: (All) -Aliases: +Aliases: Required: False Position: Named @@ -79,14 +65,13 @@ Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` -### -EnabledForDeployment -Enables the Microsoft.Compute resource provider to retrieve secrets from this key vault when this -key vault is referenced in resource creation, for example when creating a virtual machine. +### -EnabledForDiskEncryption +Enables the Azure disk encryption service to get secrets and unwrap keys from this key vault. ```yaml Type: SwitchParameter Parameter Sets: (All) -Aliases: +Aliases: Required: False Position: Named @@ -95,13 +80,13 @@ Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` -### -EnabledForDiskEncryption -Enables the Azure disk encryption service to get secrets and unwrap keys from this key vault. +### -EnabledForTemplateDeployment +Enables Azure Resource Manager to get secrets from this key vault when this key vault is referenced in a template deployment. ```yaml Type: SwitchParameter Parameter Sets: (All) -Aliases: +Aliases: Required: False Position: Named @@ -110,13 +95,13 @@ Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` -### -EnabledForTemplateDeployment -Enables Azure Resource Manager to get secrets from this key vault when this key vault is referenced in a template deployment. +### -EnableSoftDelete +If specified, 'soft delete' functionality is enabled for this key vault. ```yaml Type: SwitchParameter Parameter Sets: (All) -Aliases: +Aliases: Required: False Position: Named @@ -133,10 +118,10 @@ information, type `Get-Help Get-AzureLocation`. ```yaml Type: String Parameter Sets: (All) -Aliases: +Aliases: Required: True -Position: 2 +Position: 3 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False @@ -148,10 +133,10 @@ Specifies the name of an existing resource group in which to create the key vaul ```yaml Type: String Parameter Sets: (All) -Aliases: +Aliases: Required: True -Position: 1 +Position: 2 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False @@ -164,7 +149,7 @@ each SKU, see the Azure Key Vault Pricing website (http://go.microsoft.com/fwlin ```yaml Type: SkuName Parameter Sets: (All) -Aliases: +Aliases: Accepted values: Standard, Premium Required: False @@ -199,15 +184,30 @@ unique. ```yaml Type: String Parameter Sets: (All) -Aliases: +Aliases: Required: True -Position: 0 +Position: 1 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` +### -Confirm +Prompts you for confirmation before running the cmdlet. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: cf + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + ### -WhatIf Shows what would happen if the cmdlet runs. The cmdlet is not run. diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultCertificate.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultCertificate.md index d697cc0e80ac..efcc60569a41 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultCertificate.md +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultCertificate.md @@ -13,8 +13,8 @@ Removes a certificate from a key vault. ## SYNTAX ``` -Remove-AzureKeyVaultCertificate [-VaultName] [-Name] [-Force] [-PassThru] [-WhatIf] - [-Confirm] [] +Remove-AzureKeyVaultCertificate [-VaultName] [-Name] [-Force] [-InRemovedState] [-PassThru] + [-WhatIf] [-Confirm] [] ``` ## DESCRIPTION @@ -38,27 +38,33 @@ This command removes the certificate named SelfSigned01 from the key vault named This command specifies the *Force* parameter. Therefore, the cmdlet does not prompt you for confirmation. +### Example 3: Purge the deleted certificate from the key vault permanently +``` +PS C:\>Remove-AzureKeyVaultCertificate -VaultName 'Contoso' -Name 'MyCert' -InRemovedState +``` + +This command permanently removes the certificate named 'MyCert' from the key vault named 'Contoso'. +Executing this cmdlet requires the 'purge' permission, which must have been previously and explicitly granted to the user on this key vault. + ## PARAMETERS -### -Confirm -Prompts you for confirmation before running the cmdlet. +### -Force +Forces the command to run without asking for user confirmation. ```yaml Type: SwitchParameter Parameter Sets: (All) -Aliases: cf +Aliases: Required: False Position: Named -Default value: False +Default value: None Accept pipeline input: False Accept wildcard characters: False ``` -### -Force -Forces the command to run without asking for user confirmation. - -```yaml +### -InRemovedState +If present, removes the previously deleted certificate permanently.```yaml Type: SwitchParameter Parameter Sets: (All) Aliases: @@ -80,7 +86,7 @@ Parameter Sets: (All) Aliases: Required: True -Position: 1 +Position: 2 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False @@ -112,12 +118,27 @@ Parameter Sets: (All) Aliases: Required: True -Position: 0 +Position: 1 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` +### -Confirm +Prompts you for confirmation before running the cmdlet. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: cf + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + ### -WhatIf Shows what would happen if the cmdlet runs. The cmdlet is not run.Shows what would happen if the cmdlet runs. @@ -154,3 +175,4 @@ This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable [Import-AzureKeyVaultCertificate](./Import-AzureKeyVaultCertificate.md) +[Undo-AzureKeyVaultCertificateRemoval](./Undo-AzureKeyVaultCertificateRemoval.md) \ No newline at end of file diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultCertificateContact.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultCertificateContact.md index 085d6e66eb35..c1f455afeb07 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultCertificateContact.md +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultCertificateContact.md @@ -31,21 +31,6 @@ This command removes Patti Fuller as a certificate contact for the Contoso01 key ## PARAMETERS -### -Confirm -Prompts you for confirmation before running the cmdlet. - -```yaml -Type: SwitchParameter -Parameter Sets: (All) -Aliases: cf - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - ### -EmailAddress Specifies the email address of the contact to remove. @@ -55,7 +40,7 @@ Parameter Sets: (All) Aliases: Required: True -Position: 1 +Position: 2 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False @@ -86,12 +71,27 @@ Parameter Sets: (All) Aliases: Required: True -Position: 0 +Position: 1 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` +### -Confirm +Prompts you for confirmation before running the cmdlet. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: cf + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + ### -WhatIf Shows what would happen if the cmdlet runs. The cmdlet is not run. diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultCertificateIssuer.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultCertificateIssuer.md index cc069915feb3..b1ffc08c620f 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultCertificateIssuer.md +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultCertificateIssuer.md @@ -31,21 +31,6 @@ This command removes the certificate issuer named TestIssuer01 from the ContosoK ## PARAMETERS -### -Confirm -Prompts you for confirmation before running the cmdlet. - -```yaml -Type: SwitchParameter -Parameter Sets: (All) -Aliases: cf - -Required: False -Position: Named -Default value: False -Accept pipeline input: False -Accept wildcard characters: False -``` - ### -Force Forces the command to run without asking for user confirmation. @@ -70,7 +55,7 @@ Parameter Sets: (All) Aliases: IssuerName Required: True -Position: 1 +Position: 2 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False @@ -101,12 +86,27 @@ Parameter Sets: (All) Aliases: Required: True -Position: 0 +Position: 1 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` +### -Confirm +Prompts you for confirmation before running the cmdlet. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: cf + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + ### -WhatIf Shows what would happen if the cmdlet runs. The cmdlet is not run.Shows what would happen if the cmdlet runs. diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultCertificateOperation.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultCertificateOperation.md index a06a7110a0e5..8b0bdf2ade79 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultCertificateOperation.md +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultCertificateOperation.md @@ -31,21 +31,6 @@ This command removes the certificate operation named TestCert01 from the Contoso ## PARAMETERS -### -Confirm -Prompts you for confirmation before running the cmdlet. - -```yaml -Type: SwitchParameter -Parameter Sets: (All) -Aliases: cf - -Required: False -Position: Named -Default value: False -Accept pipeline input: False -Accept wildcard characters: False -``` - ### -Force Forces the command to run without asking for user confirmation. @@ -70,7 +55,7 @@ Parameter Sets: (All) Aliases: CertificateName Required: True -Position: 1 +Position: 2 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False @@ -101,12 +86,27 @@ Parameter Sets: (All) Aliases: Required: True -Position: 0 +Position: 1 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` +### -Confirm +Prompts you for confirmation before running the cmdlet. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: cf + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + ### -WhatIf Shows what would happen if the cmdlet runs. The cmdlet is not run.Shows what would happen if the cmdlet runs. diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultKey.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultKey.md index adfd7063b3e7..0ad946d9d110 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultKey.md +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultKey.md @@ -45,7 +45,7 @@ PS C:\>Remove-AzureKeyVaultKey -VaultName 'Contoso' -Name 'ITSoftware' -InRemove ``` This command removes the key named ITSoftware from the key vault named Contoso permanently. -This flag requires the user to have special 'purge' persmissions on the key vault. +Executing this cmdlet requires the 'purge' permission, which must have been previously and explicitly granted to the user for this key vault. ### Example 4: Remove keys by using the pipeline operator ``` @@ -58,21 +58,6 @@ That cmdlet removes those keys. ## PARAMETERS -### -Confirm -Prompts you for confirmation before running the cmdlet. - -```yaml -Type: SwitchParameter -Parameter Sets: (All) -Aliases: cf - -Required: False -Position: Named -Default value: False -Accept pipeline input: False -Accept wildcard characters: False -``` - ### -Force Forces the command to run without asking for user confirmation. @@ -111,7 +96,7 @@ Parameter Sets: (All) Aliases: KeyName Required: True -Position: 1 +Position: 2 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False @@ -143,12 +128,27 @@ Parameter Sets: (All) Aliases: Required: True -Position: 0 +Position: 1 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` +### -Confirm +Prompts you for confirmation before running the cmdlet. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: cf + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + ### -WhatIf Shows what would happen if the cmdlet runs. The cmdlet is not run.Shows what would happen if the cmdlet runs. diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultManagedStorageAccount.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultManagedStorageAccount.md index 06917e51c993..720a4b94f595 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultManagedStorageAccount.md +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultManagedStorageAccount.md @@ -50,21 +50,6 @@ Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` -### -Confirm -Prompts you for confirmation before running the cmdlet. - -```yaml -Type: SwitchParameter -Parameter Sets: (All) -Aliases: cf - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - ### -Force Do not ask for confirmation. @@ -112,6 +97,21 @@ Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` +### -Confirm +Prompts you for confirmation before running the cmdlet. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: cf + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + ### -WhatIf Shows what would happen if the cmdlet runs. The cmdlet is not run. diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultManagedStorageSasDefinition.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultManagedStorageSasDefinition.md index 2455b6927c33..5927db1d7005 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultManagedStorageSasDefinition.md +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultManagedStorageSasDefinition.md @@ -53,21 +53,6 @@ Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` -### -Confirm -Prompts you for confirmation before running the cmdlet. - -```yaml -Type: SwitchParameter -Parameter Sets: (All) -Aliases: cf - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - ### -Force Do not ask for confirmation. @@ -131,6 +116,21 @@ Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` +### -Confirm +Prompts you for confirmation before running the cmdlet. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: cf + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + ### -WhatIf Shows what would happen if the cmdlet runs. The cmdlet is not run. diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultSecret.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultSecret.md index db9531fe155d..ae0ef3c2a75e 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultSecret.md +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultSecret.md @@ -43,26 +43,11 @@ The command specifies the *Force* and *Confirm* parameters, and, therefore, the PS C:\>Remove-AzureKeyVaultSecret -VaultName 'Contoso' -Name 'FinanceSecret' -InRemovedState ``` -This command removes the secret named FinanceSecret from the key vault named Contoso permanently. -This flag requires the user to have special 'purge' persmissions on the key vault. +This command premoves the secret named FinanceSecret from the key vault named Contoso permanently. +Executing this cmdlet requires the 'purge' permission, which must have been previously and explicitly granted to the user for this key vault. ## PARAMETERS -### -Confirm -Prompts you for confirmation before running the cmdlet. - -```yaml -Type: SwitchParameter -Parameter Sets: (All) -Aliases: cf - -Required: False -Position: Named -Default value: False -Accept pipeline input: False -Accept wildcard characters: False -``` - ### -Force Forces the command to run without asking for user confirmation. @@ -101,7 +86,7 @@ Parameter Sets: (All) Aliases: SecretName Required: True -Position: 1 +Position: 2 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False @@ -133,12 +118,27 @@ Parameter Sets: (All) Aliases: Required: True -Position: 0 +Position: 1 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` +### -Confirm +Prompts you for confirmation before running the cmdlet. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: cf + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + ### -WhatIf Shows what would happen if the cmdlet runs. The cmdlet is not run.Shows what would happen if the cmdlet runs. diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureRmKeyVault.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureRmKeyVault.md index 89b3b4dc5961..a855a2152ddb 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureRmKeyVault.md +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureRmKeyVault.md @@ -49,21 +49,6 @@ If you do not specify the resource group name, the cmdlet searches for the named ## PARAMETERS -### -Confirm -Prompts you for confirmation before running the cmdlet. - -```yaml -Type: SwitchParameter -Parameter Sets: (All) -Aliases: cf - -Required: False -Position: Named -Default value: False -Accept pipeline input: False -Accept wildcard characters: False -``` - ### -Force Indicates that the cmdlet does not prompt you for confirmation. By default, this cmdlet prompts you to confirm that you want to delete the key vault. @@ -127,7 +112,7 @@ Parameter Sets: ByAvailableVault Aliases: Required: False -Position: 1 +Position: 2 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False @@ -142,12 +127,27 @@ Parameter Sets: (All) Aliases: Required: True -Position: 0 +Position: 1 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` +### -Confirm +Prompts you for confirmation before running the cmdlet. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: cf + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + ### -WhatIf Shows what would happen if the cmdlet runs. The cmdlet is not run.Shows what would happen if the cmdlet runs. diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureRmKeyVaultAccessPolicy.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureRmKeyVaultAccessPolicy.md index 807c967db335..b2bcee43beb5 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureRmKeyVaultAccessPolicy.md +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureRmKeyVaultAccessPolicy.md @@ -24,18 +24,18 @@ Remove-AzureRmKeyVaultAccessPolicy [-VaultName] [[-ResourceGroupName] < -UserPrincipalName [-PassThru] [-WhatIf] [-Confirm] [] ``` -### ByUserEmailAddress -``` -Remove-AzureRmKeyVaultAccessPolicy [-VaultName] [[-ResourceGroupName] ] - -EmailAddress [-PassThru] [-WhatIf] [-Confirm] [] -``` - ### ByObjectId ``` Remove-AzureRmKeyVaultAccessPolicy [-VaultName] [[-ResourceGroupName] ] -ObjectId [-ApplicationId ] [-PassThru] [-WhatIf] [-Confirm] [] ``` +### ByEmail +``` +Remove-AzureRmKeyVaultAccessPolicy [-VaultName] [[-ResourceGroupName] ] -EmailAddress + [-PassThru] [-WhatIf] [-Confirm] [] +``` + ### ForVault ``` Remove-AzureRmKeyVaultAccessPolicy [-VaultName] [[-ResourceGroupName] ] @@ -98,18 +98,18 @@ Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` -### -Confirm -Prompts you for confirmation before running the cmdlet. +### -EmailAddress +Specifies the user email address of the user whose access you want to remove. ```yaml -Type: SwitchParameter -Parameter Sets: (All) -Aliases: cf +Type: String +Parameter Sets: ByEmail +Aliases: -Required: False +Required: True Position: Named Default value: None -Accept pipeline input: False +Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` @@ -199,7 +199,7 @@ Parameter Sets: (All) Aliases: Required: False -Position: 1 +Position: 2 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False @@ -236,33 +236,34 @@ Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` -### -EmailAddress -Specifies the user email address of the user whose access you want to remove. +### -VaultName +Specifies the name of the key vault. +This cmdlet removes permissions for the key vault that this parameter specifies. ```yaml Type: String -Parameter Sets: ByUserEmailAddress +Parameter Sets: (All) +Aliases: Required: True -Position: Named +Position: 0 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` -### -VaultName -Specifies the name of the key vault. -This cmdlet removes permissions for the key vault that this parameter specifies. +### -Confirm +Prompts you for confirmation before running the cmdlet. ```yaml -Type: String +Type: SwitchParameter Parameter Sets: (All) -Aliases: +Aliases: cf -Required: True -Position: 0 +Required: False +Position: Named Default value: None -Accept pipeline input: True (ByPropertyName) +Accept pipeline input: False Accept wildcard characters: False ``` diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Restore-AzureKeyVaultKey.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Restore-AzureKeyVaultKey.md index 2231f2365633..0501f443f722 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Restore-AzureKeyVaultKey.md +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Restore-AzureKeyVaultKey.md @@ -37,23 +37,23 @@ This command restores a key, including all of its versions, from the backup file ## PARAMETERS -### -Confirm -Prompts you for confirmation before running the cmdlet. +### -InputFile +Specifies the input file that contains the backup of the key to restore. ```yaml -Type: SwitchParameter +Type: String Parameter Sets: (All) -Aliases: cf +Aliases: -Required: False -Position: Named +Required: True +Position: 2 Default value: None Accept pipeline input: False Accept wildcard characters: False ``` -### -InputFile -Specifies the input file that contains the backup of the key to restore. +### -VaultName +Specifies the name of the key vault into which to restore the key. ```yaml Type: String @@ -63,22 +63,22 @@ Aliases: Required: True Position: 1 Default value: None -Accept pipeline input: False +Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` -### -VaultName -Specifies the name of the key vault into which to restore the key. +### -Confirm +Prompts you for confirmation before running the cmdlet. ```yaml -Type: String +Type: SwitchParameter Parameter Sets: (All) -Aliases: +Aliases: cf -Required: True -Position: 0 +Required: False +Position: Named Default value: None -Accept pipeline input: True (ByPropertyName) +Accept pipeline input: False Accept wildcard characters: False ``` diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Restore-AzureKeyVaultSecret.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Restore-AzureKeyVaultSecret.md index f67650f42726..e08aeb45366f 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Restore-AzureKeyVaultSecret.md +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Restore-AzureKeyVaultSecret.md @@ -38,21 +38,6 @@ This command restores a secret, including all of its versions, from the backup f ## PARAMETERS -### -Confirm -Prompts you for confirmation before running the cmdlet. - -```yaml -Type: SwitchParameter -Parameter Sets: (All) -Aliases: cf - -Required: False -Position: Named -Default value: False -Accept pipeline input: False -Accept wildcard characters: False -``` - ### -InputFile Specifies the input file that contains the backup of the secret to restore. @@ -83,6 +68,21 @@ Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` +### -Confirm +Prompts you for confirmation before running the cmdlet. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: cf + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + ### -WhatIf Shows what would happen if the cmdlet runs. The cmdlet is not run. diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Set-AzureKeyVaultCertificateAttribute.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Set-AzureKeyVaultCertificateAttribute.md index a55256a8fa36..3536e47c90b5 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Set-AzureKeyVaultCertificateAttribute.md +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Set-AzureKeyVaultCertificateAttribute.md @@ -64,21 +64,6 @@ The final command displays the TestCert01 certificate by using the Get-AzureKeyV ## PARAMETERS -### -Confirm -Prompts you for confirmation before running the cmdlet. - -```yaml -Type: SwitchParameter -Parameter Sets: (All) -Aliases: cf - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - ### -Enable Indicates whether to enable or disable a certificate. Specify $True to enable or $False to disable. @@ -86,7 +71,7 @@ Specify $True to enable or $False to disable. ```yaml Type: Boolean Parameter Sets: (All) -Aliases: +Aliases: Required: False Position: Named @@ -106,7 +91,7 @@ Parameter Sets: (All) Aliases: CertificateName Required: True -Position: 1 +Position: 2 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False @@ -119,7 +104,7 @@ By default, this cmdlet does not generate any output. ```yaml Type: SwitchParameter Parameter Sets: (All) -Aliases: +Aliases: Required: False Position: Named @@ -136,7 +121,7 @@ Key-value pairs in the form of a hash table. For example: ```yaml Type: Hashtable Parameter Sets: (All) -Aliases: +Aliases: Required: False Position: Named @@ -152,10 +137,10 @@ This cmdlet constructs the FQDN of a key vault based on the name and currently s ```yaml Type: String Parameter Sets: (All) -Aliases: +Aliases: Required: True -Position: 0 +Position: 1 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False @@ -171,12 +156,27 @@ Parameter Sets: (All) Aliases: CertificateVersion Required: False -Position: 2 +Position: 3 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` +### -Confirm +Prompts you for confirmation before running the cmdlet. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: cf + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + ### -WhatIf Shows what would happen if the cmdlet runs. The cmdlet is not run. diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Set-AzureKeyVaultCertificateIssuer.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Set-AzureKeyVaultCertificateIssuer.md index e6f7e31ba703..fa46a98eeb5b 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Set-AzureKeyVaultCertificateIssuer.md +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Set-AzureKeyVaultCertificateIssuer.md @@ -69,21 +69,6 @@ Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` -### -Confirm -Prompts you for confirmation before running the cmdlet. - -```yaml -Type: SwitchParameter -Parameter Sets: (All) -Aliases: cf - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - ### -Issuer Specifies the certificate issuer to update. @@ -123,7 +108,7 @@ Parameter Sets: (All) Aliases: IssuerName Required: True -Position: 1 +Position: 2 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False @@ -169,12 +154,27 @@ Parameter Sets: (All) Aliases: Required: True -Position: 0 +Position: 1 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` +### -Confirm +Prompts you for confirmation before running the cmdlet. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: cf + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + ### -WhatIf Shows what would happen if the cmdlet runs. The cmdlet is not run. diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Set-AzureKeyVaultCertificatePolicy.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Set-AzureKeyVaultCertificatePolicy.md index ece046b3ac3f..70977fa03c82 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Set-AzureKeyVaultCertificatePolicy.md +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Set-AzureKeyVaultCertificatePolicy.md @@ -54,7 +54,7 @@ Parameter Sets: ByValue Aliases: Required: False -Position: 2 +Position: 3 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False @@ -75,21 +75,6 @@ Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` -### -Confirm -Prompts you for confirmation before running the cmdlet. - -```yaml -Type: SwitchParameter -Parameter Sets: (All) -Aliases: cf - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - ### -Disabled Indicates that the certificate policy is disabled. @@ -239,7 +224,7 @@ Parameter Sets: (All) Aliases: CertificateName Required: True -Position: 1 +Position: 2 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False @@ -365,12 +350,27 @@ Parameter Sets: (All) Aliases: Required: True -Position: 0 +Position: 1 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` +### -Confirm +Prompts you for confirmation before running the cmdlet. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: cf + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + ### -WhatIf Shows what would happen if the cmdlet runs. The cmdlet is not run. diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Set-AzureKeyVaultKeyAttribute.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Set-AzureKeyVaultKeyAttribute.md index a4912810795d..f69d6092898a 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Set-AzureKeyVaultKeyAttribute.md +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Set-AzureKeyVaultKeyAttribute.md @@ -135,7 +135,7 @@ Parameter Sets: (All) Aliases: KeyName Required: True -Position: 1 +Position: 2 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False @@ -201,7 +201,7 @@ Parameter Sets: (All) Aliases: Required: True -Position: 0 +Position: 1 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False @@ -217,7 +217,7 @@ Parameter Sets: (All) Aliases: KeyVersion Required: False -Position: 2 +Position: 3 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Set-AzureKeyVaultSecret.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Set-AzureKeyVaultSecret.md index fd9963554447..364f6c237da2 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Set-AzureKeyVaultSecret.md +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Set-AzureKeyVaultSecret.md @@ -134,7 +134,7 @@ Parameter Sets: (All) Aliases: SecretName Required: True -Position: 1 +Position: 2 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False @@ -167,7 +167,7 @@ Parameter Sets: (All) Aliases: Required: True -Position: 2 +Position: 3 Default value: None Accept pipeline input: False Accept wildcard characters: False @@ -200,7 +200,7 @@ Parameter Sets: (All) Aliases: Required: True -Position: 0 +Position: 1 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Set-AzureKeyVaultSecretAttribute.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Set-AzureKeyVaultSecretAttribute.md index 7b2d240b1dc0..04eb399b307c 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Set-AzureKeyVaultSecretAttribute.md +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Set-AzureKeyVaultSecretAttribute.md @@ -151,7 +151,7 @@ Parameter Sets: (All) Aliases: SecretName Required: True -Position: 1 +Position: 2 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False @@ -216,7 +216,7 @@ Parameter Sets: (All) Aliases: Required: True -Position: 0 +Position: 1 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False @@ -232,7 +232,7 @@ Parameter Sets: (All) Aliases: SecretVersion Required: False -Position: 2 +Position: 3 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Set-AzureRmKeyVaultAccessPolicy.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Set-AzureRmKeyVaultAccessPolicy.md index fdde2dbb14a4..61072546ac87 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Set-AzureRmKeyVaultAccessPolicy.md +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Set-AzureRmKeyVaultAccessPolicy.md @@ -28,14 +28,6 @@ Set-AzureRmKeyVaultAccessPolicy [-VaultName] [[-ResourceGroupName] ] ``` -### ByUserEmailAddress -``` -Set-AzureRmKeyVaultAccessPolicy [-VaultName] [[-ResourceGroupName] ] - -EmailAddress [-PermissionsToKeys ] [-PermissionsToSecrets ] - [-PermissionsToCertificates ] [-PermissionsToStorage ] [-PassThru] [-WhatIf] [-Confirm] - [] -``` - ### ByObjectId ``` Set-AzureRmKeyVaultAccessPolicy [-VaultName] [[-ResourceGroupName] ] -ObjectId @@ -44,6 +36,13 @@ Set-AzureRmKeyVaultAccessPolicy [-VaultName] [[-ResourceGroupName] ] ``` +### ByEmailAddress +``` +Set-AzureRmKeyVaultAccessPolicy [-VaultName] [[-ResourceGroupName] ] -EmailAddress + [-PermissionsToKeys ] [-PermissionsToSecrets ] [-PermissionsToCertificates ] + [-PermissionsToStorage ] [-PassThru] [-WhatIf] [-Confirm] [] +``` + ### ForVault ``` Set-AzureRmKeyVaultAccessPolicy [-VaultName] [[-ResourceGroupName] ] [-EnabledForDeployment] @@ -185,18 +184,19 @@ Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` -### -Confirm -Prompts you for confirmation before running the cmdlet. +### -EmailAddress +Specifies the user email address of the user to whom to grant permissions. +This email address must exist in the directory associated with the current subscription and be unique. ```yaml -Type: SwitchParameter -Parameter Sets: (All) -Aliases: cf +Type: String +Parameter Sets: ByEmailAddress +Aliases: -Required: False +Required: True Position: Named Default value: None -Accept pipeline input: False +Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` @@ -295,7 +295,7 @@ The acceptable values for this parameter are: ```yaml Type: String[] -Parameter Sets: ByServicePrincipalName, ByUserPrincipalName, ByObjectId +Parameter Sets: ByServicePrincipalName, ByUserPrincipalName, ByObjectId, ByEmailAddress Aliases: Accepted values: get, list, delete, create, import, update, managecontacts, getissuers, listissuers, setissuers, deleteissuers, manageissuers, all @@ -329,7 +329,7 @@ The acceptable values for this parameter are: ```yaml Type: String[] -Parameter Sets: ByServicePrincipalName, ByUserPrincipalName, ByObjectId +Parameter Sets: ByServicePrincipalName, ByUserPrincipalName, ByObjectId, ByEmailAddress Aliases: Accepted values: decrypt, encrypt, unwrapKey, wrapKey, verify, sign, get, list, update, create, import, delete, backup, restore, recover, purge, all @@ -355,7 +355,7 @@ The acceptable values for this parameter are: ```yaml Type: String[] -Parameter Sets: ByServicePrincipalName, ByUserPrincipalName, ByObjectId +Parameter Sets: ByServicePrincipalName, ByUserPrincipalName, ByObjectId, ByEmailAddress Aliases: Accepted values: get, list, set, delete, backup, restore, recover, purge, all @@ -369,7 +369,7 @@ Accept wildcard characters: False ### -PermissionsToStorage Specifies managed storage account and sas definition operation permissions to grant to a user or service principal.```yaml Type: String[] -Parameter Sets: ByServicePrincipalName, ByUserPrincipalName, ByObjectId +Parameter Sets: ByServicePrincipalName, ByUserPrincipalName, ByObjectId, ByEmailAddress Aliases: Accepted values: get, list, delete, set, update, regeneratekey, getsas, listsas, deletesas, setsas, all @@ -389,7 +389,7 @@ Parameter Sets: (All) Aliases: Required: False -Position: 1 +Position: 2 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False @@ -428,34 +428,34 @@ Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` -### -EmailAddress -Specifies the user email address of the user to whom to grant permissions. -This email address must exist in the directory associated with the current subscription and be unique. +### -VaultName +Specifies the name of a key vault. +This cmdlet modifies the access policy for the key vault that this parameter specifies. ```yaml Type: String -Parameter Sets: ByUserEmailAddress +Parameter Sets: (All) +Aliases: Required: True -Position: Named +Position: 0 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` -### -VaultName -Specifies the name of a key vault. -This cmdlet modifies the access policy for the key vault that this parameter specifies. +### -Confirm +Prompts you for confirmation before running the cmdlet. ```yaml -Type: String +Type: SwitchParameter Parameter Sets: (All) -Aliases: +Aliases: cf -Required: True -Position: 0 +Required: False +Position: Named Default value: None -Accept pipeline input: True (ByPropertyName) +Accept pipeline input: False Accept wildcard characters: False ``` diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Stop-AzureKeyVaultCertificateOperation.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Stop-AzureKeyVaultCertificateOperation.md index 229bbbd22250..73b30218de42 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Stop-AzureKeyVaultCertificateOperation.md +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Stop-AzureKeyVaultCertificateOperation.md @@ -41,21 +41,6 @@ This command cancels the TestCert02 certificate operation. ## PARAMETERS -### -Confirm -Prompts you for confirmation before running the cmdlet. - -```yaml -Type: SwitchParameter -Parameter Sets: (All) -Aliases: cf - -Required: False -Position: Named -Default value: False -Accept pipeline input: False -Accept wildcard characters: False -``` - ### -Force Forces the command to run without asking for user confirmation. @@ -80,7 +65,7 @@ Parameter Sets: (All) Aliases: CertificateName Required: True -Position: 1 +Position: 2 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False @@ -95,12 +80,27 @@ Parameter Sets: (All) Aliases: Required: True -Position: 0 +Position: 1 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` +### -Confirm +Prompts you for confirmation before running the cmdlet. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: cf + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + ### -WhatIf Shows what would happen if the cmdlet runs. The cmdlet is not run.Shows what would happen if the cmdlet runs. diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Undo-AzureKeyVaultCertificateRemoval.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Undo-AzureKeyVaultCertificateRemoval.md new file mode 100644 index 000000000000..d68de1bc3ad0 --- /dev/null +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Undo-AzureKeyVaultCertificateRemoval.md @@ -0,0 +1,115 @@ +--- +external help file: Microsoft.Azure.Commands.KeyVault.dll-Help.xml +online version: https://msdn.microsoft.com/en-us/library/dn868052.aspx +schema: 2.0.0 +--- + +# Undo-AzureKeyVaultCertificateRemoval + +## SYNOPSIS +Recovers a deleted certificate in a key vault into an active state. + +## SYNTAX + +``` +Undo-AzureKeyVaultCertificateRemoval [-VaultName] [-Name] [-WhatIf] [-Confirm] + [] +``` + +## DESCRIPTION +The **Undo-AzureKeyVaultCertificateRemoval** cmdlet will recover a previously deleted certificate. +The recovered certificate will be active and can be used for all operations. +Caller needs to have 'recover' permission in order to perform this operation. + +## EXAMPLES + +### Example 1 +``` +PS C:\> Undo-AzureKeyVaultCertificateRemoval -VaultName 'MyKeyVault' -Name 'MyCertificate' +``` + +This command will recover the certificate 'MyCertificate' that was previously deleted, into an active and usable state. + +## PARAMETERS + +### -Name +Certificate name. +Cmdlet constructs the FQDN of a certificate from vault name, currently selected environment and certificate name. + +```yaml +Type: String +Parameter Sets: (All) +Aliases: CertificateName + +Required: True +Position: 1 +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -VaultName +Vault name. +Cmdlet constructs the FQDN of a vault based on the name and currently selected environment. + +```yaml +Type: String +Parameter Sets: (All) +Aliases: + +Required: True +Position: 0 +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -Confirm +Prompts you for confirmation before running the cmdlet. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: cf + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -WhatIf +Shows what would happen if the cmdlet runs. +The cmdlet is not run. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: wi + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters +This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters (http://go.microsoft.com/fwlink/?LinkID=113216). + +## INPUTS + +### System.String + +## OUTPUTS + +### Microsoft.Azure.Commands.KeyVault.Models.Certificate + +## NOTES + +## RELATED LINKS + +[Remove-AzureKeyVaultCertificate](./Remove-AzureKeyVaultCertificate.md) + +[Get-AzureKeyVaultCertificate](./Get-AzureKeyVaultCertificate.md) diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Undo-AzureKeyVaultKeyRemoval.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Undo-AzureKeyVaultKeyRemoval.md index dcf4911ee970..519aa6aa6264 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Undo-AzureKeyVaultKeyRemoval.md +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Undo-AzureKeyVaultKeyRemoval.md @@ -31,21 +31,6 @@ This command will recover the key 'MyKey' that was previously deleted, into an a ## PARAMETERS -### -Confirm -Prompts you for confirmation before running the cmdlet. - -```yaml -Type: SwitchParameter -Parameter Sets: (All) -Aliases: cf - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - ### -Name Key name. Cmdlet constructs the FQDN of a key from vault name, currently selected environment and key name. @@ -78,6 +63,21 @@ Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` +### -Confirm +Prompts you for confirmation before running the cmdlet. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: cf + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + ### -WhatIf Shows what would happen if the cmdlet runs. The cmdlet is not run. diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Undo-AzureKeyVaultSecretRemoval.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Undo-AzureKeyVaultSecretRemoval.md index 75f1a5adfd25..cbeae9a7ea2b 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Undo-AzureKeyVaultSecretRemoval.md +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Undo-AzureKeyVaultSecretRemoval.md @@ -32,21 +32,6 @@ This command will recover the secret 'MySecret' that was previously deleted, int ## PARAMETERS -### -Confirm -Prompts you for confirmation before running the cmdlet. - -```yaml -Type: SwitchParameter -Parameter Sets: (All) -Aliases: cf - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - ### -Name Secret name. Cmdlet constructs the FQDN of a secret from vault name, currently selected environment and secret name. @@ -79,6 +64,21 @@ Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` +### -Confirm +Prompts you for confirmation before running the cmdlet. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: cf + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + ### -WhatIf Shows what would happen if the cmdlet runs. The cmdlet is not run. diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Undo-AzureRmKeyVaultRemoval.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Undo-AzureRmKeyVaultRemoval.md index 555dc023c879..2806fe581726 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Undo-AzureRmKeyVaultRemoval.md +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Undo-AzureRmKeyVaultRemoval.md @@ -33,28 +33,13 @@ tags with new tag. ## PARAMETERS -### -Confirm -Prompts you for confirmation before running the cmdlet. - -```yaml -Type: SwitchParameter -Parameter Sets: (All) -Aliases: cf - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - ### -Location Specifies the deleted vault original Azure region. ```yaml Type: String Parameter Sets: (All) -Aliases: +Aliases: Required: True Position: 2 @@ -69,7 +54,7 @@ Specifies the name of an existing resource group in which to create the key vaul ```yaml Type: String Parameter Sets: (All) -Aliases: +Aliases: Required: True Position: 1 @@ -86,7 +71,7 @@ Key-value pairs in the form of a hash table. For example: ```yaml Type: Hashtable Parameter Sets: (All) -Aliases: +Aliases: Required: False Position: Named @@ -102,7 +87,7 @@ Cmdlet constructs the FQDN of a vault based on the name and currently selected e ```yaml Type: String Parameter Sets: (All) -Aliases: +Aliases: Required: True Position: 0 @@ -111,6 +96,21 @@ Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` +### -Confirm +Prompts you for confirmation before running the cmdlet. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: cf + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + ### -WhatIf Shows what would happen if the cmdlet runs. The cmdlet is not run. diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Update-AzureKeyVaultManagedStorageAccountKey.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Update-AzureKeyVaultManagedStorageAccountKey.md index a79fcd633168..19425376dd86 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Update-AzureKeyVaultManagedStorageAccountKey.md +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Update-AzureKeyVaultManagedStorageAccountKey.md @@ -43,21 +43,6 @@ Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` -### -Confirm -Prompts you for confirmation before running the cmdlet. - -```yaml -Type: SwitchParameter -Parameter Sets: (All) -Aliases: cf - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - ### -Force Do not ask for confirmation. @@ -120,6 +105,21 @@ Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` +### -Confirm +Prompts you for confirmation before running the cmdlet. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: cf + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + ### -WhatIf Shows what would happen if the cmdlet runs. The cmdlet is not run. diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/packages.config b/src/ResourceManager/KeyVault/Commands.KeyVault/packages.config index 0a130e0dde3d..309f10e90868 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/packages.config +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/packages.config @@ -1,7 +1,11 @@  - - + + + + + + \ No newline at end of file From 4cb144cece476dc55052b0d15f474bf4e88f5e10 Mon Sep 17 00:00:00 2001 From: Dragos Avadanei Date: Fri, 4 Aug 2017 17:09:04 -0700 Subject: [PATCH 02/10] addressing review feedback --- .../Commands.KeyVault.Test.csproj | 3 +- .../Commands.KeyVault.Test/app.config | 11 - .../UndoAzureKeyVaultCertificateRemoval.cs | 1 - .../KeyVault/Commands.KeyVault/app.config | 11 - .../help/Add-AzureKeyVaultKey.md | 276 ++++++++++++++---- .../help/AzureRM.KeyVault.md | 3 + .../Commands.KeyVault/packages.config | 4 - 7 files changed, 230 insertions(+), 79 deletions(-) delete mode 100644 src/ResourceManager/KeyVault/Commands.KeyVault.Test/app.config delete mode 100644 src/ResourceManager/KeyVault/Commands.KeyVault/app.config diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Commands.KeyVault.Test.csproj b/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Commands.KeyVault.Test.csproj index 90d267a2965c..8f8bd6a4e258 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Commands.KeyVault.Test.csproj +++ b/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Commands.KeyVault.Test.csproj @@ -138,7 +138,7 @@ False ..\..\..\packages\Moq.4.2.1510.2205\lib\net40\Moq.dll - + ..\..\..\packages\Newtonsoft.Json.9.0.1\lib\net45\Newtonsoft.Json.dll True @@ -196,7 +196,6 @@ - Designer diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault.Test/app.config b/src/ResourceManager/KeyVault/Commands.KeyVault.Test/app.config deleted file mode 100644 index 433dc9083c92..000000000000 --- a/src/ResourceManager/KeyVault/Commands.KeyVault.Test/app.config +++ /dev/null @@ -1,11 +0,0 @@ - - - - - - - - - - - diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/Commands/UndoAzureKeyVaultCertificateRemoval.cs b/src/ResourceManager/KeyVault/Commands.KeyVault/Commands/UndoAzureKeyVaultCertificateRemoval.cs index 23394e4185c2..06bcc0d12837 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/Commands/UndoAzureKeyVaultCertificateRemoval.cs +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/Commands/UndoAzureKeyVaultCertificateRemoval.cs @@ -20,7 +20,6 @@ namespace Microsoft.Azure.Commands.KeyVault { [Cmdlet( VerbsCommon.Undo, "AzureKeyVaultCertificateRemoval", SupportsShouldProcess = true, - ConfirmImpact = ConfirmImpact.Low, HelpUri = Constants.KeyVaultHelpUri )] [OutputType( typeof( CertificateBundle ) )] public class UndoAzureKeyVaultCertificateRemoval : KeyVaultCmdletBase diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/app.config b/src/ResourceManager/KeyVault/Commands.KeyVault/app.config deleted file mode 100644 index 8460dd432e3c..000000000000 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/app.config +++ /dev/null @@ -1,11 +0,0 @@ - - - - - - - - - - - \ No newline at end of file diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Add-AzureKeyVaultKey.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Add-AzureKeyVaultKey.md index ea7e4f9fe2f5..a8435d0a6cc9 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Add-AzureKeyVaultKey.md +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Add-AzureKeyVaultKey.md @@ -12,36 +12,176 @@ Creates a key in a key vault or imports a key into a key vault. ## SYNTAX +### Create (Default) ``` -Add-AzureKeyVaultCertificateContact [-VaultName] [-EmailAddress] [-PassThru] [-WhatIf] - [-Confirm] [] +Add-AzureKeyVaultKey [-VaultName] [-Name] -Destination [-Disable] + [-KeyOps ] [-Expires ] [-NotBefore ] [-Tag ] [-WhatIf] [-Confirm] + [] +``` + +### Import +``` +Add-AzureKeyVaultKey [-VaultName] [-Name] -KeyFilePath + [-KeyFilePassword ] [-Destination ] [-Disable] [-KeyOps ] + [-Expires ] [-NotBefore ] [-Tag ] [-WhatIf] [-Confirm] [] ``` ## DESCRIPTION -The **Add-AzureKeyVaultCertificateContact** cmdlet adds a contact for a key vault for certificate notifications in Azure Key Vault. -The contact receives updates about events such as certificate close to expiry, certificate renewed, and so on. -These events are determined by the certificate policy. +The **Add-AzureKeyVaultKey** cmdlet creates a key in a key vault in Azure Key Vault, or imports a key into a key vault. +Use this cmdlet to add keys by using any of the following methods: + +- Create a key in a hardware security module (HSM) in the Key Vault service. +- Create a key in software in the Key Vault service. +- Import a key from your own hardware security module (HSM) to HSMs in the Key Vault service. +- Import a key from a .pfx file on your computer. +- Import a key from a .pfx file on your computer to hardware security modules (HSMs) in the Key Vault service. + +For any of these operations, you can provide key attributes or accept default settings. + +If you create or import a key that has the same name as an existing key in your key vault, the +original key is updated with the values that you specify for the new key. You can access the +previous values by using the version-specific URI for that version of the key. To learn about key +versions and the URI structure, see [About Keys andSecrets](http://go.microsoft.com/fwlink/?linkid=518560) +in the Key Vault REST API documentation. + +Note: To import a key from your own hardware security module, you must first generate a BYOK +package (a file with a .byok file name extension) by using the Azure Key Vault BYOK toolset. For +more information, see +[How to Generate and Transfer HSM-Protected Keys for Azure Key Vault](http://go.microsoft.com/fwlink/?LinkId=522252). + +As a best practice, back up your key after it is created or updated, by using the +Backup-AzureKeyVaultKey cmdlet. There is no undelete functionality, so if you accidentally delete +your key or delete it and then change your mind, the key is not recoverable unless you have a +backup of it that you can restore. ## EXAMPLES -### Example 1: Add a key vault certificate contact +### Example 1: Create a key +``` +PS C:\>Add-AzureKeyVaultKey -VaultName 'Contoso' -Name 'ITSoftware' -Destination 'Software' +``` + +This command creates a software-protected key named ITSoftware in the key vault named Contoso. + +### Example 2: Create an HSM-protected key ``` -PS C:\>Add-AzureKeyVaultCertificateContact -VaultName "ContosoKV01" -EmailAddress "patti.fuller@contoso.com" -PassThru +PS C:\>Add-AzureKeyVaultKey -VaultName 'Contoso' -Name 'ITHsm' -Destination 'HSM' ``` -This command adds Patti Fuller as a certificate contact for the ContosoKV01 key vault and returns the **KeyVaultCertificateContact** object. +This command creates an HSM-protected key in the key vault named Contoso. + +### Example 3: Create a key with non-default values +``` +PS C:\>$KeyOperations = 'decrypt', 'verify' +PS C:\> $Expires = (Get-Date).AddYears(2).ToUniversalTime() +PS C:\> $NotBefore = (Get-Date).ToUniversalTime() +PS C:\> $Tags = @{'Severity' = 'high'; 'Accounting' = null} +PS C:\> Add-AzureKeyVaultKey -VaultName 'Contoso' -Name 'ITHsmNonDefault' -Destination 'HSM' -Expires $Expires -NotBefore $NotBefore -KeyOps $KeyOperations -Disable -Tag $Tags +``` + +The first command stores the values decrypt and verify in the $KeyOperations variable. + +The second command creates a **DateTime** object, defined in UTC, by using the **Get-Date** cmdlet. +That object specifies a time two years in the future. The command stores that date in the $Expires +variable. For more information, type `Get-Help Get-Date`. + +The third command creates a **DateTime** object by using the **Get-Date** cmdlet. That object +specifies current UTC time. The command stores that date in the $NotBefore variable. + +The final command creates a key named ITHsmNonDefault that is an HSM-protected key. The command +specifies values for allowed key operations stored $KeyOperations. The command specifies times for +the *Expires* and *NotBefore* parameters created in the previous commands, and tags for high +severity and IT. The new key is disabled. You can enable it by using the **Set-AzureKeyVaultKey** +cmdlet. + +### Example 4: Import an HSM-protected key +``` +PS C:\>Add-AzureKeyVaultKey -VaultName 'Contoso' -Name 'ITByok' -KeyFilePath 'C:\Contoso\ITByok.byok' -Destination 'HSM' +``` + +This command imports the key named ITByok from the location that the *KeyFilePath* parameter +specifies. The imported key is an HSM-protected key. + +To import a key from your own hardware security module, you must first generate a BYOK package (a file with a .byok file name extension) by using the Azure Key Vault BYOK toolset. +For more information, see +[How to Generate and Transfer HSM-Protected Keys for Azure Key Vault](http://go.microsoft.com/fwlink/?LinkId=522252). + +### Example 5: Import a software-protected key +``` +PS C:\>$Password = ConvertTo-SecureString -String 'Password' -AsPlainText -Force +PS C:\> Add-AzureKeyVaultKey -VaultName 'Contoso' -Name 'ITPfx' -KeyFilePath 'C:\Contoso\ITPfx.pfx' -KeyFilePassword $Password +``` + +The first command converts a string into a secure string by using the **ConvertTo-SecureString** +cmdlet, and then stores that string in the $Password variable. For more information, type `Get-Help +ConvertTo-SecureString`. + +The second command creates a software password in the Contoso key vault. The command specifies the +location for the key and the password stored in $Password. + +### Example 6: Import a key and assign attributes +``` +PS C:\>$Password = ConvertTo-SecureString -String 'password' -AsPlainText -Force +PS C:\> $Expires = (Get-Date).AddYears(2).ToUniversalTime() +PS C:\> $Tags = @{ 'Severity' = 'high'; 'Accounting' = null } +PS C:\> Add-AzureKeyVaultKey -VaultName 'Contoso' -Name 'ITPfxToHSM' -Destination 'HSM' -KeyFilePath 'C:\Contoso\ITPfx.pfx' -KeyFilePassword $Password -Expires $Expires -Tag $Tags +``` + +The first command converts a string into a secure string by using the **ConvertTo-SecureString** +cmdlet, and then stores that string in the $Password variable. + +The second command creates a **DateTime** object by using the **Get-Date** cmdlet, and then stores +that object in the $Expires variable. + +The third command creates the $tags variable to set tags for high severity and IT. + +The final command imports a key as an HSM key from the specified location. The command specifies +the expiration time stored in $Expires and password stored in $Password, and applies the tags +stored in $tags. ## PARAMETERS +### -Confirm +Prompts you for confirmation before running the cmdlet. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: cf + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + ### -Destination -Specifies whether to add the key as a software-protected key or an HSM-protected key in the Key Vault service. Valid values are: HSM and Software.```yaml +Specifies whether to add the key as a software-protected key or an HSM-protected key in the Key Vault service. +Valid values are: HSM and Software. + +Note: To use HSM as your destination, you must have a key vault that supports HSMs. For more +information about the service tiers and capabilities for Azure Key Vault, see the +[Azure Key Vault Pricing website](http://go.microsoft.com/fwlink/?linkid=512521). + +This parameter is required when you create a new key. If you import a key by using the +*KeyFilePath* parameter, this parameter is optional: + +- If you do not specify this parameter, and this cmdlet imports a key that has .byok file name +extension, it imports that key as an HSM-protected key. The cmdlet cannot import that key as +software-protected key. + +- If you do not specify this parameter, and this cmdlet imports a key that has a .pfx file name +extension, it imports the key as a software-protected key. + +```yaml Type: String Parameter Sets: Create -Aliases: +Aliases: Accepted values: HSM, Software Required: True -Position: 2 +Position: Named Default value: None Accept pipeline input: False Accept wildcard characters: False @@ -50,7 +190,7 @@ Accept wildcard characters: False ```yaml Type: String Parameter Sets: Import -Aliases: +Aliases: Accepted values: HSM, Software Required: False @@ -61,10 +201,13 @@ Accept wildcard characters: False ``` ### -Disable -Indicates that the key you are adding is set to an initial state of disabled. Any attempt to use the key will fail. Use this parameter if you are preloading keys that you intend to enable later.```yaml +Indicates that the key you are adding is set to an initial state of disabled. Any attempt to use +the key will fail. Use this parameter if you are preloading keys that you intend to enable later. + +```yaml Type: SwitchParameter Parameter Sets: (All) -Aliases: +Aliases: Required: False Position: Named @@ -74,10 +217,15 @@ Accept wildcard characters: False ``` ### -Expires -Specifies the expiration time of the key in UTC. If not specified, key will not expire.```yaml +Specifies the expiration time, as a **DateTime** object, for the key that this cmdlet adds. This +parameter uses Coordinated Universal Time (UTC). To obtain a **DateTime** object, use the +**Get-Date** cmdlet. For more information, type `Get-Help Get-Date`. If you do not specify this +parameter, the key does not expire. + +```yaml Type: DateTime Parameter Sets: (All) -Aliases: +Aliases: Required: False Position: Named @@ -87,10 +235,15 @@ Accept wildcard characters: False ``` ### -KeyFilePassword -Password of the local file containing the key material to be imported.```yaml +Specifies a password for the imported file as a **SecureString** object. To obtain a +**SecureString** object, use the **ConvertTo-SecureString** cmdlet. For more information, type +`Get-Help ConvertTo-SecureString`. You must specify this password to import a file with a .pfx file +name extension. + +```yaml Type: SecureString Parameter Sets: Import -Aliases: +Aliases: Required: False Position: Named @@ -100,10 +253,21 @@ Accept wildcard characters: False ``` ### -KeyFilePath -Path to the local file containing the key material to be imported.```yaml +Specifies the path of a local file that contains key material that this cmdlet imports. +The valid file name extensions are .byok and .pfx. + +- If the file is a .byok file, the key is automatically protected by HSMs after the import and you +cannot override this default. + +- If the file is a .pfx file, the key is automatically protected by software after the import. To +override this default, set the *Destination* parameter to HSM so that the key is HSM-protected. + +When you specify this parameter, the *Destination* parameter is optional. + +```yaml Type: String Parameter Sets: Import -Aliases: +Aliases: Required: True Position: Named @@ -113,10 +277,25 @@ Accept wildcard characters: False ``` ### -KeyOps -The operations that can be performed with the key. If not present, all operations can be performed.```yaml +Specifies an array of operations that can be performed by using the key that this cmdlet adds. +If you do not specify this parameter, all operations can be performed. + +The acceptable values for this parameter are a comma-separated list of key operations as defined by +the [JSON Web Key (JWK) specification](http://go.microsoft.com/fwlink/?LinkID=613300): + +- Encrypt +- Decrypt +- Wrap +- Unwrap +- Sign +- Verify +- Backup +- Restore + +```yaml Type: String[] Parameter Sets: (All) -Aliases: +Aliases: Required: False Position: Named @@ -126,13 +305,18 @@ Accept wildcard characters: False ``` ### -Name -Key name. Cmdlet constructs the FQDN of a key from vault name, currently selected environment and key name.```yaml +Specifies the name of the key to add to the key vault. This cmdlet constructs the fully qualified +domain name (FQDN) of a key based on the name that this parameter specifies, the name of the key +vault, and your current environment. The name must be a string of 1 through 63 characters in length +that contains only 0-9, a-z, A-Z, and - (the dash symbol). + +```yaml Type: String Parameter Sets: (All) -Aliases: +Aliases: KeyName Required: True -Position: 2 +Position: 1 Default value: None Accept pipeline input: False Accept wildcard characters: False @@ -146,7 +330,7 @@ parameter, the key can be used immediately. ```yaml Type: DateTime Parameter Sets: (All) -Aliases: +Aliases: Required: False Position: Named @@ -156,10 +340,14 @@ Accept wildcard characters: False ``` ### -Tag -A hashtable representing key tags.```yaml +Key-value pairs in the form of a hash table. For example: + +@{key0="value0";key1=$null;key2="value2"} + +```yaml Type: Hashtable Parameter Sets: (All) -Aliases: cf +Aliases: Tags Required: False Position: Named @@ -169,33 +357,18 @@ Accept wildcard characters: False ``` ### -VaultName -Specifies the name of the key vault. +Specifies the name of the key vault to which this cmdlet adds the key. This cmdlet constructs the +FQDN of a key vault based on the name that this parameter specifies and your current environment. ```yaml Type: String Parameter Sets: (All) -Aliases: +Aliases: Required: True -Position: 1 +Position: 0 Default value: None Accept pipeline input: True (ByPropertyName) -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -Confirm -Prompts you for confirmation before running the cmdlet. - -```yaml -Type: SwitchParameter -Parameter Sets: (All) -Aliases: cf - -Required: False -Position: Named -Default value: None -Accept pipeline input: False Accept wildcard characters: False ``` @@ -222,13 +395,16 @@ This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable ## OUTPUTS -### List +Microsoft.Azure.Commands.KeyVault.Models.KeyBundle ## NOTES ## RELATED LINKS -[Get-AzureKeyVaultCertificateContact](./Get-AzureKeyVaultCertificateContact.md) +[Backup-AzureKeyVaultKey](./Backup-AzureKeyVaultKey.md) + +[Get-AzureKeyVaultKey](./Get-AzureKeyVaultKey.md) -[Remove-AzureKeyVaultCertificateContact](./Remove-AzureKeyVaultCertificateContact.md) +[Remove-AzureKeyVaultKey](./Remove-AzureKeyVaultKey.md) +[Set-AzureKeyVaultKeyAttribute](./Set-AzureKeyVaultKeyAttribute.md) \ No newline at end of file diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/AzureRM.KeyVault.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/AzureRM.KeyVault.md index 2103d28c86c6..6875a91484f2 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/AzureRM.KeyVault.md +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/AzureRM.KeyVault.md @@ -20,6 +20,9 @@ Adds a contact for certificate notifications. ### [Add-AzureKeyVaultKey](Add-AzureKeyVaultKey.md) Creates a key in a key vault or imports a key into a key vault. +### [Add-AzureKeyVaultManagedStorageAccount](Add-AzureKeyVaultManagedStorageAccount.md) +Adds a KeyVault-managed storage account to a key vault. + ### [Backup-AzureKeyVaultKey](Backup-AzureKeyVaultKey.md) Backs up a key in a key vault. diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/packages.config b/src/ResourceManager/KeyVault/Commands.KeyVault/packages.config index 309f10e90868..d10da5b20109 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/packages.config +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/packages.config @@ -1,11 +1,7 @@  - - - - \ No newline at end of file From b892bcc38afa36c77e2f6a8e2a8d09e8aaad1dc2 Mon Sep 17 00:00:00 2001 From: Dragos Avadanei Date: Fri, 4 Aug 2017 18:35:05 -0700 Subject: [PATCH 03/10] more review feedback - writing the deleted certificate on passthrough --- .../Commands/RemoveAzureKeyVaultCertificate.cs | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/Commands/RemoveAzureKeyVaultCertificate.cs b/src/ResourceManager/KeyVault/Commands.KeyVault/Commands/RemoveAzureKeyVaultCertificate.cs index b124ee9fa395..4e2f8d6e711d 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/Commands/RemoveAzureKeyVaultCertificate.cs +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/Commands/RemoveAzureKeyVaultCertificate.cs @@ -107,8 +107,7 @@ protected override void ProcessRecord() if (PassThru.IsPresent) { - var certificate = KeyVaultCertificate.FromCertificateBundle(certBundle); - this.WriteObject(certificate); + WriteObject( certBundle ); } } } From 0fdd3cc1650604e056ae026db2cb8d6c0d39ebbc Mon Sep 17 00:00:00 2001 From: Dragos Avadanei Date: Mon, 7 Aug 2017 16:16:31 -0700 Subject: [PATCH 04/10] restoring the PurgeDisabled flag, to prevent this from being a breaking-change release --- .../KeyVault/Commands.KeyVault/Models/KeyAttributes.cs | 10 ++++++++++ .../Commands.KeyVault/Models/SecretAttributes.cs | 10 ++++++++++ 2 files changed, 20 insertions(+) diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/Models/KeyAttributes.cs b/src/ResourceManager/KeyVault/Commands.KeyVault/Models/KeyAttributes.cs index 6ae9872f3ae5..72035c223b61 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/Models/KeyAttributes.cs +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/Models/KeyAttributes.cs @@ -35,6 +35,7 @@ internal KeyAttributes(bool? enabled, DateTime? expires, DateTime? notBefore, st this.KeyType = keyType; this.KeyOps = keyOps; this.Tags = tags; + this.PurgeDisabled = false; } internal KeyAttributes(bool? enabled, DateTime? expires, DateTime? notBefore, string keyType, @@ -49,6 +50,7 @@ internal KeyAttributes(bool? enabled, DateTime? expires, DateTime? notBefore, st this.Updated = updated; this.RecoveryLevel = deletionRecoveryLevel; this.Tags = (tags == null) ? null : tags.ConvertToHashtable(); + this.PurgeDisabled = false; } public bool? Enabled { get; set; } @@ -65,6 +67,14 @@ internal KeyAttributes(bool? enabled, DateTime? expires, DateTime? notBefore, st public DateTime? Updated { get; private set; } + /// + /// Obsolete flag indicating that the key is protected against purge. + /// + /// + /// Deprecated, will be removed in the next PowerShell release. + /// + public bool PurgeDisabled { get; private set; } + public string RecoveryLevel { get; private set; } public Hashtable Tags { get; set; } diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/Models/SecretAttributes.cs b/src/ResourceManager/KeyVault/Commands.KeyVault/Models/SecretAttributes.cs index f1eca26ffabb..e9db106713b5 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/Models/SecretAttributes.cs +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/Models/SecretAttributes.cs @@ -33,6 +33,7 @@ internal SecretAttributes(bool? enabled, DateTime? expires, DateTime? notBefore, this.NotBefore = notBefore; this.ContentType = contentType; this.Tags = tags; + this.PurgeDisabled = false; } internal SecretAttributes(bool? enabled, DateTime? expires, DateTime? notBefore, @@ -46,6 +47,7 @@ internal SecretAttributes(bool? enabled, DateTime? expires, DateTime? notBefore, this.ContentType = contentType; this.RecoveryLevel = deletionRecoveryLevel; this.Tags = (tags == null) ? null : tags.ConvertToHashtable(); + this.PurgeDisabled = false; } public bool? Enabled { get; set; } @@ -62,6 +64,14 @@ internal SecretAttributes(bool? enabled, DateTime? expires, DateTime? notBefore, public Hashtable Tags { get; set; } + /// + /// Obsolete flag indicating that the secret is protected against purge. + /// + /// + /// Deprecated, will be removed in the next PowerShell release. + /// + public bool PurgeDisabled { get; private set; } + public string RecoveryLevel { get; private set; } public string TagsTable From c083c5f946ffbf788d2412d561ba45c857957374 Mon Sep 17 00:00:00 2001 From: Dragos Avadanei Date: Tue, 8 Aug 2017 11:58:27 -0700 Subject: [PATCH 05/10] addressing breaking change issues uncovered by the official build --- .../Commands.KeyVault/Models/KeyIdentityItem.cs | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/Models/KeyIdentityItem.cs b/src/ResourceManager/KeyVault/Commands.KeyVault/Models/KeyIdentityItem.cs index eec3c481aea4..704eb3ba4c1e 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/Models/KeyIdentityItem.cs +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/Models/KeyIdentityItem.cs @@ -38,6 +38,11 @@ internal KeyIdentityItem(Azure.KeyVault.Models.KeyItem keyItem, VaultUriHelper v Updated = keyItem.Attributes.Updated; RecoveryLevel = keyItem.Attributes.RecoveryLevel; Tags = (keyItem.Tags == null) ? null : keyItem.Tags.ConvertToHashtable(); + + + // the PurgeDisabled field was deprecated, but is kept in the + // PSH SDK until the first breaking-change release. + PurgeDisabled = false; } internal KeyIdentityItem(KeyBundle keyBundle) @@ -56,6 +61,10 @@ internal KeyIdentityItem(KeyBundle keyBundle) Updated = keyBundle.Attributes.Updated; RecoveryLevel = keyBundle.Attributes.RecoveryLevel; Tags = keyBundle.Attributes.Tags; + + // the PurgeDisabled field was deprecated, but is kept in the + // PSH SDK until the first breaking-change release. + PurgeDisabled = false; } public bool? Enabled { get; set; } @@ -68,6 +77,8 @@ internal KeyIdentityItem(KeyBundle keyBundle) public DateTime? Updated { get; private set; } + public bool PurgeDisabled { get; private set; } + public string RecoveryLevel { get; private set; } public Hashtable Tags { get; set; } From a8b3c4ca9a14512c01aa297d2f63b2c880ef687f Mon Sep 17 00:00:00 2001 From: Dragos Avadanei Date: Thu, 24 Aug 2017 18:38:19 -0700 Subject: [PATCH 06/10] Reverting Certificate cmdlets to use PSH-defined types --- .../Scripts/VaultManagementTests.ps1 | 6 +++--- .../Commands/GetAzureKeyVaultCertificate.cs | 4 ++-- .../Commands/RemoveAzureKeyVaultCertificate.cs | 13 +++++++------ .../Commands.KeyVault/Models/KeyVaultCertificate.cs | 9 ++++++++- 4 files changed, 20 insertions(+), 12 deletions(-) diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/VaultManagementTests.ps1 b/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/VaultManagementTests.ps1 index 4f054c792873..20ea6d254804 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/VaultManagementTests.ps1 +++ b/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/VaultManagementTests.ps1 @@ -373,9 +373,9 @@ function Initialize-TemporaryState "objectId" = $objectId "applicationId" = "" "permissions" = @{ - "keys" = @("all") - "secrets" = @("all") - "certificates" = @("all") + "keys" = @("all", "purge") + "secrets" = @("all", "purge") + "certificates" = @("all", "purge") "storage" = @("all") } } diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/Commands/GetAzureKeyVaultCertificate.cs b/src/ResourceManager/KeyVault/Commands.KeyVault/Commands/GetAzureKeyVaultCertificate.cs index 5dc00f89c0c7..954ce998e782 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/Commands/GetAzureKeyVaultCertificate.cs +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/Commands/GetAzureKeyVaultCertificate.cs @@ -28,7 +28,7 @@ namespace Microsoft.Azure.Commands.KeyVault [Cmdlet(VerbsCommon.Get, CmdletNoun.AzureKeyVaultCertificate, DefaultParameterSetName = ByVaultNameParameterSet, HelpUri = Constants.KeyVaultHelpUri)] - [OutputType(typeof(List), typeof(KeyVaultCertificate), typeof(DeletedCertificateBundle), typeof(List))] + [OutputType(typeof(List), typeof(KeyVaultCertificate), typeof(DeletedKeyVaultCertificate), typeof(List))] public class GetAzureKeyVaultCertificate : KeyVaultCmdletBase { #region Parameter Set Names @@ -131,7 +131,7 @@ protected override void ProcessRecord() break; } - DeletedCertificateBundle deletedCert = DataServiceClient.GetDeletedCertificate(VaultName, Name); + DeletedKeyVaultCertificate deletedCert = DeletedKeyVaultCertificate.FromDeletedCertificateBundle( DataServiceClient.GetDeletedCertificate(VaultName, Name) ); WriteObject( deletedCert ); break; diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/Commands/RemoveAzureKeyVaultCertificate.cs b/src/ResourceManager/KeyVault/Commands.KeyVault/Commands/RemoveAzureKeyVaultCertificate.cs index 4e2f8d6e711d..ad485ddcdd26 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/Commands/RemoveAzureKeyVaultCertificate.cs +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/Commands/RemoveAzureKeyVaultCertificate.cs @@ -16,7 +16,6 @@ using System.Management.Automation; using Microsoft.Azure.Commands.KeyVault.Models; using KeyVaultProperties = Microsoft.Azure.Commands.KeyVault.Properties; -using Microsoft.Azure.KeyVault.Models; namespace Microsoft.Azure.Commands.KeyVault { @@ -27,7 +26,7 @@ namespace Microsoft.Azure.Commands.KeyVault SupportsShouldProcess = true, ConfirmImpact = ConfirmImpact.High, HelpUri = Constants.KeyVaultHelpUri)] - [OutputType(typeof(DeletedCertificateBundle))] + [OutputType(typeof(DeletedKeyVaultCertificate))] public class RemoveAzureKeyVaultCertificate : KeyVaultCmdletBase { #region Input Parameter Definitions @@ -55,7 +54,8 @@ public class RemoveAzureKeyVaultCertificate : KeyVaultCmdletBase /// /// If present, do not ask for confirmation /// - [Parameter(HelpMessage = "Do not ask for confirmation.")] + [Parameter( Mandatory = false, + HelpMessage = "Do not ask for confirmation.")] public SwitchParameter Force { get; set; } /// @@ -65,7 +65,8 @@ public class RemoveAzureKeyVaultCertificate : KeyVaultCmdletBase HelpMessage = "Permanently remove the previously deleted certificate." )] public SwitchParameter InRemovedState { get; set; } - [Parameter(HelpMessage = "Cmdlet does not return an object by default. If this switch is specified, the cmdlet returns the certificate object that was deleted.")] + [Parameter( Mandatory = false, + HelpMessage = "Cmdlet does not return an object by default. If this switch is specified, the cmdlet returns the certificate object that was deleted.")] public SwitchParameter PassThru { get; set; } #endregion @@ -90,7 +91,7 @@ protected override void ProcessRecord() return; } - DeletedCertificateBundle certBundle = null; + DeletedKeyVaultCertificate certBundle = null; ConfirmAction( Force.IsPresent, @@ -103,7 +104,7 @@ protected override void ProcessRecord() KeyVaultProperties.Resources.RemoveCertWhatIfMessage, Name), Name, - () => { certBundle = this.DataServiceClient.DeleteCertificate(VaultName, Name); }); + () => { certBundle = DeletedKeyVaultCertificate.FromDeletedCertificateBundle( this.DataServiceClient.DeleteCertificate(VaultName, Name) ); }); if (PassThru.IsPresent) { diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/Models/KeyVaultCertificate.cs b/src/ResourceManager/KeyVault/Commands.KeyVault/Models/KeyVaultCertificate.cs index 734016b5ee62..6420c5dde727 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/Models/KeyVaultCertificate.cs +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/Models/KeyVaultCertificate.cs @@ -19,9 +19,10 @@ namespace Microsoft.Azure.Commands.KeyVault.Models { - public class KeyVaultCertificate + public class KeyVaultCertificate { public string Name { get; set; } + public string VaultName { get; set; } public X509Certificate2 Certificate { get; set; } public string Id { get; internal set; } public string KeyId { get; internal set; } @@ -46,6 +47,12 @@ public KeyVaultCertificate( CertificateBundle certificateBundle ) { Id = certificateBundle.CertificateIdentifier.Identifier; Name = certificateBundle.CertificateIdentifier.Name; + + // TODO [dragosav] Bring Certificate classes on par with keys/secrets: + // - inherit from ObjectIdentifier + // - constructors should accept the VaultUriHelper as a parameter + var vaultUri = new Uri( certificateBundle.CertificateIdentifier.Vault ); + VaultName = vaultUri.Host.Split( '.' ).First( ); } if ( certificateBundle.Cer != null ) From 10ea130b3dfc40f806c05ccfaef77b4f0104f46e Mon Sep 17 00:00:00 2001 From: Dragos Avadanei Date: Fri, 25 Aug 2017 15:24:58 -0700 Subject: [PATCH 07/10] KeyVault: adding soft-delete support for certificates --- .../KeyVault/AzureRM.KeyVault.psd1 | 34 ++- src/ResourceManager/KeyVault/ChangeLog.md | 4 + .../Commands.KeyVault.Test.csproj | 14 +- .../Commands.KeyVault.Test/Scripts/Common.ps1 | 111 ++++++--- .../ControlPlane/KeyVaultManagementTests.ps1 | 3 +- .../Scripts/RunKeyVaultTests.ps1 | 24 +- .../Scripts/VaultCertificateTests.ps1 | 138 +++++++++++ .../Scripts/VaultKeyTests.ps1 | 19 +- .../Scripts/VaultManagementTests.ps1 | 8 + .../Scripts/VaultSecretTests.ps1 | 2 +- .../Commands.KeyVault.Test/packages.config | 6 +- .../Commands.KeyVault.csproj | 7 +- .../Commands/GetAzureKeyVaultCertificate.cs | 50 +++- .../RemoveAzureKeyVaultCertificate.cs | 41 ++- .../Commands/SetAzureKeyVaultAccessPolicy.cs | 3 +- .../UndoAzureKeyVaultCertificateRemoval.cs | 62 +++++ .../Models/DeletedCertificateIdentityItem.cs | 40 +++ .../Models/DeletedKeyVaultCertificate.cs | 47 ++++ .../Models/IKeyVaultDataServiceClient.cs | 10 +- .../Commands.KeyVault/Models/KeyAttributes.cs | 14 +- .../Commands.KeyVault/Models/KeyBundle.cs | 2 +- .../Models/KeyIdentityItem.cs | 15 +- .../Models/KeyVaultCertificate.cs | 60 +++-- .../Models/KeyVaultDataServiceClient.cs | 102 +++++++- .../Models/KeyVaultManagementCmdletBase.cs | 3 +- .../Commands.KeyVault/Models/Secret.cs | 1 + .../Models/SecretAttributes.cs | 16 +- .../Properties/Resources.Designer.cs | 233 ++++++++++-------- .../Properties/Resources.resx | 11 +- .../help/Add-AzureKeyVaultCertificate.md | 42 ++-- .../Add-AzureKeyVaultCertificateContact.md | 34 +-- .../help/AzureRM.KeyVault.md | 34 +-- .../help/Backup-AzureKeyVaultKey.md | 36 +-- .../help/Backup-AzureKeyVaultSecret.md | 30 +-- .../help/Get-AzureKeyVaultCertificate.md | 61 ++++- .../Get-AzureKeyVaultCertificateContact.md | 2 +- .../Get-AzureKeyVaultCertificateIssuer.md | 4 +- .../Get-AzureKeyVaultCertificateOperation.md | 4 +- .../Get-AzureKeyVaultCertificatePolicy.md | 4 +- .../help/Get-AzureKeyVaultKey.md | 30 ++- .../help/Get-AzureKeyVaultSecret.md | 32 ++- .../help/Get-AzureRmKeyVault.md | 16 +- .../help/Import-AzureKeyVaultCertificate.md | 4 +- ...KeyVaultCertificateAdministratorDetails.md | 30 +-- ...eKeyVaultCertificateOrganizationDetails.md | 20 +- .../New-AzureKeyVaultCertificatePolicy.md | 30 +-- .../help/New-AzureRmKeyVault.md | 70 +++--- .../help/Remove-AzureKeyVaultCertificate.md | 46 +++- .../Remove-AzureKeyVaultCertificateContact.md | 34 +-- .../Remove-AzureKeyVaultCertificateIssuer.md | 34 +-- ...emove-AzureKeyVaultCertificateOperation.md | 34 +-- .../help/Remove-AzureKeyVaultKey.md | 36 +-- ...move-AzureKeyVaultManagedStorageAccount.md | 30 +-- ...zureKeyVaultManagedStorageSasDefinition.md | 30 +-- .../help/Remove-AzureKeyVaultSecret.md | 38 +-- .../help/Remove-AzureRmKeyVault.md | 34 +-- .../Remove-AzureRmKeyVaultAccessPolicy.md | 53 ++-- .../help/Restore-AzureKeyVaultKey.md | 32 +-- .../help/Restore-AzureKeyVaultSecret.md | 30 +-- .../Set-AzureKeyVaultCertificateAttribute.md | 44 ++-- .../Set-AzureKeyVaultCertificateIssuer.md | 34 +-- .../Set-AzureKeyVaultCertificatePolicy.md | 36 +-- .../help/Set-AzureKeyVaultKeyAttribute.md | 6 +- .../help/Set-AzureKeyVaultSecret.md | 6 +- .../help/Set-AzureKeyVaultSecretAttribute.md | 6 +- .../help/Set-AzureRmKeyVaultAccessPolicy.md | 66 ++--- .../Stop-AzureKeyVaultCertificateOperation.md | 34 +-- .../Undo-AzureKeyVaultCertificateRemoval.md | 115 +++++++++ .../help/Undo-AzureKeyVaultKeyRemoval.md | 30 +-- .../help/Undo-AzureKeyVaultSecretRemoval.md | 30 +-- .../help/Undo-AzureRmKeyVaultRemoval.md | 38 +-- ...e-AzureKeyVaultManagedStorageAccountKey.md | 30 +-- .../Commands.KeyVault/packages.config | 4 +- 73 files changed, 1643 insertions(+), 830 deletions(-) create mode 100644 src/ResourceManager/KeyVault/Commands.KeyVault/Commands/UndoAzureKeyVaultCertificateRemoval.cs create mode 100644 src/ResourceManager/KeyVault/Commands.KeyVault/Models/DeletedCertificateIdentityItem.cs create mode 100644 src/ResourceManager/KeyVault/Commands.KeyVault/Models/DeletedKeyVaultCertificate.cs create mode 100644 src/ResourceManager/KeyVault/Commands.KeyVault/help/Undo-AzureKeyVaultCertificateRemoval.md diff --git a/src/ResourceManager/KeyVault/AzureRM.KeyVault.psd1 b/src/ResourceManager/KeyVault/AzureRM.KeyVault.psd1 index b181b3bb95f1..fa56479d9784 100644 --- a/src/ResourceManager/KeyVault/AzureRM.KeyVault.psd1 +++ b/src/ResourceManager/KeyVault/AzureRM.KeyVault.psd1 @@ -87,20 +87,30 @@ CmdletsToExport = 'Add-AzureKeyVaultCertificate', 'Remove-AzureKeyVaultCertificateIssuer', 'Remove-AzureKeyVaultCertificateOperation', 'Set-AzureKeyVaultCertificateIssuer', - 'Set-AzureKeyVaultCertificatePolicy', 'Get-AzureRmKeyVault', - 'New-AzureRmKeyVault', 'Remove-AzureRmKeyVault', - 'Undo-AzureRmKeyVaultRemoval', 'Remove-AzureRmKeyVaultAccessPolicy', - 'Set-AzureRmKeyVaultAccessPolicy', 'Backup-AzureKeyVaultKey', - 'Get-AzureKeyVaultKey', 'Get-AzureKeyVaultSecret', - 'Undo-AzureKeyVaultKeyRemoval', 'Undo-AzureKeyVaultSecretRemoval', - 'Add-AzureKeyVaultKey', 'Remove-AzureKeyVaultKey', - 'Remove-AzureKeyVaultSecret', 'Restore-AzureKeyVaultKey', - 'Set-AzureKeyVaultKeyAttribute', 'Set-AzureKeyVaultSecret', + 'Set-AzureKeyVaultCertificatePolicy', + 'Get-AzureRmKeyVault', + 'New-AzureRmKeyVault', + 'Remove-AzureRmKeyVault', + 'Undo-AzureRmKeyVaultRemoval', + 'Remove-AzureRmKeyVaultAccessPolicy', + 'Set-AzureRmKeyVaultAccessPolicy', + 'Backup-AzureKeyVaultKey', + 'Get-AzureKeyVaultKey', + 'Get-AzureKeyVaultSecret', + 'Undo-AzureKeyVaultKeyRemoval', + 'Undo-AzureKeyVaultSecretRemoval', + 'Add-AzureKeyVaultKey', + 'Remove-AzureKeyVaultKey', + 'Remove-AzureKeyVaultSecret', + 'Restore-AzureKeyVaultKey', + 'Set-AzureKeyVaultKeyAttribute', + 'Set-AzureKeyVaultSecret', 'Set-AzureKeyVaultSecretAttribute', 'Get-AzureKeyVaultCertificatePolicy', 'New-AzureKeyVaultCertificateAdministratorDetails', 'New-AzureKeyVaultCertificateOrganizationDetails', - 'Backup-AzureKeyVaultSecret', 'Restore-AzureKeyVaultSecret', + 'Backup-AzureKeyVaultSecret', + 'Restore-AzureKeyVaultSecret', 'Get-AzureKeyVaultManagedStorageAccount', 'Add-AzureKeyVaultManagedStorageAccount', 'Remove-AzureKeyVaultManagedStorageAccount', @@ -108,8 +118,8 @@ CmdletsToExport = 'Add-AzureKeyVaultCertificate', 'Update-AzureKeyVaultManagedStorageAccountKey', 'Get-AzureKeyVaultManagedStorageSasDefinition', 'Set-AzureKeyVaultManagedStorageSasDefinition', - 'Remove-AzureKeyVaultManagedStorageSasDefinition' - + 'Remove-AzureKeyVaultManagedStorageSasDefinition', + 'Undo-AzureKeyVaultCertificateRemoval' # Variables to export from this module # VariablesToExport = @() diff --git a/src/ResourceManager/KeyVault/ChangeLog.md b/src/ResourceManager/KeyVault/ChangeLog.md index b8018ed9ee80..5735cbd2b8a2 100644 --- a/src/ResourceManager/KeyVault/ChangeLog.md +++ b/src/ResourceManager/KeyVault/ChangeLog.md @@ -24,6 +24,10 @@ ## Version 3.3.0 ## Version 3.2.1 +* New/updated Cmdlets to support soft-delete for KeyVault certificates + * Get-AzureKeyVaultCertificate + * Remove-AzureKeyVaultCertificate + * Undo-AzureKeyVaultCertificateRemoval ## Version 3.2.0 * Remove email address from the directory query when -UserPrincipalName is specified to the Set-AzureRMKeyVaultAccessPolicy and Remove-AzureRMKeyVaultAccessPolicy cmdlets. diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Commands.KeyVault.Test.csproj b/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Commands.KeyVault.Test.csproj index 0962463dd3ff..8f8bd6a4e258 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Commands.KeyVault.Test.csproj +++ b/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Commands.KeyVault.Test.csproj @@ -65,12 +65,12 @@ ..\..\..\packages\Microsoft.Azure.Graph.RBAC.3.4.0-preview\lib\net452\Microsoft.Azure.Graph.RBAC.dll - - ..\..\..\packages\Microsoft.Azure.KeyVault.2.3.0-preview\lib\net452\Microsoft.Azure.KeyVault.dll + + ..\..\..\packages\Microsoft.Azure.KeyVault.2.3.2\lib\net452\Microsoft.Azure.KeyVault.dll True - - ..\..\..\packages\Microsoft.Azure.KeyVault.WebKey.2.0.6\lib\net452\Microsoft.Azure.KeyVault.WebKey.dll + + ..\..\..\packages\Microsoft.Azure.KeyVault.WebKey.2.0.7\lib\net452\Microsoft.Azure.KeyVault.WebKey.dll True @@ -138,9 +138,9 @@ False ..\..\..\packages\Moq.4.2.1510.2205\lib\net40\Moq.dll - - False - ..\..\..\packages\Newtonsoft.Json.6.0.8\lib\net45\Newtonsoft.Json.dll + + ..\..\..\packages\Newtonsoft.Json.9.0.1\lib\net45\Newtonsoft.Json.dll + True False diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/Common.ps1 b/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/Common.ps1 index b0d5d0a41b85..1fae5e025ecd 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/Common.ps1 +++ b/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/Common.ps1 @@ -207,7 +207,16 @@ function Cleanup-OldCertificates $certificatePattern = Get-CertificateName '*' Get-AzureKeyVaultCertificate $keyVault | Where-Object {$_.Name -like $certificatePattern} | - Remove-AzureKeyVaultCertificate -Force -Confirm:$false + Remove-AzureKeyVaultCertificate -Name $_.Name -VaultName $_.VaultName -Force -Confirm:$false + + if($global:softDeleteEnabled -eq $true) + { + Get-AzureKeyVaultCertificate -VaultName $keyVault -InRemovedState | + Where-Object {$_.Name -like $certificatePattern} | %{ + Remove-AzureKeyVaultCertificate -Name $_.Name -VaultName $_.VaultName -InRemovedState -Force -Confirm:$false + Wait-Seconds 5; + } + } } <# @@ -313,50 +322,49 @@ function Cleanup-SingleKeyTest function Cleanup-Key ([string]$keyName) { - $oldPref = $ErrorActionPreference - $ErrorActionPreference = "Stop" - try + $oldPref = $ErrorActionPreference + $ErrorActionPreference = "Stop" + try + { + $keyVault = Get-KeyVault + Write-Debug "Removing key with name $_ in vault $keyVault" + $catch = Remove-AzureKeyVaultKey $keyVault $keyName -Force -Confirm:$false + if($global:softDeleteEnabled -eq $true) { - $keyVault = Get-KeyVault - Write-Debug "Removing key with name $_ in vault $keyVault" - $catch = Remove-AzureKeyVaultKey $keyVault $keyName -Force -Confirm:$false - if($global:softDeleteEnabled -eq $true) - { - Wait-ForDeletedKey $keyVault $keyName - Remove-AzureKeyVaultKey $keyVault $keyName -Force -Confirm:$false -InRemovedState - } + Wait-ForDeletedKey $keyVault $keyName + Remove-AzureKeyVaultKey $keyVault $keyName -Force -Confirm:$false -InRemovedState } - catch { - - } - finally - { - $ErrorActionPreference = $oldPref - } + } + catch { + + } + finally + { + $ErrorActionPreference = $oldPref + } } function Cleanup-Secret ([string]$secretName) { - $oldPref = $ErrorActionPreference - $ErrorActionPreference = "Stop" - try - { - $keyVault = Get-KeyVault - Write-Debug "Removing secret with name $_ in vault $keyVault" - $catch = Remove-AzureKeyVaultSecret $keyVault $secretName -Force -Confirm:$false - if($global:softDeleteEnabled -eq $true) - { - Wait-ForDeletedSecret $keyVault $secretName - Remove-AzureKeyVaultSecret $keyVault $secretName -Force -Confirm:$false -InRemovedState - } - } - catch { - - } - finally + $oldPref = $ErrorActionPreference + $ErrorActionPreference = "Stop" + try + { + $keyVault = Get-KeyVault + Write-Debug "Removing secret with name $_ in vault $keyVault" + $catch = Remove-AzureKeyVaultSecret $keyVault $secretName -Force -Confirm:$false + if($global:softDeleteEnabled -eq $true) { - $ErrorActionPreference = $oldPref + Wait-ForDeletedSecret $keyVault $secretName + Remove-AzureKeyVaultSecret $keyVault $secretName -Force -Confirm:$false -InRemovedState } + } + catch { + } + finally + { + $ErrorActionPreference = $oldPref + } } <# @@ -389,6 +397,11 @@ function Cleanup-SingleCertificateTest $keyVault = Get-KeyVault Write-Debug "Removing certificate with name $_ in vault $keyVault" $catch = Remove-AzureKeyVaultCertificate $keyVault $_ -Force -Confirm:$false + if($global:softDeleteEnabled -eq $true) + { + Wait-ForDeletedCertificate $keyVault $_ + Remove-AzureKeyVaultCertificate $keyVault $_ -Force -Confirm:$false -InRemovedState + } } catch { @@ -452,6 +465,30 @@ function Wait-ForDeletedSecret ([string] $vault, [string] $secretName) return $secret } +<# +.SYNOPSIS +Waits for a deleted certificate to show up. +#> +function Wait-ForDeletedCertificate ([string] $vault, [string] $certName) +{ + $cert = $null + do { + try + { + $cert = Get-AzureKeyVaultCertificate -VaultName $vault -Name $certName -InRemovedState + } + catch + { + # Certificate is not found. + $cert = $null + Write-Host "Sleeping for 5 seconds to wait for deleted certificate $certName" + Wait-Seconds 5 + } + } while($cert -ne $null) + + return $cert +} + <# .SYNOPSIS Removes all managed storage accounts. diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/ControlPlane/KeyVaultManagementTests.ps1 b/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/ControlPlane/KeyVaultManagementTests.ps1 index ce9585fdb92b..ca79852f8700 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/ControlPlane/KeyVaultManagementTests.ps1 +++ b/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/ControlPlane/KeyVaultManagementTests.ps1 @@ -62,7 +62,8 @@ function Get-AllCertPermissions "listissuers", "managecontacts", "manageissuers", - "setissuers" + "setissuers", + "recover" ) } diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/RunKeyVaultTests.ps1 b/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/RunKeyVaultTests.ps1 index de200e8e9088..019d0e6a806a 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/RunKeyVaultTests.ps1 +++ b/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/RunKeyVaultTests.ps1 @@ -29,6 +29,10 @@ If true, then tests that require a premium vault are skipped (optional). The object ID of the user (optional). If no object ID is provided, then the object ID is extracted from whomever is currently logged in. +.PARAMETER SoftDeleteEnabled +If true, turns on 'soft-delete' mode for tests: vault is created as soft-delete-enabled (if not exists), soft-delete +tests are executed, delete + purge sequence is used for clean-up. + .PARAMETER NoADCmdLetMode If true, then active directory related tests are skipped. @@ -249,16 +253,24 @@ function Run-AllDataPlaneTests Run-TestProtected { Run-KeyTest {Test_GetDeletedKeys} "Test_GetDeletedKeys" } "Test_GetDeletedKeys" Run-TestProtected { Run-KeyTest {Test_UndoRemoveKey} "Test_UndoRemoveKey" } "Test_UndoRemoveKey" Run-TestProtected { Run-KeyTest {Test_RemoveDeletedKey} "Test_RemoveDeletedKey" } "Test_RemoveDeletedKey" - Run-TestProtected { Run-KeyTest {Test_RemoveNonExistKey} "Test_RemoveNonExistDeletedKey" } "Test_RemoveNonExistDeletedKey" + Run-TestProtected { Run-KeyTest {Test_RemoveNonExistDeletedKey} "Test_RemoveNonExistDeletedKey" } "Test_RemoveNonExistDeletedKey" Run-TestProtected { Run-KeyTest {Test_PipelineRemoveDeletedKeys} "Test_PipelineRemoveDeletedKeys" } "Test_PipelineRemoveDeletedKeys" # Secret soft delete tests - Run-TestProtected { Run-KeyTest {Test_GetDeletedKey} "Test_GetDeletedSecret" } "Test_GetDeletedKey" + Run-TestProtected { Run-KeyTest {Test_GetDeletedKey} "Test_GetDeletedSecret" } "Test_GetDeletedSecret" Run-TestProtected { Run-KeyTest {Test_GetDeletedKeys} "Test_GetDeletedSecrets" } "Test_GetDeletedSecrets" - Run-TestProtected { Run-KeyTest {Test_UndoRemoveKey} "Test_UndoRemoveSecret" } "Test_UndoRemoveSecret" - Run-TestProtected { Run-KeyTest {Test_RemoveDeletedKey} "Test_RemoveDeletedSecret" } "Test_RemoveDeletedSecret" - Run-TestProtected { Run-KeyTest {Test_RemoveNonExistKey} "Test_RemoveNonExistDeletedSecret" } "Test_RemoveNonExistDeletedSecret" - Run-TestProtected { Run-KeyTest {Test_PipelineRemoveDeletedKeys} "Test_PipelineRemoveDeletedSecrets" } "Test_PipelineRemoveDeletedSecrets" + Run-TestProtected { Run-KeyTest {Test_UndoRemoveSecret} "Test_UndoRemoveSecret" } "Test_UndoRemoveSecret" + Run-TestProtected { Run-KeyTest {Test_RemoveDeletedSecret} "Test_RemoveDeletedSecret" } "Test_RemoveDeletedSecret" + Run-TestProtected { Run-KeyTest {Test_RemoveNonExistDeletedSecret} "Test_RemoveNonExistDeletedSecret" } "Test_RemoveNonExistDeletedSecret" + Run-TestProtected { Run-KeyTest {Test_PipelineRemoveDeletedSecrets} "Test_PipelineRemoveDeletedSecrets" } "Test_PipelineRemoveDeletedSecrets" + + # certificate soft delete tests + Run-TestProtected { Run-KeyTest {Test_GetDeletedCertificate} "Test_GetDeletedCertificate" } "Test_GetDeletedCertificate" + Run-TestProtected { Run-KeyTest {Test_GetDeletedCertificates} "Test_GetDeletedCertificates" } "Test_GetDeletedCertificates" + Run-TestProtected { Run-KeyTest {Test_UndoRemoveCertificate} "Test_UndoRemoveCertificate" } "Test_UndoRemoveCertificate" + Run-TestProtected { Run-KeyTest {Test_RemoveDeletedCertificate} "Test_RemoveDeletedCertificate" } "Test_RemoveDeletedCertificate" + Run-TestProtected { Run-KeyTest {Test_RemoveNonExistDeletedCertificate} "Test_RemoveNonExistDeletedCertificate" } "Test_RemoveNonExistDeletedCertificate" + Run-TestProtected { Run-KeyTest {Test_PipelineRemoveDeletedCertificates} "Test_PipelineRemoveDeletedCertificate" } "Test_PipelineRemoveDeletedCertificates" } # Add-AzureKeyVaultKey tests. diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/VaultCertificateTests.ps1 b/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/VaultCertificateTests.ps1 index 77a660ceb2d6..22b1f871a007 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/VaultCertificateTests.ps1 +++ b/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/VaultCertificateTests.ps1 @@ -614,4 +614,142 @@ function Test_UpdateCertificateTags Assert-AreEqual $retrievedCertificate.Tags["State"] "Washington" Assert-AreEqual $retrievedCertificate.Tags.ContainsKey("City") $true Assert-AreEqual $retrievedCertificate.Tags["City"] "Redmond" +} + + +<# +.SYNOPSIS +Tests getting a previously deleted certificate +#> + +function Test_GetDeletedCertificate +{ + $keyVault = Get-KeyVault + $certificateName = Get-CertificateName 'getdeletedcertificate' + + $createdCert = CreateAKVCertificate $keyVault $certificateName + Assert-NotNull $createdCert + + $global:createdCertificates += $certificateName + + $createdCertificate | Remove-AzureKeyVaultCertificate -Force -Confirm:$false + + Wait-ForDeletedCertificate $keyVault $certificateName + + $deletedCertificate = Get-AzureKeyVaultCertificate -VaultName $keyVault.VaultName -Name $certificateName -InRemovedState + Assert-NotNull $deletedCertificate + Assert-NotNull $deletedCertificate.DeletedDate + Assert-NotNull $deletedCertificate.ScheduledPurgeDate +} + + +<# +.SYNOPSIS +Tests listing all previously deleted certificates +#> +function Test_GetDeletedCertificates +{ + $keyVault = Get-KeyVault + $certificateName = Get-CertificateName 'getdeletedcertificates' + $createdCert = CreateAKVCertificate $keyVault $certificateName + Assert-NotNull $createdCert + + $global:createdCertificates += $certificateName + + $createdCertificate | Remove-AzureKeyVaultCertificate -Force -Confirm:$false + + Wait-ForDeletedCertificate $keyVault $certificateName + + $deletedCerts = Get-AzureKeyVaultCertificate -VaultName $keyVault.VaultName -InRemovedState + Assert-True {$deletedCerts.Count -ge 1} + Assert-True {$deletedCerts.Name -contains $key.Name} +} + +<# +.SYNOPSIS +Tests recovering a previously deleted certificate. +#> + +function Test_UndoRemoveCertificate +{ + $keyVault = Get-KeyVault + $certificateName = Get-CertificateName 'undoremovedcert' + $createdCert = CreateAKVCertificate $keyVault $certificateName + Assert-NotNull $createdCert + + $global:createdCertificates += $certificateName + + $createdCertificate | Remove-AzureKeyVaultCertificate -Force -Confirm:$false + + Wait-ForDeletedCertificate $keyVault $certificateName + + $recoveredCert = Undo-AzureKeyVaultCertificateRemoval -VaultName $keyVault.VaultName -Name $certificateName + + Assert-NotNull $recoveredCert + Assert-AreEqual $recoveredCert.Name $createdCert.Name + Assert-AreEqual $recoveredCert.Version $createdCert.Version + #Assert-KeyAttributes $recoveredKey.Attributes 'RSA' $false $expires $nbf $ops $tags +} + +<# +.SYNOPSIS +Tests purging a deleted certificate. +#> + +function Test_RemoveDeletedCertificate +{ + $keyVault = Get-KeyVault + $certificateName = Get-CertificateName 'undoremovedcert' + $createdCert = CreateAKVCertificate $keyVault $certificateName + Assert-NotNull $createdCert + + $global:createdCertificates += $certificateName + + $createdCertificate | Remove-AzureKeyVaultCertificate -Force -Confirm:$false + + Wait-ForDeletedCertificate $keyVault $certificateName + + Remove-AzureKeyVaultCertificate -VaultName $keyVault.VaultName -Name $certificateName -InRemovedState -Force -Confirm:$false +} + +<# +.SYNOPSIS +Tests purging an active certificate +#> +function Test_RemoveNonExistDeletedCertificate +{ + $keyVault = Get-KeyVault + $certName = Get-CertificateName 'purgeactivecert' + + $createdCert = CreateAKVCertificate $keyVault $certName + Assert-NotNull $createdCert + + $global:createdCertificates += $certName + + Assert-Throws {Remove-AzureKeyVaultCertificate -VaultName $keyVault.VaultName -Name $certName -InRemovedState -Force -Confirm:$false} +} + +<# +.SYNOPSIS +Tests pipeline commands to remove multiple deleted certificates +#> + +function Test_PipelineRemoveDeletedCertificates +{ + $rootCertName = 'piperemovecert' + $keyVault = Get-KeyVault + $certName = Get-CertificateName $rootCertName + '1' + $createdCert1 = CreateAKVCertificate $keyVault $certName + Assert-NotNull $createdCert1 + + $certName = Get-CertificateName $rootCertName + '2' + $createdCert2 = CreateAKVCertificate $keyVault $certName + Assert-NotNull $createdCert2 + + Get-AzureKeyVaultCertificate $keyVault | Where-Object {$_.CertificateName -like $rootCertName + '*'} | Remove-AzureKeyVaultCertificate -Force -Confirm:$false + Wait-Seconds 30 + Get-AzureKeyVaultCertificate $keyVault -InRemovedState | Where-Object {$_.CertificateName -like $rootCertName + '*'} | Remove-AzureKeyVaultCertificate -Force -Confirm:$false -InRemovedState + + $certs = Get-AzureKeyVaultCertificate $keyVault -InRemovedState | Where-Object {$_.CertificateName -like $rootCertName + '*'} + Assert-AreEqual $keys.Count 0 } \ No newline at end of file diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/VaultKeyTests.ps1 b/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/VaultKeyTests.ps1 index f820b19cacb9..d8505ec3603e 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/VaultKeyTests.ps1 +++ b/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/VaultKeyTests.ps1 @@ -32,7 +32,7 @@ function Assert-KeyAttributes($keyAttr, $keytype, $keyenable, $keyexp, $keynbf, Assert-True { Equal-OperationList $keyops $keyAttr.KeyOps} "Expect $keyops. Get $keyAttr.KeyOps" } Assert-True { Equal-Hashtable $tags $keyAttr.Tags} "Expected $tags. Get $keyAttr.Tags" - Assert-NotNull $keyAttr.PurgeDisabled, "Purge Disabled is null." + Assert-NotNull $keyAttr.RecoveryLevel, "Deletion recovery level is null." } function BulkCreateSoftKeys ($vault, $prefix, $total) @@ -851,7 +851,7 @@ function Test_BackupRestoreKeyByName $backupblob = Backup-AzureKeyVaultKey -VaultName $keyVault -KeyName $keyname # Remove the key Cleanup-Key $keyname - Wait-Seconds 30 # Wait for slm to purge the key.. + Wait-Seconds 30 # Wait for slm to purge the key.. $restoredKey = Restore-AzureKeyVaultKey -VaultName $keyVault -InputFile $backupblob Assert-KeyAttributes $restoredKey.Attributes 'RSA' $true $null $null $null } @@ -1000,22 +1000,21 @@ Tests getting a previously deleted key function Test_GetDeletedKey { - # Create a software key for updating + # Create a software key for updating $keyVault = Get-KeyVault $keyname=Get-KeyName 'GetDeletedKey' $key=Add-AzureKeyVaultKey -VaultName $keyVault -Name $keyname -Destination 'Software' -Expires $expires -NotBefore $nbf -KeyOps $ops -Disable -Tag $tags Assert-NotNull $key $global:createdKeys += $keyname - $key | Remove-AzureKeyVaultKey -Force -Confirm:$false - - Wait-ForDeletedKey $keyVault $keyname + $key | Remove-AzureKeyVaultKey -Force -Confirm:$false - $deletedKey = Get-AzureKeyVaultKey -VaultName $keyVault -Name $keyname -InRemovedState - Assert-NotNull $deletedKey - Assert-NotNull $deletedKey.DeletedDate - Assert-NotNull $deletedKey.ScheduledPurgeDate + Wait-ForDeletedKey $keyVault $keyname + $deletedKey = Get-AzureKeyVaultKey -VaultName $keyVault -Name $keyname -InRemovedState + Assert-NotNull $deletedKey + Assert-NotNull $deletedKey.DeletedDate + Assert-NotNull $deletedKey.ScheduledPurgeDate } <# diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/VaultManagementTests.ps1 b/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/VaultManagementTests.ps1 index 5f223169ef76..7375e9af8c7c 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/VaultManagementTests.ps1 +++ b/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/VaultManagementTests.ps1 @@ -380,6 +380,14 @@ function Initialize-TemporaryState } ) } + if ($global:softDeleteEnabled -eq $true ) + { + $vaultProperties.Add("enableSoftDelete", $global:softDeleteEnabled) + $vaultProperties.accessPolicies.permissions.keys = @("all", "purge") + $vaultProperties.accessPolicies.permissions.secrets = @("all", "purge") + $vaultProperties.accessPolicies.permissions.certificates = @("all", "purge") + } + $keyVault = New-AzureRmResource @vaultId ` -PropertyObject $vaultProperties ` -Location $global:location ` diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/VaultSecretTests.ps1 b/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/VaultSecretTests.ps1 index 4a56a775378a..488a444ab493 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/VaultSecretTests.ps1 +++ b/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/VaultSecretTests.ps1 @@ -23,6 +23,7 @@ function Assert-SecretAttributes($secretAttr, $secenable, $secexp, $secnbf, $sec Assert-True { Equal-DateTime $secnbf $secretAttr.NotBefore} "Expect $secnbf. Get $secretAttr.NotBefore" Assert-True { Equal-String $seccontenttype $secretAttr.ContentType} "Expect $seccontenttype. Get $secretAttr.ContentType" Assert-True { Equal-Hashtable $sectags $secretAttr.Tags} "Expected $sectags. Get $secretAttr.Tags" + Assert-NotNull $secretAttr.RecoveryLevel, "Deletion recovery level is null." } function BulkCreateSecrets ($vault, $prefix, $total) @@ -849,7 +850,6 @@ function Test_GetDeletedSecret Assert-NotNull $deletedSecret Assert-NotNull $deletedSecret.DeletedDate Assert-NotNull $deletedSecret.ScheduledPurgeDate - } <# diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault.Test/packages.config b/src/ResourceManager/KeyVault/Commands.KeyVault.Test/packages.config index 8c1bc2f12f3e..c625cfa98851 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault.Test/packages.config +++ b/src/ResourceManager/KeyVault/Commands.KeyVault.Test/packages.config @@ -4,8 +4,8 @@ - - + + @@ -22,7 +22,7 @@ - + diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/Commands.KeyVault.csproj b/src/ResourceManager/KeyVault/Commands.KeyVault/Commands.KeyVault.csproj index 2111dde8abb0..ea87dbcb1b79 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/Commands.KeyVault.csproj +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/Commands.KeyVault.csproj @@ -89,9 +89,12 @@ + + + @@ -178,11 +181,11 @@ ..\..\..\packages\Microsoft.Azure.ActiveDirectory.GraphClient.2.1.0\lib\portable-net4+sl5+win+wpa+wp8\Microsoft.Azure.ActiveDirectory.GraphClient.dll - ..\..\..\packages\Microsoft.Azure.KeyVault.2.3.0-preview\lib\net452\Microsoft.Azure.KeyVault.dll + ..\..\..\packages\Microsoft.Azure.KeyVault.2.3.2\lib\net452\Microsoft.Azure.KeyVault.dll True - ..\..\..\packages\Microsoft.Azure.KeyVault.WebKey.2.0.6\lib\net452\Microsoft.Azure.KeyVault.WebKey.dll + ..\..\..\packages\Microsoft.Azure.KeyVault.WebKey.2.0.7\lib\net452\Microsoft.Azure.KeyVault.WebKey.dll True diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/Commands/GetAzureKeyVaultCertificate.cs b/src/ResourceManager/KeyVault/Commands.KeyVault/Commands/GetAzureKeyVaultCertificate.cs index aa098293d33d..954ce998e782 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/Commands/GetAzureKeyVaultCertificate.cs +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/Commands/GetAzureKeyVaultCertificate.cs @@ -13,12 +13,12 @@ // ---------------------------------------------------------------------------------- using System; -using System.Management.Automation; -using Microsoft.Azure.Commands.KeyVault.Models; -using KeyVaultProperties = Microsoft.Azure.Commands.KeyVault.Properties; using System.Collections.Generic; using System.Linq; +using System.Management.Automation; +using Microsoft.Azure.Commands.KeyVault.Models; using Microsoft.Azure.KeyVault.Models; +using KeyVaultProperties = Microsoft.Azure.Commands.KeyVault.Properties; namespace Microsoft.Azure.Commands.KeyVault { @@ -28,7 +28,7 @@ namespace Microsoft.Azure.Commands.KeyVault [Cmdlet(VerbsCommon.Get, CmdletNoun.AzureKeyVaultCertificate, DefaultParameterSetName = ByVaultNameParameterSet, HelpUri = Constants.KeyVaultHelpUri)] - [OutputType(typeof(List), typeof(KeyVaultCertificate))] + [OutputType(typeof(List), typeof(KeyVaultCertificate), typeof(DeletedKeyVaultCertificate), typeof(List))] public class GetAzureKeyVaultCertificate : KeyVaultCmdletBase { #region Parameter Set Names @@ -36,6 +36,7 @@ public class GetAzureKeyVaultCertificate : KeyVaultCmdletBase private const string ByCertificateNameParameterSet = "ByCertificateName"; private const string ByVaultNameParameterSet = "ByVaultName"; private const string ByCertificateVersionsParameterSet = "ByCertificateVersions"; + private const string ByDeletedCertificateParameterSet = "ByDeletedCertificates"; #endregion @@ -47,7 +48,7 @@ public class GetAzureKeyVaultCertificate : KeyVaultCmdletBase [Parameter(Mandatory = true, Position = 0, ValueFromPipelineByPropertyName = true, - HelpMessage = "Vault name. Cmdlet constructs the FQDN of a vault based on the name and currently selected environment.")] + HelpMessage = "Vault name. Cmdlet constructs the FQDN of a vault based on the name and currently selected environment.")] [ValidateNotNullOrEmpty] public string VaultName { get; set; } @@ -64,6 +65,11 @@ public class GetAzureKeyVaultCertificate : KeyVaultCmdletBase ValueFromPipelineByPropertyName = true, ParameterSetName = ByCertificateVersionsParameterSet, HelpMessage = "Certificate name. Cmdlet constructs the FQDN of a certificate from vault name, currently selected environment and certificate name.")] + [Parameter( Mandatory = false, + Position = 1, + ValueFromPipelineByPropertyName = true, + ParameterSetName = ByDeletedCertificateParameterSet, + HelpMessage = "Certificate name. Cmdlet constructs the FQDN of a certificate from vault name, currently selected environment and certificate name." )] [ValidateNotNullOrEmpty] [Alias(Constants.CertificateName)] public string Name { get; set; } @@ -84,6 +90,13 @@ public class GetAzureKeyVaultCertificate : KeyVaultCmdletBase HelpMessage = "Specifies whether to include the versions of the certificate in the output.")] public SwitchParameter IncludeVersions { get; set; } + /// + /// Switch specifying whether to apply the command to certificates in a deleted state. + /// + [Parameter( Mandatory = true, + ParameterSetName = ByDeletedCertificateParameterSet, + HelpMessage = "Specifies whether to show the previously deleted certificates in the output." )] + public SwitchParameter InRemovedState { get; set; } #endregion protected override void ProcessRecord() @@ -111,6 +124,18 @@ protected override void ProcessRecord() GetAndWriteCertificates(VaultName); break; + case ByDeletedCertificateParameterSet: + if ( Name == null ) + { + GetAndWriteDeletedCertificates( VaultName ); + break; + } + + DeletedKeyVaultCertificate deletedCert = DeletedKeyVaultCertificate.FromDeletedCertificateBundle( DataServiceClient.GetDeletedCertificate(VaultName, Name) ); + WriteObject( deletedCert ); + + break; + default: throw new ArgumentException(KeyVaultProperties.Resources.BadParameterSetName); } @@ -146,5 +171,20 @@ private void GetAndWriteCertificatesVersions(string vaultName, string name, stri WriteObject(pageResults, true); } while (!string.IsNullOrEmpty(options.NextLink)); } + + private void GetAndWriteDeletedCertificates( string vaultName ) + { + KeyVaultObjectFilterOptions options = new KeyVaultObjectFilterOptions + { + VaultName = VaultName, + NextLink = null + }; + + do + { + var pageResults = DataServiceClient.GetDeletedCertificates(options); + WriteObject( pageResults, true ); + } while ( !string.IsNullOrEmpty( options.NextLink ) ); + } } } diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/Commands/RemoveAzureKeyVaultCertificate.cs b/src/ResourceManager/KeyVault/Commands.KeyVault/Commands/RemoveAzureKeyVaultCertificate.cs index 51f5c12aa712..ad485ddcdd26 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/Commands/RemoveAzureKeyVaultCertificate.cs +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/Commands/RemoveAzureKeyVaultCertificate.cs @@ -16,7 +16,6 @@ using System.Management.Automation; using Microsoft.Azure.Commands.KeyVault.Models; using KeyVaultProperties = Microsoft.Azure.Commands.KeyVault.Properties; -using Microsoft.Azure.KeyVault.Models; namespace Microsoft.Azure.Commands.KeyVault { @@ -27,7 +26,7 @@ namespace Microsoft.Azure.Commands.KeyVault SupportsShouldProcess = true, ConfirmImpact = ConfirmImpact.High, HelpUri = Constants.KeyVaultHelpUri)] - [OutputType(typeof(KeyVaultCertificate))] + [OutputType(typeof(DeletedKeyVaultCertificate))] public class RemoveAzureKeyVaultCertificate : KeyVaultCmdletBase { #region Input Parameter Definitions @@ -55,17 +54,44 @@ public class RemoveAzureKeyVaultCertificate : KeyVaultCmdletBase /// /// If present, do not ask for confirmation /// - [Parameter(HelpMessage = "Do not ask for confirmation.")] + [Parameter( Mandatory = false, + HelpMessage = "Do not ask for confirmation.")] public SwitchParameter Force { get; set; } - [Parameter(HelpMessage = "Cmdlet does not return an object by default. If this switch is specified, the cmdlet returns the certificate object that was deleted.")] + /// + /// If present, operate on the deleted key entity. + /// + [Parameter( Mandatory = false, + HelpMessage = "Permanently remove the previously deleted certificate." )] + public SwitchParameter InRemovedState { get; set; } + + [Parameter( Mandatory = false, + HelpMessage = "Cmdlet does not return an object by default. If this switch is specified, the cmdlet returns the certificate object that was deleted.")] public SwitchParameter PassThru { get; set; } #endregion protected override void ProcessRecord() { - CertificateBundle certBundle = null; + if ( InRemovedState.IsPresent ) + { + ConfirmAction( + Force.IsPresent, + string.Format( + CultureInfo.InvariantCulture, + KeyVaultProperties.Resources.RemoveDeletedCertificateWarning, + Name ), + string.Format( + CultureInfo.InvariantCulture, + KeyVaultProperties.Resources.RemoveDeletedCertificateWhatIfMessage, + Name ), + Name, + ( ) => { DataServiceClient.PurgeCertificate( VaultName, Name ); } ); + + return; + } + + DeletedKeyVaultCertificate certBundle = null; ConfirmAction( Force.IsPresent, @@ -78,12 +104,11 @@ protected override void ProcessRecord() KeyVaultProperties.Resources.RemoveCertWhatIfMessage, Name), Name, - () => { certBundle = this.DataServiceClient.DeleteCertificate(VaultName, Name); }); + () => { certBundle = DeletedKeyVaultCertificate.FromDeletedCertificateBundle( this.DataServiceClient.DeleteCertificate(VaultName, Name) ); }); if (PassThru.IsPresent) { - var certificate = KeyVaultCertificate.FromCertificateBundle(certBundle); - this.WriteObject(certificate); + WriteObject( certBundle ); } } } diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/Commands/SetAzureKeyVaultAccessPolicy.cs b/src/ResourceManager/KeyVault/Commands.KeyVault/Commands/SetAzureKeyVaultAccessPolicy.cs index e813b5d0c219..b0de15fccf19 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/Commands/SetAzureKeyVaultAccessPolicy.cs +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/Commands/SetAzureKeyVaultAccessPolicy.cs @@ -71,6 +71,7 @@ public class SetAzureKeyVaultAccessPolicy : KeyVaultManagementCmdletBase CertPerms.Managecontacts, CertPerms.Manageissuers, CertPerms.Setissuers, + CertPerms.Recover, }; private readonly string[] StorageAllExpansion = { @@ -232,7 +233,7 @@ public class SetAzureKeyVaultAccessPolicy : KeyVaultManagementCmdletBase ParameterSetName = ByEmailAddress, ValueFromPipelineByPropertyName = true, HelpMessage = "Specifies certificate operation permissions to grant to a user or service principal.")] - [ValidateSet("get", "list", "delete", "create", "import", "update", "managecontacts", "getissuers", "listissuers", "setissuers", "deleteissuers", "manageissuers", "all")] + [ValidateSet("get", "list", "delete", "create", "import", "update", "managecontacts", "getissuers", "listissuers", "setissuers", "deleteissuers", "manageissuers", "recover", "purge", "all")] public string[] PermissionsToCertificates { get; set; } /// diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/Commands/UndoAzureKeyVaultCertificateRemoval.cs b/src/ResourceManager/KeyVault/Commands.KeyVault/Commands/UndoAzureKeyVaultCertificateRemoval.cs new file mode 100644 index 000000000000..06bcc0d12837 --- /dev/null +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/Commands/UndoAzureKeyVaultCertificateRemoval.cs @@ -0,0 +1,62 @@ +// ---------------------------------------------------------------------------------- +// +// Copyright Microsoft Corporation +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// http://www.apache.org/licenses/LICENSE-2.0 +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// ---------------------------------------------------------------------------------- + +using System.Management.Automation; +using Microsoft.Azure.Commands.KeyVault.Models; +using Microsoft.Azure.KeyVault.Models; + +namespace Microsoft.Azure.Commands.KeyVault +{ + [Cmdlet( VerbsCommon.Undo, "AzureKeyVaultCertificateRemoval", + SupportsShouldProcess = true, + HelpUri = Constants.KeyVaultHelpUri )] + [OutputType( typeof( CertificateBundle ) )] + public class UndoAzureKeyVaultCertificateRemoval : KeyVaultCmdletBase + { + #region Input Parameter Definitions + + /// + /// Vault name + /// + [Parameter( Mandatory = true, + Position = 0, + ValueFromPipelineByPropertyName = true, + HelpMessage = "Vault name. Cmdlet constructs the FQDN of a vault based on the name and currently selected environment." )] + [ValidateNotNullOrEmpty] + public string VaultName { get; set; } + + /// + /// Secret name + /// + [Parameter( Mandatory = true, + Position = 1, + ValueFromPipelineByPropertyName = true, + HelpMessage = "Certificate name. Cmdlet constructs the FQDN of a certificate from vault name, currently selected environment and certificate name." )] + [ValidateNotNullOrEmpty] + [Alias( Constants.CertificateName )] + public string Name { get; set; } + + #endregion + + public override void ExecuteCmdlet( ) + { + if ( ShouldProcess( Name, Properties.Resources.RecoverCertificate ) ) + { + CertificateBundle certificate = DataServiceClient.RecoverCertificate(VaultName, Name); + + WriteObject( certificate ); + } + } + } +} diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/Models/DeletedCertificateIdentityItem.cs b/src/ResourceManager/KeyVault/Commands.KeyVault/Models/DeletedCertificateIdentityItem.cs new file mode 100644 index 000000000000..4c95fef5c2fa --- /dev/null +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/Models/DeletedCertificateIdentityItem.cs @@ -0,0 +1,40 @@ +// ---------------------------------------------------------------------------------- +// +// Copyright Microsoft Corporation +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// http://www.apache.org/licenses/LICENSE-2.0 +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// ---------------------------------------------------------------------------------- + +using System; +using Microsoft.Azure.KeyVault.Models; + +namespace Microsoft.Azure.Commands.KeyVault.Models +{ + public class DeletedCertificateIdentityItem : CertificateIdentityItem + { + internal DeletedCertificateIdentityItem( DeletedCertificateItem certItem, VaultUriHelper vaultUriHelper ) + :base(certItem, vaultUriHelper) + { + ScheduledPurgeDate = certItem.ScheduledPurgeDate; + DeletedDate = certItem.DeletedDate; + } + + internal DeletedCertificateIdentityItem( DeletedCertificateBundle certBundle ) + :base( certBundle ) + { + ScheduledPurgeDate = certBundle.ScheduledPurgeDate; + DeletedDate = certBundle.DeletedDate; + } + + public DateTime? ScheduledPurgeDate { get; set; } + + public DateTime? DeletedDate { get; set; } + } +} diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/Models/DeletedKeyVaultCertificate.cs b/src/ResourceManager/KeyVault/Commands.KeyVault/Models/DeletedKeyVaultCertificate.cs new file mode 100644 index 000000000000..feed2109eb85 --- /dev/null +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/Models/DeletedKeyVaultCertificate.cs @@ -0,0 +1,47 @@ +// ---------------------------------------------------------------------------------- +// +// Copyright Microsoft Corporation +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// http://www.apache.org/licenses/LICENSE-2.0 +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// ---------------------------------------------------------------------------------- + +using System; + +namespace Microsoft.Azure.Commands.KeyVault.Models +{ + public sealed class DeletedKeyVaultCertificate : KeyVaultCertificate + { + public DeletedKeyVaultCertificate( Azure.KeyVault.Models.DeletedCertificateBundle deletedCertificateBundle ) + :base( deletedCertificateBundle ) + { + if ( deletedCertificateBundle == null ) + { + throw new ArgumentNullException( nameof( deletedCertificateBundle ) ); + } + + ScheduledPurgeDate = deletedCertificateBundle.ScheduledPurgeDate; + DeletedDate = deletedCertificateBundle.DeletedDate; + } + + internal static DeletedKeyVaultCertificate FromDeletedCertificateBundle( Azure.KeyVault.Models.DeletedCertificateBundle deletedCertificateBundle ) + { + if ( deletedCertificateBundle == null ) + { + return null; + } + + return new DeletedKeyVaultCertificate( deletedCertificateBundle ); + } + + public DateTime? ScheduledPurgeDate { get; set; } + + public DateTime? DeletedDate { get; set; } + } +} diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/Models/IKeyVaultDataServiceClient.cs b/src/ResourceManager/KeyVault/Commands.KeyVault/Models/IKeyVaultDataServiceClient.cs index 13cd822b7b4f..5770a57bf8e5 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/Models/IKeyVaultDataServiceClient.cs +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/Models/IKeyVaultDataServiceClient.cs @@ -82,8 +82,12 @@ public interface IKeyVaultDataServiceClient CertificateBundle GetCertificate(string vaultName, string certName, string certificateVersion); + DeletedCertificateBundle GetDeletedCertificate( string vaultName, string certName ); + IEnumerable GetCertificates(KeyVaultObjectFilterOptions options); + IEnumerable GetDeletedCertificates( KeyVaultObjectFilterOptions options ); + IEnumerable GetCertificateVersions(KeyVaultObjectFilterOptions options); CertificateBundle MergeCertificate(string vaultName, string certName, X509Certificate2Collection certs, IDictionary tags); @@ -92,7 +96,11 @@ public interface IKeyVaultDataServiceClient CertificateBundle ImportCertificate(string vaultName, string certName, X509Certificate2Collection certificateCollection, IDictionary tags); - CertificateBundle DeleteCertificate(string vaultName, string certName); + DeletedCertificateBundle DeleteCertificate(string vaultName, string certName); + + void PurgeCertificate( string vaultName, string certName ); + + CertificateBundle RecoverCertificate( string vaultName, string certName ); CertificateOperation EnrollCertificate(string vaultName, string certificateName, CertificatePolicy certificatePolicy, IDictionary tags); diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/Models/KeyAttributes.cs b/src/ResourceManager/KeyVault/Commands.KeyVault/Models/KeyAttributes.cs index 00cc94ca79c7..72035c223b61 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/Models/KeyAttributes.cs +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/Models/KeyAttributes.cs @@ -35,10 +35,11 @@ internal KeyAttributes(bool? enabled, DateTime? expires, DateTime? notBefore, st this.KeyType = keyType; this.KeyOps = keyOps; this.Tags = tags; + this.PurgeDisabled = false; } internal KeyAttributes(bool? enabled, DateTime? expires, DateTime? notBefore, string keyType, - string[] keyOps, DateTime? created, DateTime? updated, bool purgeDisabled, IDictionary tags) + string[] keyOps, DateTime? created, DateTime? updated, string deletionRecoveryLevel, IDictionary tags) { this.Enabled = enabled; this.Expires = expires; @@ -47,8 +48,9 @@ internal KeyAttributes(bool? enabled, DateTime? expires, DateTime? notBefore, st this.KeyOps = keyOps; this.Created = created; this.Updated = updated; - this.PurgeDisabled = purgeDisabled; + this.RecoveryLevel = deletionRecoveryLevel; this.Tags = (tags == null) ? null : tags.ConvertToHashtable(); + this.PurgeDisabled = false; } public bool? Enabled { get; set; } @@ -65,8 +67,16 @@ internal KeyAttributes(bool? enabled, DateTime? expires, DateTime? notBefore, st public DateTime? Updated { get; private set; } + /// + /// Obsolete flag indicating that the key is protected against purge. + /// + /// + /// Deprecated, will be removed in the next PowerShell release. + /// public bool PurgeDisabled { get; private set; } + public string RecoveryLevel { get; private set; } + public Hashtable Tags { get; set; } public string TagsTable { diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/Models/KeyBundle.cs b/src/ResourceManager/KeyVault/Commands.KeyVault/Models/KeyBundle.cs index d07486f3d7fa..d87c8b9396cf 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/Models/KeyBundle.cs +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/Models/KeyBundle.cs @@ -42,7 +42,7 @@ internal KeyBundle(Azure.KeyVault.Models.KeyBundle keyBundle, VaultUriHelper vau keyBundle.Key.KeyOps.ToArray(), keyBundle.Attributes.Created, keyBundle.Attributes.Updated, - keyBundle.Attributes.PurgeDisabled, + keyBundle.Attributes.RecoveryLevel, keyBundle.Tags); } diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/Models/KeyIdentityItem.cs b/src/ResourceManager/KeyVault/Commands.KeyVault/Models/KeyIdentityItem.cs index d1d91de3b432..704eb3ba4c1e 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/Models/KeyIdentityItem.cs +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/Models/KeyIdentityItem.cs @@ -36,8 +36,13 @@ internal KeyIdentityItem(Azure.KeyVault.Models.KeyItem keyItem, VaultUriHelper v NotBefore = keyItem.Attributes.NotBefore; Created = keyItem.Attributes.Created; Updated = keyItem.Attributes.Updated; - PurgeDisabled = keyItem.Attributes.PurgeDisabled; + RecoveryLevel = keyItem.Attributes.RecoveryLevel; Tags = (keyItem.Tags == null) ? null : keyItem.Tags.ConvertToHashtable(); + + + // the PurgeDisabled field was deprecated, but is kept in the + // PSH SDK until the first breaking-change release. + PurgeDisabled = false; } internal KeyIdentityItem(KeyBundle keyBundle) @@ -54,8 +59,12 @@ internal KeyIdentityItem(KeyBundle keyBundle) NotBefore = keyBundle.Attributes.NotBefore; Created = keyBundle.Attributes.Created; Updated = keyBundle.Attributes.Updated; - PurgeDisabled = keyBundle.Attributes.PurgeDisabled; + RecoveryLevel = keyBundle.Attributes.RecoveryLevel; Tags = keyBundle.Attributes.Tags; + + // the PurgeDisabled field was deprecated, but is kept in the + // PSH SDK until the first breaking-change release. + PurgeDisabled = false; } public bool? Enabled { get; set; } @@ -70,6 +79,8 @@ internal KeyIdentityItem(KeyBundle keyBundle) public bool PurgeDisabled { get; private set; } + public string RecoveryLevel { get; private set; } + public Hashtable Tags { get; set; } public string TagsTable diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/Models/KeyVaultCertificate.cs b/src/ResourceManager/KeyVault/Commands.KeyVault/Models/KeyVaultCertificate.cs index 412f95df8751..6420c5dde727 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/Models/KeyVaultCertificate.cs +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/Models/KeyVaultCertificate.cs @@ -19,9 +19,10 @@ namespace Microsoft.Azure.Commands.KeyVault.Models { - public class KeyVaultCertificate + public class KeyVaultCertificate { public string Name { get; set; } + public string VaultName { get; set; } public X509Certificate2 Certificate { get; set; } public string Id { get; internal set; } public string KeyId { get; internal set; } @@ -33,50 +34,65 @@ public class KeyVaultCertificate public DateTime? Created { get; internal set; } public DateTime? Updated { get; internal set; } - internal static KeyVaultCertificate FromCertificateBundle(CertificateBundle certificateBundle) + public string RecoveryLevel { get; private set; } + + public KeyVaultCertificate( CertificateBundle certificateBundle ) { - if (certificateBundle == null) + if ( certificateBundle == null ) { - return null; + throw new ArgumentNullException( nameof( certificateBundle ) ); } - var kvCertificate = new KeyVaultCertificate(); + if ( certificateBundle.Id != null ) + { + Id = certificateBundle.CertificateIdentifier.Identifier; + Name = certificateBundle.CertificateIdentifier.Name; + + // TODO [dragosav] Bring Certificate classes on par with keys/secrets: + // - inherit from ObjectIdentifier + // - constructors should accept the VaultUriHelper as a parameter + var vaultUri = new Uri( certificateBundle.CertificateIdentifier.Vault ); + VaultName = vaultUri.Host.Split( '.' ).First( ); + } - if (certificateBundle.Id != null) + if ( certificateBundle.Cer != null ) { - kvCertificate.Id = certificateBundle.CertificateIdentifier.Identifier; - kvCertificate.Name = certificateBundle.CertificateIdentifier.Name; + Certificate = new X509Certificate2( certificateBundle.Cer ); + Thumbprint = Certificate.Thumbprint; } - if (certificateBundle.Cer != null) + if ( certificateBundle.KeyIdentifier != null ) { - kvCertificate.Certificate = new X509Certificate2(certificateBundle.Cer); - kvCertificate.Thumbprint = kvCertificate.Certificate.Thumbprint; + KeyId = certificateBundle.KeyIdentifier.Identifier; } - if (certificateBundle.KeyIdentifier != null) + if ( certificateBundle.SecretIdentifier != null ) { - kvCertificate.KeyId = certificateBundle.KeyIdentifier.Identifier; + SecretId = certificateBundle.SecretIdentifier.Identifier; } - if (certificateBundle.SecretIdentifier != null) + if ( certificateBundle.Attributes != null ) { - kvCertificate.SecretId = certificateBundle.SecretIdentifier.Identifier; + Created = certificateBundle.Attributes.Created; + Enabled = certificateBundle.Attributes.Enabled; + Updated = certificateBundle.Attributes.Updated; + RecoveryLevel = certificateBundle.Attributes.RecoveryLevel; } - if (certificateBundle.Attributes != null) + if ( certificateBundle.Tags != null ) { - kvCertificate.Created = certificateBundle.Attributes.Created; - kvCertificate.Enabled = certificateBundle.Attributes.Enabled; - kvCertificate.Updated = certificateBundle.Attributes.Updated; + Tags = certificateBundle.Tags; } + } - if (certificateBundle.Tags != null) + internal static KeyVaultCertificate FromCertificateBundle(CertificateBundle certificateBundle) + { + if ( certificateBundle == null ) { - kvCertificate.Tags = certificateBundle.Tags; + return null; } - return kvCertificate; + return new KeyVaultCertificate( certificateBundle ); } internal static List FromCertificateBundles(IEnumerable certificateBundles) diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/Models/KeyVaultDataServiceClient.cs b/src/ResourceManager/KeyVault/Commands.KeyVault/Models/KeyVaultDataServiceClient.cs index 1cb57abf4cff..b5be52dcfc09 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/Models/KeyVaultDataServiceClient.cs +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/Models/KeyVaultDataServiceClient.cs @@ -679,7 +679,7 @@ public CertificateBundle UpdateCertificate(string vaultName, string certificateN return certificateBundle; } - public CertificateBundle DeleteCertificate(string vaultName, string certName) + public DeletedCertificateBundle DeleteCertificate(string vaultName, string certName) { if (string.IsNullOrEmpty(vaultName)) throw new ArgumentNullException(nameof(vaultName)); @@ -688,7 +688,7 @@ public CertificateBundle DeleteCertificate(string vaultName, string certName) string vaultAddress = this.vaultUriHelper.CreateVaultAddress(vaultName); - CertificateBundle certBundle; + DeletedCertificateBundle certBundle; try { @@ -702,6 +702,25 @@ public CertificateBundle DeleteCertificate(string vaultName, string certName) return certBundle; } + public void PurgeCertificate(string vaultName, string certName) + { + if ( string.IsNullOrEmpty( vaultName ) ) + throw new ArgumentNullException( "vaultName" ); + if ( string.IsNullOrEmpty( certName ) ) + throw new ArgumentNullException( "certName" ); + + string vaultAddress = this.vaultUriHelper.CreateVaultAddress(vaultName); + + try + { + this.keyVaultClient.PurgeDeletedCertificateAsync( vaultAddress, certName ).GetAwaiter( ).GetResult( ); + } + catch (Exception ex) + { + throw GetInnerException( ex ); + } + } + public CertificateOperation GetCertificateOperation(string vaultName, string certificateName) { if (string.IsNullOrEmpty(vaultName)) @@ -1569,6 +1588,85 @@ public Secret RecoverSecret(string vaultName, string secretName) return new Secret(recoveredSecret, this.vaultUriHelper); } + public DeletedCertificateBundle GetDeletedCertificate( string vaultName, string certName ) + { + if ( string.IsNullOrEmpty( vaultName ) ) + throw new ArgumentNullException( nameof(vaultName) ); + if ( string.IsNullOrEmpty( certName ) ) + throw new ArgumentNullException( nameof(certName) ); + + string vaultAddress = this.vaultUriHelper.CreateVaultAddress(vaultName); + + DeletedCertificateBundle deletedCertificate; + try + { + deletedCertificate = this.keyVaultClient.GetDeletedCertificateAsync( vaultAddress, certName ).GetAwaiter( ).GetResult( ); + } + catch ( KeyVaultErrorException ex ) + { + if ( ex.Response.StatusCode == HttpStatusCode.NotFound ) + return null; + else + throw; + } + catch ( Exception ex ) + { + throw GetInnerException( ex ); + } + + return deletedCertificate; + } + + public IEnumerable GetDeletedCertificates( KeyVaultObjectFilterOptions options ) + { + if ( options == null ) + throw new ArgumentNullException( nameof( options ) ); + if ( string.IsNullOrEmpty( options.VaultName ) ) + throw new ArgumentException( KeyVaultProperties.Resources.InvalidVaultName ); + + string vaultAddress = this.vaultUriHelper.CreateVaultAddress(options.VaultName); + + try + { + IPage result; + + if ( string.IsNullOrEmpty( options.NextLink ) ) + result = this.keyVaultClient.GetDeletedCertificatesAsync( vaultAddress ).GetAwaiter( ).GetResult( ); + else + result = this.keyVaultClient.GetDeletedCertificatesNextAsync( options.NextLink ).GetAwaiter( ).GetResult( ); + + options.NextLink = result.NextPageLink; + return ( result == null ) ? new List( ) : + result.Select( ( deletedItem ) => new DeletedCertificateIdentityItem( deletedItem, this.vaultUriHelper ) ); + } + catch ( Exception ex ) + { + throw GetInnerException( ex ); + } + } + + public CertificateBundle RecoverCertificate( string vaultName, string certName ) + { + if ( string.IsNullOrEmpty( vaultName ) ) + throw new ArgumentNullException( nameof( vaultName ) ); + if ( string.IsNullOrEmpty( certName ) ) + throw new ArgumentNullException( nameof( certName ) ); + + string vaultAddress = this.vaultUriHelper.CreateVaultAddress(vaultName); + + CertificateBundle recoveredCertificate; + try + { + recoveredCertificate = this.keyVaultClient.RecoverDeletedCertificateAsync( vaultAddress, certName ).GetAwaiter( ).GetResult( ); + } + catch ( Exception ex ) + { + throw GetInnerException( ex ); + } + + return recoveredCertificate; + } + private VaultUriHelper vaultUriHelper; private KeyVaultClient keyVaultClient; } diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/Models/KeyVaultManagementCmdletBase.cs b/src/ResourceManager/KeyVault/Commands.KeyVault/Models/KeyVaultManagementCmdletBase.cs index fec2a071c5cd..7a9469ac2f05 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/Models/KeyVaultManagementCmdletBase.cs +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/Models/KeyVaultManagementCmdletBase.cs @@ -383,7 +383,8 @@ private Expression> FilterByEmail(string email) CertPerms.Listissuers, CertPerms.Managecontacts, CertPerms.Manageissuers, - CertPerms.Setissuers + CertPerms.Setissuers, + CertPerms.Recover }; protected readonly string[] DefaultPermissionsToStorage = diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/Models/Secret.cs b/src/ResourceManager/KeyVault/Commands.KeyVault/Models/Secret.cs index 1fca010e901d..5a094251d599 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/Models/Secret.cs +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/Models/Secret.cs @@ -43,6 +43,7 @@ internal Secret(Azure.KeyVault.Models.SecretBundle secret, VaultUriHelper vaultU secret.Attributes.Created, secret.Attributes.Updated, secret.ContentType, + secret.Attributes.RecoveryLevel, secret.Tags); } diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/Models/SecretAttributes.cs b/src/ResourceManager/KeyVault/Commands.KeyVault/Models/SecretAttributes.cs index af9fd7b8a4eb..e9db106713b5 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/Models/SecretAttributes.cs +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/Models/SecretAttributes.cs @@ -33,10 +33,11 @@ internal SecretAttributes(bool? enabled, DateTime? expires, DateTime? notBefore, this.NotBefore = notBefore; this.ContentType = contentType; this.Tags = tags; + this.PurgeDisabled = false; } internal SecretAttributes(bool? enabled, DateTime? expires, DateTime? notBefore, - DateTime? created, DateTime? updated, string contentType, IDictionary tags) + DateTime? created, DateTime? updated, string contentType, string deletionRecoveryLevel, IDictionary tags) { this.Enabled = enabled; this.Expires = expires; @@ -44,7 +45,9 @@ internal SecretAttributes(bool? enabled, DateTime? expires, DateTime? notBefore, this.Created = created; this.Updated = updated; this.ContentType = contentType; + this.RecoveryLevel = deletionRecoveryLevel; this.Tags = (tags == null) ? null : tags.ConvertToHashtable(); + this.PurgeDisabled = false; } public bool? Enabled { get; set; } @@ -60,6 +63,17 @@ internal SecretAttributes(bool? enabled, DateTime? expires, DateTime? notBefore, public string ContentType { get; set; } public Hashtable Tags { get; set; } + + /// + /// Obsolete flag indicating that the secret is protected against purge. + /// + /// + /// Deprecated, will be removed in the next PowerShell release. + /// + public bool PurgeDisabled { get; private set; } + + public string RecoveryLevel { get; private set; } + public string TagsTable { get diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/Properties/Resources.Designer.cs b/src/ResourceManager/KeyVault/Commands.KeyVault/Properties/Resources.Designer.cs index 91fb812cb50f..07737e3233c9 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/Properties/Resources.Designer.cs +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/Properties/Resources.Designer.cs @@ -22,7 +22,7 @@ namespace Microsoft.Azure.Commands.KeyVault.Properties { [global::System.CodeDom.Compiler.GeneratedCodeAttribute("System.Resources.Tools.StronglyTypedResourceBuilder", "4.0.0.0")] [global::System.Diagnostics.DebuggerNonUserCodeAttribute()] [global::System.Runtime.CompilerServices.CompilerGeneratedAttribute()] - public class Resources { + internal class Resources { private static global::System.Resources.ResourceManager resourceMan; @@ -36,7 +36,7 @@ internal Resources() { /// Returns the cached ResourceManager instance used by this class. /// [global::System.ComponentModel.EditorBrowsableAttribute(global::System.ComponentModel.EditorBrowsableState.Advanced)] - public static global::System.Resources.ResourceManager ResourceManager { + internal static global::System.Resources.ResourceManager ResourceManager { get { if (object.ReferenceEquals(resourceMan, null)) { global::System.Resources.ResourceManager temp = new global::System.Resources.ResourceManager("Microsoft.Azure.Commands.KeyVault.Properties.Resources", typeof(Resources).Assembly); @@ -51,7 +51,7 @@ internal Resources() { /// resource lookups using this strongly typed resource class. /// [global::System.ComponentModel.EditorBrowsableAttribute(global::System.ComponentModel.EditorBrowsableState.Advanced)] - public static global::System.Globalization.CultureInfo Culture { + internal static global::System.Globalization.CultureInfo Culture { get { return resourceCulture; } @@ -63,7 +63,7 @@ internal Resources() { /// /// Looks up a localized string similar to Add certificate. /// - public static string AddCertificate { + internal static string AddCertificate { get { return ResourceManager.GetString("AddCertificate", resourceCulture); } @@ -72,7 +72,7 @@ public static string AddCertificate { /// /// Looks up a localized string similar to Add certificate contact. /// - public static string AddCertificateContact { + internal static string AddCertificateContact { get { return ResourceManager.GetString("AddCertificateContact", resourceCulture); } @@ -81,7 +81,7 @@ public static string AddCertificateContact { /// /// Looks up a localized string similar to Add key. /// - public static string AddKey { + internal static string AddKey { get { return ResourceManager.GetString("AddKey", resourceCulture); } @@ -90,16 +90,16 @@ public static string AddKey { /// /// Looks up a localized string similar to Add Key Vault managed Storage Account. /// - public static string AddManagedStorageAccount { + internal static string AddManagedStorageAccount { get { return ResourceManager.GetString("AddManagedStorageAccount", resourceCulture); } } /// - /// Looks up a localized string similar to The Email argument specified, '{1}', matches multiple objects in the Azure Active Directory tenant '{2}'. Please use -UserPrincipalName to narrow down the the filter to a single object. The TenantID displayed by the cmdlet 'Get-AzureRmContext' is the current subscription's Azure Active directory.. + /// Looks up a localized string similar to The Email argument specified, '{1}', matches multiple objects in the Azure Active Directory tenant '{2}'. Please use -UserPrincipalName to narrow down the filter to a single object. The TenantID displayed by the cmdlet 'Get-AzureRmContext' is the current subscription's Azure Active Directory.. /// - public static string ADObjectAmbiguous { + internal static string ADObjectAmbiguous { get { return ResourceManager.GetString("ADObjectAmbiguous", resourceCulture); } @@ -111,7 +111,7 @@ public static string ADObjectAmbiguous { ///Please provide object ID for the user or service principle to set a vault access policy. ///You can find the object ID using Azure Active Directory Module for Windows PowerShell.. /// - public static string ADObjectIDRetrievalFailed { + internal static string ADObjectIDRetrievalFailed { get { return ResourceManager.GetString("ADObjectIDRetrievalFailed", resourceCulture); } @@ -120,7 +120,7 @@ public static string ADObjectIDRetrievalFailed { /// /// Looks up a localized string similar to Cannot find the Active Directory object '{0}' in tenant '{1}'. Please make sure that the user or application service principal you are authorizing is registered in the current subscription's Azure Active directory. The TenantID displayed by the cmdlet 'Get-AzureRmContext' is the current subscription's Azure Active directory.. /// - public static string ADObjectNotFound { + internal static string ADObjectNotFound { get { return ResourceManager.GetString("ADObjectNotFound", resourceCulture); } @@ -129,7 +129,7 @@ public static string ADObjectNotFound { /// /// Looks up a localized string similar to The 'all' permission is being deprecated and does not include the 'purge' permission. 'Purge' permission must be explicitly set.. /// - public static string AllPermissionExpansionWarning { + internal static string AllPermissionExpansionWarning { get { return ResourceManager.GetString("AllPermissionExpansionWarning", resourceCulture); } @@ -138,7 +138,7 @@ public static string AllPermissionExpansionWarning { /// /// Looks up a localized string similar to No account found in the context. Please login using Login-AzureRMAccount.. /// - public static string ArmAccountNotFound { + internal static string ArmAccountNotFound { get { return ResourceManager.GetString("ArmAccountNotFound", resourceCulture); } @@ -147,7 +147,7 @@ public static string ArmAccountNotFound { /// /// Looks up a localized string similar to Backup key. /// - public static string BackupKey { + internal static string BackupKey { get { return ResourceManager.GetString("BackupKey", resourceCulture); } @@ -156,7 +156,7 @@ public static string BackupKey { /// /// Looks up a localized string similar to The backup key file '{0}' already exists.. /// - public static string BackupKeyFileAlreadyExists { + internal static string BackupKeyFileAlreadyExists { get { return ResourceManager.GetString("BackupKeyFileAlreadyExists", resourceCulture); } @@ -165,7 +165,7 @@ public static string BackupKeyFileAlreadyExists { /// /// Looks up a localized string similar to Cannot find backup key file '{0}'. /// - public static string BackupKeyFileNotFound { + internal static string BackupKeyFileNotFound { get { return ResourceManager.GetString("BackupKeyFileNotFound", resourceCulture); } @@ -174,7 +174,7 @@ public static string BackupKeyFileNotFound { /// /// Looks up a localized string similar to Backup secret. /// - public static string BackupSecret { + internal static string BackupSecret { get { return ResourceManager.GetString("BackupSecret", resourceCulture); } @@ -183,7 +183,7 @@ public static string BackupSecret { /// /// Looks up a localized string similar to The backup secret file '{0}' already exists.. /// - public static string BackupSecretFileAlreadyExists { + internal static string BackupSecretFileAlreadyExists { get { return ResourceManager.GetString("BackupSecretFileAlreadyExists", resourceCulture); } @@ -192,7 +192,7 @@ public static string BackupSecretFileAlreadyExists { /// /// Looks up a localized string similar to Cannot find backup secret file '{0}'. /// - public static string BackupSecretFileNotFound { + internal static string BackupSecretFileNotFound { get { return ResourceManager.GetString("BackupSecretFileNotFound", resourceCulture); } @@ -201,7 +201,7 @@ public static string BackupSecretFileNotFound { /// /// Looks up a localized string similar to Bad Parameter Set Name. /// - public static string BadParameterSetName { + internal static string BadParameterSetName { get { return ResourceManager.GetString("BadParameterSetName", resourceCulture); } @@ -210,7 +210,7 @@ public static string BadParameterSetName { /// /// Looks up a localized string similar to Cannot find certificate file '{0}'.. /// - public static string CertificateFileNotFound { + internal static string CertificateFileNotFound { get { return ResourceManager.GetString("CertificateFileNotFound", resourceCulture); } @@ -219,7 +219,7 @@ public static string CertificateFileNotFound { /// /// Looks up a localized string similar to Create certificate administrator. /// - public static string CreateCertificateAdministrator { + internal static string CreateCertificateAdministrator { get { return ResourceManager.GetString("CreateCertificateAdministrator", resourceCulture); } @@ -228,7 +228,7 @@ public static string CreateCertificateAdministrator { /// /// Looks up a localized string similar to Create certificate organization. /// - public static string CreateCertificateOrganization { + internal static string CreateCertificateOrganization { get { return ResourceManager.GetString("CreateCertificateOrganization", resourceCulture); } @@ -237,7 +237,7 @@ public static string CreateCertificateOrganization { /// /// Looks up a localized string similar to Create certificate policy. /// - public static string CreateCertificatePolicy { + internal static string CreateCertificatePolicy { get { return ResourceManager.GetString("CreateCertificatePolicy", resourceCulture); } @@ -246,7 +246,7 @@ public static string CreateCertificatePolicy { /// /// Looks up a localized string similar to Create key vault. /// - public static string CreateKeyVault { + internal static string CreateKeyVault { get { return ResourceManager.GetString("CreateKeyVault", resourceCulture); } @@ -255,7 +255,7 @@ public static string CreateKeyVault { /// /// Looks up a localized string similar to Cannot find deleted vault '{0}' in location '{1}'. /// - public static string DeletedVaultNotFound { + internal static string DeletedVaultNotFound { get { return ResourceManager.GetString("DeletedVaultNotFound", resourceCulture); } @@ -264,7 +264,7 @@ public static string DeletedVaultNotFound { /// /// Looks up a localized string similar to Overwrite File ?. /// - public static string FileOverwriteCaption { + internal static string FileOverwriteCaption { get { return ResourceManager.GetString("FileOverwriteCaption", resourceCulture); } @@ -273,7 +273,7 @@ public static string FileOverwriteCaption { /// /// Looks up a localized string similar to Overwrite existing file at '{0}' ?. /// - public static string FileOverwriteMessage { + internal static string FileOverwriteMessage { get { return ResourceManager.GetString("FileOverwriteMessage", resourceCulture); } @@ -282,7 +282,7 @@ public static string FileOverwriteMessage { /// /// Looks up a localized string similar to BYOK key can not be imported as software key. /// - public static string ImportByokAsSoftkeyError { + internal static string ImportByokAsSoftkeyError { get { return ResourceManager.GetString("ImportByokAsSoftkeyError", resourceCulture); } @@ -291,7 +291,7 @@ public static string ImportByokAsSoftkeyError { /// /// Looks up a localized string similar to Import certificate. /// - public static string ImportCertificate { + internal static string ImportCertificate { get { return ResourceManager.GetString("ImportCertificate", resourceCulture); } @@ -300,7 +300,7 @@ public static string ImportCertificate { /// /// Looks up a localized string similar to Invalid application Id.. /// - public static string InvalidApplicationId { + internal static string InvalidApplicationId { get { return ResourceManager.GetString("InvalidApplicationId", resourceCulture); } @@ -309,7 +309,7 @@ public static string InvalidApplicationId { /// /// Looks up a localized string similar to Invalid AzureEnvironment.. /// - public static string InvalidAzureEnvironment { + internal static string InvalidAzureEnvironment { get { return ResourceManager.GetString("InvalidAzureEnvironment", resourceCulture); } @@ -318,7 +318,7 @@ public static string InvalidAzureEnvironment { /// /// Looks up a localized string similar to No current subscription has been designated. Use Set-AzureRmContext -SubscriptionName <subscriptionName> to set the current subscription.. /// - public static string InvalidCurrentSubscription { + internal static string InvalidCurrentSubscription { get { return ResourceManager.GetString("InvalidCurrentSubscription", resourceCulture); } @@ -327,7 +327,7 @@ public static string InvalidCurrentSubscription { /// /// Looks up a localized string similar to Invalid key attributes. /// - public static string InvalidKeyAttributes { + internal static string InvalidKeyAttributes { get { return ResourceManager.GetString("InvalidKeyAttributes", resourceCulture); } @@ -336,7 +336,7 @@ public static string InvalidKeyAttributes { /// /// Looks up a localized string similar to Invalid '{0}' key blob.. /// - public static string InvalidKeyBlob { + internal static string InvalidKeyBlob { get { return ResourceManager.GetString("InvalidKeyBlob", resourceCulture); } @@ -345,7 +345,7 @@ public static string InvalidKeyBlob { /// /// Looks up a localized string similar to Invalid KeyBundle.. /// - public static string InvalidKeyBundle { + internal static string InvalidKeyBundle { get { return ResourceManager.GetString("InvalidKeyBundle", resourceCulture); } @@ -354,7 +354,7 @@ public static string InvalidKeyBundle { /// /// Looks up a localized string similar to Can not create given key material in specified destination.. /// - public static string InvalidKeyDestination { + internal static string InvalidKeyDestination { get { return ResourceManager.GetString("InvalidKeyDestination", resourceCulture); } @@ -363,7 +363,7 @@ public static string InvalidKeyDestination { /// /// Looks up a localized string similar to Invalid key identifier. /// - public static string InvalidKeyIdentifier { + internal static string InvalidKeyIdentifier { get { return ResourceManager.GetString("InvalidKeyIdentifier", resourceCulture); } @@ -372,7 +372,7 @@ public static string InvalidKeyIdentifier { /// /// Looks up a localized string similar to Invalid key name.. /// - public static string InvalidKeyName { + internal static string InvalidKeyName { get { return ResourceManager.GetString("InvalidKeyName", resourceCulture); } @@ -381,7 +381,7 @@ public static string InvalidKeyName { /// /// Looks up a localized string similar to Invalid key uri '{0}'.. /// - public static string InvalidKeyUri { + internal static string InvalidKeyUri { get { return ResourceManager.GetString("InvalidKeyUri", resourceCulture); } @@ -390,7 +390,7 @@ public static string InvalidKeyUri { /// /// Looks up a localized string similar to Invalid key vault managed storage acccount name.. /// - public static string InvalidManagedStorageAccountName { + internal static string InvalidManagedStorageAccountName { get { return ResourceManager.GetString("InvalidManagedStorageAccountName", resourceCulture); } @@ -399,7 +399,7 @@ public static string InvalidManagedStorageAccountName { /// /// Looks up a localized string similar to Invalid number of certificates.. /// - public static string InvalidNumberOfCertificates { + internal static string InvalidNumberOfCertificates { get { return ResourceManager.GetString("InvalidNumberOfCertificates", resourceCulture); } @@ -408,7 +408,7 @@ public static string InvalidNumberOfCertificates { /// /// Looks up a localized string similar to Cannot parse ObjectId into Guid.. /// - public static string InvalidObjectIdSyntax { + internal static string InvalidObjectIdSyntax { get { return ResourceManager.GetString("InvalidObjectIdSyntax", resourceCulture); } @@ -417,7 +417,7 @@ public static string InvalidObjectIdSyntax { /// /// Looks up a localized string similar to Invalid Sas permission '{0}'.. /// - public static string InvalidSasPermission { + internal static string InvalidSasPermission { get { return ResourceManager.GetString("InvalidSasPermission", resourceCulture); } @@ -426,7 +426,7 @@ public static string InvalidSasPermission { /// /// Looks up a localized string similar to Invalid secret attributes. /// - public static string InvalidSecretAttributes { + internal static string InvalidSecretAttributes { get { return ResourceManager.GetString("InvalidSecretAttributes", resourceCulture); } @@ -435,7 +435,7 @@ public static string InvalidSecretAttributes { /// /// Looks up a localized string similar to Invalid secret identifier. /// - public static string InvalidSecretIdentifier { + internal static string InvalidSecretIdentifier { get { return ResourceManager.GetString("InvalidSecretIdentifier", resourceCulture); } @@ -444,7 +444,7 @@ public static string InvalidSecretIdentifier { /// /// Looks up a localized string similar to Invalid secret name.. /// - public static string InvalidSecretName { + internal static string InvalidSecretName { get { return ResourceManager.GetString("InvalidSecretName", resourceCulture); } @@ -453,7 +453,7 @@ public static string InvalidSecretName { /// /// Looks up a localized string similar to Invalid secret uri '{0}'.. /// - public static string InvalidSecretUri { + internal static string InvalidSecretUri { get { return ResourceManager.GetString("InvalidSecretUri", resourceCulture); } @@ -462,7 +462,7 @@ public static string InvalidSecretUri { /// /// Looks up a localized string similar to No subscription is currently selected. Use Set-AzureRmContext to activate a subscription.. /// - public static string InvalidSelectedSubscription { + internal static string InvalidSelectedSubscription { get { return ResourceManager.GetString("InvalidSelectedSubscription", resourceCulture); } @@ -471,7 +471,7 @@ public static string InvalidSelectedSubscription { /// /// Looks up a localized string similar to Your Azure credentials have not been set up or have expired, please run Login-AzureRmAccount to set up your Azure credentials.. /// - public static string InvalidSubscriptionState { + internal static string InvalidSubscriptionState { get { return ResourceManager.GetString("InvalidSubscriptionState", resourceCulture); } @@ -480,7 +480,7 @@ public static string InvalidSubscriptionState { /// /// Looks up a localized string similar to Invalid tag format. Expect @{Name = "tagName"} or @{Name = "tagName"; Value = "tagValue"}. /// - public static string InvalidTagFormat { + internal static string InvalidTagFormat { get { return ResourceManager.GetString("InvalidTagFormat", resourceCulture); } @@ -489,7 +489,7 @@ public static string InvalidTagFormat { /// /// Looks up a localized string similar to Invalid vault name.. /// - public static string InvalidVaultName { + internal static string InvalidVaultName { get { return ResourceManager.GetString("InvalidVaultName", resourceCulture); } @@ -498,7 +498,7 @@ public static string InvalidVaultName { /// /// Looks up a localized string similar to Invalid vault uri '{0}'. Vault uri must contain valid dns host name with domain suffix '{1}'.. /// - public static string InvalidVaultUri { + internal static string InvalidVaultUri { get { return ResourceManager.GetString("InvalidVaultUri", resourceCulture); } @@ -507,7 +507,7 @@ public static string InvalidVaultUri { /// /// Looks up a localized string similar to Can not find key file '{0}'.. /// - public static string KeyFileNotFound { + internal static string KeyFileNotFound { get { return ResourceManager.GetString("KeyFileNotFound", resourceCulture); } @@ -516,7 +516,7 @@ public static string KeyFileNotFound { /// /// Looks up a localized string similar to There is no default user account associated with this subscription. Certificate accounts are not supported with Azure Key Vault.. /// - public static string NoDefaultUserAccount { + internal static string NoDefaultUserAccount { get { return ResourceManager.GetString("NoDefaultUserAccount", resourceCulture); } @@ -525,7 +525,7 @@ public static string NoDefaultUserAccount { /// /// Looks up a localized string similar to No tenant found in the context. Please ensure that the credentials you provided are authorized to access an Azure subscription, then run Login-AzureRMAccount to login.. /// - public static string NoTenantInContext { + internal static string NoTenantInContext { get { return ResourceManager.GetString("NoTenantInContext", resourceCulture); } @@ -534,7 +534,7 @@ public static string NoTenantInContext { /// /// Looks up a localized string similar to Invalid permissions to {0}. The list contains "all" along with other permissions. Please remove "all" from the list or include only "all" in the list.. /// - public static string PermissionSetIncludesAllPlusOthers { + internal static string PermissionSetIncludesAllPlusOthers { get { return ResourceManager.GetString("PermissionSetIncludesAllPlusOthers", resourceCulture); } @@ -543,7 +543,7 @@ public static string PermissionSetIncludesAllPlusOthers { /// /// Looks up a localized string similar to At least one permission should be selected for key access or secret access.. /// - public static string PermissionsNotSpecified { + internal static string PermissionsNotSpecified { get { return ResourceManager.GetString("PermissionsNotSpecified", resourceCulture); } @@ -552,7 +552,7 @@ public static string PermissionsNotSpecified { /// /// Looks up a localized string similar to Are you sure you want to remove vault '{0}' forever.. /// - public static string PurgeVaultWarning { + internal static string PurgeVaultWarning { get { return ResourceManager.GetString("PurgeVaultWarning", resourceCulture); } @@ -561,16 +561,25 @@ public static string PurgeVaultWarning { /// /// Looks up a localized string similar to Purge vault. /// - public static string PurgeVaultWhatIfMessage { + internal static string PurgeVaultWhatIfMessage { get { return ResourceManager.GetString("PurgeVaultWhatIfMessage", resourceCulture); } } + /// + /// Looks up a localized string similar to Recover certificate. + /// + internal static string RecoverCertificate { + get { + return ResourceManager.GetString("RecoverCertificate", resourceCulture); + } + } + /// /// Looks up a localized string similar to Recover key. /// - public static string RecoverKey { + internal static string RecoverKey { get { return ResourceManager.GetString("RecoverKey", resourceCulture); } @@ -579,7 +588,7 @@ public static string RecoverKey { /// /// Looks up a localized string similar to Recover secret. /// - public static string RecoverSecret { + internal static string RecoverSecret { get { return ResourceManager.GetString("RecoverSecret", resourceCulture); } @@ -588,7 +597,7 @@ public static string RecoverSecret { /// /// Looks up a localized string similar to Recover vault. /// - public static string RecoverVault { + internal static string RecoverVault { get { return ResourceManager.GetString("RecoverVault", resourceCulture); } @@ -597,7 +606,7 @@ public static string RecoverVault { /// /// Looks up a localized string similar to Are you sure you want to regenerate '{0}' of storage account '{1}' and make it an active key of Key Vault managed Storage Account.. /// - public static string RegenerateManagedStorageAccountKeyWarning { + internal static string RegenerateManagedStorageAccountKeyWarning { get { return ResourceManager.GetString("RegenerateManagedStorageAccountKeyWarning", resourceCulture); } @@ -606,7 +615,7 @@ public static string RegenerateManagedStorageAccountKeyWarning { /// /// Looks up a localized string similar to Regenerate '{0}'. /// - public static string RegenerateManagedStorageAccountKeyWhatIfMessage { + internal static string RegenerateManagedStorageAccountKeyWhatIfMessage { get { return ResourceManager.GetString("RegenerateManagedStorageAccountKeyWhatIfMessage", resourceCulture); } @@ -615,7 +624,7 @@ public static string RegenerateManagedStorageAccountKeyWhatIfMessage { /// /// Looks up a localized string similar to Remove certificate contact. /// - public static string RemoveCertificateContact { + internal static string RemoveCertificateContact { get { return ResourceManager.GetString("RemoveCertificateContact", resourceCulture); } @@ -624,7 +633,7 @@ public static string RemoveCertificateContact { /// /// Looks up a localized string similar to Remove certificate issuer. /// - public static string RemoveCertificateIssuer { + internal static string RemoveCertificateIssuer { get { return ResourceManager.GetString("RemoveCertificateIssuer", resourceCulture); } @@ -633,7 +642,7 @@ public static string RemoveCertificateIssuer { /// /// Looks up a localized string similar to Remove certificate operation. /// - public static string RemoveCertificateOperation { + internal static string RemoveCertificateOperation { get { return ResourceManager.GetString("RemoveCertificateOperation", resourceCulture); } @@ -642,7 +651,7 @@ public static string RemoveCertificateOperation { /// /// Looks up a localized string similar to Are you sure you want to remove certificate '{0}'.. /// - public static string RemoveCertWarning { + internal static string RemoveCertWarning { get { return ResourceManager.GetString("RemoveCertWarning", resourceCulture); } @@ -651,16 +660,34 @@ public static string RemoveCertWarning { /// /// Looks up a localized string similar to Remove certificate. /// - public static string RemoveCertWhatIfMessage { + internal static string RemoveCertWhatIfMessage { get { return ResourceManager.GetString("RemoveCertWhatIfMessage", resourceCulture); } } + /// + /// Looks up a localized string similar to Are you sure you want to purge certificate '{0}'. + /// + internal static string RemoveDeletedCertificateWarning { + get { + return ResourceManager.GetString("RemoveDeletedCertificateWarning", resourceCulture); + } + } + + /// + /// Looks up a localized string similar to Purge certificate. + /// + internal static string RemoveDeletedCertificateWhatIfMessage { + get { + return ResourceManager.GetString("RemoveDeletedCertificateWhatIfMessage", resourceCulture); + } + } + /// /// Looks up a localized string similar to Are you sure you want to purge key '{0}'.. /// - public static string RemoveDeletedKeyWarning { + internal static string RemoveDeletedKeyWarning { get { return ResourceManager.GetString("RemoveDeletedKeyWarning", resourceCulture); } @@ -669,7 +696,7 @@ public static string RemoveDeletedKeyWarning { /// /// Looks up a localized string similar to Purge key. /// - public static string RemoveDeletedKeyWhatIfMessage { + internal static string RemoveDeletedKeyWhatIfMessage { get { return ResourceManager.GetString("RemoveDeletedKeyWhatIfMessage", resourceCulture); } @@ -678,7 +705,7 @@ public static string RemoveDeletedKeyWhatIfMessage { /// /// Looks up a localized string similar to Are you sure you want to purge secret '{0}'.. /// - public static string RemoveDeletedSecretWarning { + internal static string RemoveDeletedSecretWarning { get { return ResourceManager.GetString("RemoveDeletedSecretWarning", resourceCulture); } @@ -687,7 +714,7 @@ public static string RemoveDeletedSecretWarning { /// /// Looks up a localized string similar to Purge secret. /// - public static string RemoveDeletedSecretWhatIfMessage { + internal static string RemoveDeletedSecretWhatIfMessage { get { return ResourceManager.GetString("RemoveDeletedSecretWhatIfMessage", resourceCulture); } @@ -696,7 +723,7 @@ public static string RemoveDeletedSecretWhatIfMessage { /// /// Looks up a localized string similar to Are you sure you want to remove key '{0}'.. /// - public static string RemoveKeyWarning { + internal static string RemoveKeyWarning { get { return ResourceManager.GetString("RemoveKeyWarning", resourceCulture); } @@ -705,7 +732,7 @@ public static string RemoveKeyWarning { /// /// Looks up a localized string similar to Remove key. /// - public static string RemoveKeyWhatIfMessage { + internal static string RemoveKeyWhatIfMessage { get { return ResourceManager.GetString("RemoveKeyWhatIfMessage", resourceCulture); } @@ -714,7 +741,7 @@ public static string RemoveKeyWhatIfMessage { /// /// Looks up a localized string similar to Are you sure you want to remove managed storage account '{0}'. /// - public static string RemoveManagedStorageAccountWarning { + internal static string RemoveManagedStorageAccountWarning { get { return ResourceManager.GetString("RemoveManagedStorageAccountWarning", resourceCulture); } @@ -723,7 +750,7 @@ public static string RemoveManagedStorageAccountWarning { /// /// Looks up a localized string similar to Remove managed storage account. /// - public static string RemoveManagedStorageAccountWhatIfMessage { + internal static string RemoveManagedStorageAccountWhatIfMessage { get { return ResourceManager.GetString("RemoveManagedStorageAccountWhatIfMessage", resourceCulture); } @@ -732,7 +759,7 @@ public static string RemoveManagedStorageAccountWhatIfMessage { /// /// Looks up a localized string similar to Are you sure you want to remove managed storage sas definition '{0}'. /// - public static string RemoveManagedStorageSasDefinitionWarning { + internal static string RemoveManagedStorageSasDefinitionWarning { get { return ResourceManager.GetString("RemoveManagedStorageSasDefinitionWarning", resourceCulture); } @@ -741,7 +768,7 @@ public static string RemoveManagedStorageSasDefinitionWarning { /// /// Looks up a localized string similar to Remove managed storage sas definition. /// - public static string RemoveManagedStorageSasDefinitionWhatIfMessage { + internal static string RemoveManagedStorageSasDefinitionWhatIfMessage { get { return ResourceManager.GetString("RemoveManagedStorageSasDefinitionWhatIfMessage", resourceCulture); } @@ -750,7 +777,7 @@ public static string RemoveManagedStorageSasDefinitionWhatIfMessage { /// /// Looks up a localized string similar to Are you sure you want to remove secret '{0}'. /// - public static string RemoveSecretWarning { + internal static string RemoveSecretWarning { get { return ResourceManager.GetString("RemoveSecretWarning", resourceCulture); } @@ -759,7 +786,7 @@ public static string RemoveSecretWarning { /// /// Looks up a localized string similar to Remove secret. /// - public static string RemoveSecretWhatIfMessage { + internal static string RemoveSecretWhatIfMessage { get { return ResourceManager.GetString("RemoveSecretWhatIfMessage", resourceCulture); } @@ -768,7 +795,7 @@ public static string RemoveSecretWhatIfMessage { /// /// Looks up a localized string similar to Remove vault access policy. /// - public static string RemoveVaultAccessPolicy { + internal static string RemoveVaultAccessPolicy { get { return ResourceManager.GetString("RemoveVaultAccessPolicy", resourceCulture); } @@ -777,7 +804,7 @@ public static string RemoveVaultAccessPolicy { /// /// Looks up a localized string similar to Are you sure you want to remove vault '{0}'.. /// - public static string RemoveVaultWarning { + internal static string RemoveVaultWarning { get { return ResourceManager.GetString("RemoveVaultWarning", resourceCulture); } @@ -786,7 +813,7 @@ public static string RemoveVaultWarning { /// /// Looks up a localized string similar to Remove vault. /// - public static string RemoveVaultWhatIfMessage { + internal static string RemoveVaultWhatIfMessage { get { return ResourceManager.GetString("RemoveVaultWhatIfMessage", resourceCulture); } @@ -795,7 +822,7 @@ public static string RemoveVaultWhatIfMessage { /// /// Looks up a localized string similar to Restore key. /// - public static string RestoreKey { + internal static string RestoreKey { get { return ResourceManager.GetString("RestoreKey", resourceCulture); } @@ -804,7 +831,7 @@ public static string RestoreKey { /// /// Looks up a localized string similar to Restore secret. /// - public static string RestoreSecret { + internal static string RestoreSecret { get { return ResourceManager.GetString("RestoreSecret", resourceCulture); } @@ -813,7 +840,7 @@ public static string RestoreSecret { /// /// Looks up a localized string similar to Set certificate attribute. /// - public static string SetCertificateAttributes { + internal static string SetCertificateAttributes { get { return ResourceManager.GetString("SetCertificateAttributes", resourceCulture); } @@ -822,7 +849,7 @@ public static string SetCertificateAttributes { /// /// Looks up a localized string similar to Set certificate issuer. /// - public static string SetCertificateIssuer { + internal static string SetCertificateIssuer { get { return ResourceManager.GetString("SetCertificateIssuer", resourceCulture); } @@ -831,7 +858,7 @@ public static string SetCertificateIssuer { /// /// Looks up a localized string similar to Set certificate policy. /// - public static string SetCertificatePolicy { + internal static string SetCertificatePolicy { get { return ResourceManager.GetString("SetCertificatePolicy", resourceCulture); } @@ -840,7 +867,7 @@ public static string SetCertificatePolicy { /// /// Looks up a localized string similar to Set key attribute. /// - public static string SetKeyAttribute { + internal static string SetKeyAttribute { get { return ResourceManager.GetString("SetKeyAttribute", resourceCulture); } @@ -849,7 +876,7 @@ public static string SetKeyAttribute { /// /// Looks up a localized string similar to Set Key Vault managed Storage Account attribute. /// - public static string SetManagedStorageAccountKeysAttribute { + internal static string SetManagedStorageAccountKeysAttribute { get { return ResourceManager.GetString("SetManagedStorageAccountKeysAttribute", resourceCulture); } @@ -858,7 +885,7 @@ public static string SetManagedStorageAccountKeysAttribute { /// /// Looks up a localized string similar to Set Key Vault managed Storage SAS definition. /// - public static string SetManagedStorageSasDefinition { + internal static string SetManagedStorageSasDefinition { get { return ResourceManager.GetString("SetManagedStorageSasDefinition", resourceCulture); } @@ -867,7 +894,7 @@ public static string SetManagedStorageSasDefinition { /// /// Looks up a localized string similar to Set secret. /// - public static string SetSecret { + internal static string SetSecret { get { return ResourceManager.GetString("SetSecret", resourceCulture); } @@ -876,7 +903,7 @@ public static string SetSecret { /// /// Looks up a localized string similar to Set secret attribute. /// - public static string SetSecretAttribute { + internal static string SetSecretAttribute { get { return ResourceManager.GetString("SetSecretAttribute", resourceCulture); } @@ -885,7 +912,7 @@ public static string SetSecretAttribute { /// /// Looks up a localized string similar to Set vault access policy. /// - public static string SetVaultAccessPolicy { + internal static string SetVaultAccessPolicy { get { return ResourceManager.GetString("SetVaultAccessPolicy", resourceCulture); } @@ -894,7 +921,7 @@ public static string SetVaultAccessPolicy { /// /// Looks up a localized string similar to Stop certificate operation. /// - public static string StopCertificateOperation { + internal static string StopCertificateOperation { get { return ResourceManager.GetString("StopCertificateOperation", resourceCulture); } @@ -903,7 +930,7 @@ public static string StopCertificateOperation { /// /// Looks up a localized string similar to Key vault cmdlet does not support account type '{0}'.. /// - public static string UnsupportedAccountType { + internal static string UnsupportedAccountType { get { return ResourceManager.GetString("UnsupportedAccountType", resourceCulture); } @@ -912,7 +939,7 @@ public static string UnsupportedAccountType { /// /// Looks up a localized string similar to The file format of '{0}' is not supported.. /// - public static string UnsupportedFileFormat { + internal static string UnsupportedFileFormat { get { return ResourceManager.GetString("UnsupportedFileFormat", resourceCulture); } @@ -921,7 +948,7 @@ public static string UnsupportedFileFormat { /// /// Looks up a localized string similar to The specified vault already exists.. /// - public static string VaultAlreadyExists { + internal static string VaultAlreadyExists { get { return ResourceManager.GetString("VaultAlreadyExists", resourceCulture); } @@ -930,7 +957,7 @@ public static string VaultAlreadyExists { /// /// Looks up a localized string similar to Access policy is not set. No user or application have access permission to use this vault. This can happen if the vault was created by a service principal. Please use Set-AzureRmKeyVaultAccessPolicy to set access policies.. /// - public static string VaultNoAccessPolicyWarning { + internal static string VaultNoAccessPolicyWarning { get { return ResourceManager.GetString("VaultNoAccessPolicyWarning", resourceCulture); } @@ -939,7 +966,7 @@ public static string VaultNoAccessPolicyWarning { /// /// Looks up a localized string similar to Cannot find vault '{0}' in resource group '{1}'.. /// - public static string VaultNotFound { + internal static string VaultNotFound { get { return ResourceManager.GetString("VaultNotFound", resourceCulture); } @@ -948,7 +975,7 @@ public static string VaultNotFound { /// /// Looks up a localized string similar to At least one of -EnabledForDeployment, -EnabledForTemplateDeployment, or -EnabledForDiskEncryption must be specified.. /// - public static string VaultPermissionFlagMissing { + internal static string VaultPermissionFlagMissing { get { return ResourceManager.GetString("VaultPermissionFlagMissing", resourceCulture); } diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/Properties/Resources.resx b/src/ResourceManager/KeyVault/Commands.KeyVault/Properties/Resources.resx index 5e0b2135e931..111d1d100142 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/Properties/Resources.resx +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/Properties/Resources.resx @@ -415,6 +415,15 @@ You can find the object ID using Azure Active Directory Module for Windows Power Invalid Sas permission '{0}'. - The Email argument specified, '{1}', matches multiple objects in the Azure Active Directory tenant '{2}'. Please use -UserPrincipalName to narrow down the filter to a single object. The TenantID displayed by the cmdlet 'Get-AzureRmContext' is the current subscription's Azure Active Directory. + The Email argument specified, '{1}', matches multiple objects in the Azure Active Directory tenant '{2}'. Please use -UserPrincipalName to narrow down the filter to a single object. The TenantID displayed by the cmdlet 'Get-AzureRmContext' is the current subscription's Azure Active Directory. + + + Recover certificate + + + Are you sure you want to purge certificate '{0}' + + + Purge certificate \ No newline at end of file diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Add-AzureKeyVaultCertificate.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Add-AzureKeyVaultCertificate.md index 7ee6a8054b23..7bd867cbf8fd 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Add-AzureKeyVaultCertificate.md +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Add-AzureKeyVaultCertificate.md @@ -1,7 +1,7 @@ --- external help file: Microsoft.Azure.Commands.KeyVault.dll-Help.xml ms.assetid: 89299823-3382-402D-9458-519466748051 -online version: +online version: schema: 2.0.0 --- @@ -90,30 +90,15 @@ Specifies a **KeyVaultCertificatePolicy** object. ```yaml Type: KeyVaultCertificatePolicy Parameter Sets: (All) -Aliases: +Aliases: Required: False -Position: 2 +Position: 3 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` -### -Confirm -Prompts you for confirmation before running the cmdlet. - -```yaml -Type: SwitchParameter -Parameter Sets: (All) -Aliases: cf - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - ### -Name Specifies the name of the certificate to add. @@ -123,7 +108,7 @@ Parameter Sets: (All) Aliases: CertificateName Required: True -Position: 1 +Position: 2 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False @@ -152,15 +137,30 @@ Specifies the name of a key vault. ```yaml Type: String Parameter Sets: (All) -Aliases: +Aliases: Required: True -Position: 0 +Position: 1 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` +### -Confirm +Prompts you for confirmation before running the cmdlet. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: cf + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + ### -WhatIf Shows what would happen if the cmdlet runs. The cmdlet is not run. diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Add-AzureKeyVaultCertificateContact.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Add-AzureKeyVaultCertificateContact.md index 65d4cc750393..67a8871a29ee 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Add-AzureKeyVaultCertificateContact.md +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Add-AzureKeyVaultCertificateContact.md @@ -33,21 +33,6 @@ This command adds Patti Fuller as a certificate contact for the ContosoKV01 key ## PARAMETERS -### -Confirm -Prompts you for confirmation before running the cmdlet. - -```yaml -Type: SwitchParameter -Parameter Sets: (All) -Aliases: cf - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - ### -EmailAddress Specifies the email address of the contact. @@ -57,7 +42,7 @@ Parameter Sets: (All) Aliases: Required: True -Position: 1 +Position: 2 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False @@ -88,12 +73,27 @@ Parameter Sets: (All) Aliases: Required: True -Position: 0 +Position: 1 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` +### -Confirm +Prompts you for confirmation before running the cmdlet. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: cf + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + ### -WhatIf Shows what would happen if the cmdlet runs. The cmdlet is not run. diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/AzureRM.KeyVault.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/AzureRM.KeyVault.md index d95e8ed654c2..6875a91484f2 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/AzureRM.KeyVault.md +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/AzureRM.KeyVault.md @@ -20,8 +20,8 @@ Adds a contact for certificate notifications. ### [Add-AzureKeyVaultKey](Add-AzureKeyVaultKey.md) Creates a key in a key vault or imports a key into a key vault. -### [Add-AzureKeyVaultManagedStorageAccount](Add-AzureKeyVaultManagedStorageAccount.md) -Adds an existing storage account to a key vault for automatic management of its storage account keys. +### [Add-AzureKeyVaultManagedStorageAccount](Add-AzureKeyVaultManagedStorageAccount.md) +Adds a KeyVault-managed storage account to a key vault. ### [Backup-AzureKeyVaultKey](Backup-AzureKeyVaultKey.md) Backs up a key in a key vault. @@ -59,8 +59,8 @@ Gets the secrets in a key vault. ### [Get-AzureRmKeyVault](Get-AzureRmKeyVault.md) Gets key vaults. -### [Import-AzureKeyVaultCertificate](Import-AzureKeyVaultCertificate.md) -Imports a certificate to a key vault. +### [Get-AzureRmKeyVault](Get-AzureRmKeyVault.md) +Gets key vaults. ### [New-AzureKeyVaultCertificateAdministratorDetails](New-AzureKeyVaultCertificateAdministratorDetails.md) Creates an in-memory certificate administrator details object. @@ -119,17 +119,17 @@ Sets a certificate issuer in a key vault. ### [Set-AzureKeyVaultCertificatePolicy](Set-AzureKeyVaultCertificatePolicy.md) Creates or updates the policy for a certificate in a key vault. -### [Set-AzureKeyVaultKeyAttribute](Set-AzureKeyVaultKeyAttribute.md) -Updates the attributes of a key in a key vault. +### [Set-AzureKeyVaultCertificatePolicy](Set-AzureKeyVaultCertificatePolicy.md) +Creates or updates the policy for a certificate in a key vault. -### [Set-AzureKeyVaultManagedStorageSasDefinition](Set-AzureKeyVaultManagedStorageSasDefinition.md) -Sets a Shared Access Signature (SAS) definition with Key Vault for a given Key Vault managed Azure Storage Account. +### [Set-AzureKeyVaultCertificatePolicy](Set-AzureKeyVaultCertificatePolicy.md) +Creates or updates the policy for a certificate in a key vault. -### [Set-AzureKeyVaultSecret](Set-AzureKeyVaultSecret.md) -Creates or updates a secret in a key vault. +### [Set-AzureKeyVaultCertificatePolicy](Set-AzureKeyVaultCertificatePolicy.md) +Creates or updates the policy for a certificate in a key vault. -### [Set-AzureKeyVaultSecretAttribute](Set-AzureKeyVaultSecretAttribute.md) -Updates attributes of a secret in a key vault. +### [Set-AzureKeyVaultCertificatePolicy](Set-AzureKeyVaultCertificatePolicy.md) +Creates or updates the policy for a certificate in a key vault. ### [Set-AzureRmKeyVaultAccessPolicy](Set-AzureRmKeyVaultAccessPolicy.md) Grants or modifies existing permissions for a user, application, or security group to perform operations with a key vault. @@ -137,6 +137,9 @@ Grants or modifies existing permissions for a user, application, or security gro ### [Stop-AzureKeyVaultCertificateOperation](Stop-AzureKeyVaultCertificateOperation.md) Cancels a certificate operation in key vault. +### [Undo-AzureKeyVaultCertificateRemoval](Undo-AzureKeyVaultCertificateRemoval.md) +Recovers a deleted certificate in a key vault into an active state. + ### [Undo-AzureKeyVaultKeyRemoval](Undo-AzureKeyVaultKeyRemoval.md) Recovers a deleted key in a key vault into an active state. @@ -146,8 +149,9 @@ Recovers a deleted secret in a key vault into an active state. ### [Undo-AzureRmKeyVaultRemoval](Undo-AzureRmKeyVaultRemoval.md) Recovers a deleted key vault into an active state. -### [Update-AzureKeyVaultManagedStorageAccount](Update-AzureKeyVaultManagedStorageAccount.md) -Update editable attributes of a Key Vault managed Azure Storage Account. +### [Undo-AzureRmKeyVaultRemoval](Undo-AzureRmKeyVaultRemoval.md) +Recovers a deleted key vault into an active state. ### [Update-AzureKeyVaultManagedStorageAccountKey](Update-AzureKeyVaultManagedStorageAccountKey.md) -Regenerates the storage account key associated with a storage account managed by Key Vault. +Regenerates the specified key of Key Vault managed Azure Storage Account. + diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Backup-AzureKeyVaultKey.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Backup-AzureKeyVaultKey.md index af2cb546341f..78435de8f662 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Backup-AzureKeyVaultKey.md +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Backup-AzureKeyVaultKey.md @@ -63,21 +63,6 @@ This command creates a backup of the key named $key.Name in the vault named $key ## PARAMETERS -### -Confirm -Prompts you for confirmation before running the cmdlet. - -```yaml -Type: SwitchParameter -Parameter Sets: (All) -Aliases: cf - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - ### -Force Overwrite the given file if it exists @@ -117,7 +102,7 @@ Parameter Sets: ByKeyName Aliases: KeyName Required: True -Position: 1 +Position: 2 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False @@ -134,7 +119,7 @@ Parameter Sets: (All) Aliases: Required: False -Position: 2 +Position: 3 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False @@ -149,12 +134,27 @@ Parameter Sets: ByKeyName Aliases: Required: True -Position: 0 +Position: 1 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` +### -Confirm +Prompts you for confirmation before running the cmdlet. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: cf + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + ### -WhatIf Shows what would happen if the cmdlet runs. The cmdlet is not run. diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Backup-AzureKeyVaultSecret.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Backup-AzureKeyVaultSecret.md index 4905a33a277f..fc89ae120cd7 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Backup-AzureKeyVaultSecret.md +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Backup-AzureKeyVaultSecret.md @@ -61,21 +61,6 @@ This command uses the $secret object's vault name and name to retrieves the secr ## PARAMETERS -### -Confirm -Prompts you for confirmation before running the cmdlet. - -```yaml -Type: SwitchParameter -Parameter Sets: (All) -Aliases: cf - -Required: False -Position: Named -Default value: False -Accept pipeline input: False -Accept wildcard characters: False -``` - ### -Force Prompts you for confirmation before overwriting the output file, if that exists. @@ -153,6 +138,21 @@ Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` +### -Confirm +Prompts you for confirmation before running the cmdlet. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: cf + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + ### -WhatIf Shows what would happen if the cmdlet runs. The cmdlet is not run. diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureKeyVaultCertificate.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureKeyVaultCertificate.md index 99a9246b45ee..6200a3920132 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureKeyVaultCertificate.md +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureKeyVaultCertificate.md @@ -17,6 +17,11 @@ Gets a certificate from a key vault. Get-AzureKeyVaultCertificate [-VaultName] [] ``` +### ByDeletedCertificates +``` +Get-AzureKeyVaultCertificate [-VaultName] [-Name] [-InRemovedState] [] +``` + ### ByCertificateName ``` Get-AzureKeyVaultCertificate [-VaultName] [-Name] [[-Version] ] [] @@ -27,6 +32,11 @@ Get-AzureKeyVaultCertificate [-VaultName] [-Name] [[-Version] Get-AzureKeyVaultCertificate [-VaultName] [-Name] [-IncludeVersions] [] ``` +### ByDeletedCertificates +``` +Get-AzureKeyVaultCertificate [-VaultName] [[-Name] ] [-InRemovedState] [] +``` + ## DESCRIPTION The **Get-AzureKeyVaultCertificate** cmdlet gets the specified certificate or the versions of a certificate from a key vault in Azure Key Vault. @@ -63,6 +73,21 @@ Updated : 2/8/2016 11:21:45 PM This command gets the certificate named TestCert01 from the key vault named ContosoKV01. +### Example 2: Get all the certificates that have been deleted but not purged for this key vault. +``` +PS C:\>Get-AzureKeyVaultCertificate -VaultName 'Contoso' -InRemovedState +``` + +This command gets all the certificates that have been previously deleted, but not purged, in the key vault named Contoso. + +### Example 3: Gets the certificate MyCert that has been deleted but not purged for this key vault. +``` +PS C:\>Get-AzureKeyVaultCertificate -VaultName 'Contoso' -Name 'MyCert' -InRemovedState +``` + +This command gets the certificate named 'MyCert' that has been previously deleted, but not purged, in the key vault named Contoso. +This command will return metadata such as the deletion date, and the scheduled purging date of this deleted certificate. + ## PARAMETERS ### -IncludeVersions @@ -80,16 +105,41 @@ Accept pipeline input: False Accept wildcard characters: False ``` +### -InRemovedState +Specifies whether to include previously deleted certificates in the output.```yaml +Type: SwitchParameter +Parameter Sets: ByDeletedCertificates +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + ### -Name Specifies the name of the certificate to get. ```yaml Type: String -Parameter Sets: ByCertificateName, ByCertificateVersions +Parameter Sets: ByDeletedCertificates, ByCertificateName, ByCertificateVersions Aliases: CertificateName Required: True -Position: 1 +Position: 2 +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +```yaml +Type: String +Parameter Sets: ByDeletedCertificates +Aliases: CertificateName + +Required: False +Position: 2 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False @@ -104,7 +154,7 @@ Parameter Sets: (All) Aliases: Required: True -Position: 0 +Position: 1 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False @@ -119,7 +169,7 @@ Parameter Sets: ByCertificateName Aliases: CertificateVersion Required: False -Position: 2 +Position: 3 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False @@ -144,3 +194,6 @@ This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable [Import-AzureKeyVaultCertificate](./Import-AzureKeyVaultCertificate.md) +[Remove-AzureKeyVaultCertificate](./Remove-AzureKeyVaultCertificate.md) + +[Undo-AzureKeyVaultSecretCertificate](./Undo-AzureKeyVaultSecretCertificate.md) diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureKeyVaultCertificateContact.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureKeyVaultCertificateContact.md index 1f66b7af876c..9de772505807 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureKeyVaultCertificateContact.md +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureKeyVaultCertificateContact.md @@ -39,7 +39,7 @@ Parameter Sets: (All) Aliases: Required: True -Position: 0 +Position: 1 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureKeyVaultCertificateIssuer.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureKeyVaultCertificateIssuer.md index 23840a550166..e6c3ec453315 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureKeyVaultCertificateIssuer.md +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureKeyVaultCertificateIssuer.md @@ -50,7 +50,7 @@ Parameter Sets: ByName Aliases: IssuerName Required: True -Position: 1 +Position: 2 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False @@ -65,7 +65,7 @@ Parameter Sets: (All) Aliases: Required: True -Position: 0 +Position: 1 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureKeyVaultCertificateOperation.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureKeyVaultCertificateOperation.md index fe378b0bc719..f03359083842 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureKeyVaultCertificateOperation.md +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureKeyVaultCertificateOperation.md @@ -49,7 +49,7 @@ Parameter Sets: (All) Aliases: CertificateName Required: True -Position: 1 +Position: 2 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False @@ -64,7 +64,7 @@ Parameter Sets: (All) Aliases: Required: True -Position: 0 +Position: 1 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureKeyVaultCertificatePolicy.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureKeyVaultCertificatePolicy.md index 7ecbb05513ae..3662db8fdaab 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureKeyVaultCertificatePolicy.md +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureKeyVaultCertificatePolicy.md @@ -55,7 +55,7 @@ Parameter Sets: (All) Aliases: CertificateName Required: True -Position: 1 +Position: 2 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False @@ -70,7 +70,7 @@ Parameter Sets: (All) Aliases: Required: True -Position: 0 +Position: 1 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureKeyVaultKey.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureKeyVaultKey.md index ac6c554648e0..bb57f7b628c2 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureKeyVaultKey.md +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureKeyVaultKey.md @@ -84,12 +84,16 @@ This command will return metadata such as the deletion date, and the scheduled p ## PARAMETERS -### -InRemovedState -Specifies whether to show the previously deleted keys in the output. +### -IncludeVersions +Indicates that this cmdlet gets all versions of a key. +The current version of a key is the first one on the list. +If you specify this parameter you must also specify the *Name* and *VaultName* parameters. + +If you do not specify the *IncludeVersions* parameter, this cmdlet gets the current version of the key with the specified *Name*. ```yaml Type: SwitchParameter -Parameter Sets: ByDeletedKey +Parameter Sets: ByKeyVersions Aliases: Required: True @@ -99,16 +103,10 @@ Accept pipeline input: False Accept wildcard characters: False ``` -### -IncludeVersions -Indicates that this cmdlet gets all versions of a key. -The current version of a key is the first one on the list. -If you specify this parameter you must also specify the *Name* and *VaultName* parameters. - -If you do not specify the *IncludeVersions* parameter, this cmdlet gets the current version of the key with the specified *Name*. - -```yaml +### -InRemovedState +Specifies whether to show the previously deleted keys in the output.```yaml Type: SwitchParameter -Parameter Sets: ByKeyVersions +Parameter Sets: ByDeletedKey Aliases: Required: True @@ -127,7 +125,7 @@ Parameter Sets: ByKeyName, ByKeyVersions Aliases: KeyName Required: True -Position: 1 +Position: 2 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False @@ -139,7 +137,7 @@ Parameter Sets: ByDeletedKey Aliases: KeyName Required: False -Position: 1 +Position: 2 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False @@ -155,7 +153,7 @@ Parameter Sets: (All) Aliases: Required: True -Position: 0 +Position: 1 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False @@ -171,7 +169,7 @@ Parameter Sets: ByKeyName Aliases: KeyVersion Required: False -Position: 2 +Position: 3 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureKeyVaultSecret.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureKeyVaultSecret.md index 5b11a3edb10d..09f17f56e155 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureKeyVaultSecret.md +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureKeyVaultSecret.md @@ -74,7 +74,7 @@ PS C:\> Write-Host "Secret Value is: " $secret.SecretValueText These commands get the current version of a secret named ITSecret, and then displays the plain text value of that secret. -### Example 6: Get all the keys that have been deleted but not purged for this key vault. +### Example 6: Get all the secrets that have been deleted but not purged for this key vault. ``` PS C:\>Get-AzureKeyVaultSecret -VaultName 'Contoso' -InRemovedState ``` @@ -91,12 +91,16 @@ This command will return metadata such as the deletion date, and the scheduled p ## PARAMETERS -### -InRemovedState -Specifies whether to show the previously deleted secrets in the output. +### -IncludeVersions +Indicates that this cmdlet gets all versions of a secret. +The current version of a secret is the first one on the list. +If you specify this parameter you must also specify the *Name* and *VaultName* parameters. + +If you do not specify the *IncludeVersions* parameter, this cmdlet gets the current version of the secret with the specified *Name*. ```yaml Type: SwitchParameter -Parameter Sets: ByDeletedSecrets +Parameter Sets: BySecretVersions Aliases: Required: True @@ -106,16 +110,10 @@ Accept pipeline input: False Accept wildcard characters: False ``` -### -IncludeVersions -Indicates that this cmdlet gets all versions of a secret. -The current version of a secret is the first one on the list. -If you specify this parameter you must also specify the *Name* and *VaultName* parameters. - -If you do not specify the *IncludeVersions* parameter, this cmdlet gets the current version of the secret with the specified *Name*. - -```yaml +### -InRemovedState +Specifies whether to show the previously deleted secrets in the output.```yaml Type: SwitchParameter -Parameter Sets: BySecretVersions +Parameter Sets: ByDeletedSecrets Aliases: Required: True @@ -134,7 +132,7 @@ Parameter Sets: BySecretName, BySecretVersions Aliases: SecretName Required: True -Position: 1 +Position: 2 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False @@ -146,7 +144,7 @@ Parameter Sets: ByDeletedSecrets Aliases: SecretName Required: False -Position: 1 +Position: 2 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False @@ -162,7 +160,7 @@ Parameter Sets: (All) Aliases: Required: True -Position: 0 +Position: 1 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False @@ -178,7 +176,7 @@ Parameter Sets: BySecretName Aliases: SecretVersion Required: False -Position: 2 +Position: 3 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureRmKeyVault.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureRmKeyVault.md index 85c334095bd4..8ebd07afffa9 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureRmKeyVault.md +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Get-AzureRmKeyVault.md @@ -93,7 +93,7 @@ Specifies whether to show the previously deleted vaults in the output. ```yaml Type: SwitchParameter Parameter Sets: ByDeletedVault, ListAllDeletedVaultsInSubscription -Aliases: +Aliases: Required: True Position: Named @@ -108,7 +108,7 @@ The location of the deleted vault. ```yaml Type: String Parameter Sets: ByDeletedVault -Aliases: +Aliases: Required: True Position: 2 @@ -123,10 +123,10 @@ Specifies the name of the resource group associated with the key vault or key va ```yaml Type: String Parameter Sets: GetVaultByName -Aliases: +Aliases: Required: False -Position: 1 +Position: 2 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False @@ -135,10 +135,10 @@ Accept wildcard characters: False ```yaml Type: String Parameter Sets: ListVaultsByResourceGroup -Aliases: +Aliases: Required: True -Position: 1 +Position: 2 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False @@ -152,7 +152,7 @@ Key-value pairs in the form of a hash table. For example: ```yaml Type: Hashtable Parameter Sets: ListAllVaultsInSubscription -Aliases: +Aliases: Required: False Position: Named @@ -170,7 +170,7 @@ Parameter Sets: GetVaultByName, ByDeletedVault Aliases: Name Required: True -Position: 0 +Position: 1 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Import-AzureKeyVaultCertificate.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Import-AzureKeyVaultCertificate.md index 173476a91963..b163020a1033 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Import-AzureKeyVaultCertificate.md +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Import-AzureKeyVaultCertificate.md @@ -154,7 +154,7 @@ Parameter Sets: (All) Aliases: CertificateName Required: True -Position: 1 +Position: 2 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False @@ -202,7 +202,7 @@ Parameter Sets: (All) Aliases: Required: True -Position: 0 +Position: 1 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/New-AzureKeyVaultCertificateAdministratorDetails.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/New-AzureKeyVaultCertificateAdministratorDetails.md index 6d790f9a5df4..58096dc14092 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/New-AzureKeyVaultCertificateAdministratorDetails.md +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/New-AzureKeyVaultCertificateAdministratorDetails.md @@ -31,21 +31,6 @@ This command creates an in-memory certificate administrator details object, and ## PARAMETERS -### -Confirm -Prompts you for confirmation before running the cmdlet. - -```yaml -Type: SwitchParameter -Parameter Sets: (All) -Aliases: cf - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - ### -EmailAddress Specifies the email address for the certificate administrator. @@ -106,6 +91,21 @@ Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` +### -Confirm +Prompts you for confirmation before running the cmdlet. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: cf + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + ### -WhatIf Shows what would happen if the cmdlet runs. The cmdlet is not run. diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/New-AzureKeyVaultCertificateOrganizationDetails.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/New-AzureKeyVaultCertificateOrganizationDetails.md index 2b27900a349c..646616e472bd 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/New-AzureKeyVaultCertificateOrganizationDetails.md +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/New-AzureKeyVaultCertificateOrganizationDetails.md @@ -50,33 +50,33 @@ Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` -### -Confirm -Prompts you for confirmation before running the cmdlet. +### -Id +Specifies the identifier for the organization. ```yaml -Type: SwitchParameter +Type: String Parameter Sets: (All) -Aliases: cf +Aliases: Required: False Position: Named Default value: None -Accept pipeline input: False +Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` -### -Id -Specifies the identifier for the organization. +### -Confirm +Prompts you for confirmation before running the cmdlet. ```yaml -Type: String +Type: SwitchParameter Parameter Sets: (All) -Aliases: +Aliases: cf Required: False Position: Named Default value: None -Accept pipeline input: True (ByPropertyName) +Accept pipeline input: False Accept wildcard characters: False ``` diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/New-AzureKeyVaultCertificatePolicy.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/New-AzureKeyVaultCertificatePolicy.md index da0978019571..920aa7394646 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/New-AzureKeyVaultCertificatePolicy.md +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/New-AzureKeyVaultCertificatePolicy.md @@ -51,21 +51,6 @@ Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` -### -Confirm -Prompts you for confirmation before running the cmdlet. - -```yaml -Type: SwitchParameter -Parameter Sets: (All) -Aliases: cf - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - ### -Disabled Indicates that the certificate policy is disabled. @@ -301,6 +286,21 @@ Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` +### -Confirm +Prompts you for confirmation before running the cmdlet. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: cf + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + ### -WhatIf Shows what would happen if the cmdlet runs. The cmdlet is not run. diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/New-AzureRmKeyVault.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/New-AzureRmKeyVault.md index 640076b50858..3c60b60003dd 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/New-AzureRmKeyVault.md +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/New-AzureRmKeyVault.md @@ -49,28 +49,14 @@ Premium for the *SKU* parameter to create a Premium key vault. ## PARAMETERS -### -Confirm -Prompts you for confirmation before running the cmdlet. - -```yaml -Type: SwitchParameter -Parameter Sets: (All) -Aliases: cf - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -EnableSoftDelete -If specified, 'soft delete' functionality is enabled for this key vault. +### -EnabledForDeployment +Enables the Microsoft.Compute resource provider to retrieve secrets from this key vault when this +key vault is referenced in resource creation, for example when creating a virtual machine. ```yaml Type: SwitchParameter Parameter Sets: (All) -Aliases: +Aliases: Required: False Position: Named @@ -79,14 +65,13 @@ Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` -### -EnabledForDeployment -Enables the Microsoft.Compute resource provider to retrieve secrets from this key vault when this -key vault is referenced in resource creation, for example when creating a virtual machine. +### -EnabledForDiskEncryption +Enables the Azure disk encryption service to get secrets and unwrap keys from this key vault. ```yaml Type: SwitchParameter Parameter Sets: (All) -Aliases: +Aliases: Required: False Position: Named @@ -95,13 +80,13 @@ Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` -### -EnabledForDiskEncryption -Enables the Azure disk encryption service to get secrets and unwrap keys from this key vault. +### -EnabledForTemplateDeployment +Enables Azure Resource Manager to get secrets from this key vault when this key vault is referenced in a template deployment. ```yaml Type: SwitchParameter Parameter Sets: (All) -Aliases: +Aliases: Required: False Position: Named @@ -110,13 +95,13 @@ Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` -### -EnabledForTemplateDeployment -Enables Azure Resource Manager to get secrets from this key vault when this key vault is referenced in a template deployment. +### -EnableSoftDelete +If specified, 'soft delete' functionality is enabled for this key vault. ```yaml Type: SwitchParameter Parameter Sets: (All) -Aliases: +Aliases: Required: False Position: Named @@ -133,10 +118,10 @@ information, type `Get-Help Get-AzureLocation`. ```yaml Type: String Parameter Sets: (All) -Aliases: +Aliases: Required: True -Position: 2 +Position: 3 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False @@ -148,10 +133,10 @@ Specifies the name of an existing resource group in which to create the key vaul ```yaml Type: String Parameter Sets: (All) -Aliases: +Aliases: Required: True -Position: 1 +Position: 2 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False @@ -164,7 +149,7 @@ each SKU, see the Azure Key Vault Pricing website (http://go.microsoft.com/fwlin ```yaml Type: SkuName Parameter Sets: (All) -Aliases: +Aliases: Accepted values: Standard, Premium Required: False @@ -199,15 +184,30 @@ unique. ```yaml Type: String Parameter Sets: (All) -Aliases: +Aliases: Required: True -Position: 0 +Position: 1 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` +### -Confirm +Prompts you for confirmation before running the cmdlet. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: cf + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + ### -WhatIf Shows what would happen if the cmdlet runs. The cmdlet is not run. diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultCertificate.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultCertificate.md index d697cc0e80ac..efcc60569a41 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultCertificate.md +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultCertificate.md @@ -13,8 +13,8 @@ Removes a certificate from a key vault. ## SYNTAX ``` -Remove-AzureKeyVaultCertificate [-VaultName] [-Name] [-Force] [-PassThru] [-WhatIf] - [-Confirm] [] +Remove-AzureKeyVaultCertificate [-VaultName] [-Name] [-Force] [-InRemovedState] [-PassThru] + [-WhatIf] [-Confirm] [] ``` ## DESCRIPTION @@ -38,27 +38,33 @@ This command removes the certificate named SelfSigned01 from the key vault named This command specifies the *Force* parameter. Therefore, the cmdlet does not prompt you for confirmation. +### Example 3: Purge the deleted certificate from the key vault permanently +``` +PS C:\>Remove-AzureKeyVaultCertificate -VaultName 'Contoso' -Name 'MyCert' -InRemovedState +``` + +This command permanently removes the certificate named 'MyCert' from the key vault named 'Contoso'. +Executing this cmdlet requires the 'purge' permission, which must have been previously and explicitly granted to the user on this key vault. + ## PARAMETERS -### -Confirm -Prompts you for confirmation before running the cmdlet. +### -Force +Forces the command to run without asking for user confirmation. ```yaml Type: SwitchParameter Parameter Sets: (All) -Aliases: cf +Aliases: Required: False Position: Named -Default value: False +Default value: None Accept pipeline input: False Accept wildcard characters: False ``` -### -Force -Forces the command to run without asking for user confirmation. - -```yaml +### -InRemovedState +If present, removes the previously deleted certificate permanently.```yaml Type: SwitchParameter Parameter Sets: (All) Aliases: @@ -80,7 +86,7 @@ Parameter Sets: (All) Aliases: Required: True -Position: 1 +Position: 2 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False @@ -112,12 +118,27 @@ Parameter Sets: (All) Aliases: Required: True -Position: 0 +Position: 1 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` +### -Confirm +Prompts you for confirmation before running the cmdlet. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: cf + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + ### -WhatIf Shows what would happen if the cmdlet runs. The cmdlet is not run.Shows what would happen if the cmdlet runs. @@ -154,3 +175,4 @@ This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable [Import-AzureKeyVaultCertificate](./Import-AzureKeyVaultCertificate.md) +[Undo-AzureKeyVaultCertificateRemoval](./Undo-AzureKeyVaultCertificateRemoval.md) \ No newline at end of file diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultCertificateContact.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultCertificateContact.md index 59ac7d99ba77..c998d1651e92 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultCertificateContact.md +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultCertificateContact.md @@ -31,21 +31,6 @@ This command removes Patti Fuller as a certificate contact for the Contoso01 key ## PARAMETERS -### -Confirm -Prompts you for confirmation before running the cmdlet. - -```yaml -Type: SwitchParameter -Parameter Sets: (All) -Aliases: cf - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - ### -EmailAddress Specifies the email address of the contact to remove. @@ -55,7 +40,7 @@ Parameter Sets: (All) Aliases: Required: True -Position: 1 +Position: 2 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False @@ -86,12 +71,27 @@ Parameter Sets: (All) Aliases: Required: True -Position: 0 +Position: 1 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` +### -Confirm +Prompts you for confirmation before running the cmdlet. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: cf + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + ### -WhatIf Shows what would happen if the cmdlet runs. The cmdlet is not run. diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultCertificateIssuer.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultCertificateIssuer.md index 966920dfcdac..9781d8ae91f0 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultCertificateIssuer.md +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultCertificateIssuer.md @@ -31,21 +31,6 @@ This command removes the certificate issuer named TestIssuer01 from the ContosoK ## PARAMETERS -### -Confirm -Prompts you for confirmation before running the cmdlet. - -```yaml -Type: SwitchParameter -Parameter Sets: (All) -Aliases: cf - -Required: False -Position: Named -Default value: False -Accept pipeline input: False -Accept wildcard characters: False -``` - ### -Force Forces the command to run without asking for user confirmation. @@ -70,7 +55,7 @@ Parameter Sets: (All) Aliases: IssuerName Required: True -Position: 1 +Position: 2 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False @@ -101,12 +86,27 @@ Parameter Sets: (All) Aliases: Required: True -Position: 0 +Position: 1 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` +### -Confirm +Prompts you for confirmation before running the cmdlet. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: cf + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + ### -WhatIf Shows what would happen if the cmdlet runs. The cmdlet is not run.Shows what would happen if the cmdlet runs. diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultCertificateOperation.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultCertificateOperation.md index 7c4174e18217..ab9f44a44549 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultCertificateOperation.md +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultCertificateOperation.md @@ -31,21 +31,6 @@ This command removes the certificate operation named TestCert01 from the Contoso ## PARAMETERS -### -Confirm -Prompts you for confirmation before running the cmdlet. - -```yaml -Type: SwitchParameter -Parameter Sets: (All) -Aliases: cf - -Required: False -Position: Named -Default value: False -Accept pipeline input: False -Accept wildcard characters: False -``` - ### -Force Forces the command to run without asking for user confirmation. @@ -70,7 +55,7 @@ Parameter Sets: (All) Aliases: CertificateName Required: True -Position: 1 +Position: 2 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False @@ -101,12 +86,27 @@ Parameter Sets: (All) Aliases: Required: True -Position: 0 +Position: 1 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` +### -Confirm +Prompts you for confirmation before running the cmdlet. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: cf + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + ### -WhatIf Shows what would happen if the cmdlet runs. The cmdlet is not run.Shows what would happen if the cmdlet runs. diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultKey.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultKey.md index 68ec15835434..bfdc09b1c7d4 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultKey.md +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultKey.md @@ -45,7 +45,7 @@ PS C:\>Remove-AzureKeyVaultKey -VaultName 'Contoso' -Name 'ITSoftware' -InRemove ``` This command removes the key named ITSoftware from the key vault named Contoso permanently. -This flag requires the user to have special 'purge' persmissions on the key vault. +Executing this cmdlet requires the 'purge' permission, which must have been previously and explicitly granted to the user for this key vault. ### Example 4: Remove keys by using the pipeline operator ``` @@ -58,21 +58,6 @@ That cmdlet removes those keys. ## PARAMETERS -### -Confirm -Prompts you for confirmation before running the cmdlet. - -```yaml -Type: SwitchParameter -Parameter Sets: (All) -Aliases: cf - -Required: False -Position: Named -Default value: False -Accept pipeline input: False -Accept wildcard characters: False -``` - ### -Force Forces the command to run without asking for user confirmation. @@ -113,7 +98,7 @@ Parameter Sets: (All) Aliases: KeyName Required: True -Position: 1 +Position: 2 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False @@ -145,12 +130,27 @@ Parameter Sets: (All) Aliases: Required: True -Position: 0 +Position: 1 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` +### -Confirm +Prompts you for confirmation before running the cmdlet. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: cf + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + ### -WhatIf Shows what would happen if the cmdlet runs. The cmdlet is not run.Shows what would happen if the cmdlet runs. diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultManagedStorageAccount.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultManagedStorageAccount.md index 0af48802ace2..b6a9cbae2094 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultManagedStorageAccount.md +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultManagedStorageAccount.md @@ -52,21 +52,6 @@ Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` -### -Confirm -Prompts you for confirmation before running the cmdlet. - -```yaml -Type: SwitchParameter -Parameter Sets: (All) -Aliases: cf - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - ### -Force Do not ask for confirmation. @@ -114,6 +99,21 @@ Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` +### -Confirm +Prompts you for confirmation before running the cmdlet. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: cf + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + ### -WhatIf Shows what would happen if the cmdlet runs. The cmdlet is not run. diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultManagedStorageSasDefinition.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultManagedStorageSasDefinition.md index 2455b6927c33..5927db1d7005 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultManagedStorageSasDefinition.md +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultManagedStorageSasDefinition.md @@ -53,21 +53,6 @@ Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` -### -Confirm -Prompts you for confirmation before running the cmdlet. - -```yaml -Type: SwitchParameter -Parameter Sets: (All) -Aliases: cf - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - ### -Force Do not ask for confirmation. @@ -131,6 +116,21 @@ Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` +### -Confirm +Prompts you for confirmation before running the cmdlet. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: cf + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + ### -WhatIf Shows what would happen if the cmdlet runs. The cmdlet is not run. diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultSecret.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultSecret.md index 3df782d9322e..a2039f6dd6b3 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultSecret.md +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureKeyVaultSecret.md @@ -43,26 +43,11 @@ The command specifies the *Force* and *Confirm* parameters, and, therefore, the PS C:\>Remove-AzureKeyVaultSecret -VaultName 'Contoso' -Name 'FinanceSecret' -InRemovedState ``` -This command removes the secret named FinanceSecret from the key vault named Contoso permanently. -This flag requires the user to have special 'purge' persmissions on the key vault. +This command premoves the secret named FinanceSecret from the key vault named Contoso permanently. +Executing this cmdlet requires the 'purge' permission, which must have been previously and explicitly granted to the user for this key vault. ## PARAMETERS -### -Confirm -Prompts you for confirmation before running the cmdlet. - -```yaml -Type: SwitchParameter -Parameter Sets: (All) -Aliases: cf - -Required: False -Position: Named -Default value: False -Accept pipeline input: False -Accept wildcard characters: False -``` - ### -Force Forces the command to run without asking for user confirmation. @@ -103,7 +88,7 @@ Parameter Sets: (All) Aliases: SecretName Required: True -Position: 1 +Position: 2 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False @@ -135,12 +120,27 @@ Parameter Sets: (All) Aliases: Required: True -Position: 0 +Position: 1 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` +### -Confirm +Prompts you for confirmation before running the cmdlet. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: cf + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + ### -WhatIf Shows what would happen if the cmdlet runs. The cmdlet is not run.Shows what would happen if the cmdlet runs. diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureRmKeyVault.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureRmKeyVault.md index d8c1112d38d8..724c50e3835a 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureRmKeyVault.md +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureRmKeyVault.md @@ -49,21 +49,6 @@ If you do not specify the resource group name, the cmdlet searches for the named ## PARAMETERS -### -Confirm -Prompts you for confirmation before running the cmdlet. - -```yaml -Type: SwitchParameter -Parameter Sets: (All) -Aliases: cf - -Required: False -Position: Named -Default value: False -Accept pipeline input: False -Accept wildcard characters: False -``` - ### -Force Indicates that the cmdlet does not prompt you for confirmation. By default, this cmdlet prompts you to confirm that you want to delete the key vault. @@ -131,7 +116,7 @@ Parameter Sets: ByAvailableVault Aliases: Required: False -Position: 1 +Position: 2 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False @@ -146,12 +131,27 @@ Parameter Sets: (All) Aliases: Required: True -Position: 0 +Position: 1 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` +### -Confirm +Prompts you for confirmation before running the cmdlet. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: cf + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + ### -WhatIf Shows what would happen if the cmdlet runs. The cmdlet is not run.Shows what would happen if the cmdlet runs. diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureRmKeyVaultAccessPolicy.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureRmKeyVaultAccessPolicy.md index 807c967db335..b2bcee43beb5 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureRmKeyVaultAccessPolicy.md +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureRmKeyVaultAccessPolicy.md @@ -24,18 +24,18 @@ Remove-AzureRmKeyVaultAccessPolicy [-VaultName] [[-ResourceGroupName] < -UserPrincipalName [-PassThru] [-WhatIf] [-Confirm] [] ``` -### ByUserEmailAddress -``` -Remove-AzureRmKeyVaultAccessPolicy [-VaultName] [[-ResourceGroupName] ] - -EmailAddress [-PassThru] [-WhatIf] [-Confirm] [] -``` - ### ByObjectId ``` Remove-AzureRmKeyVaultAccessPolicy [-VaultName] [[-ResourceGroupName] ] -ObjectId [-ApplicationId ] [-PassThru] [-WhatIf] [-Confirm] [] ``` +### ByEmail +``` +Remove-AzureRmKeyVaultAccessPolicy [-VaultName] [[-ResourceGroupName] ] -EmailAddress + [-PassThru] [-WhatIf] [-Confirm] [] +``` + ### ForVault ``` Remove-AzureRmKeyVaultAccessPolicy [-VaultName] [[-ResourceGroupName] ] @@ -98,18 +98,18 @@ Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` -### -Confirm -Prompts you for confirmation before running the cmdlet. +### -EmailAddress +Specifies the user email address of the user whose access you want to remove. ```yaml -Type: SwitchParameter -Parameter Sets: (All) -Aliases: cf +Type: String +Parameter Sets: ByEmail +Aliases: -Required: False +Required: True Position: Named Default value: None -Accept pipeline input: False +Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` @@ -199,7 +199,7 @@ Parameter Sets: (All) Aliases: Required: False -Position: 1 +Position: 2 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False @@ -236,33 +236,34 @@ Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` -### -EmailAddress -Specifies the user email address of the user whose access you want to remove. +### -VaultName +Specifies the name of the key vault. +This cmdlet removes permissions for the key vault that this parameter specifies. ```yaml Type: String -Parameter Sets: ByUserEmailAddress +Parameter Sets: (All) +Aliases: Required: True -Position: Named +Position: 0 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` -### -VaultName -Specifies the name of the key vault. -This cmdlet removes permissions for the key vault that this parameter specifies. +### -Confirm +Prompts you for confirmation before running the cmdlet. ```yaml -Type: String +Type: SwitchParameter Parameter Sets: (All) -Aliases: +Aliases: cf -Required: True -Position: 0 +Required: False +Position: Named Default value: None -Accept pipeline input: True (ByPropertyName) +Accept pipeline input: False Accept wildcard characters: False ``` diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Restore-AzureKeyVaultKey.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Restore-AzureKeyVaultKey.md index 7942e75d639a..e00def2ee643 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Restore-AzureKeyVaultKey.md +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Restore-AzureKeyVaultKey.md @@ -37,23 +37,23 @@ This command restores a key, including all of its versions, from the backup file ## PARAMETERS -### -Confirm -Prompts you for confirmation before running the cmdlet. +### -InputFile +Specifies the input file that contains the backup of the key to restore. ```yaml -Type: SwitchParameter +Type: String Parameter Sets: (All) -Aliases: cf +Aliases: -Required: False -Position: Named +Required: True +Position: 2 Default value: None Accept pipeline input: False Accept wildcard characters: False ``` -### -InputFile -Specifies the input file that contains the backup of the key to restore. +### -VaultName +Specifies the name of the key vault into which to restore the key. ```yaml Type: String @@ -63,22 +63,22 @@ Aliases: Required: True Position: 1 Default value: None -Accept pipeline input: False +Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` -### -VaultName -Specifies the name of the key vault into which to restore the key. +### -Confirm +Prompts you for confirmation before running the cmdlet. ```yaml -Type: String +Type: SwitchParameter Parameter Sets: (All) -Aliases: +Aliases: cf -Required: True -Position: 0 +Required: False +Position: Named Default value: None -Accept pipeline input: True (ByPropertyName) +Accept pipeline input: False Accept wildcard characters: False ``` diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Restore-AzureKeyVaultSecret.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Restore-AzureKeyVaultSecret.md index fa140cce8d97..7e7c54f08544 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Restore-AzureKeyVaultSecret.md +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Restore-AzureKeyVaultSecret.md @@ -38,21 +38,6 @@ This command restores a secret, including all of its versions, from the backup f ## PARAMETERS -### -Confirm -Prompts you for confirmation before running the cmdlet. - -```yaml -Type: SwitchParameter -Parameter Sets: (All) -Aliases: cf - -Required: False -Position: Named -Default value: False -Accept pipeline input: False -Accept wildcard characters: False -``` - ### -InputFile Specifies the input file that contains the backup of the secret to restore. @@ -83,6 +68,21 @@ Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` +### -Confirm +Prompts you for confirmation before running the cmdlet. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: cf + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + ### -WhatIf Shows what would happen if the cmdlet runs. The cmdlet is not run. diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Set-AzureKeyVaultCertificateAttribute.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Set-AzureKeyVaultCertificateAttribute.md index 59251de03b68..500d1a1d2b39 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Set-AzureKeyVaultCertificateAttribute.md +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Set-AzureKeyVaultCertificateAttribute.md @@ -64,21 +64,6 @@ The final command displays the TestCert01 certificate by using the Get-AzureKeyV ## PARAMETERS -### -Confirm -Prompts you for confirmation before running the cmdlet. - -```yaml -Type: SwitchParameter -Parameter Sets: (All) -Aliases: cf - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - ### -Enable Indicates whether to enable or disable a certificate. Specify $True to enable or $False to disable. @@ -86,7 +71,7 @@ Specify $True to enable or $False to disable. ```yaml Type: Boolean Parameter Sets: (All) -Aliases: +Aliases: Required: False Position: Named @@ -106,7 +91,7 @@ Parameter Sets: (All) Aliases: CertificateName Required: True -Position: 1 +Position: 2 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False @@ -119,7 +104,7 @@ By default, this cmdlet does not generate any output. ```yaml Type: SwitchParameter Parameter Sets: (All) -Aliases: +Aliases: Required: False Position: Named @@ -136,7 +121,7 @@ Key-value pairs in the form of a hash table. For example: ```yaml Type: Hashtable Parameter Sets: (All) -Aliases: +Aliases: Required: False Position: Named @@ -152,10 +137,10 @@ This cmdlet constructs the FQDN of a key vault based on the name and currently s ```yaml Type: String Parameter Sets: (All) -Aliases: +Aliases: Required: True -Position: 0 +Position: 1 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False @@ -171,12 +156,27 @@ Parameter Sets: (All) Aliases: CertificateVersion Required: False -Position: 2 +Position: 3 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` +### -Confirm +Prompts you for confirmation before running the cmdlet. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: cf + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + ### -WhatIf Shows what would happen if the cmdlet runs. The cmdlet is not run. diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Set-AzureKeyVaultCertificateIssuer.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Set-AzureKeyVaultCertificateIssuer.md index 200782ac1404..e83aee9670dd 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Set-AzureKeyVaultCertificateIssuer.md +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Set-AzureKeyVaultCertificateIssuer.md @@ -69,21 +69,6 @@ Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` -### -Confirm -Prompts you for confirmation before running the cmdlet. - -```yaml -Type: SwitchParameter -Parameter Sets: (All) -Aliases: cf - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - ### -Issuer Specifies the certificate issuer to update. @@ -123,7 +108,7 @@ Parameter Sets: (All) Aliases: IssuerName Required: True -Position: 1 +Position: 2 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False @@ -169,12 +154,27 @@ Parameter Sets: (All) Aliases: Required: True -Position: 0 +Position: 1 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` +### -Confirm +Prompts you for confirmation before running the cmdlet. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: cf + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + ### -WhatIf Shows what would happen if the cmdlet runs. The cmdlet is not run. diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Set-AzureKeyVaultCertificatePolicy.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Set-AzureKeyVaultCertificatePolicy.md index ece046b3ac3f..70977fa03c82 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Set-AzureKeyVaultCertificatePolicy.md +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Set-AzureKeyVaultCertificatePolicy.md @@ -54,7 +54,7 @@ Parameter Sets: ByValue Aliases: Required: False -Position: 2 +Position: 3 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False @@ -75,21 +75,6 @@ Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` -### -Confirm -Prompts you for confirmation before running the cmdlet. - -```yaml -Type: SwitchParameter -Parameter Sets: (All) -Aliases: cf - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - ### -Disabled Indicates that the certificate policy is disabled. @@ -239,7 +224,7 @@ Parameter Sets: (All) Aliases: CertificateName Required: True -Position: 1 +Position: 2 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False @@ -365,12 +350,27 @@ Parameter Sets: (All) Aliases: Required: True -Position: 0 +Position: 1 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` +### -Confirm +Prompts you for confirmation before running the cmdlet. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: cf + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + ### -WhatIf Shows what would happen if the cmdlet runs. The cmdlet is not run. diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Set-AzureKeyVaultKeyAttribute.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Set-AzureKeyVaultKeyAttribute.md index cd250b957fdc..ca4afffcf3a4 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Set-AzureKeyVaultKeyAttribute.md +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Set-AzureKeyVaultKeyAttribute.md @@ -135,7 +135,7 @@ Parameter Sets: (All) Aliases: KeyName Required: True -Position: 1 +Position: 2 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False @@ -201,7 +201,7 @@ Parameter Sets: (All) Aliases: Required: True -Position: 0 +Position: 1 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False @@ -217,7 +217,7 @@ Parameter Sets: (All) Aliases: KeyVersion Required: False -Position: 2 +Position: 3 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Set-AzureKeyVaultSecret.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Set-AzureKeyVaultSecret.md index cc162f2a485c..3ea9bccd8bee 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Set-AzureKeyVaultSecret.md +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Set-AzureKeyVaultSecret.md @@ -134,7 +134,7 @@ Parameter Sets: (All) Aliases: SecretName Required: True -Position: 1 +Position: 2 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False @@ -167,7 +167,7 @@ Parameter Sets: (All) Aliases: Required: True -Position: 2 +Position: 3 Default value: None Accept pipeline input: False Accept wildcard characters: False @@ -200,7 +200,7 @@ Parameter Sets: (All) Aliases: Required: True -Position: 0 +Position: 1 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Set-AzureKeyVaultSecretAttribute.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Set-AzureKeyVaultSecretAttribute.md index 9ef0581d8783..07679917ce8e 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Set-AzureKeyVaultSecretAttribute.md +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Set-AzureKeyVaultSecretAttribute.md @@ -151,7 +151,7 @@ Parameter Sets: (All) Aliases: SecretName Required: True -Position: 1 +Position: 2 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False @@ -216,7 +216,7 @@ Parameter Sets: (All) Aliases: Required: True -Position: 0 +Position: 1 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False @@ -232,7 +232,7 @@ Parameter Sets: (All) Aliases: SecretVersion Required: False -Position: 2 +Position: 3 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Set-AzureRmKeyVaultAccessPolicy.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Set-AzureRmKeyVaultAccessPolicy.md index b4e68b07a3c8..abe66d6fab03 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Set-AzureRmKeyVaultAccessPolicy.md +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Set-AzureRmKeyVaultAccessPolicy.md @@ -28,14 +28,6 @@ Set-AzureRmKeyVaultAccessPolicy [-VaultName] [[-ResourceGroupName] ] ``` -### ByUserEmailAddress -``` -Set-AzureRmKeyVaultAccessPolicy [-VaultName] [[-ResourceGroupName] ] - -EmailAddress [-PermissionsToKeys ] [-PermissionsToSecrets ] - [-PermissionsToCertificates ] [-PermissionsToStorage ] [-PassThru] [-WhatIf] [-Confirm] - [] -``` - ### ByObjectId ``` Set-AzureRmKeyVaultAccessPolicy [-VaultName] [[-ResourceGroupName] ] -ObjectId @@ -44,6 +36,13 @@ Set-AzureRmKeyVaultAccessPolicy [-VaultName] [[-ResourceGroupName] ] ``` +### ByEmailAddress +``` +Set-AzureRmKeyVaultAccessPolicy [-VaultName] [[-ResourceGroupName] ] -EmailAddress + [-PermissionsToKeys ] [-PermissionsToSecrets ] [-PermissionsToCertificates ] + [-PermissionsToStorage ] [-PassThru] [-WhatIf] [-Confirm] [] +``` + ### ForVault ``` Set-AzureRmKeyVaultAccessPolicy [-VaultName] [[-ResourceGroupName] ] [-EnabledForDeployment] @@ -185,18 +184,19 @@ Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` -### -Confirm -Prompts you for confirmation before running the cmdlet. +### -EmailAddress +Specifies the user email address of the user to whom to grant permissions. +This email address must exist in the directory associated with the current subscription and be unique. ```yaml -Type: SwitchParameter -Parameter Sets: (All) -Aliases: cf +Type: String +Parameter Sets: ByEmailAddress +Aliases: -Required: False +Required: True Position: Named Default value: None -Accept pipeline input: False +Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` @@ -295,7 +295,7 @@ The acceptable values for this parameter are: ```yaml Type: String[] -Parameter Sets: ByServicePrincipalName, ByUserPrincipalName, ByObjectId +Parameter Sets: ByServicePrincipalName, ByUserPrincipalName, ByObjectId, ByEmailAddress Aliases: Accepted values: get, list, delete, create, import, update, managecontacts, getissuers, listissuers, setissuers, deleteissuers, manageissuers, all @@ -329,7 +329,7 @@ The acceptable values for this parameter are: ```yaml Type: String[] -Parameter Sets: ByServicePrincipalName, ByUserPrincipalName, ByObjectId +Parameter Sets: ByServicePrincipalName, ByUserPrincipalName, ByObjectId, ByEmailAddress Aliases: Accepted values: decrypt, encrypt, unwrapKey, wrapKey, verify, sign, get, list, update, create, import, delete, backup, restore, recover, purge, all @@ -355,7 +355,7 @@ The acceptable values for this parameter are: ```yaml Type: String[] -Parameter Sets: ByServicePrincipalName, ByUserPrincipalName, ByObjectId +Parameter Sets: ByServicePrincipalName, ByUserPrincipalName, ByObjectId, ByEmailAddress Aliases: Accepted values: get, list, set, delete, backup, restore, recover, purge, all @@ -371,7 +371,7 @@ Specifies managed storage account and sas definition operation permissions to gr ```yaml Type: String[] -Parameter Sets: ByServicePrincipalName, ByUserPrincipalName, ByObjectId +Parameter Sets: ByServicePrincipalName, ByUserPrincipalName, ByObjectId, ByEmailAddress Aliases: Accepted values: get, list, delete, set, update, regeneratekey, getsas, listsas, deletesas, setsas, all @@ -391,7 +391,7 @@ Parameter Sets: (All) Aliases: Required: False -Position: 1 +Position: 2 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False @@ -430,34 +430,34 @@ Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` -### -EmailAddress -Specifies the user email address of the user to whom to grant permissions. -This email address must exist in the directory associated with the current subscription and be unique. +### -VaultName +Specifies the name of a key vault. +This cmdlet modifies the access policy for the key vault that this parameter specifies. ```yaml Type: String -Parameter Sets: ByUserEmailAddress +Parameter Sets: (All) +Aliases: Required: True -Position: Named +Position: 0 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` -### -VaultName -Specifies the name of a key vault. -This cmdlet modifies the access policy for the key vault that this parameter specifies. +### -Confirm +Prompts you for confirmation before running the cmdlet. ```yaml -Type: String +Type: SwitchParameter Parameter Sets: (All) -Aliases: +Aliases: cf -Required: True -Position: 0 +Required: False +Position: Named Default value: None -Accept pipeline input: True (ByPropertyName) +Accept pipeline input: False Accept wildcard characters: False ``` diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Stop-AzureKeyVaultCertificateOperation.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Stop-AzureKeyVaultCertificateOperation.md index 229bbbd22250..73b30218de42 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Stop-AzureKeyVaultCertificateOperation.md +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Stop-AzureKeyVaultCertificateOperation.md @@ -41,21 +41,6 @@ This command cancels the TestCert02 certificate operation. ## PARAMETERS -### -Confirm -Prompts you for confirmation before running the cmdlet. - -```yaml -Type: SwitchParameter -Parameter Sets: (All) -Aliases: cf - -Required: False -Position: Named -Default value: False -Accept pipeline input: False -Accept wildcard characters: False -``` - ### -Force Forces the command to run without asking for user confirmation. @@ -80,7 +65,7 @@ Parameter Sets: (All) Aliases: CertificateName Required: True -Position: 1 +Position: 2 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False @@ -95,12 +80,27 @@ Parameter Sets: (All) Aliases: Required: True -Position: 0 +Position: 1 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` +### -Confirm +Prompts you for confirmation before running the cmdlet. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: cf + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + ### -WhatIf Shows what would happen if the cmdlet runs. The cmdlet is not run.Shows what would happen if the cmdlet runs. diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Undo-AzureKeyVaultCertificateRemoval.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Undo-AzureKeyVaultCertificateRemoval.md new file mode 100644 index 000000000000..d68de1bc3ad0 --- /dev/null +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Undo-AzureKeyVaultCertificateRemoval.md @@ -0,0 +1,115 @@ +--- +external help file: Microsoft.Azure.Commands.KeyVault.dll-Help.xml +online version: https://msdn.microsoft.com/en-us/library/dn868052.aspx +schema: 2.0.0 +--- + +# Undo-AzureKeyVaultCertificateRemoval + +## SYNOPSIS +Recovers a deleted certificate in a key vault into an active state. + +## SYNTAX + +``` +Undo-AzureKeyVaultCertificateRemoval [-VaultName] [-Name] [-WhatIf] [-Confirm] + [] +``` + +## DESCRIPTION +The **Undo-AzureKeyVaultCertificateRemoval** cmdlet will recover a previously deleted certificate. +The recovered certificate will be active and can be used for all operations. +Caller needs to have 'recover' permission in order to perform this operation. + +## EXAMPLES + +### Example 1 +``` +PS C:\> Undo-AzureKeyVaultCertificateRemoval -VaultName 'MyKeyVault' -Name 'MyCertificate' +``` + +This command will recover the certificate 'MyCertificate' that was previously deleted, into an active and usable state. + +## PARAMETERS + +### -Name +Certificate name. +Cmdlet constructs the FQDN of a certificate from vault name, currently selected environment and certificate name. + +```yaml +Type: String +Parameter Sets: (All) +Aliases: CertificateName + +Required: True +Position: 1 +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -VaultName +Vault name. +Cmdlet constructs the FQDN of a vault based on the name and currently selected environment. + +```yaml +Type: String +Parameter Sets: (All) +Aliases: + +Required: True +Position: 0 +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -Confirm +Prompts you for confirmation before running the cmdlet. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: cf + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -WhatIf +Shows what would happen if the cmdlet runs. +The cmdlet is not run. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: wi + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters +This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters (http://go.microsoft.com/fwlink/?LinkID=113216). + +## INPUTS + +### System.String + +## OUTPUTS + +### Microsoft.Azure.Commands.KeyVault.Models.Certificate + +## NOTES + +## RELATED LINKS + +[Remove-AzureKeyVaultCertificate](./Remove-AzureKeyVaultCertificate.md) + +[Get-AzureKeyVaultCertificate](./Get-AzureKeyVaultCertificate.md) diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Undo-AzureKeyVaultKeyRemoval.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Undo-AzureKeyVaultKeyRemoval.md index dcf4911ee970..519aa6aa6264 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Undo-AzureKeyVaultKeyRemoval.md +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Undo-AzureKeyVaultKeyRemoval.md @@ -31,21 +31,6 @@ This command will recover the key 'MyKey' that was previously deleted, into an a ## PARAMETERS -### -Confirm -Prompts you for confirmation before running the cmdlet. - -```yaml -Type: SwitchParameter -Parameter Sets: (All) -Aliases: cf - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - ### -Name Key name. Cmdlet constructs the FQDN of a key from vault name, currently selected environment and key name. @@ -78,6 +63,21 @@ Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` +### -Confirm +Prompts you for confirmation before running the cmdlet. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: cf + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + ### -WhatIf Shows what would happen if the cmdlet runs. The cmdlet is not run. diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Undo-AzureKeyVaultSecretRemoval.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Undo-AzureKeyVaultSecretRemoval.md index 75f1a5adfd25..cbeae9a7ea2b 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Undo-AzureKeyVaultSecretRemoval.md +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Undo-AzureKeyVaultSecretRemoval.md @@ -32,21 +32,6 @@ This command will recover the secret 'MySecret' that was previously deleted, int ## PARAMETERS -### -Confirm -Prompts you for confirmation before running the cmdlet. - -```yaml -Type: SwitchParameter -Parameter Sets: (All) -Aliases: cf - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - ### -Name Secret name. Cmdlet constructs the FQDN of a secret from vault name, currently selected environment and secret name. @@ -79,6 +64,21 @@ Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` +### -Confirm +Prompts you for confirmation before running the cmdlet. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: cf + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + ### -WhatIf Shows what would happen if the cmdlet runs. The cmdlet is not run. diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Undo-AzureRmKeyVaultRemoval.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Undo-AzureRmKeyVaultRemoval.md index 555dc023c879..2806fe581726 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Undo-AzureRmKeyVaultRemoval.md +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Undo-AzureRmKeyVaultRemoval.md @@ -33,28 +33,13 @@ tags with new tag. ## PARAMETERS -### -Confirm -Prompts you for confirmation before running the cmdlet. - -```yaml -Type: SwitchParameter -Parameter Sets: (All) -Aliases: cf - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - ### -Location Specifies the deleted vault original Azure region. ```yaml Type: String Parameter Sets: (All) -Aliases: +Aliases: Required: True Position: 2 @@ -69,7 +54,7 @@ Specifies the name of an existing resource group in which to create the key vaul ```yaml Type: String Parameter Sets: (All) -Aliases: +Aliases: Required: True Position: 1 @@ -86,7 +71,7 @@ Key-value pairs in the form of a hash table. For example: ```yaml Type: Hashtable Parameter Sets: (All) -Aliases: +Aliases: Required: False Position: Named @@ -102,7 +87,7 @@ Cmdlet constructs the FQDN of a vault based on the name and currently selected e ```yaml Type: String Parameter Sets: (All) -Aliases: +Aliases: Required: True Position: 0 @@ -111,6 +96,21 @@ Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` +### -Confirm +Prompts you for confirmation before running the cmdlet. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: cf + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + ### -WhatIf Shows what would happen if the cmdlet runs. The cmdlet is not run. diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Update-AzureKeyVaultManagedStorageAccountKey.md b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Update-AzureKeyVaultManagedStorageAccountKey.md index ce559f92d78b..6adad3e2634e 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/help/Update-AzureKeyVaultManagedStorageAccountKey.md +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/help/Update-AzureKeyVaultManagedStorageAccountKey.md @@ -45,21 +45,6 @@ Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` -### -Confirm -Prompts you for confirmation before running the cmdlet. - -```yaml -Type: SwitchParameter -Parameter Sets: (All) -Aliases: cf - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - ### -Force Do not ask for confirmation. @@ -122,6 +107,21 @@ Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` +### -Confirm +Prompts you for confirmation before running the cmdlet. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: cf + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + ### -WhatIf Shows what would happen if the cmdlet runs. The cmdlet is not run. diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault/packages.config b/src/ResourceManager/KeyVault/Commands.KeyVault/packages.config index 0a130e0dde3d..d10da5b20109 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault/packages.config +++ b/src/ResourceManager/KeyVault/Commands.KeyVault/packages.config @@ -1,7 +1,7 @@  - - + + \ No newline at end of file From 8ac520a727e3edbea72d8e2a0e189b2d939f7814 Mon Sep 17 00:00:00 2001 From: Dragos Avadanei Date: Fri, 25 Aug 2017 15:29:39 -0700 Subject: [PATCH 08/10] reverting inadvertent change picked up from merge --- .../Scripts/VaultManagementTests.ps1 | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/VaultManagementTests.ps1 b/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/VaultManagementTests.ps1 index 26b3f0404e6f..7375e9af8c7c 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/VaultManagementTests.ps1 +++ b/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/VaultManagementTests.ps1 @@ -361,7 +361,6 @@ function Initialize-TemporaryState } $vaultProperties = @{ "enabledForDeployment" = $false - "enableSoftDelete"=$global:softDeleteEnabled "tenantId" = $tenantId "sku" = @{ "family" = "A" @@ -373,9 +372,9 @@ function Initialize-TemporaryState "objectId" = $objectId "applicationId" = "" "permissions" = @{ - "keys" = @("all", "purge") - "secrets" = @("all", "purge") - "certificates" = @("all", "purge") + "keys" = @("all") + "secrets" = @("all") + "certificates" = @("all") "storage" = @("all") } } From d26cb1b2542a5446a4ba85b41ad19e8addc9467a Mon Sep 17 00:00:00 2001 From: Dragos Avadanei Date: Mon, 28 Aug 2017 13:40:27 -0700 Subject: [PATCH 09/10] removing project references to Newtonsoft.Json v9 --- .../Commands.KeyVault.Test/Commands.KeyVault.Test.csproj | 2 +- .../KeyVault/Commands.KeyVault.Test/packages.config | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Commands.KeyVault.Test.csproj b/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Commands.KeyVault.Test.csproj index 8f8bd6a4e258..4669669c5d6f 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Commands.KeyVault.Test.csproj +++ b/src/ResourceManager/KeyVault/Commands.KeyVault.Test/Commands.KeyVault.Test.csproj @@ -139,7 +139,7 @@ ..\..\..\packages\Moq.4.2.1510.2205\lib\net40\Moq.dll - ..\..\..\packages\Newtonsoft.Json.9.0.1\lib\net45\Newtonsoft.Json.dll + ..\..\..\packages\Newtonsoft.Json.6.0.8\lib\net45\Newtonsoft.Json.dll True diff --git a/src/ResourceManager/KeyVault/Commands.KeyVault.Test/packages.config b/src/ResourceManager/KeyVault/Commands.KeyVault.Test/packages.config index c625cfa98851..366f82c8917c 100644 --- a/src/ResourceManager/KeyVault/Commands.KeyVault.Test/packages.config +++ b/src/ResourceManager/KeyVault/Commands.KeyVault.Test/packages.config @@ -22,7 +22,7 @@ - + From b71b9089288bd5745e73c80a736da64f0ebb0a8d Mon Sep 17 00:00:00 2001 From: Dragos Avadanei Date: Mon, 28 Aug 2017 14:44:54 -0700 Subject: [PATCH 10/10] [KeyVault] Suppressing exception for changing the return type of cmdlet Remove-AzureKeyVaultCertificate (a non-breaking change) --- tools/StaticAnalysis/Exceptions/BreakingChangeIssues.csv | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/tools/StaticAnalysis/Exceptions/BreakingChangeIssues.csv b/tools/StaticAnalysis/Exceptions/BreakingChangeIssues.csv index 300d647e32a6..e1a07ba700ef 100644 --- a/tools/StaticAnalysis/Exceptions/BreakingChangeIssues.csv +++ b/tools/StaticAnalysis/Exceptions/BreakingChangeIssues.csv @@ -346,4 +346,5 @@ "D:\workspace\powershell\src\Package\Debug\ResourceManager\AzureResourceManager\AzureRM.Sql\Microsoft.Azure.Commands.Sql.dll","Microsoft.Azure.Commands.Sql.Auditing.Cmdlet.UseAzureSqlServerAuditingPolicy","Use-AzureRmSqlServerAuditingPolicy","0","3010","The property 'AuditType' of type 'Microsoft.Azure.Commands.Sql.Auditing.Model.AuditingPolicyModel' has been removed.","Add the property 'AuditType' back to type 'Microsoft.Azure.Commands.Sql.Auditing.Model.AuditingPolicyModel'." "C:\azure\az-pwrshll\src\Package\Debug\ResourceManager\AzureResourceManager\AzureRM.Automation\Microsoft.Azure.Commands.ResourceManager.Automation.dll","Microsoft.Azure.Commands.Automation.Cmdlet.ImportAzureAutomationDscNodeConfiguration","Import-AzureRmAutomationDscNodeConfiguration","0","2100","The parameter 'Path' in cmdlet 'Import-AzureRmAutomationDscNodeConfiguration' is no longer in the parameter set '__AllParameterSets'.","Add parameter 'Path' back to the parameter set '__AllParameterSets'." "C:\azure\az-pwrshll\src\Package\Debug\ResourceManager\AzureResourceManager\AzureRM.Automation\Microsoft.Azure.Commands.ResourceManager.Automation.dll","Microsoft.Azure.Commands.Automation.Cmdlet.ImportAzureAutomationDscNodeConfiguration","Import-AzureRmAutomationDscNodeConfiguration","0","2100","The parameter 'ConfigurationName' in cmdlet 'Import-AzureRmAutomationDscNodeConfiguration' is no longer in the parameter set '__AllParameterSets'.","Add parameter 'ConfigurationName' back to the parameter set '__AllParameterSets'." -"C:\azure\az-pwrshll\src\Package\Debug\ResourceManager\AzureResourceManager\AzureRM.Automation\Microsoft.Azure.Commands.ResourceManager.Automation.dll","Microsoft.Azure.Commands.Automation.Cmdlet.ImportAzureAutomationDscNodeConfiguration","Import-AzureRmAutomationDscNodeConfiguration","0","2100","The parameter 'Force' in cmdlet 'Import-AzureRmAutomationDscNodeConfiguration' is no longer in the parameter set '__AllParameterSets'.","Add parameter 'Force' back to the parameter set '__AllParameterSets'." \ No newline at end of file +"C:\azure\az-pwrshll\src\Package\Debug\ResourceManager\AzureResourceManager\AzureRM.Automation\Microsoft.Azure.Commands.ResourceManager.Automation.dll","Microsoft.Azure.Commands.Automation.Cmdlet.ImportAzureAutomationDscNodeConfiguration","Import-AzureRmAutomationDscNodeConfiguration","0","2100","The parameter 'Force' in cmdlet 'Import-AzureRmAutomationDscNodeConfiguration' is no longer in the parameter set '__AllParameterSets'.","Add parameter 'Force' back to the parameter set '__AllParameterSets'." +"D:\workspace\powershell\src\Package\Debug\ResourceManager\AzureResourceManager\AzureRM.KeyVault\Microsoft.Azure.Commands.KeyVault.dll","Microsoft.Azure.Commands.KeyVault.RemoveAzureKeyVaultCertificate","Remove-AzureKeyVaultCertificate","0","1020","The cmdlet 'Remove-AzureKeyVaultCertificate' no longer has output type 'Microsoft.Azure.Commands.KeyVault.Models.KeyVaultCertificate'.","Make cmdlet 'Remove-AzureKeyVaultCertificate' return type 'Microsoft.Azure.Commands.KeyVault.Models.KeyVaultCertificate'." \ No newline at end of file