From 1493075aa6c1b8066728d54250fa21c0194e4e45 Mon Sep 17 00:00:00 2001
From: Fernando Colombo <msfcolombo@users.noreply.github.com>
Date: Thu, 20 Feb 2020 19:09:08 -0800
Subject: [PATCH] Added `enableRbacAuthorization` property to Key Vault
 management plane

---
 .../Microsoft.KeyVault/stable/2019-09-01/keyvault.json   | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2019-09-01/keyvault.json b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2019-09-01/keyvault.json
index 6d1b457281ab..3155ec665347 100644
--- a/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2019-09-01/keyvault.json
+++ b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2019-09-01/keyvault.json
@@ -1130,6 +1130,11 @@
           "format": "int32",
           "description": "softDelete data retention days. It accepts >=7 and <=90."
         },
+        "enableRbacAuthorization": {
+          "type": "boolean",
+          "default": false,
+          "description": "Property that controls how data actions are authorized. When true, the key vault will use Role Based Access Control (RBAC) for authorization of data actions, and the access policies specified in vault properties will be  ignored (warning: this is a preview feature). When false, the key vault will use the access policies specified in vault properties, and any policy stored on Azure Resource Manager will be ignored. If null or not specified, the vault is created with the default value of false. Note that management actions are always authorized with RBAC."
+        },
         "createMode": {
           "type": "string",
           "description": "The vault's create mode to indicate whether the vault need to be recovered or not.",
@@ -1205,6 +1210,10 @@
           "format": "int32",
           "description": "softDelete data retention days. It accepts >=7 and <=90."
         },
+        "enableRbacAuthorization": {
+          "type": "boolean",
+          "description": "Property that controls how data actions are authorized. When true, the key vault will use Role Based Access Control (RBAC) for authorization of data actions, and the access policies specified in vault properties will be  ignored (warning: this is a preview feature). When false, the key vault will use the access policies specified in vault properties, and any policy stored on Azure Resource Manager will be ignored. If null or not specified, the value of this property will not change."
+        },
         "createMode": {
           "type": "string",
           "description": "The vault's create mode to indicate whether the vault need to be recovered or not.",