[KeyVault] KeyVault Round 3 Commands

[tjprescott]

This PR adds the following KeyVault commands and associated tests:

• key: import, backup, restore
• certificate: import (PEM and PFX support)
• certificate pending: show, merge, delete

[tjprescott]

key import

Command
    az keyvault key import

Arguments
    --name -n    [Required]: Name of the key.
    --vault-name [Required]: Name of the key vault.
    --disabled             : Create key in disabled state.
    --expires              : Expiration UTC datetime  (Y-m-d'T'H:M'Z').
    --not-before           : Key not usable before the provided UTC datetime  (Y-m-d'T'H:M'Z').
    --ops                  : Space separated list of permitted JSON web key operations. Possible
                             values: encrypt, decrypt, sign, verify, wrapKey, unwrapKey.
    --protection -p        : Specifies the type of key protection.  Allowed values: hsm, software.
    --tags                 : Space separated tags in 'key[=value]' format. Use "" to clear existing
                             tags.

key backup

Command
    az keyvault key backup: Requests that a backup of the specified key be downloaded to the client.

Arguments
    --file-path  [Required]
    --name -n    [Required]: Name of the key.
    --vault-name [Required]: Name of the key vault.

key restore

Command
    az keyvault key restore: Restores the backup key in to a vault.

Arguments
    --file-path  [Required]
    --vault-name [Required]: Name of the key vault.

certificate import

Command
    az keyvault certificate import: Imports a certificate into the specified vault.

Arguments
    --file -f    [Required]: PKCS12 file or PEM file containing the certificate and private key.
    --name -n    [Required]: Name of the certificate.
    --vault-name [Required]: Name of the key vault.
    --disabled             : Create certificate in disabled state.
    --expires              : Expiration UTC datetime  (Y-m-d'T'H:M'Z').
    --not-before           : Key not usable before the provided UTC datetime  (Y-m-d'T'H:M'Z').
    --password             : If the private key in base64EncodedCertificate is encrypted, the
                             password used for encryption.
    --policy -p            : JSON encoded policy defintion. Use @{file} to load from a file.
    --tags                 : Space separated tags in 'key[=value]' format. Use "" to clear existing
                             tags.

certificate pending merge

Command
    az keyvault certificate pending merge: Merges a certificate or a certificate chain with a key
    pair existing on the server.

Arguments
    --file -f    [Required]: File containing the certificate or certificate chain to merge.
    --name -n    [Required]: Name of the certificate.
    --vault-name [Required]: Name of the key vault.
    --disabled             : Create certificate in disabled state.
    --expires              : Expiration UTC datetime  (Y-m-d'T'H:M'Z').
    --not-before           : Key not usable before the provided UTC datetime  (Y-m-d'T'H:M'Z').
    --tags                 : Space separated tags in 'key[=value]' format. Use "" to clear existing
                             tags.

[tjprescott]

Group Help

keyvault key

Group
    az keyvault key: Manage keys.

Commands:
    backup        : Requests that a backup of the specified key be downloaded to the client.
    create        : Creates a new, named, key in the specified vault.
    delete        : Deletes the specified key.
    import
    list          : List keys in the specified vault.
    list-versions : List the versions of the specified key.
    restore       : Restores the backup key in to a vault.
    set-attributes: Updates the Key Attributes associated with the specified key.
    show          : Retrieves the public portion of a key plus its attributes.

keyvault certificate

Group
    az keyvault certificate: Manage certificates.

Subgroups:
    contact       : Manage contacts for certificate management.
    issuer        : Manage certificate issuer information.
    pending       : Manage pending certificate creation operations.

Commands:
    create        : Creates a new certificate version.
    delete        : Deletes a certificate from the specified vault.
    import        : Imports a certificate into the specified vault.
    list          : List certificates in the specified vault.
    list-versions : List the versions of a certificate.
    set-attributes: Updates the attributes associated with the specified certificate.
    show          : Gets a Certificate.

keyvault certificate pending

Group
    az keyvault certificate pending: Manage pending certificate creation operations.

Commands:
    delete: Deletes the certificate operation.
    merge : Merges a certificate or a certificate chain with a key pair existing on the server.
    show  : Gets the certificate operation response.

[tjprescott]

Already see a few params that need help text and some command help cleanup.

Also, I plan to do a complete sweep for completers and ids in Round 4 so please hold those 😁

[derekbekoe]

Added a few small comments

[derekbekoe]

Since this affects the 'core' module, what's the impact of this change / why?
Want to know if it will adversely affect other modules.

[tjprescott]

The first sentence is used as the short summary. If the first sentence has a newline, it would be preserved which resulted in some wonky output. This strips out the newlines the same way the long-summary does. So it will affect other modules, but in a positive way.

[derekbekoe]

hardward?

[tjprescott]

should be hardware

[derekbekoe]

Just checking this is intended?

[tjprescott]

Yes, this was intended. I was going to finish these commands in Round 3, but decided to defer them to Round 4 because the secret set command needs some additional convenience arguments added in tandem.