From b594fd4145904c9bbd018f4a2ddea75c7134aee7 Mon Sep 17 00:00:00 2001 From: fssevero <125557279+fssevero@users.noreply.github.com> Date: Thu, 12 Oct 2023 19:27:13 +0100 Subject: [PATCH] Microsoft.KeyVault 2023-07-01 Add changes for Trusted Access Mode (#23813) * Adds base for updating Microsoft.KeyVault from version stable/2023-02-01 to version 2023-07-01 * Updates readme * Updates API version in new specs and examples * Add Identity to managed HSM resources * Remove ManagedHsmIdentityTargetResource * use common type for Identity * Update identity definition * Update readme.python.md * Update readme.python.md --------- Co-authored-by: Yuchao Yan --- .../stable/2023-07-01/common.json | 94 + .../examples/DeletedManagedHsm_Get.json | 28 + .../examples/DeletedManagedHsm_List.json | 47 + .../examples/DeletedManagedHsm_Purge.json | 15 + .../examples/ManagedHsm_CreateOrUpdate.json | 89 + .../examples/ManagedHsm_Delete.json | 17 + .../2023-07-01/examples/ManagedHsm_Get.json | 39 + .../ManagedHsm_ListByResourceGroup.json | 68 + .../ManagedHsm_ListBySubscription.json | 67 + ...tPrivateEndpointConnectionsByResource.json | 51 + .../ManagedHsm_ListRegionsByResource.json | 27 + .../examples/ManagedHsm_Update.json | 78 + .../ManagedHsm_checkMhsmNameAvailability.json | 16 + ...edHsm_deletePrivateEndpointConnection.json | 27 + ...nagedHsm_getPrivateEndpointConnection.json | 30 + .../ManagedHsm_listPrivateLinkResources.json | 30 + ...nagedHsm_putPrivateEndpointConnection.json | 37 + .../examples/checkVaultNameAvailability.json | 17 + .../stable/2023-07-01/examples/createKey.json | 53 + .../2023-07-01/examples/createSecret.json | 50 + .../2023-07-01/examples/createVault.json | 273 +++ .../examples/createVaultWithNetworkAcls.json | 132 ++ .../deletePrivateEndpointConnection.json | 28 + .../2023-07-01/examples/deleteVault.json | 16 + .../2023-07-01/examples/getDeletedVault.json | 26 + .../stable/2023-07-01/examples/getKey.json | 48 + .../2023-07-01/examples/getKeyVersion.json | 49 + .../getPrivateEndpointConnection.json | 33 + .../stable/2023-07-01/examples/getSecret.json | 28 + .../stable/2023-07-01/examples/getVault.json | 93 + .../examples/listDeletedVaults.json | 29 + .../2023-07-01/examples/listKeyVersions.json | 58 + .../stable/2023-07-01/examples/listKeys.json | 55 + .../2023-07-01/examples/listOperations.json | 332 +++ .../listPrivateEndpointConnection.json | 51 + .../examples/listPrivateLinkResources.json | 30 + .../2023-07-01/examples/listSecrets.json | 46 + .../stable/2023-07-01/examples/listVault.json | 24 + .../examples/listVaultByResourceGroup.json | 98 + .../examples/listVaultBySubscription.json | 97 + .../examples/managedHsmCreateKey.json | 52 + .../2023-07-01/examples/managedHsmGetKey.json | 47 + .../examples/managedHsmGetKeyVersion.json | 48 + .../examples/managedHsmListKeyVersions.json | 56 + .../examples/managedHsmListKeys.json | 53 + .../examples/purgeDeletedVault.json | 18 + .../putPrivateEndpointConnection.json | 39 + .../examples/updateAccessPoliciesAdd.json | 82 + .../2023-07-01/examples/updateSecret.json | 50 + .../2023-07-01/examples/updateVault.json | 271 +++ .../stable/2023-07-01/keys.json | 672 ++++++ .../stable/2023-07-01/keysManagedHsm.json | 651 ++++++ .../stable/2023-07-01/keyvault.json | 2081 +++++++++++++++++ .../stable/2023-07-01/managedHsm.json | 1737 ++++++++++++++ .../stable/2023-07-01/providers.json | 288 +++ .../stable/2023-07-01/secrets.json | 491 ++++ .../keyvault/resource-manager/readme.md | 19 +- .../resource-manager/readme.python.md | 12 +- 58 files changed, 9090 insertions(+), 3 deletions(-) create mode 100644 specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/common.json create mode 100644 specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/DeletedManagedHsm_Get.json create mode 100644 specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/DeletedManagedHsm_List.json create mode 100644 specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/DeletedManagedHsm_Purge.json create mode 100644 specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/ManagedHsm_CreateOrUpdate.json create mode 100644 specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/ManagedHsm_Delete.json create mode 100644 specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/ManagedHsm_Get.json create mode 100644 specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/ManagedHsm_ListByResourceGroup.json create mode 100644 specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/ManagedHsm_ListBySubscription.json create mode 100644 specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/ManagedHsm_ListPrivateEndpointConnectionsByResource.json create mode 100644 specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/ManagedHsm_ListRegionsByResource.json create mode 100644 specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/ManagedHsm_Update.json create mode 100644 specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/ManagedHsm_checkMhsmNameAvailability.json create mode 100644 specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/ManagedHsm_deletePrivateEndpointConnection.json create mode 100644 specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/ManagedHsm_getPrivateEndpointConnection.json create mode 100644 specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/ManagedHsm_listPrivateLinkResources.json create mode 100644 specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/ManagedHsm_putPrivateEndpointConnection.json create mode 100644 specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/checkVaultNameAvailability.json create mode 100644 specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/createKey.json create mode 100644 specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/createSecret.json create mode 100644 specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/createVault.json create mode 100644 specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/createVaultWithNetworkAcls.json create mode 100644 specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/deletePrivateEndpointConnection.json create mode 100644 specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/deleteVault.json create mode 100644 specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/getDeletedVault.json create mode 100644 specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/getKey.json create mode 100644 specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/getKeyVersion.json create mode 100644 specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/getPrivateEndpointConnection.json create mode 100644 specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/getSecret.json create mode 100644 specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/getVault.json create mode 100644 specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/listDeletedVaults.json create mode 100644 specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/listKeyVersions.json create mode 100644 specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/listKeys.json create mode 100644 specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/listOperations.json create mode 100644 specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/listPrivateEndpointConnection.json create mode 100644 specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/listPrivateLinkResources.json create mode 100644 specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/listSecrets.json create mode 100644 specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/listVault.json create mode 100644 specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/listVaultByResourceGroup.json create mode 100644 specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/listVaultBySubscription.json create mode 100644 specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/managedHsmCreateKey.json create mode 100644 specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/managedHsmGetKey.json create mode 100644 specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/managedHsmGetKeyVersion.json create mode 100644 specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/managedHsmListKeyVersions.json create mode 100644 specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/managedHsmListKeys.json create mode 100644 specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/purgeDeletedVault.json create mode 100644 specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/putPrivateEndpointConnection.json create mode 100644 specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/updateAccessPoliciesAdd.json create mode 100644 specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/updateSecret.json create mode 100644 specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/updateVault.json create mode 100644 specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/keys.json create mode 100644 specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/keysManagedHsm.json create mode 100644 specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/keyvault.json create mode 100644 specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/managedHsm.json create mode 100644 specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/providers.json create mode 100644 specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/secrets.json diff --git a/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/common.json b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/common.json new file mode 100644 index 000000000000..9b383e7a554c --- /dev/null +++ b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/common.json @@ -0,0 +1,94 @@ +{ + "swagger": "2.0", + "info": { + "version": "2023-07-01", + "title": "KeyVaultManagementClient", + "description": "The Azure management API provides a RESTful set of web services that interact with Azure Key Vault." + }, + "paths": {}, + "definitions": { + "CloudError": { + "description": "An error response from Key Vault resource provider", + "properties": { + "error": { + "$ref": "#/definitions/CloudErrorBody" + } + }, + "x-ms-external": true, + "type": "object" + }, + "CloudErrorBody": { + "description": "An error response from Key Vault resource provider", + "properties": { + "code": { + "type": "string", + "description": "Error code. This is a mnemonic that can be consumed programmatically." + }, + "message": { + "type": "string", + "description": "User friendly error message. The message is typically localized and may vary with service version." + } + }, + "x-ms-external": true, + "type": "object" + }, + "SystemData": { + "description": "Metadata pertaining to creation and last modification of the key vault resource.", + "readOnly": true, + "properties": { + "createdBy": { + "type": "string", + "description": "The identity that created the key vault resource." + }, + "createdByType": { + "description": "The type of identity that created the key vault resource.", + "$ref": "#/definitions/IdentityType" + }, + "createdAt": { + "type": "string", + "format": "date-time", + "description": "The timestamp of the key vault resource creation (UTC)." + }, + "lastModifiedBy": { + "type": "string", + "description": "The identity that last modified the key vault resource." + }, + "lastModifiedByType": { + "description": "The type of identity that last modified the key vault resource.", + "$ref": "#/definitions/IdentityType" + }, + "lastModifiedAt": { + "type": "string", + "format": "date-time", + "description": "The timestamp of the key vault resource last modification (UTC)." + } + }, + "type": "object" + }, + "IdentityType": { + "type": "string", + "description": "The type of identity.", + "enum": [ + "User", + "Application", + "ManagedIdentity", + "Key" + ], + "x-ms-enum": { + "name": "identityType", + "modelAsString": true + } + } + }, + "securityDefinitions": { + "azure_auth": { + "type": "oauth2", + "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", + "flow": "implicit", + "description": "Azure Active Directory OAuth2 Flow", + "scopes": { + "user_impersonation": "impersonate your user account" + } + } + } +} diff --git a/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/DeletedManagedHsm_Get.json b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/DeletedManagedHsm_Get.json new file mode 100644 index 000000000000..3fda65dcf319 --- /dev/null +++ b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/DeletedManagedHsm_Get.json @@ -0,0 +1,28 @@ +{ + "parameters": { + "name": "hsm1", + "location": "westus", + "subscriptionId": "00000000-0000-0000-0000-000000000000", + "api-version": "2023-07-01" + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.KeyVault/locations/westus/deletedManagedHSMs/hsm1", + "name": "vault-agile-drawer-6404", + "type": "Microsoft.KeyVault/deletedManagedHSMs", + "properties": { + "mhsmId": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/hsm-group/providers/Microsoft.KeyVault/managedHSMs/hsm1", + "location": "westus", + "deletionDate": "2021-04-01T00:00:59Z", + "scheduledPurgeDate": "2021-04-01T00:00:59Z", + "purgeProtectionEnabled": true, + "tags": { + "Dept": "hsm", + "Environment": "production" + } + } + } + } + } +} diff --git a/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/DeletedManagedHsm_List.json b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/DeletedManagedHsm_List.json new file mode 100644 index 000000000000..0d4e0325e2ef --- /dev/null +++ b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/DeletedManagedHsm_List.json @@ -0,0 +1,47 @@ +{ + "parameters": { + "subscriptionId": "00000000-0000-0000-0000-000000000000", + "api-version": "2023-07-01" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "id": "/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.KeyVault/locations/westus/deletedManagedHSMs/hsm1", + "name": "vault-agile-drawer-6404", + "type": "Microsoft.KeyVault/deletedManagedHSMs", + "properties": { + "mhsmId": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/hsm-group/providers/Microsoft.KeyVault/managedHSMs/hsm1", + "location": "westus", + "deletionDate": "2021-04-01T00:00:59Z", + "scheduledPurgeDate": "2021-04-01T00:00:59Z", + "purgeProtectionEnabled": true, + "tags": { + "Dept": "hsm", + "Environment": "production" + } + } + }, + { + "id": "/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.KeyVault/locations/westus/deletedManagedHSMs/hsm2", + "name": "vault-agile-drawer-6404", + "type": "Microsoft.KeyVault/deletedManagedHSMs", + "properties": { + "mhsmId": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/hsm-group/providers/Microsoft.KeyVault/managedHSMs/hsm2", + "location": "westus", + "deletionDate": "2021-04-01T00:00:59Z", + "scheduledPurgeDate": "2021-04-01T00:00:59Z", + "purgeProtectionEnabled": true, + "tags": { + "Dept": "hsm", + "Environment": "production" + } + } + } + ], + "nextLink": "https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.KeyVault/deletedManagedHSMs?api-version=2023-07-01&$skiptoken=dmF1bHQtcGVza3ktanVyeS03MzA3Ng==" + } + } + } +} diff --git a/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/DeletedManagedHsm_Purge.json b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/DeletedManagedHsm_Purge.json new file mode 100644 index 000000000000..e63855b84d83 --- /dev/null +++ b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/DeletedManagedHsm_Purge.json @@ -0,0 +1,15 @@ +{ + "parameters": { + "name": "hsm1", + "location": "westus", + "subscriptionId": "00000000-0000-0000-0000-000000000000", + "api-version": "2023-07-01" + }, + "responses": { + "202": { + "headers": { + "Location": "https://some.endpoint.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.KeyVault/locations/westus/managedHsmOperationResults/00000000-0000-0000-0000-000000000000" + } + } + } +} diff --git a/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/ManagedHsm_CreateOrUpdate.json b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/ManagedHsm_CreateOrUpdate.json new file mode 100644 index 000000000000..22bbc969d98d --- /dev/null +++ b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/ManagedHsm_CreateOrUpdate.json @@ -0,0 +1,89 @@ +{ + "parameters": { + "resourceGroupName": "hsm-group", + "name": "hsm1", + "subscriptionId": "00000000-0000-0000-0000-000000000000", + "api-version": "2023-07-01", + "parameters": { + "properties": { + "tenantId": "00000000-0000-0000-0000-000000000000", + "initialAdminObjectIds": [ + "00000000-0000-0000-0000-000000000000" + ], + "enableSoftDelete": true, + "softDeleteRetentionInDays": 90, + "enablePurgeProtection": false + }, + "location": "westus", + "sku": { + "family": "B", + "name": "Standard_B1" + }, + "tags": { + "Dept": "hsm", + "Environment": "dogfood" + } + } + }, + "responses": { + "202": { + "headers": { + "Location": "https://some.endpoint.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.KeyVault/locations/westus/managedHsmOperationResults/00000000-0000-0000-0000-000000000000" + }, + "body": { + "properties": { + "tenantId": "00000000-0000-0000-0000-000000000000", + "initialAdminObjectIds": [ + "00000000-0000-0000-0000-000000000000" + ], + "enableSoftDelete": true, + "softDeleteRetentionInDays": 90, + "enablePurgeProtection": false, + "hsmUri": null, + "provisioningState": "Provisioning", + "statusMessage": "Allocating hardware" + }, + "id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/hsm-group/providers/Microsoft.KeyVault/managedHSMs/hsm1", + "name": "hsm1", + "type": "Microsoft.KeyVault/managedHSMs", + "location": "westus", + "sku": { + "family": "B", + "name": "Standard_B1" + }, + "tags": { + "Dept": "hsm", + "Environment": "dogfood" + } + } + }, + "200": { + "body": { + "properties": { + "tenantId": "00000000-0000-0000-0000-000000000000", + "initialAdminObjectIds": [ + "00000000-0000-0000-0000-000000000000" + ], + "enableSoftDelete": true, + "softDeleteRetentionInDays": 90, + "enablePurgeProtection": false, + "hsmUri": "https://westus.hsm1.managedhsm.azure.net", + "provisioningState": "Succeeded", + "statusMessage": "ManagedHsm is functional." + }, + "id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/hsm-group/providers/Microsoft.KeyVault/managedHSMs/hsm1", + "name": "hsm1", + "type": "Microsoft.KeyVault/managedHSMs", + "location": "westus", + "sku": { + "family": "B", + "name": "Standard_B1" + }, + "tags": { + "Dept": "hsm", + "Environment": "dogfood" + } + } + } + } +} diff --git a/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/ManagedHsm_Delete.json b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/ManagedHsm_Delete.json new file mode 100644 index 000000000000..ef4eb6ce2ed8 --- /dev/null +++ b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/ManagedHsm_Delete.json @@ -0,0 +1,17 @@ +{ + "parameters": { + "resourceGroupName": "hsm-group", + "name": "hsm1", + "subscriptionId": "00000000-0000-0000-0000-000000000000", + "api-version": "2023-07-01" + }, + "responses": { + "200": {}, + "202": { + "headers": { + "Location": "https://some.endpoint.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.KeyVault/locations/westus/managedHsmOperationResults/00000000-0000-0000-0000-000000000000" + } + }, + "204": {} + } +} diff --git a/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/ManagedHsm_Get.json b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/ManagedHsm_Get.json new file mode 100644 index 000000000000..4761af7dd10f --- /dev/null +++ b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/ManagedHsm_Get.json @@ -0,0 +1,39 @@ +{ + "parameters": { + "resourceGroupName": "hsm-group", + "name": "hsm1", + "subscriptionId": "00000000-0000-0000-0000-000000000000", + "api-version": "2023-07-01" + }, + "responses": { + "200": { + "body": { + "properties": { + "tenantId": "00000000-0000-0000-0000-000000000000", + "initialAdminObjectIds": [ + "00000000-0000-0000-0000-000000000000" + ], + "enableSoftDelete": true, + "softDeleteRetentionInDays": 90, + "enablePurgeProtection": false, + "hsmUri": "https://westus.hsm1.managedhsm.azure.net", + "provisioningState": "Succeeded", + "statusMessage": "ManagedHsm is functional." + }, + "id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/hsm-group/providers/Microsoft.KeyVault/managedHSMs/hsm1", + "name": "hsm1", + "type": "Microsoft.KeyVault/managedHSMs", + "location": "westus", + "sku": { + "family": "B", + "name": "Standard_B1" + }, + "tags": { + "Dept": "hsm", + "Environment": "dogfood" + } + } + }, + "204": {} + } +} diff --git a/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/ManagedHsm_ListByResourceGroup.json b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/ManagedHsm_ListByResourceGroup.json new file mode 100644 index 000000000000..624307491781 --- /dev/null +++ b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/ManagedHsm_ListByResourceGroup.json @@ -0,0 +1,68 @@ +{ + "parameters": { + "resourceGroupName": "hsm-group", + "subscriptionId": "00000000-0000-0000-0000-000000000000", + "api-version": "2023-07-01" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "properties": { + "tenantId": "00000000-0000-0000-0000-000000000000", + "initialAdminObjectIds": [ + "00000000-0000-0000-0000-000000000000" + ], + "enableSoftDelete": true, + "softDeleteRetentionInDays": 90, + "enablePurgeProtection": false, + "hsmUri": "https://westus.hsm1.managedhsm.azure.net", + "provisioningState": "Succeeded", + "statusMessage": "ManagedHsm is functional." + }, + "id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/hsm-group/providers/Microsoft.KeyVault/managedHSMs/hsm1", + "name": "hsm1", + "type": "Microsoft.KeyVault/managedHSMs", + "location": "westus", + "sku": { + "family": "B", + "name": "Standard_B1" + }, + "tags": { + "Dept": "hsm", + "Environment": "dogfood" + } + }, + { + "properties": { + "tenantId": "00000000-0000-0000-0000-000000000000", + "initialAdminObjectIds": [ + "00000000-0000-0000-0000-000000000000" + ], + "enableSoftDelete": true, + "softDeleteRetentionInDays": 90, + "enablePurgeProtection": false, + "hsmUri": "https://westus.hsm2.managedhsm.azure.net", + "provisioningState": "Succeeded", + "statusMessage": "ManagedHsm is functional." + }, + "id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/hsm-group/providers/Microsoft.KeyVault/managedHSMs/hsm2", + "name": "hsm2", + "type": "Microsoft.KeyVault/managedHSMs", + "location": "westus", + "sku": { + "family": "B", + "name": "Standard_B1" + }, + "tags": { + "Dept": "hsm", + "Environment": "production" + } + } + ], + "nextLink": "https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/hsm-group/providers/Microsoft.KeyVault/managedHSMs?api-version=2023-07-01&$skiptoken=dmF1bHQtcGVza3ktanVyeS03MzA3Ng==" + } + } + } +} diff --git a/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/ManagedHsm_ListBySubscription.json b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/ManagedHsm_ListBySubscription.json new file mode 100644 index 000000000000..52430f1b3835 --- /dev/null +++ b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/ManagedHsm_ListBySubscription.json @@ -0,0 +1,67 @@ +{ + "parameters": { + "subscriptionId": "00000000-0000-0000-0000-000000000000", + "api-version": "2023-07-01" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "properties": { + "tenantId": "00000000-0000-0000-0000-000000000000", + "initialAdminObjectIds": [ + "00000000-0000-0000-0000-000000000000" + ], + "enableSoftDelete": true, + "softDeleteRetentionInDays": 90, + "enablePurgeProtection": false, + "hsmUri": "https://westus.hsm1.managedhsm.azure.net", + "provisioningState": "Succeeded", + "statusMessage": "ManagedHsm is functional." + }, + "id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/hsm-group/providers/Microsoft.KeyVault/managedHSMs/hsm1", + "name": "hsm1", + "type": "Microsoft.KeyVault/managedHSMs", + "location": "westus", + "sku": { + "family": "B", + "name": "Standard_B1" + }, + "tags": { + "Dept": "hsm", + "Environment": "dogfood" + } + }, + { + "properties": { + "tenantId": "00000000-0000-0000-0000-000000000000", + "initialAdminObjectIds": [ + "00000000-0000-0000-0000-000000000000" + ], + "enableSoftDelete": true, + "softDeleteRetentionInDays": 90, + "enablePurgeProtection": false, + "hsmUri": "https://westus.hsm2.managedhsm.azure.net", + "provisioningState": "Succeeded", + "statusMessage": "ManagedHsm is functional." + }, + "id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/hsm-group/providers/Microsoft.KeyVault/managedHSMs/hsm2", + "name": "hsm2", + "type": "Microsoft.KeyVault/managedHSMs", + "location": "westus", + "sku": { + "family": "B", + "name": "Standard_B1" + }, + "tags": { + "Dept": "hsm", + "Environment": "production" + } + } + ], + "nextLink": "https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.KeyVault/managedHSMs?api-version=2023-07-01&$skiptoken=dmF1bHQtcGVza3ktanVyeS03MzA3Ng==" + } + } + } +} diff --git a/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/ManagedHsm_ListPrivateEndpointConnectionsByResource.json b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/ManagedHsm_ListPrivateEndpointConnectionsByResource.json new file mode 100644 index 000000000000..9123df545666 --- /dev/null +++ b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/ManagedHsm_ListPrivateEndpointConnectionsByResource.json @@ -0,0 +1,51 @@ +{ + "parameters": { + "subscriptionId": "00000000-0000-0000-0000-000000000000", + "resourceGroupName": "sample-group", + "name": "sample-mhsm", + "api-version": "2023-07-01" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sample-group/providers/Microsoft.KeyVault/managedhsms/sample-mhsm/privateEndpointConnections/sample-pec1", + "name": "sample-pec1", + "type": "Microsoft.KeyVault/managedhsms/privateEndpointConnections", + "etag": "", + "properties": { + "provisioningState": "Succeeded", + "privateEndpoint": { + "id": "/subscriptions/00000000-0000-0000-1234-000000000000/resourceGroups/sample-group/providers/Microsoft.Network/privateEndpoints/sample-pe1" + }, + "privateLinkServiceConnectionState": { + "status": "Approved", + "description": "This was automatically approved by user1234@contoso.com", + "actionsRequired": "None" + } + } + }, + { + "id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sample-group/providers/Microsoft.KeyVault/managedhsms/sample-mhsm/privateEndpointConnections/sample-pec2", + "name": "sample-pec2", + "type": "Microsoft.KeyVault/managedhsms/privateEndpointConnections", + "etag": "", + "properties": { + "provisioningState": "Succeeded", + "privateEndpoint": { + "id": "/subscriptions/00000000-0000-0000-1234-000000000000/resourceGroups/sample-group/providers/Microsoft.Network/privateEndpoints/sample-pe2" + }, + "privateLinkServiceConnectionState": { + "status": "Approved", + "description": "This was automatically approved by user1234@contoso.com", + "actionsRequired": "None" + } + } + } + ], + "nextLink": null + } + } + } +} diff --git a/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/ManagedHsm_ListRegionsByResource.json b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/ManagedHsm_ListRegionsByResource.json new file mode 100644 index 000000000000..dc64edcd96f8 --- /dev/null +++ b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/ManagedHsm_ListRegionsByResource.json @@ -0,0 +1,27 @@ +{ + "parameters": { + "subscriptionId": "00000000-0000-0000-0000-000000000000", + "resourceGroupName": "sample-group", + "name": "sample-mhsm", + "api-version": "2023-07-01" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "name": "sample-region1", + "provisioningState": "Succeeded", + "isPrimary": true + }, + { + "name": "sample-region2", + "provisioningState": "Succeeded", + "isPrimary": false + } + ], + "nextLink": null + } + } + } +} diff --git a/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/ManagedHsm_Update.json b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/ManagedHsm_Update.json new file mode 100644 index 000000000000..197228a69446 --- /dev/null +++ b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/ManagedHsm_Update.json @@ -0,0 +1,78 @@ +{ + "parameters": { + "resourceGroupName": "hsm-group", + "name": "hsm1", + "subscriptionId": "00000000-0000-0000-0000-000000000000", + "api-version": "2023-07-01", + "parameters": { + "tags": { + "Dept": "hsm", + "Environment": "dogfood", + "Slice": "A" + } + } + }, + "responses": { + "200": { + "body": { + "properties": { + "tenantId": "00000000-0000-0000-0000-000000000000", + "initialAdminObjectIds": [ + "00000000-0000-0000-0000-000000000000" + ], + "enableSoftDelete": true, + "softDeleteRetentionInDays": 90, + "enablePurgeProtection": false, + "hsmUri": "https://westus.hsm1.managedhsm.azure.net", + "provisioningState": "Succeeded", + "statusMessage": "ManagedHsm is functional." + }, + "id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/hsm-group/providers/Microsoft.KeyVault/managedHSMs/hsm1", + "name": "hsm1", + "type": "Microsoft.KeyVault/managedHSMs", + "location": "westus", + "sku": { + "family": "B", + "name": "Standard_B1" + }, + "tags": { + "Dept": "hsm", + "Environment": "dogfood", + "Slice": "A" + } + } + }, + "202": { + "headers": { + "Location": "https://some.endpoint.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.KeyVault/locations/westus/managedHsmOperationResults/00000000-0000-0000-0000-000000000000" + }, + "body": { + "properties": { + "tenantId": "00000000-0000-0000-0000-000000000000", + "initialAdminObjectIds": [ + "00000000-0000-0000-0000-000000000000" + ], + "enableSoftDelete": true, + "softDeleteRetentionInDays": 90, + "enablePurgeProtection": false, + "hsmUri": "https://westus.hsm1.managedhsm.azure.net", + "provisioningState": "Updating", + "statusMessage": "ManagedHsm is updating." + }, + "id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/hsm-group/providers/Microsoft.KeyVault/managedHSMs/hsm1", + "name": "hsm1", + "type": "Microsoft.KeyVault/managedHSMs", + "location": "westus", + "sku": { + "family": "B", + "name": "Standard_B1" + }, + "tags": { + "Dept": "hsm", + "Environment": "dogfood", + "Slice": "A" + } + } + } + } +} diff --git a/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/ManagedHsm_checkMhsmNameAvailability.json b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/ManagedHsm_checkMhsmNameAvailability.json new file mode 100644 index 000000000000..9b476b88928d --- /dev/null +++ b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/ManagedHsm_checkMhsmNameAvailability.json @@ -0,0 +1,16 @@ +{ + "parameters": { + "subscriptionId": "00000000-0000-0000-0000-000000000000", + "api-version": "2023-07-01", + "mhsmName": { + "name": "sample-mhsm" + } + }, + "responses": { + "200": { + "body": { + "nameAvailable": true + } + } + } +} diff --git a/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/ManagedHsm_deletePrivateEndpointConnection.json b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/ManagedHsm_deletePrivateEndpointConnection.json new file mode 100644 index 000000000000..35fd5c46df8f --- /dev/null +++ b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/ManagedHsm_deletePrivateEndpointConnection.json @@ -0,0 +1,27 @@ +{ + "parameters": { + "subscriptionId": "00000000-0000-0000-0000-000000000000", + "resourceGroupName": "sample-group", + "name": "sample-mhsm", + "privateEndpointConnectionName": "sample-pec", + "api-version": "2023-07-01" + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sample-group/providers/Microsoft.KeyVault/managedhsms/sample-vault/privateEndpointConnections/sample-pec", + "name": "sample-pec", + "type": "Microsoft.KeyVault/managedhsms/privateEndpointConnections", + "properties": { + "provisioningState": "Disconnected" + } + } + }, + "202": { + "headers": { + "Location": "https://some.endpoint.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sample-group/providers/Microsoft.KeyVault/managedhsms/sample-mhsm/privateEndpointConnections/sample-pec?operationid=25334578" + } + }, + "204": {} + } +} diff --git a/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/ManagedHsm_getPrivateEndpointConnection.json b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/ManagedHsm_getPrivateEndpointConnection.json new file mode 100644 index 000000000000..837b6c9994de --- /dev/null +++ b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/ManagedHsm_getPrivateEndpointConnection.json @@ -0,0 +1,30 @@ +{ + "parameters": { + "subscriptionId": "00000000-0000-0000-0000-000000000000", + "resourceGroupName": "sample-group", + "name": "sample-mhsm", + "privateEndpointConnectionName": "sample-pec", + "api-version": "2023-07-01" + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sample-group/providers/Microsoft.KeyVault/managedhsms/sample-mhsm/privateEndpointConnections/sample-pec", + "name": "sample-pec", + "type": "Microsoft.KeyVault/managedhsms/privateEndpointConnections", + "etag": "", + "properties": { + "provisioningState": "Succeeded", + "privateEndpoint": { + "id": "/subscriptions/00000000-0000-0000-1234-000000000000/resourceGroups/sample-group/providers/Microsoft.Network/privateEndpoints/sample-pe" + }, + "privateLinkServiceConnectionState": { + "status": "Approved", + "description": "This was automatically approved by user1234@contoso.com", + "actionsRequired": "None" + } + } + } + } + } +} diff --git a/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/ManagedHsm_listPrivateLinkResources.json b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/ManagedHsm_listPrivateLinkResources.json new file mode 100644 index 000000000000..aa78dc91cac1 --- /dev/null +++ b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/ManagedHsm_listPrivateLinkResources.json @@ -0,0 +1,30 @@ +{ + "parameters": { + "subscriptionId": "00000000-0000-0000-0000-000000000000", + "resourceGroupName": "sample-group", + "name": "sample-mhsm", + "api-version": "2023-07-01" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sample-resource-group/providers/Microsoft.KeyVault/managedhsms/sample-mhsm/privateLinkResources/managedhsm", + "name": "managedhsm", + "type": "Microsoft.KeyVault/managedhsms/privateLinkResources", + "properties": { + "groupId": "managedhsms", + "requiredMembers": [ + "default" + ], + "requiredZoneNames": [ + "privatelink.managedhsm.azure.net" + ] + } + } + ] + } + } + } +} diff --git a/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/ManagedHsm_putPrivateEndpointConnection.json b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/ManagedHsm_putPrivateEndpointConnection.json new file mode 100644 index 000000000000..d6f41efaf5f6 --- /dev/null +++ b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/ManagedHsm_putPrivateEndpointConnection.json @@ -0,0 +1,37 @@ +{ + "parameters": { + "subscriptionId": "00000000-0000-0000-0000-000000000000", + "resourceGroupName": "sample-group", + "name": "sample-mhsm", + "privateEndpointConnectionName": "sample-pec", + "api-version": "2023-07-01", + "properties": { + "properties": { + "privateLinkServiceConnectionState": { + "status": "Approved", + "description": "My name is Joe and I'm approving this." + } + } + } + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sample-group/providers/Microsoft.KeyVault/managedhsms/sample-mhsm/privateEndpointConnections/sample-pec", + "name": "sample-pec", + "type": "Microsoft.KeyVault/managedhsms/privateEndpointConnections", + "properties": { + "provisioningState": "Succeeded", + "privateEndpoint": { + "id": "/subscriptions/00000000-0000-0000-1234-000000000000/resourceGroups/sample-group/providers/Microsoft.Network/privateEndpoints/sample-pe" + }, + "privateLinkServiceConnectionState": { + "status": "Approved", + "description": "My name is Joe and I'm approving this.", + "actionsRequired": "None" + } + } + } + } + } +} diff --git a/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/checkVaultNameAvailability.json b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/checkVaultNameAvailability.json new file mode 100644 index 000000000000..05c9ba401ffb --- /dev/null +++ b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/checkVaultNameAvailability.json @@ -0,0 +1,17 @@ +{ + "parameters": { + "subscriptionId": "00000000-0000-0000-0000-000000000000", + "api-version": "2023-07-01", + "vaultName": { + "name": "sample-vault", + "type": "Microsoft.KeyVault/vaults" + } + }, + "responses": { + "200": { + "body": { + "nameAvailable": true + } + } + } +} diff --git a/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/createKey.json b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/createKey.json new file mode 100644 index 000000000000..06ba95c9ba65 --- /dev/null +++ b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/createKey.json @@ -0,0 +1,53 @@ +{ + "parameters": { + "subscriptionId": "00000000-0000-0000-0000-000000000000", + "resourceGroupName": "sample-group", + "vaultName": "sample-vault-name", + "keyName": "sample-key-name", + "api-version": "2023-07-01", + "parameters": { + "properties": { + "kty": "RSA" + } + } + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sample-group/providers/Microsoft.KeyVault/vaults/sample-vault-name/keys/sample-key-name", + "name": "sample-key-name", + "type": "Microsoft.KeyVault/vaults/keys", + "location": "westus", + "properties": { + "attributes": { + "enabled": true, + "created": 1598533051, + "updated": 1598533051, + "recoveryLevel": "Purgeable" + }, + "kty": "RSA", + "keyOps": [ + "encrypt", + "decrypt", + "sign", + "verify", + "wrapKey", + "unwrapKey" + ], + "keySize": 2048, + "keyUri": "https://sample-vault-name.vault.azure.net:443/keys/sample-key-name", + "keyUriWithVersion": "https://sample-vault-name.vault.azure.net:443/keys/sample-key-name/fd618d9519b74f9aae94ade66b876acc" + } + } + }, + "default": { + "headers": {}, + "body": { + "error": { + "code": "", + "message": "" + } + } + } + } +} diff --git a/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/createSecret.json b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/createSecret.json new file mode 100644 index 000000000000..1f6df9e63dbc --- /dev/null +++ b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/createSecret.json @@ -0,0 +1,50 @@ +{ + "parameters": { + "resourceGroupName": "sample-group", + "vaultName": "sample-vault", + "secretName": "secret-name", + "subscriptionId": "00000000-0000-0000-0000-000000000000", + "api-version": "2023-07-01", + "parameters": { + "properties": { + "value": "secret-value" + } + } + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sample-group/providers/Microsoft.KeyVault/vaults/sample-vault/secrets/secret-name", + "name": "secret-name", + "type": "Microsoft.KeyVault/vaults/secrets", + "location": "westus", + "properties": { + "attributes": { + "enabled": true, + "created": 1514938738, + "updated": 1514938738 + }, + "secretUri": "https://sample-vault.vault.azure.net/secrets/secret-name", + "secretUriWithVersion": "https:/sample-vault.vault.azure.net/secrets/secret-name/baf6de32c4774c7c81345f6476cf90a4" + } + } + }, + "201": { + "body": { + "id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sample-group/providers/Microsoft.KeyVault/vaults/sample-vault/secrets/secret-name", + "name": "secret-name", + "type": "Microsoft.KeyVault/vaults/secrets", + "location": "westus", + "properties": { + "attributes": { + "enabled": true, + "created": 1514938738, + "updated": 1514938738 + }, + "secretUri": "https://sample-vault.vault.azure.net/secrets/secret-name", + "secretUriWithVersion": "https:/sample-vault.vault.azure.net/secrets/secret-name/baf6de32c4774c7c81345f6476cf90a4" + } + } + } + } +} diff --git a/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/createVault.json b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/createVault.json new file mode 100644 index 000000000000..c2107362c385 --- /dev/null +++ b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/createVault.json @@ -0,0 +1,273 @@ +{ + "parameters": { + "resourceGroupName": "sample-resource-group", + "vaultName": "sample-vault", + "subscriptionId": "00000000-0000-0000-0000-000000000000", + "api-version": "2023-07-01", + "parameters": { + "location": "westus", + "properties": { + "tenantId": "00000000-0000-0000-0000-000000000000", + "sku": { + "family": "A", + "name": "standard" + }, + "accessPolicies": [ + { + "tenantId": "00000000-0000-0000-0000-000000000000", + "objectId": "00000000-0000-0000-0000-000000000000", + "permissions": { + "keys": [ + "encrypt", + "decrypt", + "wrapKey", + "unwrapKey", + "sign", + "verify", + "get", + "list", + "create", + "update", + "import", + "delete", + "backup", + "restore", + "recover", + "purge" + ], + "secrets": [ + "get", + "list", + "set", + "delete", + "backup", + "restore", + "recover", + "purge" + ], + "certificates": [ + "get", + "list", + "delete", + "create", + "import", + "update", + "managecontacts", + "getissuers", + "listissuers", + "setissuers", + "deleteissuers", + "manageissuers", + "recover", + "purge" + ] + } + } + ], + "enabledForDeployment": true, + "enabledForDiskEncryption": true, + "enabledForTemplateDeployment": true, + "publicNetworkAccess": "Enabled" + } + } + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sample-resource-group/providers/Microsoft.KeyVault/vaults/sample-vault", + "name": "sample-vault", + "type": "Microsoft.KeyVault/vaults", + "location": "westus", + "tags": {}, + "systemData": { + "createdBy": "keyVaultUser1", + "createdByType": "User", + "createdAt": "2020-01-01T12:00:00.0000000Z", + "lastModifiedBy": "keyVaultUser2", + "lastModifiedByType": "User", + "lastModifiedAt": "2020-01-01T12:00:00.0000000Z" + }, + "properties": { + "sku": { + "family": "A", + "name": "standard" + }, + "tenantId": "00000000-0000-0000-0000-000000000000", + "networkAcls": { + "bypass": "AzureServices", + "defaultAction": "Deny", + "ipRules": [ + { + "value": "" + } + ], + "virtualNetworkRules": [ + { + "id": "", + "ignoreMissingVnetServiceEndpoint": false + } + ] + }, + "accessPolicies": [ + { + "tenantId": "00000000-0000-0000-0000-000000000000", + "objectId": "00000000-0000-0000-0000-000000000000", + "permissions": { + "keys": [ + "encrypt", + "decrypt", + "wrapKey", + "unwrapKey", + "sign", + "verify", + "get", + "list", + "create", + "update", + "import", + "delete", + "backup", + "restore", + "recover", + "purge" + ], + "secrets": [ + "get", + "list", + "set", + "delete", + "backup", + "restore", + "recover", + "purge" + ], + "certificates": [ + "get", + "list", + "delete", + "create", + "import", + "update", + "managecontacts", + "getissuers", + "listissuers", + "setissuers", + "deleteissuers", + "manageissuers", + "recover", + "purge" + ] + } + } + ], + "privateEndpointConnections": [ + { + "id": "", + "etag": "", + "properties": { + "provisioningState": "Succeeded", + "privateEndpoint": { + "id": "" + }, + "privateLinkServiceConnectionState": { + "status": "Approved", + "actionsRequired": "None" + } + } + } + ], + "enabledForDeployment": true, + "enabledForDiskEncryption": true, + "enabledForTemplateDeployment": true, + "hsmPoolResourceId": "00000000-0000-0000-0000-000000000000", + "vaultUri": "https://sample-vault.vault.azure.net", + "provisioningState": "Succeeded", + "publicNetworkAccess": "Enabled" + } + } + }, + "201": { + "body": { + "id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sample-resource-group/providers/Microsoft.KeyVault/vaults/sample-vault", + "name": "sample-vault", + "type": "Microsoft.KeyVault/vaults", + "location": "westus", + "tags": {}, + "systemData": { + "createdBy": "keyVaultUser1", + "createdByType": "User", + "createdAt": "2020-01-01T12:00:00.0000000Z", + "lastModifiedBy": "keyVaultUser2", + "lastModifiedByType": "User", + "lastModifiedAt": "2020-01-01T12:00:00.0000000Z" + }, + "properties": { + "sku": { + "family": "A", + "name": "standard" + }, + "tenantId": "00000000-0000-0000-0000-000000000000", + "accessPolicies": [ + { + "tenantId": "00000000-0000-0000-0000-000000000000", + "objectId": "00000000-0000-0000-0000-000000000000", + "permissions": { + "keys": [ + "encrypt", + "decrypt", + "wrapKey", + "unwrapKey", + "sign", + "verify", + "get", + "list", + "create", + "update", + "import", + "delete", + "backup", + "restore", + "recover", + "purge" + ], + "secrets": [ + "get", + "list", + "set", + "delete", + "backup", + "restore", + "recover", + "purge" + ], + "certificates": [ + "get", + "list", + "delete", + "create", + "import", + "update", + "managecontacts", + "getissuers", + "listissuers", + "setissuers", + "deleteissuers", + "manageissuers", + "recover", + "purge" + ] + } + } + ], + "enabledForDeployment": true, + "enabledForDiskEncryption": true, + "enabledForTemplateDeployment": true, + "hsmPoolResourceId": "00000000-0000-0000-0000-000000000000", + "vaultUri": "https://sample-vault.vault.azure.net", + "provisioningState": "Succeeded", + "publicNetworkAccess": "Enabled" + } + } + } + } +} diff --git a/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/createVaultWithNetworkAcls.json b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/createVaultWithNetworkAcls.json new file mode 100644 index 000000000000..7c745685b037 --- /dev/null +++ b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/createVaultWithNetworkAcls.json @@ -0,0 +1,132 @@ +{ + "parameters": { + "resourceGroupName": "sample-resource-group", + "vaultName": "sample-vault", + "subscriptionId": "00000000-0000-0000-0000-000000000000", + "api-version": "2023-07-01", + "parameters": { + "location": "westus", + "properties": { + "tenantId": "00000000-0000-0000-0000-000000000000", + "sku": { + "family": "A", + "name": "standard" + }, + "networkAcls": { + "defaultAction": "Deny", + "bypass": "AzureServices", + "ipRules": [ + { + "value": "124.56.78.91" + }, + { + "value": "'10.91.4.0/24'" + } + ], + "virtualNetworkRules": [ + { + "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworks/test-vnet/subnets/subnet1" + } + ] + }, + "enabledForDeployment": true, + "enabledForDiskEncryption": true, + "enabledForTemplateDeployment": true + } + } + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sample-resource-group/providers/Microsoft.KeyVault/vaults/sample-vault", + "name": "sample-vault", + "type": "Microsoft.KeyVault/vaults", + "location": "westus", + "tags": {}, + "systemData": { + "createdBy": "keyVaultUser1", + "createdByType": "User", + "createdAt": "2020-01-01T12:00:00.0000000Z", + "lastModifiedBy": "keyVaultUser2", + "lastModifiedByType": "User", + "lastModifiedAt": "2020-01-01T12:00:00.0000000Z" + }, + "properties": { + "sku": { + "family": "A", + "name": "standard" + }, + "tenantId": "00000000-0000-0000-0000-000000000000", + "networkAcls": { + "defaultAction": "Deny", + "bypass": "AzureServices", + "ipRules": [ + { + "value": "124.56.78.91/32" + }, + { + "value": "'10.91.4.0/24'" + } + ], + "virtualNetworkRules": [ + { + "id": "/subscriptions/subid/resourcegroups/rg1/providers/microsoft.network/virtualnetworks/test-vnet/subnets/subnet1" + } + ] + }, + "enabledForDeployment": true, + "enabledForDiskEncryption": true, + "enabledForTemplateDeployment": true, + "hsmPoolResourceId": "00000000-0000-0000-0000-000000000000", + "vaultUri": "https://sample-vault.vault.azure.net" + } + } + }, + "201": { + "body": { + "id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sample-resource-group/providers/Microsoft.KeyVault/vaults/sample-vault", + "name": "sample-vault", + "type": "Microsoft.KeyVault/vaults", + "location": "westus", + "tags": {}, + "systemData": { + "createdBy": "keyVaultUser1", + "createdByType": "User", + "createdAt": "2020-01-01T12:00:00.0000000Z", + "lastModifiedBy": "keyVaultUser2", + "lastModifiedByType": "User", + "lastModifiedAt": "2020-01-01T12:00:00.0000000Z" + }, + "properties": { + "sku": { + "family": "A", + "name": "standard" + }, + "tenantId": "00000000-0000-0000-0000-000000000000", + "networkAcls": { + "defaultAction": "Deny", + "bypass": "AzureServices", + "ipRules": [ + { + "value": "124.56.78.91/32" + }, + { + "value": "'10.91.4.0/24'" + } + ], + "virtualNetworkRules": [ + { + "id": "/subscriptions/subid/resourcegroups/rg1/providers/microsoft.network/virtualnetworks/test-vnet/subnets/subnet1" + } + ] + }, + "enabledForDeployment": true, + "enabledForDiskEncryption": true, + "enabledForTemplateDeployment": true, + "hsmPoolResourceId": "00000000-0000-0000-0000-000000000000", + "vaultUri": "https://sample-vault.vault.azure.net" + } + } + } + } +} diff --git a/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/deletePrivateEndpointConnection.json b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/deletePrivateEndpointConnection.json new file mode 100644 index 000000000000..c489c0230e6f --- /dev/null +++ b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/deletePrivateEndpointConnection.json @@ -0,0 +1,28 @@ +{ + "parameters": { + "subscriptionId": "00000000-0000-0000-0000-000000000000", + "resourceGroupName": "sample-group", + "vaultName": "sample-vault", + "privateEndpointConnectionName": "sample-pec", + "api-version": "2023-07-01" + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sample-group/providers/Microsoft.KeyVault/vaults/sample-vault/privateEndpointConnections/sample-pec", + "name": "sample-pec", + "type": "Microsoft.KeyVault/vaults/privateEndpointConnections", + "properties": { + "provisioningState": "Disconnected" + } + } + }, + "202": { + "headers": { + "Retry-After": "60", + "Location": "https://some.endpoint.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sample-group/providers/Microsoft.KeyVault/vaults/sample-vault/privateEndpointConnections/sample-pec?operationid=25334578" + } + }, + "204": {} + } +} diff --git a/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/deleteVault.json b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/deleteVault.json new file mode 100644 index 000000000000..33ef406e7439 --- /dev/null +++ b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/deleteVault.json @@ -0,0 +1,16 @@ +{ + "parameters": { + "resourceGroupName": "sample-resource-group", + "vaultName": "sample-vault", + "subscriptionId": "00000000-0000-0000-0000-000000000000", + "api-version": "2023-07-01" + }, + "responses": { + "200": { + "headers": {} + }, + "204": { + "headers": {} + } + } +} diff --git a/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/getDeletedVault.json b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/getDeletedVault.json new file mode 100644 index 000000000000..00e3a2b4b717 --- /dev/null +++ b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/getDeletedVault.json @@ -0,0 +1,26 @@ +{ + "parameters": { + "vaultName": "sample-vault", + "location": "westus", + "subscriptionId": "00000000-0000-0000-0000-000000000000", + "api-version": "2023-07-01" + }, + "responses": { + "200": { + "headers": {}, + "body": { + "id": "/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.KeyVault/locations/westus/deletedVaults/sample-vault", + "name": "sample-vault", + "type": "Microsoft.KeyVault/deletedVaults", + "properties": { + "vaultId": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sample-group/providers/Microsoft.KeyVault/vaults/sample-vault", + "location": "westus", + "tags": {}, + "deletionDate": "2017-01-01T00:00:59Z", + "scheduledPurgeDate": "2017-04-01T00:00:59Z", + "purgeProtectionEnabled": true + } + } + } + } +} diff --git a/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/getKey.json b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/getKey.json new file mode 100644 index 000000000000..80599013fb88 --- /dev/null +++ b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/getKey.json @@ -0,0 +1,48 @@ +{ + "parameters": { + "subscriptionId": "00000000-0000-0000-0000-000000000000", + "resourceGroupName": "sample-group", + "vaultName": "sample-vault-name", + "keyName": "sample-key-name", + "api-version": "2023-07-01" + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sample-group/providers/Microsoft.KeyVault/vaults/sample-vault-name/keys/sample-key-name", + "name": "sample-key-name", + "type": "Microsoft.KeyVault/vaults/keys", + "location": "westus", + "properties": { + "attributes": { + "enabled": true, + "created": 1598533051, + "updated": 1598533051, + "recoveryLevel": "Purgeable" + }, + "kty": "RSA", + "keyOps": [ + "encrypt", + "decrypt", + "sign", + "verify", + "wrapKey", + "unwrapKey" + ], + "keySize": 2048, + "keyUri": "https://sample-vault-name.vault.azure.net:443/keys/sample-key-name", + "keyUriWithVersion": "https://sample-vault-name.vault.azure.net:443/keys/sample-key-name/fd618d9519b74f9aae94ade66b876acc" + } + } + }, + "default": { + "headers": {}, + "body": { + "error": { + "code": "", + "message": "" + } + } + } + } +} diff --git a/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/getKeyVersion.json b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/getKeyVersion.json new file mode 100644 index 000000000000..bb160116f359 --- /dev/null +++ b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/getKeyVersion.json @@ -0,0 +1,49 @@ +{ + "parameters": { + "subscriptionId": "00000000-0000-0000-0000-000000000000", + "resourceGroupName": "sample-group", + "vaultName": "sample-vault-name", + "keyName": "sample-key-name", + "keyVersion": "fd618d9519b74f9aae94ade66b876acc", + "api-version": "2023-07-01" + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sample-group/providers/Microsoft.KeyVault/vaults/sample-vault-name/keys/sample-key-name/versions/fd618d9519b74f9aae94ade66b876acc", + "name": "fd618d9519b74f9aae94ade66b876acc", + "type": "Microsoft.KeyVault/vaults/keys/versions", + "location": "westus", + "properties": { + "attributes": { + "enabled": true, + "created": 1598533051, + "updated": 1598533051, + "recoveryLevel": "Purgeable" + }, + "kty": "RSA", + "keyOps": [ + "encrypt", + "decrypt", + "sign", + "verify", + "wrapKey", + "unwrapKey" + ], + "keySize": 2048, + "keyUri": "https://sample-vault-name.vault.azure.net:443/keys/sample-key-name", + "keyUriWithVersion": "https://sample-vault-name.vault.azure.net:443/keys/sample-key-name/fd618d9519b74f9aae94ade66b876acc" + } + } + }, + "default": { + "headers": {}, + "body": { + "error": { + "code": "", + "message": "" + } + } + } + } +} diff --git a/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/getPrivateEndpointConnection.json b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/getPrivateEndpointConnection.json new file mode 100644 index 000000000000..9fbdf0c0bf57 --- /dev/null +++ b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/getPrivateEndpointConnection.json @@ -0,0 +1,33 @@ +{ + "parameters": { + "subscriptionId": "00000000-0000-0000-0000-000000000000", + "resourceGroupName": "sample-group", + "vaultName": "sample-vault", + "privateEndpointConnectionName": "sample-pec", + "api-version": "2023-07-01" + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sample-group/providers/Microsoft.KeyVault/vaults/sample-vault/privateEndpointConnections/sample-pec", + "name": "sample-pec", + "type": "Microsoft.KeyVault/vaults/privateEndpointConnections", + "etag": "", + "properties": { + "provisioningState": "Succeeded", + "privateEndpoint": { + "id": "/subscriptions/00000000-0000-0000-1234-000000000000/resourceGroups/sample-group/providers/Microsoft.Network/privateEndpoints/sample-pe" + }, + "privateLinkServiceConnectionState": { + "status": "Approved", + "description": "This was automatically approved by user1234@contoso.com", + "actionsRequired": "None" + } + } + } + }, + "204": { + "headers": {} + } + } +} diff --git a/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/getSecret.json b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/getSecret.json new file mode 100644 index 000000000000..66d513f93fe0 --- /dev/null +++ b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/getSecret.json @@ -0,0 +1,28 @@ +{ + "parameters": { + "resourceGroupName": "sample-group", + "vaultName": "sample-vault", + "secretName": "secret-name", + "subscriptionId": "00000000-0000-0000-0000-000000000000", + "api-version": "2023-07-01" + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sample-group/providers/Microsoft.KeyVault/vaults/sample-vault/secrets/secret-name", + "name": "secret-name", + "type": "Microsoft.KeyVault/vaults/secrets", + "location": "westus", + "properties": { + "attributes": { + "enabled": true, + "created": 1514940950, + "updated": 1514940950 + }, + "secretUri": "https://sample-vault.vault.azure.net/secrets/secret-name", + "secretUriWithVersion": "https://sample-vault.vault.azure.net/secrets/secret-name/77445834f7de41bab81d0723bf996860" + } + } + } + } +} diff --git a/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/getVault.json b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/getVault.json new file mode 100644 index 000000000000..818d2491ddf2 --- /dev/null +++ b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/getVault.json @@ -0,0 +1,93 @@ +{ + "parameters": { + "resourceGroupName": "sample-resource-group", + "vaultName": "sample-vault", + "subscriptionId": "00000000-0000-0000-0000-000000000000", + "api-version": "2023-07-01" + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sample-resource-group/providers/Microsoft.KeyVault/vaults/sample-vault", + "name": "sample-vault", + "type": "Microsoft.KeyVault/vaults", + "location": "westus", + "tags": {}, + "systemData": { + "createdBy": "keyVaultUser1", + "createdByType": "User", + "createdAt": "2020-01-01T12:00:00.0000000Z", + "lastModifiedBy": "keyVaultUser2", + "lastModifiedByType": "User", + "lastModifiedAt": "2020-01-01T12:00:00.0000000Z" + }, + "properties": { + "sku": { + "family": "A", + "name": "standard" + }, + "tenantId": "00000000-0000-0000-0000-000000000000", + "accessPolicies": [ + { + "tenantId": "00000000-0000-0000-0000-000000000000", + "objectId": "00000000-0000-0000-0000-000000000000", + "permissions": { + "keys": [ + "encrypt", + "decrypt", + "wrapKey", + "unwrapKey", + "sign", + "verify", + "get", + "list", + "create", + "update", + "import", + "delete", + "backup", + "restore", + "recover", + "purge" + ], + "secrets": [ + "get", + "list", + "set", + "delete", + "backup", + "restore", + "recover", + "purge" + ], + "certificates": [ + "get", + "list", + "delete", + "create", + "import", + "update", + "managecontacts", + "getissuers", + "listissuers", + "setissuers", + "deleteissuers", + "manageissuers", + "recover", + "purge" + ] + } + } + ], + "enabledForDeployment": true, + "enabledForDiskEncryption": true, + "enabledForTemplateDeployment": true, + "hsmPoolResourceId": "00000000-0000-0000-0000-000000000000", + "vaultUri": "https://sample-vault.vault.azure.net", + "provisioningState": "Succeeded", + "publicNetworkAccess": "Enabled" + } + } + } + } +} diff --git a/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/listDeletedVaults.json b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/listDeletedVaults.json new file mode 100644 index 000000000000..95be55be7543 --- /dev/null +++ b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/listDeletedVaults.json @@ -0,0 +1,29 @@ +{ + "parameters": { + "$top": 1, + "subscriptionId": "00000000-0000-0000-0000-000000000000", + "api-version": "2023-07-01" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "id": "/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.KeyVault/locations/westus/deletedVaults/sample-vault", + "name": "vault-agile-drawer-6404", + "type": "Microsoft.KeyVault/deletedVaults", + "properties": { + "vaultId": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sample-group/providers/Microsoft.KeyVault/vaults/sample-vault", + "location": "westus", + "tags": {}, + "deletionDate": "2017-01-01T00:00:59Z", + "scheduledPurgeDate": "2017-04-01T00:00:59Z", + "purgeProtectionEnabled": true + } + } + ], + "nextLink": "https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.KeyVault/deletedVaults?api-version=2023-07-01&%24skiptoken=HY3RaoMwAEX%2fRcbeYhJrnRXKYNWOuqpME0sfNcYui0Yxade19N8ne7hcDlzOvVuKX81eKKmt4G4dooLQwgqsL2NGHUDYV6o68Z4rY1e388RtNvRQn2vNJjEaMSgNvcbneMUcsKg8BFwft8DndQ0w9hu2QOiFLRs4TsNFNHzSMBFsGvTQGvuD%2f5bVuTOw4R03vPkH%2fVqNAlzm5SxfOwh7ACOA8POTlvPjILlaU1ke8jImOc23JCppQVfZnna0DXc4ISc3vSVuRo5zJE6%2bj25C3vwk2v2kEV2mMn7PyOc1DbtNGkonnzuLym1G400uI5QRZj0efw%3d%3d" + } + } + } +} diff --git a/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/listKeyVersions.json b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/listKeyVersions.json new file mode 100644 index 000000000000..5afc081539ad --- /dev/null +++ b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/listKeyVersions.json @@ -0,0 +1,58 @@ +{ + "parameters": { + "subscriptionId": "00000000-0000-0000-0000-000000000000", + "resourceGroupName": "sample-group", + "vaultName": "sample-vault-name", + "keyName": "sample-key-name", + "api-version": "2023-07-01" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sample-group/providers/Microsoft.KeyVault/vaults/sample-vault-name/keys/sample-key-name/versions/c2296aa24acf4daf86942bff5aca73dd", + "name": "c2296aa24acf4daf86942bff5aca73dd", + "type": "Microsoft.KeyVault/vaults/keys/versions", + "location": "westus", + "properties": { + "attributes": { + "enabled": true, + "created": 1598641074, + "updated": 1598641074, + "recoveryLevel": "Purgeable" + }, + "keyUri": "https://sample-vault-name.vault.azure.net:443/keys/sample-key-name", + "keyUriWithVersion": "https://sample-vault-name.vault.azure.net:443/keys/sample-key-name/c2296aa24acf4daf86942bff5aca73dd" + } + }, + { + "id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sample-group/providers/Microsoft.KeyVault/vaults/sample-vault-name/keys/sample-key-name/versions/d5a04667b6f44b0ca62825f5eae93da6", + "name": "d5a04667b6f44b0ca62825f5eae93da6", + "type": "Microsoft.KeyVault/vaults/keys/versions", + "location": "westus", + "properties": { + "attributes": { + "enabled": true, + "created": 1598641295, + "updated": 1598641295, + "recoveryLevel": "Purgeable" + }, + "keyUri": "https://sample-vault-name.vault.azure.net:443/keys/sample-key-name", + "keyUriWithVersion": "https://sample-vault-name.vault.azure.net:443/keys/sample-key-name/d5a04667b6f44b0ca62825f5eae93da6" + } + } + ] + } + }, + "default": { + "headers": {}, + "body": { + "error": { + "code": "", + "message": "" + } + } + } + } +} diff --git a/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/listKeys.json b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/listKeys.json new file mode 100644 index 000000000000..f644561fd050 --- /dev/null +++ b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/listKeys.json @@ -0,0 +1,55 @@ +{ + "parameters": { + "subscriptionId": "00000000-0000-0000-0000-000000000000", + "resourceGroupName": "sample-group", + "vaultName": "sample-vault-name", + "api-version": "2023-07-01" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sample-group/providers/Microsoft.KeyVault/vaults/sample-vault-name/keys/sample-key-name-1", + "name": "sample-key-name-1", + "type": "Microsoft.KeyVault/vaults/keys", + "location": "westus", + "properties": { + "attributes": { + "enabled": true, + "created": 1596493796, + "updated": 1596493796, + "recoveryLevel": "Purgeable" + }, + "keyUri": "https://sample-vault-name.vault.azure.net:443/keys/sample-key-name-1" + } + }, + { + "id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sample-group/providers/Microsoft.KeyVault/vaults/sample-vault-name/keys/sample-key-name-2", + "name": "sample-key-name-2", + "type": "Microsoft.KeyVault/vaults/keys", + "location": "westus", + "properties": { + "attributes": { + "enabled": true, + "created": 1596493797, + "updated": 1596493797, + "recoveryLevel": "Purgeable" + }, + "keyUri": "https://sample-vault-name.vault.azure.net:443/keys/sample-key-name-2" + } + } + ] + } + }, + "default": { + "headers": {}, + "body": { + "error": { + "code": "", + "message": "" + } + } + } + } +} diff --git a/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/listOperations.json b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/listOperations.json new file mode 100644 index 000000000000..85d766d71ccf --- /dev/null +++ b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/listOperations.json @@ -0,0 +1,332 @@ +{ + "parameters": { + "api-version": "2023-07-01" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "name": "Microsoft.KeyVault/vaults/read", + "display": { + "provider": "Microsoft Key Vault", + "resource": "Key Vault", + "operation": "View Key Vault", + "description": "View the properties of a key vault" + }, + "isDataAction": false + }, + { + "name": "Microsoft.KeyVault/vaults/write", + "display": { + "provider": "Microsoft Key Vault", + "resource": "Key Vault", + "operation": "Update Key Vault", + "description": "Create a new key vault or update the properties of an existing key vault" + }, + "isDataAction": false + }, + { + "name": "Microsoft.KeyVault/vaults/delete", + "display": { + "provider": "Microsoft Key Vault", + "resource": "Key Vault", + "operation": "Delete Key Vault", + "description": "Delete a key vault" + }, + "isDataAction": false + }, + { + "name": "Microsoft.KeyVault/vaults/deploy/action", + "display": { + "provider": "Microsoft Key Vault", + "resource": "Key Vault", + "operation": "Use Vault for Azure Deployments", + "description": "Enables access to secrets in a key vault when deploying Azure resources" + }, + "isDataAction": false + }, + { + "name": "Microsoft.KeyVault/vaults/secrets/read", + "display": { + "provider": "Microsoft Key Vault", + "resource": "Secret", + "operation": "View Secret Properties", + "description": "View the properties of a secret, but not its value" + }, + "isDataAction": false + }, + { + "name": "Microsoft.KeyVault/vaults/secrets/write", + "display": { + "provider": "Microsoft Key Vault", + "resource": "Secret", + "operation": "Update Secret", + "description": "Create a new secret or update the value of an existing secret" + }, + "isDataAction": false + }, + { + "name": "Microsoft.KeyVault/vaults/accessPolicies/write", + "display": { + "provider": "Microsoft Key Vault", + "resource": "Access Policy", + "operation": "Update Access Policy", + "description": "Update an existing access policy by merging or replacing, or add a new access policy to a vault." + }, + "isDataAction": false + }, + { + "origin": "system", + "name": "Microsoft.KeyVault/vaults/providers/Microsoft.Insights/logDefinitions/read", + "display": { + "provider": "Microsoft Key Vault", + "resource": "Key Vault Log Definition", + "operation": "Read log definition", + "description": "Gets the available logs for a key vault" + }, + "isDataAction": false, + "properties": { + "serviceSpecification": { + "logSpecifications": [ + { + "name": "AuditEvent", + "displayName": "Audit Logs", + "blobDuration": "PT1H" + } + ], + "metricSpecifications": [ + { + "name": "ServiceApiHit", + "displayName": "", + "displayDescription": "", + "unit": "", + "aggregationType": "", + "supportedAggregationTypes": [ + "" + ], + "supportedTimeGrainTypes": [ + "" + ], + "lockAggregationType": "", + "dimensions": [ + { + "name": "ActivityType", + "displayName": "", + "toBeExportedForShoebox": true + }, + { + "name": "ActivityName", + "displayName": "", + "toBeExportedForShoebox": true + } + ], + "fillGapWithZero": false, + "internalMetricName": "AuditEvent" + } + ] + } + } + }, + { + "origin": "system", + "name": "Microsoft.KeyVault/vaults/providers/Microsoft.Insights/diagnosticSettings/Read", + "display": { + "provider": "Microsoft Key Vault", + "resource": "Key Vault Diagnostic Settings", + "operation": "Read diagnostic setting", + "description": "Gets the diagnostic setting for the resource" + }, + "isDataAction": false + }, + { + "origin": "system", + "name": "Microsoft.KeyVault/vaults/providers/Microsoft.Insights/diagnosticSettings/Write", + "display": { + "provider": "Microsoft Key Vault", + "resource": "Key Vault Diagnostic Settings", + "operation": "Write diagnostic setting", + "description": "Creates or updates the diagnostic setting for the resource" + }, + "isDataAction": false + }, + { + "name": "Microsoft.KeyVault/register/action", + "display": { + "provider": "Microsoft Key Vault", + "resource": "Subscription", + "operation": "Register Subscription", + "description": "Registers a subscription" + }, + "isDataAction": false + }, + { + "name": "Microsoft.KeyVault/unregister/action", + "display": { + "provider": "Microsoft Key Vault", + "resource": "Subscription", + "operation": "Unregister Subscription", + "description": "Unregisters a subscription" + }, + "isDataAction": false + }, + { + "name": "Microsoft.KeyVault/operations/read", + "display": { + "provider": "Microsoft Key Vault", + "resource": "Operations", + "operation": "Available Key Vault Operations", + "description": "Lists operations available on Microsoft.KeyVault resource provider" + }, + "isDataAction": false + }, + { + "name": "Microsoft.KeyVault/checkNameAvailability/read", + "display": { + "provider": "Microsoft Key Vault", + "resource": "Name Availability", + "operation": "Check Name Availability", + "description": "Checks that a key vault name is valid and is not in use" + }, + "isDataAction": false + }, + { + "name": "Microsoft.KeyVault/deletedVaults/read", + "display": { + "provider": "Microsoft Key Vault", + "resource": "Soft Deleted Key Vault", + "operation": "View Soft Deleted Vaults", + "description": "View the properties of soft deleted key vaults" + }, + "isDataAction": false + }, + { + "name": "Microsoft.KeyVault/locations/deletedVaults/read", + "display": { + "provider": "Microsoft Key Vault", + "resource": "Soft Deleted Key Vault", + "operation": "View Soft Deleted Key Vault", + "description": "View the properties of a soft deleted key vault" + }, + "isDataAction": false + }, + { + "name": "Microsoft.KeyVault/locations/deletedVaults/purge/action", + "display": { + "provider": "Microsoft Key Vault", + "resource": "Soft Deleted Key Vault", + "operation": "Purge Soft Deleted Key Vault", + "description": "Purge a soft deleted key vault" + }, + "isDataAction": false + }, + { + "name": "Microsoft.KeyVault/locations/operationResults/read", + "display": { + "provider": "Microsoft Key Vault", + "resource": "Long Run Operation Result", + "operation": "Check Operation Result", + "description": "Check the result of a long run operation" + }, + "isDataAction": false + }, + { + "name": "Microsoft.KeyVault/hsmPools/read", + "display": { + "provider": "Microsoft Key Vault", + "resource": "HSM pool", + "operation": "View HSM pool", + "description": "View the properties of an HSM pool" + }, + "isDataAction": false + }, + { + "name": "Microsoft.KeyVault/hsmPools/write", + "display": { + "provider": "Microsoft Key Vault", + "resource": "HSM pool", + "operation": "Create or Update HSM pool", + "description": "Create a new HSM pool of update the properties of an existing HSM pool" + }, + "isDataAction": false + }, + { + "name": "Microsoft.KeyVault/hsmPools/delete", + "display": { + "provider": "Microsoft Key Vault", + "resource": "HSM pool", + "operation": "Delete HSM pool", + "description": "Delete an HSM pool" + }, + "isDataAction": false + }, + { + "name": "Microsoft.KeyVault/hsmPools/joinVault/action", + "display": { + "provider": "Microsoft Key Vault", + "resource": "HSM pool", + "operation": "Join KeyVault to HSM pool", + "description": "Join a key vault to an HSM pool" + }, + "isDataAction": false + }, + { + "name": "Microsoft.KeyVault/managedHSMs/read", + "display": { + "provider": "Microsoft Key Vault", + "resource": "Managed HSM", + "operation": "View Managed HSM", + "description": "View the properties of a Managed HSM" + }, + "isDataAction": false + }, + { + "name": "Microsoft.KeyVault/managedHSMs/write", + "display": { + "provider": "Microsoft Key Vault", + "resource": "Managed HSM", + "operation": "Create or Update Managed HSM", + "description": "Create a new Managed HSM of update the properties of an existing Managed HSM" + }, + "isDataAction": false + }, + { + "name": "Microsoft.KeyVault/managedHSMs/delete", + "display": { + "provider": "Microsoft Key Vault", + "resource": "Managed HSM", + "operation": "Delete Managed HSM", + "description": "Delete a Managed HSM" + }, + "isDataAction": false + }, + { + "origin": "system", + "name": "Microsoft.KeyVault/vaults/providers/Microsoft.Insights/metricDefinitions/read", + "display": { + "provider": "Microsoft Key Vault", + "resource": "Key Vault Metric Definition", + "operation": "Read metric definition", + "description": "Gets the available metrics for a key vault" + }, + "isDataAction": false, + "properties": { + "serviceSpecification": {} + } + }, + { + "origin": "system", + "name": "Microsoft.KeyVault/locations/deleteVirtualNetworkOrSubnets/action", + "display": { + "provider": "Microsoft Key Vault", + "resource": "Location", + "operation": "Modify Network ACLs containing the deleted Vitual Network or Subnet ", + "description": "Notifies Microsoft.KeyVault that a virtual network or subnet is being deleted" + }, + "isDataAction": false + } + ] + } + } + } +} diff --git a/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/listPrivateEndpointConnection.json b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/listPrivateEndpointConnection.json new file mode 100644 index 000000000000..5af50734cff8 --- /dev/null +++ b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/listPrivateEndpointConnection.json @@ -0,0 +1,51 @@ +{ + "parameters": { + "subscriptionId": "00000000-0000-0000-0000-000000000000", + "resourceGroupName": "sample-group", + "vaultName": "sample-vault", + "api-version": "2023-07-01" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sample-group/providers/Microsoft.KeyVault/vaults/sample-vault/privateEndpointConnections/sample-pec", + "name": "sample-pec", + "type": "Microsoft.KeyVault/vaults/privateEndpointConnections", + "etag": "", + "properties": { + "provisioningState": "Succeeded", + "privateEndpoint": { + "id": "/subscriptions/00000000-0000-0000-1234-000000000000/resourceGroups/sample-group/providers/Microsoft.Network/privateEndpoints/sample-pe" + }, + "privateLinkServiceConnectionState": { + "status": "Approved", + "description": "This was automatically approved by user1234@contoso.com", + "actionsRequired": "None" + } + } + }, + { + "id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sample-group/providers/Microsoft.KeyVault/vaults/sample-vault/privateEndpointConnections/sample-pec", + "name": "sample-pec", + "type": "Microsoft.KeyVault/vaults/privateEndpointConnections", + "etag": "", + "properties": { + "provisioningState": "Succeeded", + "privateEndpoint": { + "id": "/subscriptions/00000000-0000-0000-1234-000000000000/resourceGroups/sample-group/providers/Microsoft.Network/privateEndpoints/sample-pe" + }, + "privateLinkServiceConnectionState": { + "status": "Approved", + "description": "This was automatically approved by user1234@contoso.com", + "actionsRequired": "None" + } + } + } + ], + "nextLink": null + } + } + } +} diff --git a/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/listPrivateLinkResources.json b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/listPrivateLinkResources.json new file mode 100644 index 000000000000..430767a970d5 --- /dev/null +++ b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/listPrivateLinkResources.json @@ -0,0 +1,30 @@ +{ + "parameters": { + "subscriptionId": "00000000-0000-0000-0000-000000000000", + "resourceGroupName": "sample-group", + "vaultName": "sample-vault", + "api-version": "2023-07-01" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sample-resource-group/providers/Microsoft.KeyVault/vaults/sample-vault/privateLinkResources/vault", + "name": "vault", + "type": "Microsoft.KeyVault/vaults/privateLinkResources", + "properties": { + "groupId": "vault", + "requiredMembers": [ + "default" + ], + "requiredZoneNames": [ + "privatelink.vaultcore.azure.net" + ] + } + } + ] + } + } + } +} diff --git a/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/listSecrets.json b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/listSecrets.json new file mode 100644 index 000000000000..a7f83eaf6caa --- /dev/null +++ b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/listSecrets.json @@ -0,0 +1,46 @@ +{ + "parameters": { + "resourceGroupName": "sample-group", + "vaultName": "sample-vault", + "subscriptionId": "00000000-0000-0000-0000-000000000000", + "api-version": "2023-07-01" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sample-group/providers/Microsoft.KeyVault/vaults/sample-vault/secrets/secret-name", + "name": "secret-name", + "type": "Microsoft.KeyVault/vaults/secrets", + "location": "westus", + "properties": { + "attributes": { + "enabled": true, + "created": 1514941476, + "updated": 1514941476 + }, + "secretUri": "https://sample-vault.vault.azure.net/secrets/secret-name", + "secretUriWithVersion": "https://sample-vault.vault.azure.net/secrets/secret-name/40af42fbc10047f8a756a73211492f56" + } + }, + { + "id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sample-group/providers/Microsoft.KeyVault/vaults/sample-vault/secrets/secret-name2", + "name": "secret-name2", + "type": "Microsoft.KeyVault/vaults/secrets", + "location": "westus", + "properties": { + "attributes": { + "enabled": true, + "created": 1514941476, + "updated": 1514941476 + }, + "secretUri": "https://sample-vault.vault.azure.net/secrets/secret-name2", + "secretUriWithVersion": "https://sample-vault.vault.azure.net/secrets/secret-name2/cd7264a6f56c44d1b594423c80609aae" + } + } + ] + } + } + } +} diff --git a/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/listVault.json b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/listVault.json new file mode 100644 index 000000000000..3397baaa9f83 --- /dev/null +++ b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/listVault.json @@ -0,0 +1,24 @@ +{ + "parameters": { + "$filter": "resourceType eq 'Microsoft.KeyVault/vaults'", + "$top": 1, + "subscriptionId": "00000000-0000-0000-0000-000000000000", + "api-version": "2015-11-01" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sample-group/providers/Microsoft.KeyVault/vaults/sample-vault", + "name": "sample-vault", + "type": "Microsoft.KeyVault/vaults", + "location": "westus", + "tags": {} + } + ], + "nextLink": "https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resources?%24filter=resourceType+eq+%27Microsoft.KeyVault%2fvaults%27&%24top=4&api-version=2015-11-01&%24skiptoken=eyJuZXh0UGFydGl0aW9uS2V5IjoiMSE4IVEwTTJNVGMtIiwibmV4dFJvd0tleSI6IjEhMTMyIU5rUTRSVEU1UXpJelFUWXdORGd4UmpoRlFrSXhNVGhFUXpNd01EZEROVVJmVkVkT1RDMU5TVU5TVDFOUFJsUTZNa1ZMUlZsV1FWVk1WRG95UmxaQlZVeFVVeTFUVTFKSExVcEpUVG95UkZSRlUxUTZNa1JXUVZWTVZDMVhSVk5VVlZNLSJ9" + } + } + } +} diff --git a/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/listVaultByResourceGroup.json b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/listVaultByResourceGroup.json new file mode 100644 index 000000000000..1b1fabbe26b7 --- /dev/null +++ b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/listVaultByResourceGroup.json @@ -0,0 +1,98 @@ +{ + "parameters": { + "$top": 1, + "subscriptionId": "00000000-0000-0000-0000-000000000000", + "resourceGroupName": "sample-group", + "api-version": "2023-07-01" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sample-group/providers/Microsoft.KeyVault/vaults/sample-vault", + "name": "sample-vault", + "type": "Microsoft.KeyVault/vaults", + "location": "westus", + "tags": {}, + "systemData": { + "createdBy": "keyVaultUser1", + "createdByType": "User", + "createdAt": "2020-01-01T12:00:00.0000000Z", + "lastModifiedBy": "keyVaultUser2", + "lastModifiedByType": "User", + "lastModifiedAt": "2020-01-01T12:00:00.0000000Z" + }, + "properties": { + "sku": { + "family": "A", + "name": "premium" + }, + "tenantId": "00000000-0000-0000-0000-000000000000", + "accessPolicies": [ + { + "tenantId": "00000000-0000-0000-0000-000000000000", + "objectId": "00000000-0000-0000-0000-000000000000", + "permissions": { + "keys": [ + "encrypt", + "decrypt", + "wrapKey", + "unwrapKey", + "sign", + "verify", + "get", + "list", + "create", + "update", + "import", + "delete", + "backup", + "restore", + "recover", + "purge" + ], + "secrets": [ + "get", + "list", + "set", + "delete", + "backup", + "restore", + "recover", + "purge" + ], + "certificates": [ + "get", + "list", + "delete", + "create", + "import", + "update", + "managecontacts", + "getissuers", + "listissuers", + "setissuers", + "deleteissuers", + "manageissuers", + "recover", + "purge" + ] + } + } + ], + "enabledForDeployment": true, + "enabledForDiskEncryption": true, + "enabledForTemplateDeployment": true, + "enableSoftDelete": true, + "hsmPoolResourceId": "00000000-0000-0000-0000-000000000000", + "vaultUri": "https://sample-vault.vault.azure.net/", + "provisioningState": "Succeeded" + } + } + ], + "nextLink": "https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sample-group/providers/Microsoft.KeyVault/vaults?api-version=2023-07-01&$skiptoken=dmF1bHQtcGVza3ktanVyeS03MzA3Ng==" + } + } + } +} diff --git a/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/listVaultBySubscription.json b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/listVaultBySubscription.json new file mode 100644 index 000000000000..6687b852ab22 --- /dev/null +++ b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/listVaultBySubscription.json @@ -0,0 +1,97 @@ +{ + "parameters": { + "$top": 1, + "subscriptionId": "00000000-0000-0000-0000-000000000000", + "api-version": "2023-07-01" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sample-group/providers/Microsoft.KeyVault/vaults/sample-vault", + "name": "sample-vault", + "type": "Microsoft.KeyVault/vaults", + "location": "westus", + "tags": {}, + "systemData": { + "createdBy": "keyVaultUser1", + "createdByType": "User", + "createdAt": "2020-01-01T12:00:00.0000000Z", + "lastModifiedBy": "keyVaultUser2", + "lastModifiedByType": "User", + "lastModifiedAt": "2020-01-01T12:00:00.0000000Z" + }, + "properties": { + "sku": { + "family": "A", + "name": "premium" + }, + "tenantId": "00000000-0000-0000-0000-000000000000", + "accessPolicies": [ + { + "tenantId": "00000000-0000-0000-0000-000000000000", + "objectId": "00000000-0000-0000-0000-000000000000", + "permissions": { + "keys": [ + "encrypt", + "decrypt", + "wrapKey", + "unwrapKey", + "sign", + "verify", + "get", + "list", + "create", + "update", + "import", + "delete", + "backup", + "restore", + "recover", + "purge" + ], + "secrets": [ + "get", + "list", + "set", + "delete", + "backup", + "restore", + "recover", + "purge" + ], + "certificates": [ + "get", + "list", + "delete", + "create", + "import", + "update", + "managecontacts", + "getissuers", + "listissuers", + "setissuers", + "deleteissuers", + "manageissuers", + "recover", + "purge" + ] + } + } + ], + "enabledForDeployment": true, + "enabledForDiskEncryption": true, + "enabledForTemplateDeployment": true, + "enableSoftDelete": true, + "hsmPoolResourceId": "00000000-0000-0000-0000-000000000000", + "vaultUri": "https://sample-vault.vault.azure.net/", + "provisioningState": "Succeeded" + } + } + ], + "nextLink": "https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resources?api-version=22023-07-01&$skiptoken=dmF1bHQtcGVza3ktanVyeS03MzA3Ng==" + } + } + } +} diff --git a/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/managedHsmCreateKey.json b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/managedHsmCreateKey.json new file mode 100644 index 000000000000..0c7f8e48866a --- /dev/null +++ b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/managedHsmCreateKey.json @@ -0,0 +1,52 @@ +{ + "parameters": { + "subscriptionId": "00000000-0000-0000-0000-000000000000", + "resourceGroupName": "sample-group", + "name": "sample-managedhsm-name", + "keyName": "sample-key-name", + "api-version": "2023-07-01", + "parameters": { + "properties": { + "kty": "RSA" + } + } + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sample-group/providers/Microsoft.KeyVault/managedHSMs/sample-managedhsm-name/keys/sample-key-name", + "name": "sample-key-name", + "type": "Microsoft.KeyVault/managedHSMs/keys", + "properties": { + "attributes": { + "enabled": true, + "created": 1598533051, + "updated": 1598533051, + "recoveryLevel": "Purgeable" + }, + "kty": "RSA", + "keyOps": [ + "encrypt", + "decrypt", + "sign", + "verify", + "wrapKey", + "unwrapKey" + ], + "keySize": 2048, + "keyUri": "https://sample-managedhsm-name.managedhsm.azure.net:443/keys/sample-key-name", + "keyUriWithVersion": "https://sample-managedhsm-name.managedhsm.azure.net:443/keys/sample-key-name/fd618d9519b74f9aae94ade66b876acc" + } + } + }, + "default": { + "headers": {}, + "body": { + "error": { + "code": "", + "message": "" + } + } + } + } +} diff --git a/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/managedHsmGetKey.json b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/managedHsmGetKey.json new file mode 100644 index 000000000000..94afda495921 --- /dev/null +++ b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/managedHsmGetKey.json @@ -0,0 +1,47 @@ +{ + "parameters": { + "subscriptionId": "00000000-0000-0000-0000-000000000000", + "resourceGroupName": "sample-group", + "name": "sample-managedhsm-name", + "keyName": "sample-key-name", + "api-version": "2023-07-01" + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sample-group/providers/Microsoft.KeyVault/managedHSMs/sample-managedhsm-name/keys/sample-key-name", + "name": "sample-key-name", + "type": "Microsoft.KeyVault/managedHSMs/keys", + "properties": { + "attributes": { + "enabled": true, + "created": 1598533051, + "updated": 1598533051, + "recoveryLevel": "Purgeable" + }, + "kty": "RSA", + "keyOps": [ + "encrypt", + "decrypt", + "sign", + "verify", + "wrapKey", + "unwrapKey" + ], + "keySize": 2048, + "keyUri": "https://sample-managedhsm-name.managedhsm.azure.net:443/keys/sample-key-name", + "keyUriWithVersion": "https://sample-managedhsm-name.managedhsm.azure.net:443/keys/sample-key-name/fd618d9519b74f9aae94ade66b876acc" + } + } + }, + "default": { + "headers": {}, + "body": { + "error": { + "code": "", + "message": "" + } + } + } + } +} diff --git a/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/managedHsmGetKeyVersion.json b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/managedHsmGetKeyVersion.json new file mode 100644 index 000000000000..13601997b555 --- /dev/null +++ b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/managedHsmGetKeyVersion.json @@ -0,0 +1,48 @@ +{ + "parameters": { + "subscriptionId": "00000000-0000-0000-0000-000000000000", + "resourceGroupName": "sample-group", + "name": "sample-managedhsm-name", + "keyName": "sample-key-name", + "keyVersion": "fd618d9519b74f9aae94ade66b876acc", + "api-version": "2023-07-01" + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sample-group/providers/Microsoft.KeyVault/managedHSMs/sample-managedhsm-name/keys/sample-key-name/versions/fd618d9519b74f9aae94ade66b876acc", + "name": "fd618d9519b74f9aae94ade66b876acc", + "type": "Microsoft.KeyVault/managedHSMs/keys/versions", + "properties": { + "attributes": { + "enabled": true, + "created": 1598533051, + "updated": 1598533051, + "recoveryLevel": "Purgeable" + }, + "kty": "RSA", + "keyOps": [ + "encrypt", + "decrypt", + "sign", + "verify", + "wrapKey", + "unwrapKey" + ], + "keySize": 2048, + "keyUri": "https://sample-managedhsm-name.managedhsm.azure.net:443/keys/sample-key-name", + "keyUriWithVersion": "https://sample-managedhsm-name.managedhsm.azure.net:443/keys/sample-key-name/fd618d9519b74f9aae94ade66b876acc" + } + } + }, + "default": { + "headers": {}, + "body": { + "error": { + "code": "", + "message": "" + } + } + } + } +} diff --git a/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/managedHsmListKeyVersions.json b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/managedHsmListKeyVersions.json new file mode 100644 index 000000000000..ae6a3c566b26 --- /dev/null +++ b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/managedHsmListKeyVersions.json @@ -0,0 +1,56 @@ +{ + "parameters": { + "subscriptionId": "00000000-0000-0000-0000-000000000000", + "resourceGroupName": "sample-group", + "name": "sample-managedhsm-name", + "keyName": "sample-key-name", + "api-version": "2023-07-01" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sample-group/providers/Microsoft.KeyVault/managedHSMs/sample-managedhsm-name/keys/sample-key-name/versions/c2296aa24acf4daf86942bff5aca73dd", + "name": "c2296aa24acf4daf86942bff5aca73dd", + "type": "Microsoft.KeyVault/managedHSMs/keys/versions", + "properties": { + "attributes": { + "enabled": true, + "created": 1598641074, + "updated": 1598641074, + "recoveryLevel": "Purgeable" + }, + "keyUri": "https://sample-managedhsm-name.managedhsm.azure.net:443/keys/sample-key-name", + "keyUriWithVersion": "https://sample-managedhsm-name.managedhsm.azure.net:443/keys/sample-key-name/c2296aa24acf4daf86942bff5aca73dd" + } + }, + { + "id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sample-group/providers/Microsoft.KeyVault/managedHSMs/sample-managedhsm-name/keys/sample-key-name/versions/d5a04667b6f44b0ca62825f5eae93da6", + "name": "d5a04667b6f44b0ca62825f5eae93da6", + "type": "Microsoft.KeyVault/managedHSMs/keys/versions", + "properties": { + "attributes": { + "enabled": true, + "created": 1598641295, + "updated": 1598641295, + "recoveryLevel": "Purgeable" + }, + "keyUri": "https://sample-managedhsm-name.managedhsm.azure.net:443/keys/sample-key-name", + "keyUriWithVersion": "https://sample-managedhsm-name.managedhsm.azure.net:443/keys/sample-key-name/d5a04667b6f44b0ca62825f5eae93da6" + } + } + ] + } + }, + "default": { + "headers": {}, + "body": { + "error": { + "code": "", + "message": "" + } + } + } + } +} diff --git a/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/managedHsmListKeys.json b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/managedHsmListKeys.json new file mode 100644 index 000000000000..accce18c6f3c --- /dev/null +++ b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/managedHsmListKeys.json @@ -0,0 +1,53 @@ +{ + "parameters": { + "subscriptionId": "00000000-0000-0000-0000-000000000000", + "resourceGroupName": "sample-group", + "name": "sample-managedhsm-name", + "api-version": "2023-07-01" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sample-group/providers/Microsoft.KeyVault/managedHSMs/sample-managedhsm-name/keys/sample-key-name-1", + "name": "sample-key-name-1", + "type": "Microsoft.KeyVault/managedHSMs/keys", + "properties": { + "attributes": { + "enabled": true, + "created": 1596493796, + "updated": 1596493796, + "recoveryLevel": "Purgeable" + }, + "keyUri": "https://sample-managedhsm-name.managedhsm.azure.net:443/keys/sample-key-name-1" + } + }, + { + "id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sample-group/providers/Microsoft.KeyVault/managedHSMs/sample-managedhsm-name/keys/sample-key-name-2", + "name": "sample-key-name-2", + "type": "Microsoft.KeyVault/managedHSMs/keys", + "properties": { + "attributes": { + "enabled": true, + "created": 1596493797, + "updated": 1596493797, + "recoveryLevel": "Purgeable" + }, + "keyUri": "https://sample-managedhsm-name.managedhsm.azure.net:443/keys/sample-key-name-2" + } + } + ] + } + }, + "default": { + "headers": {}, + "body": { + "error": { + "code": "", + "message": "" + } + } + } + } +} diff --git a/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/purgeDeletedVault.json b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/purgeDeletedVault.json new file mode 100644 index 000000000000..132dff55d6ae --- /dev/null +++ b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/purgeDeletedVault.json @@ -0,0 +1,18 @@ +{ + "parameters": { + "vaultName": "sample-vault", + "location": "westus", + "subscriptionId": "00000000-0000-0000-0000-000000000000", + "api-version": "2023-07-01" + }, + "responses": { + "200": { + "headers": {} + }, + "202": { + "headers": { + "Location": "https://some.endpoint.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/kv-group/providers/Microsoft.KeyVault/vaults/vault1?api-version=2023-07-01" + } + } + } +} diff --git a/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/putPrivateEndpointConnection.json b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/putPrivateEndpointConnection.json new file mode 100644 index 000000000000..86aee8786052 --- /dev/null +++ b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/putPrivateEndpointConnection.json @@ -0,0 +1,39 @@ +{ + "parameters": { + "subscriptionId": "00000000-0000-0000-0000-000000000000", + "resourceGroupName": "sample-group", + "vaultName": "sample-vault", + "privateEndpointConnectionName": "sample-pec", + "api-version": "2023-07-01", + "properties": { + "etag": "", + "properties": { + "privateLinkServiceConnectionState": { + "status": "Approved", + "description": "My name is Joe and I'm approving this." + } + } + } + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sample-group/providers/Microsoft.KeyVault/vaults/sample-vault/privateEndpointConnections/sample-pec", + "name": "sample-pec", + "type": "Microsoft.KeyVault/vaults/privateEndpointConnections", + "etag": "", + "properties": { + "provisioningState": "Succeeded", + "privateEndpoint": { + "id": "/subscriptions/00000000-0000-0000-1234-000000000000/resourceGroups/sample-group/providers/Microsoft.Network/privateEndpoints/sample-pe" + }, + "privateLinkServiceConnectionState": { + "status": "Approved", + "description": "My name is Joe and I'm approving this.", + "actionsRequired": "None" + } + } + } + } + } +} diff --git a/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/updateAccessPoliciesAdd.json b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/updateAccessPoliciesAdd.json new file mode 100644 index 000000000000..6345928e6b1f --- /dev/null +++ b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/updateAccessPoliciesAdd.json @@ -0,0 +1,82 @@ +{ + "parameters": { + "resourceGroupName": "sample-group", + "vaultName": "sample-vault", + "operationKind": "add", + "subscriptionId": "00000000-0000-0000-0000-000000000000", + "api-version": "2023-07-01", + "parameters": { + "properties": { + "accessPolicies": [ + { + "tenantId": "00000000-0000-0000-0000-000000000000", + "objectId": "00000000-0000-0000-0000-000000000000", + "permissions": { + "keys": [ + "encrypt" + ], + "secrets": [ + "get" + ], + "certificates": [ + "get" + ] + } + } + ] + } + } + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sample-group/providers/Microsoft.KeyVault/vaults/sample-vault/accessPolicies/", + "type": "Microsoft.KeyVault/vaults/accessPolicies", + "properties": { + "accessPolicies": [ + { + "tenantId": "00000000-0000-0000-0000-000000000000", + "objectId": "00000000-0000-0000-0000-000000000000", + "permissions": { + "keys": [ + "encrypt" + ], + "secrets": [ + "get" + ], + "certificates": [ + "get" + ] + } + } + ] + } + } + }, + "201": { + "body": { + "id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sample-group/providers/Microsoft.KeyVault/vaults/sample-vault/accessPolicies/", + "type": "Microsoft.KeyVault/vaults/accessPolicies", + "properties": { + "accessPolicies": [ + { + "tenantId": "00000000-0000-0000-0000-000000000000", + "objectId": "00000000-0000-0000-0000-000000000000", + "permissions": { + "keys": [ + "encrypt" + ], + "secrets": [ + "get" + ], + "certificates": [ + "get" + ] + } + } + ] + } + } + } + } +} diff --git a/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/updateSecret.json b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/updateSecret.json new file mode 100644 index 000000000000..4e0a795f11e9 --- /dev/null +++ b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/updateSecret.json @@ -0,0 +1,50 @@ +{ + "parameters": { + "resourceGroupName": "sample-group", + "vaultName": "sample-vault", + "secretName": "secret-name", + "subscriptionId": "00000000-0000-0000-0000-000000000000", + "api-version": "2023-07-01", + "parameters": { + "properties": { + "value": "secret-value2" + } + } + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sample-group/providers/Microsoft.KeyVault/vaults/sample-vault/secrets/secret-name", + "name": "secret-name", + "type": "Microsoft.KeyVault/vaults/secrets", + "location": "westus", + "properties": { + "attributes": { + "enabled": true, + "created": 1514940684, + "updated": 1514940698 + }, + "secretUri": "https://sample-vault.vault.azure.net/secrets/secret-name", + "secretUriWithVersion": "https://sample-vault.vault.azure.net/secrets/secret-name/b8c802f549764f2d97885d152f92ee9d" + } + } + }, + "201": { + "body": { + "id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sample-group/providers/Microsoft.KeyVault/vaults/sample-vault/secrets/secret-name", + "name": "secret-name", + "type": "Microsoft.KeyVault/vaults/secrets", + "location": "westus", + "properties": { + "attributes": { + "enabled": true, + "created": 1514940684, + "updated": 1514940698 + }, + "secretUri": "https://sample-vault.vault.azure.net/secrets/secret-name", + "secretUriWithVersion": "https://sample-vault.vault.azure.net/secrets/secret-name/b8c802f549764f2d97885d152f92ee9d" + } + } + } + } +} diff --git a/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/updateVault.json b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/updateVault.json new file mode 100644 index 000000000000..c1d84f9076d5 --- /dev/null +++ b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/examples/updateVault.json @@ -0,0 +1,271 @@ +{ + "parameters": { + "resourceGroupName": "sample-resource-group", + "vaultName": "sample-vault", + "subscriptionId": "00000000-0000-0000-0000-000000000000", + "api-version": "2023-07-01", + "parameters": { + "properties": { + "tenantId": "00000000-0000-0000-0000-000000000000", + "sku": { + "family": "A", + "name": "standard" + }, + "accessPolicies": [ + { + "tenantId": "00000000-0000-0000-0000-000000000000", + "objectId": "00000000-0000-0000-0000-000000000000", + "permissions": { + "keys": [ + "encrypt", + "decrypt", + "wrapKey", + "unwrapKey", + "sign", + "verify", + "get", + "list", + "create", + "update", + "import", + "delete", + "backup", + "restore", + "recover", + "purge" + ], + "secrets": [ + "get", + "list", + "set", + "delete", + "backup", + "restore", + "recover", + "purge" + ], + "certificates": [ + "get", + "list", + "delete", + "create", + "import", + "update", + "managecontacts", + "getissuers", + "listissuers", + "setissuers", + "deleteissuers", + "manageissuers", + "recover", + "purge" + ] + } + } + ], + "enabledForDeployment": true, + "enabledForDiskEncryption": true, + "enabledForTemplateDeployment": true, + "publicNetworkAccess": "Enabled" + } + } + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sample-resource-group/providers/Microsoft.KeyVault/vaults/sample-vault", + "name": "sample-vault", + "type": "Microsoft.KeyVault/vaults", + "location": "westus", + "tags": {}, + "systemData": { + "createdBy": "keyVaultUser1", + "createdByType": "User", + "createdAt": "2020-01-01T12:00:00.0000000Z", + "lastModifiedBy": "keyVaultUser2", + "lastModifiedByType": "User", + "lastModifiedAt": "2020-01-01T12:00:00.0000000Z" + }, + "properties": { + "sku": { + "family": "A", + "name": "standard" + }, + "tenantId": "00000000-0000-0000-0000-000000000000", + "networkAcls": { + "bypass": "AzureServices", + "defaultAction": "Deny", + "ipRules": [ + { + "value": "" + } + ], + "virtualNetworkRules": [ + { + "id": "", + "ignoreMissingVnetServiceEndpoint": false + } + ] + }, + "accessPolicies": [ + { + "tenantId": "00000000-0000-0000-0000-000000000000", + "objectId": "00000000-0000-0000-0000-000000000000", + "permissions": { + "keys": [ + "encrypt", + "decrypt", + "wrapKey", + "unwrapKey", + "sign", + "verify", + "get", + "list", + "create", + "update", + "import", + "delete", + "backup", + "restore", + "recover", + "purge" + ], + "secrets": [ + "get", + "list", + "set", + "delete", + "backup", + "restore", + "recover", + "purge" + ], + "certificates": [ + "get", + "list", + "delete", + "create", + "import", + "update", + "managecontacts", + "getissuers", + "listissuers", + "setissuers", + "deleteissuers", + "manageissuers", + "recover", + "purge" + ] + } + } + ], + "privateEndpointConnections": [ + { + "id": "", + "properties": { + "provisioningState": "Succeeded", + "privateEndpoint": { + "id": "" + }, + "privateLinkServiceConnectionState": { + "status": "Approved", + "actionsRequired": "None" + } + } + } + ], + "enabledForDeployment": true, + "enabledForDiskEncryption": true, + "enabledForTemplateDeployment": true, + "hsmPoolResourceId": "00000000-0000-0000-0000-000000000000", + "vaultUri": "https://sample-vault.vault.azure.net", + "provisioningState": "Succeeded", + "publicNetworkAccess": "Enabled" + } + } + }, + "201": { + "body": { + "id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sample-resource-group/providers/Microsoft.KeyVault/vaults/sample-vault", + "name": "sample-vault", + "type": "Microsoft.KeyVault/vaults", + "location": "westus", + "tags": {}, + "systemData": { + "createdBy": "keyVaultUser1", + "createdByType": "User", + "createdAt": "2020-01-01T12:00:00.0000000Z", + "lastModifiedBy": "keyVaultUser2", + "lastModifiedByType": "User", + "lastModifiedAt": "2020-01-01T12:00:00.0000000Z" + }, + "properties": { + "sku": { + "family": "A", + "name": "standard" + }, + "tenantId": "00000000-0000-0000-0000-000000000000", + "accessPolicies": [ + { + "tenantId": "00000000-0000-0000-0000-000000000000", + "objectId": "00000000-0000-0000-0000-000000000000", + "permissions": { + "keys": [ + "encrypt", + "decrypt", + "wrapKey", + "unwrapKey", + "sign", + "verify", + "get", + "list", + "create", + "update", + "import", + "delete", + "backup", + "restore", + "recover", + "purge" + ], + "secrets": [ + "get", + "list", + "set", + "delete", + "backup", + "restore", + "recover", + "purge" + ], + "certificates": [ + "get", + "list", + "delete", + "create", + "import", + "update", + "managecontacts", + "getissuers", + "listissuers", + "setissuers", + "deleteissuers", + "manageissuers", + "recover", + "purge" + ] + } + } + ], + "enabledForDeployment": true, + "enabledForDiskEncryption": true, + "enabledForTemplateDeployment": true, + "hsmPoolResourceId": "00000000-0000-0000-0000-000000000000", + "vaultUri": "https://sample-vault.vault.azure.net", + "provisioningState": "Succeeded", + "publicNetworkAccess": "Enabled" + } + } + } + } +} diff --git a/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/keys.json b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/keys.json new file mode 100644 index 000000000000..e3f1828ed0f8 --- /dev/null +++ b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/keys.json @@ -0,0 +1,672 @@ +{ + "swagger": "2.0", + "info": { + "version": "2023-07-01", + "title": "KeyVaultManagementClient", + "description": "The Azure management API provides a RESTful set of web services that interact with Azure Key Vault." + }, + "host": "management.azure.com", + "schemes": [ + "https" + ], + "paths": { + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.KeyVault/vaults/{vaultName}/keys/{keyName}": { + "put": { + "tags": [ + "Keys" + ], + "operationId": "Keys_CreateIfNotExist", + "description": "Creates the first version of a new key if it does not exist. If it already exists, then the existing key is returned without any write operations being performed. This API does not create subsequent versions, and does not update existing keys.", + "parameters": [ + { + "$ref": "#/parameters/SubscriptionIdParameter" + }, + { + "name": "resourceGroupName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the resource group which contains the specified key vault." + }, + { + "name": "vaultName", + "in": "path", + "required": true, + "type": "string", + "pattern": "^[a-zA-Z0-9-]{3,24}$", + "description": "The name of the key vault which contains the key to be created." + }, + { + "name": "keyName", + "in": "path", + "required": true, + "type": "string", + "pattern": "^[a-zA-Z0-9-]{1,127}$", + "description": "The name of the key to be created. The value you provide may be copied globally for the purpose of running the service. The value provided should not include personally identifiable or sensitive information." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "name": "parameters", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/KeyCreateParameters" + }, + "description": "The parameters used to create the specified key." + } + ], + "responses": { + "200": { + "description": "The created key.", + "schema": { + "$ref": "#/definitions/Key" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "common.json#/definitions/CloudError" + } + } + }, + "x-ms-examples": { + "Create a key": { + "$ref": "./examples/createKey.json" + } + }, + "produces": [ + "application/json" + ], + "consumes": [ + "application/json" + ] + }, + "get": { + "tags": [ + "Keys" + ], + "operationId": "Keys_Get", + "description": "Gets the current version of the specified key from the specified key vault.", + "parameters": [ + { + "$ref": "#/parameters/SubscriptionIdParameter" + }, + { + "name": "resourceGroupName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the resource group which contains the specified key vault." + }, + { + "name": "vaultName", + "in": "path", + "required": true, + "type": "string", + "pattern": "^[a-zA-Z0-9-]{3,24}$", + "description": "The name of the vault which contains the key to be retrieved." + }, + { + "name": "keyName", + "in": "path", + "required": true, + "type": "string", + "pattern": "^[a-zA-Z0-9-]{1,127}$", + "description": "The name of the key to be retrieved." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "The retrieved key.", + "schema": { + "$ref": "#/definitions/Key" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "common.json#/definitions/CloudError" + } + } + }, + "x-ms-examples": { + "Get a key": { + "$ref": "./examples/getKey.json" + } + }, + "produces": [ + "application/json" + ], + "consumes": [ + "application/json" + ] + } + }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.KeyVault/vaults/{vaultName}/keys": { + "get": { + "tags": [ + "Keys" + ], + "operationId": "Keys_List", + "description": "Lists the keys in the specified key vault.", + "parameters": [ + { + "$ref": "#/parameters/SubscriptionIdParameter" + }, + { + "name": "resourceGroupName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the resource group which contains the specified key vault." + }, + { + "name": "vaultName", + "in": "path", + "required": true, + "type": "string", + "pattern": "^[a-zA-Z0-9-]{3,24}$", + "description": "The name of the vault which contains the keys to be retrieved." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "The retrieved page of keys.", + "schema": { + "$ref": "#/definitions/KeyListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "common.json#/definitions/CloudError" + } + } + }, + "x-ms-examples": { + "List keys in the vault": { + "$ref": "./examples/listKeys.json" + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + }, + "produces": [ + "application/json" + ], + "consumes": [ + "application/json" + ] + } + }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.KeyVault/vaults/{vaultName}/keys/{keyName}/versions/{keyVersion}": { + "get": { + "tags": [ + "Keys" + ], + "operationId": "Keys_GetVersion", + "description": "Gets the specified version of the specified key in the specified key vault.", + "parameters": [ + { + "$ref": "#/parameters/SubscriptionIdParameter" + }, + { + "name": "resourceGroupName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the resource group which contains the specified key vault." + }, + { + "name": "vaultName", + "in": "path", + "required": true, + "type": "string", + "pattern": "^[a-zA-Z0-9-]{3,24}$", + "description": "The name of the vault which contains the key version to be retrieved." + }, + { + "name": "keyName", + "in": "path", + "required": true, + "type": "string", + "pattern": "^[a-zA-Z0-9-]{1,127}$", + "description": "The name of the key version to be retrieved." + }, + { + "name": "keyVersion", + "in": "path", + "required": true, + "type": "string", + "pattern": "^[a-fA-F0-9]{32}$", + "description": "The version of the key to be retrieved." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "The retrieved key version.", + "schema": { + "$ref": "#/definitions/Key" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "common.json#/definitions/CloudError" + } + } + }, + "x-ms-examples": { + "Get a key version": { + "$ref": "./examples/getKeyVersion.json" + } + }, + "produces": [ + "application/json" + ], + "consumes": [ + "application/json" + ] + } + }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.KeyVault/vaults/{vaultName}/keys/{keyName}/versions": { + "get": { + "tags": [ + "Keys" + ], + "operationId": "Keys_ListVersions", + "description": "Lists the versions of the specified key in the specified key vault.", + "parameters": [ + { + "$ref": "#/parameters/SubscriptionIdParameter" + }, + { + "name": "resourceGroupName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the resource group which contains the specified key vault." + }, + { + "name": "vaultName", + "in": "path", + "required": true, + "type": "string", + "pattern": "^[a-zA-Z0-9-]{3,24}$", + "description": "The name of the vault which contains the key versions to be retrieved." + }, + { + "name": "keyName", + "in": "path", + "required": true, + "type": "string", + "pattern": "^[a-zA-Z0-9-]{1,127}$", + "description": "The name of the key versions to be retrieved." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "The retrieved page of key versions.", + "schema": { + "$ref": "#/definitions/KeyListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "common.json#/definitions/CloudError" + } + } + }, + "x-ms-examples": { + "List key versions in the vault": { + "$ref": "./examples/listKeyVersions.json" + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + }, + "produces": [ + "application/json" + ], + "consumes": [ + "application/json" + ] + } + } + }, + "definitions": { + "KeyProperties": { + "properties": { + "attributes": { + "$ref": "#/definitions/KeyAttributes", + "description": "The attributes of the key." + }, + "kty": { + "type": "string", + "minLength": 1, + "description": "The type of the key. For valid values, see JsonWebKeyType.", + "enum": [ + "EC", + "EC-HSM", + "RSA", + "RSA-HSM" + ], + "x-ms-enum": { + "name": "JsonWebKeyType", + "modelAsString": true + } + }, + "keyOps": { + "type": "array", + "items": { + "type": "string", + "description": "The permitted JSON web key operations of the key. For more information, see JsonWebKeyOperation.", + "enum": [ + "encrypt", + "decrypt", + "sign", + "verify", + "wrapKey", + "unwrapKey", + "import", + "release" + ], + "x-ms-enum": { + "name": "JsonWebKeyOperation", + "modelAsString": true + } + } + }, + "keySize": { + "type": "integer", + "format": "int32", + "description": "The key size in bits. For example: 2048, 3072, or 4096 for RSA." + }, + "curveName": { + "type": "string", + "description": "The elliptic curve name. For valid values, see JsonWebKeyCurveName.", + "enum": [ + "P-256", + "P-384", + "P-521", + "P-256K" + ], + "x-ms-enum": { + "name": "JsonWebKeyCurveName", + "modelAsString": true + } + }, + "keyUri": { + "type": "string", + "description": "The URI to retrieve the current version of the key.", + "readOnly": true + }, + "keyUriWithVersion": { + "type": "string", + "description": "The URI to retrieve the specific version of the key.", + "readOnly": true + }, + "rotationPolicy": { + "$ref": "#/definitions/RotationPolicy", + "description": "Key rotation policy in response. It will be used for both output and input. Omitted if empty" + }, + "release_policy": { + "$ref": "#/definitions/KeyReleasePolicy", + "description": "Key release policy in response. It will be used for both output and input. Omitted if empty" + } + }, + "description": "The properties of the key.", + "type": "object" + }, + "KeyAttributes": { + "properties": { + "enabled": { + "type": "boolean", + "description": "Determines whether or not the object is enabled." + }, + "nbf": { + "x-ms-client-name": "NotBefore", + "type": "integer", + "format": "int64", + "description": "Not before date in seconds since 1970-01-01T00:00:00Z." + }, + "exp": { + "x-ms-client-name": "Expires", + "type": "integer", + "format": "int64", + "description": "Expiry date in seconds since 1970-01-01T00:00:00Z." + }, + "created": { + "type": "integer", + "format": "int64", + "readOnly": true, + "description": "Creation time in seconds since 1970-01-01T00:00:00Z." + }, + "updated": { + "type": "integer", + "format": "int64", + "readOnly": true, + "description": "Last updated time in seconds since 1970-01-01T00:00:00Z." + }, + "recoveryLevel": { + "type": "string", + "description": "The deletion recovery level currently in effect for the object. If it contains 'Purgeable', then the object can be permanently deleted by a privileged user; otherwise, only the system can purge the object at the end of the retention interval.", + "enum": [ + "Purgeable", + "Recoverable+Purgeable", + "Recoverable", + "Recoverable+ProtectedSubscription" + ], + "x-ms-enum": { + "name": "DeletionRecoveryLevel", + "modelAsString": true + }, + "readOnly": true, + "x-nullable": false + }, + "exportable": { + "type": "boolean", + "description": "Indicates if the private key can be exported.", + "default": false + } + }, + "description": "The object attributes managed by the Azure Key Vault service.", + "type": "object" + }, + "KeyCreateParameters": { + "properties": { + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The tags that will be assigned to the key." + }, + "properties": { + "$ref": "#/definitions/KeyProperties", + "description": "The properties of the key to be created." + } + }, + "description": "The parameters used to create a key.", + "required": [ + "properties" + ], + "x-ms-azure-resource": true, + "type": "object" + }, + "Key": { + "properties": { + "properties": { + "x-ms-client-flatten": true, + "$ref": "#/definitions/KeyProperties", + "description": "The properties of the key." + } + }, + "required": [ + "properties" + ], + "allOf": [ + { + "$ref": "./keyvault.json#/definitions/Resource" + } + ], + "description": "The key resource.", + "type": "object" + }, + "KeyListResult": { + "properties": { + "value": { + "type": "array", + "items": { + "$ref": "#/definitions/Key" + }, + "description": "The key resources." + }, + "nextLink": { + "type": "string", + "description": "The URL to get the next page of keys." + } + }, + "description": "The page of keys.", + "type": "object" + }, + "RotationPolicy": { + "properties": { + "attributes": { + "$ref": "#/definitions/KeyRotationPolicyAttributes", + "description": "The attributes of key rotation policy." + }, + "lifetimeActions": { + "type": "array", + "items": { + "$ref": "#/definitions/LifetimeAction" + }, + "x-ms-identifiers": [], + "description": "The lifetimeActions for key rotation action." + } + }, + "type": "object" + }, + "KeyRotationPolicyAttributes": { + "properties": { + "created": { + "type": "integer", + "format": "int64", + "readOnly": true, + "description": "Creation time in seconds since 1970-01-01T00:00:00Z." + }, + "updated": { + "type": "integer", + "format": "int64", + "readOnly": true, + "description": "Last updated time in seconds since 1970-01-01T00:00:00Z." + }, + "expiryTime": { + "type": "string", + "description": "The expiration time for the new key version. It should be in ISO8601 format. Eg: 'P90D', 'P1Y'." + } + }, + "type": "object" + }, + "LifetimeAction": { + "properties": { + "trigger": { + "$ref": "#/definitions/Trigger", + "description": "The trigger of key rotation policy lifetimeAction." + }, + "action": { + "$ref": "#/definitions/Action", + "description": "The action of key rotation policy lifetimeAction." + } + }, + "type": "object" + }, + "Trigger": { + "properties": { + "timeAfterCreate": { + "type": "string", + "description": "The time duration after key creation to rotate the key. It only applies to rotate. It will be in ISO 8601 duration format. Eg: 'P90D', 'P1Y'." + }, + "timeBeforeExpiry": { + "type": "string", + "description": "The time duration before key expiring to rotate or notify. It will be in ISO 8601 duration format. Eg: 'P90D', 'P1Y'." + } + }, + "type": "object" + }, + "Action": { + "properties": { + "type": { + "type": "string", + "description": "The type of action.", + "enum": [ + "rotate", + "notify" + ], + "x-ms-enum": { + "name": "KeyRotationPolicyActionType", + "modelAsString": false + } + } + }, + "type": "object" + }, + "KeyReleasePolicy": { + "properties": { + "contentType": { + "description": "Content type and version of key release policy", + "type": "string", + "default": "application/json; charset=utf-8" + }, + "data": { + "description": "Blob encoding the policy rules under which the key can be released.", + "type": "string", + "format": "base64url" + } + }, + "type": "object" + } + }, + "parameters": { + "SubscriptionIdParameter": { + "name": "subscriptionId", + "in": "path", + "required": true, + "type": "string", + "description": "Subscription credentials which uniquely identify Microsoft Azure subscription. The subscription ID forms part of the URI for every service call." + }, + "ApiVersionParameter": { + "name": "api-version", + "in": "query", + "required": true, + "type": "string", + "description": "Client Api Version." + } + }, + "securityDefinitions": { + "azure_auth": { + "type": "oauth2", + "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", + "flow": "implicit", + "description": "Azure Active Directory OAuth2 Flow", + "scopes": { + "user_impersonation": "impersonate your user account" + } + } + } +} diff --git a/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/keysManagedHsm.json b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/keysManagedHsm.json new file mode 100644 index 000000000000..ec45a2bacd47 --- /dev/null +++ b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/keysManagedHsm.json @@ -0,0 +1,651 @@ +{ + "swagger": "2.0", + "info": { + "version": "2023-07-01", + "title": "KeyVaultManagementClient", + "description": "The Azure management API provides a RESTful set of web services that interact with Azure Key Vault." + }, + "host": "management.azure.com", + "schemes": [ + "https" + ], + "paths": { + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.KeyVault/managedHSMs/{name}/keys/{keyName}": { + "put": { + "tags": [ + "ManagedHsmKeys" + ], + "operationId": "ManagedHsmKeys_CreateIfNotExist", + "description": "Creates the first version of a new key if it does not exist. If it already exists, then the existing key is returned without any write operations being performed. This API does not create subsequent versions, and does not update existing keys.", + "parameters": [ + { + "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/ResourceGroupNameParameter" + }, + { + "$ref": "#/parameters/ManagedHSMName" + }, + { + "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/ManagedHSMKeyName" + }, + { + "name": "parameters", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/ManagedHsmKeyCreateParameters" + }, + "description": "The parameters used to create the specified key." + } + ], + "responses": { + "200": { + "description": "The created key.", + "schema": { + "$ref": "#/definitions/ManagedHsmKey" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "common.json#/definitions/CloudError" + } + } + }, + "x-ms-examples": { + "Create a key": { + "$ref": "./examples/managedHsmCreateKey.json" + } + }, + "produces": [ + "application/json" + ], + "consumes": [ + "application/json" + ] + }, + "get": { + "tags": [ + "ManagedHsmKeys" + ], + "operationId": "ManagedHsmKeys_Get", + "description": "Gets the current version of the specified key from the specified managed HSM.", + "parameters": [ + { + "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/ResourceGroupNameParameter" + }, + { + "$ref": "#/parameters/ManagedHSMName" + }, + { + "$ref": "#/parameters/ManagedHSMKeyName" + }, + { + "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "The retrieved key.", + "schema": { + "$ref": "#/definitions/ManagedHsmKey" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "common.json#/definitions/CloudError" + } + } + }, + "x-ms-examples": { + "Get a key": { + "$ref": "./examples/managedHsmGetKey.json" + } + }, + "produces": [ + "application/json" + ], + "consumes": [ + "application/json" + ] + } + }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.KeyVault/managedHSMs/{name}/keys": { + "get": { + "tags": [ + "ManagedHsmKeys" + ], + "operationId": "ManagedHsmKeys_List", + "description": "Lists the keys in the specified managed HSM.", + "parameters": [ + { + "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/ResourceGroupNameParameter" + }, + { + "$ref": "#/parameters/ManagedHSMName" + }, + { + "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "The retrieved page of keys.", + "schema": { + "$ref": "#/definitions/ManagedHsmKeyListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "common.json#/definitions/CloudError" + } + } + }, + "x-ms-examples": { + "List keys in the managed HSM": { + "$ref": "./examples/managedHsmListKeys.json" + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + }, + "produces": [ + "application/json" + ], + "consumes": [ + "application/json" + ] + } + }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.KeyVault/managedHSMs/{name}/keys/{keyName}/versions/{keyVersion}": { + "get": { + "tags": [ + "ManagedHsmKeys" + ], + "operationId": "ManagedHsmKeys_GetVersion", + "description": "Gets the specified version of the specified key in the specified managed HSM.", + "parameters": [ + { + "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/ResourceGroupNameParameter" + }, + { + "$ref": "#/parameters/ManagedHSMName" + }, + { + "$ref": "#/parameters/ManagedHSMKeyName" + }, + { + "$ref": "#/parameters/ManagedHSMKeyVersion" + }, + { + "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "The retrieved key version.", + "schema": { + "$ref": "#/definitions/ManagedHsmKey" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "common.json#/definitions/CloudError" + } + } + }, + "x-ms-examples": { + "Get a key version": { + "$ref": "./examples/managedHsmGetKeyVersion.json" + } + }, + "produces": [ + "application/json" + ], + "consumes": [ + "application/json" + ] + } + }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.KeyVault/managedHSMs/{name}/keys/{keyName}/versions": { + "get": { + "tags": [ + "ManagedHsmKeys" + ], + "operationId": "ManagedHsmKeys_ListVersions", + "description": "Lists the versions of the specified key in the specified managed HSM.", + "parameters": [ + { + "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/ResourceGroupNameParameter" + }, + { + "$ref": "#/parameters/ManagedHSMName" + }, + { + "$ref": "#/parameters/ManagedHSMKeyName" + }, + { + "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "The retrieved page of key versions.", + "schema": { + "$ref": "#/definitions/ManagedHsmKeyListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "common.json#/definitions/CloudError" + } + } + }, + "x-ms-examples": { + "List key versions in the managed HSM": { + "$ref": "./examples/managedHsmListKeyVersions.json" + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + }, + "produces": [ + "application/json" + ], + "consumes": [ + "application/json" + ] + } + } + }, + "definitions": { + "ManagedHsmKeyProperties": { + "properties": { + "attributes": { + "$ref": "#/definitions/ManagedHsmKeyAttributes", + "description": "The attributes of the key." + }, + "kty": { + "type": "string", + "minLength": 1, + "description": "The type of the key. For valid values, see JsonWebKeyType.", + "enum": [ + "EC", + "EC-HSM", + "RSA", + "RSA-HSM" + ], + "x-ms-enum": { + "name": "JsonWebKeyType", + "modelAsString": true + } + }, + "keyOps": { + "type": "array", + "items": { + "type": "string", + "description": "The permitted JSON web key operations of the key. For more information, see JsonWebKeyOperation.", + "enum": [ + "encrypt", + "decrypt", + "sign", + "verify", + "wrapKey", + "unwrapKey", + "import", + "release" + ], + "x-ms-enum": { + "name": "JsonWebKeyOperation", + "modelAsString": true + } + } + }, + "keySize": { + "type": "integer", + "format": "int32", + "description": "The key size in bits. For example: 2048, 3072, or 4096 for RSA." + }, + "curveName": { + "type": "string", + "description": "The elliptic curve name. For valid values, see JsonWebKeyCurveName.", + "enum": [ + "P-256", + "P-384", + "P-521", + "P-256K" + ], + "x-ms-enum": { + "name": "JsonWebKeyCurveName", + "modelAsString": true + } + }, + "keyUri": { + "type": "string", + "description": "The URI to retrieve the current version of the key.", + "readOnly": true + }, + "keyUriWithVersion": { + "type": "string", + "description": "The URI to retrieve the specific version of the key.", + "readOnly": true + }, + "rotationPolicy": { + "$ref": "#/definitions/ManagedHsmRotationPolicy", + "description": "Key rotation policy in response. It will be used for both output and input. Omitted if empty" + }, + "release_policy": { + "$ref": "#/definitions/ManagedHsmKeyReleasePolicy", + "description": "Key release policy in response. It will be used for both output and input. Omitted if empty" + } + }, + "description": "The properties of the key.", + "type": "object" + }, + "ManagedHsmKeyAttributes": { + "properties": { + "enabled": { + "type": "boolean", + "description": "Determines whether or not the object is enabled." + }, + "nbf": { + "x-ms-client-name": "NotBefore", + "type": "integer", + "format": "int64", + "description": "Not before date in seconds since 1970-01-01T00:00:00Z." + }, + "exp": { + "x-ms-client-name": "Expires", + "type": "integer", + "format": "int64", + "description": "Expiry date in seconds since 1970-01-01T00:00:00Z." + }, + "created": { + "type": "integer", + "format": "int64", + "readOnly": true, + "description": "Creation time in seconds since 1970-01-01T00:00:00Z." + }, + "updated": { + "type": "integer", + "format": "int64", + "readOnly": true, + "description": "Last updated time in seconds since 1970-01-01T00:00:00Z." + }, + "recoveryLevel": { + "type": "string", + "description": "The deletion recovery level currently in effect for the object. If it contains 'Purgeable', then the object can be permanently deleted by a privileged user; otherwise, only the system can purge the object at the end of the retention interval.", + "enum": [ + "Purgeable", + "Recoverable+Purgeable", + "Recoverable", + "Recoverable+ProtectedSubscription" + ], + "x-ms-enum": { + "name": "DeletionRecoveryLevel", + "modelAsString": true + }, + "readOnly": true, + "x-nullable": false + }, + "exportable": { + "type": "boolean", + "description": "Indicates if the private key can be exported." + } + }, + "description": "The object attributes managed by the Azure Key Vault service.", + "type": "object" + }, + "ManagedHsmKeyCreateParameters": { + "properties": { + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The tags that will be assigned to the key." + }, + "properties": { + "$ref": "#/definitions/ManagedHsmKeyProperties", + "description": "The properties of the key to be created." + } + }, + "description": "The parameters used to create a key.", + "required": [ + "properties" + ], + "x-ms-azure-resource": true, + "type": "object" + }, + "ManagedHsmKey": { + "properties": { + "properties": { + "x-ms-client-flatten": true, + "$ref": "#/definitions/ManagedHsmKeyProperties", + "description": "The properties of the key." + } + }, + "required": [ + "properties" + ], + "allOf": [ + { + "$ref": "#/definitions/ProxyResourceWithoutSystemData" + } + ], + "description": "The key resource.", + "type": "object" + }, + "ManagedHsmKeyListResult": { + "properties": { + "value": { + "type": "array", + "items": { + "$ref": "#/definitions/ManagedHsmKey" + }, + "description": "The key resources." + }, + "nextLink": { + "type": "string", + "description": "The URL to get the next page of keys." + } + }, + "description": "The page of keys.", + "type": "object" + }, + "ManagedHsmRotationPolicy": { + "properties": { + "attributes": { + "$ref": "#/definitions/ManagedHsmKeyRotationPolicyAttributes", + "description": "The attributes of key rotation policy." + }, + "lifetimeActions": { + "type": "array", + "items": { + "$ref": "#/definitions/ManagedHsmLifetimeAction" + }, + "x-ms-identifiers": [], + "description": "The lifetimeActions for key rotation action." + } + }, + "type": "object" + }, + "ManagedHsmKeyRotationPolicyAttributes": { + "properties": { + "created": { + "type": "integer", + "format": "int64", + "readOnly": true, + "description": "Creation time in seconds since 1970-01-01T00:00:00Z." + }, + "updated": { + "type": "integer", + "format": "int64", + "readOnly": true, + "description": "Last updated time in seconds since 1970-01-01T00:00:00Z." + }, + "expiryTime": { + "type": "string", + "description": "The expiration time for the new key version. It should be in ISO8601 format. Eg: 'P90D', 'P1Y'." + } + }, + "type": "object" + }, + "ManagedHsmLifetimeAction": { + "properties": { + "trigger": { + "$ref": "#/definitions/ManagedHsmTrigger", + "description": "The trigger of key rotation policy lifetimeAction." + }, + "action": { + "$ref": "#/definitions/ManagedHsmAction", + "description": "The action of key rotation policy lifetimeAction." + } + }, + "type": "object" + }, + "ManagedHsmTrigger": { + "properties": { + "timeAfterCreate": { + "type": "string", + "description": "The time duration after key creation to rotate the key. It only applies to rotate. It will be in ISO 8601 duration format. Eg: 'P90D', 'P1Y'." + }, + "timeBeforeExpiry": { + "type": "string", + "description": "The time duration before key expiring to rotate or notify. It will be in ISO 8601 duration format. Eg: 'P90D', 'P1Y'." + } + }, + "type": "object" + }, + "ManagedHsmAction": { + "properties": { + "type": { + "type": "string", + "description": "The type of action.", + "enum": [ + "rotate", + "notify" + ], + "x-ms-enum": { + "name": "KeyRotationPolicyActionType", + "modelAsString": false + } + } + }, + "type": "object" + }, + "ManagedHsmKeyReleasePolicy": { + "properties": { + "contentType": { + "description": "Content type and version of key release policy", + "type": "string", + "default": "application/json; charset=utf-8" + }, + "data": { + "description": "Blob encoding the policy rules under which the key can be released.", + "type": "string", + "format": "base64url" + } + }, + "type": "object" + }, + "ProxyResourceWithoutSystemData": { + "title": "Resource", + "description": "Common fields that are returned in the response for all Azure Resource Manager resources", + "type": "object", + "properties": { + "id": { + "readOnly": true, + "type": "string", + "description": "Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" + }, + "name": { + "readOnly": true, + "type": "string", + "description": "The name of the resource" + }, + "type": { + "readOnly": true, + "type": "string", + "description": "The type of the resource. E.g. \"Microsoft.Compute/virtualMachines\" or \"Microsoft.Storage/storageAccounts\"" + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "x-ms-mutability": [ + "read", + "create", + "update" + ], + "description": "Resource tags." + } + }, + "x-ms-azure-resource": true + } + }, + "parameters": { + "ManagedHSMName": { + "name": "name", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the Managed HSM Pool within the specified resource group.", + "pattern": "^[A-Za-z]([A-Za-z0-9]|\\-[A-Za-z0-9])+$", + "maxLength": 24, + "minLength": 3, + "x-ms-parameter-location": "method" + }, + "ManagedHSMKeyName": { + "name": "keyName", + "in": "path", + "required": true, + "type": "string", + "pattern": "^[a-zA-Z0-9-]{1,127}$", + "description": "The name of the key to be created. The value you provide may be copied globally for the purpose of running the service. The value provided should not include personally identifiable or sensitive information.", + "x-ms-parameter-location": "method" + }, + "ManagedHSMKeyVersion": { + "name": "keyVersion", + "in": "path", + "required": true, + "type": "string", + "pattern": "^[a-fA-F0-9]{32}$", + "description": "The version of the key to be retrieved.", + "x-ms-parameter-location": "method" + } + }, + "securityDefinitions": { + "azure_auth": { + "type": "oauth2", + "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", + "flow": "implicit", + "description": "Azure Active Directory OAuth2 Flow", + "scopes": { + "user_impersonation": "impersonate your user account" + } + } + } +} diff --git a/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/keyvault.json b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/keyvault.json new file mode 100644 index 000000000000..16572780e6fe --- /dev/null +++ b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/keyvault.json @@ -0,0 +1,2081 @@ +{ + "swagger": "2.0", + "info": { + "version": "2023-07-01", + "title": "KeyVaultManagementClient", + "description": "The Azure management API provides a RESTful set of web services that interact with Azure Key Vault." + }, + "host": "management.azure.com", + "schemes": [ + "https" + ], + "paths": { + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.KeyVault/vaults/{vaultName}": { + "put": { + "tags": [ + "Vaults" + ], + "operationId": "Vaults_CreateOrUpdate", + "x-ms-long-running-operation": true, + "description": "Create or update a key vault in the specified subscription.", + "parameters": [ + { + "name": "resourceGroupName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the Resource Group to which the server belongs." + }, + { + "name": "vaultName", + "in": "path", + "required": true, + "type": "string", + "pattern": "^[a-zA-Z0-9-]{3,24}$", + "description": "Name of the vault" + }, + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "name": "parameters", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/VaultCreateOrUpdateParameters" + }, + "description": "Parameters to create or update the vault" + }, + { + "$ref": "#/parameters/SubscriptionIdParameter" + } + ], + "responses": { + "201": { + "description": "Created or updated vault", + "schema": { + "$ref": "#/definitions/Vault" + } + }, + "200": { + "description": "Created or updated vault", + "schema": { + "$ref": "#/definitions/Vault" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "common.json#/definitions/CloudError" + } + } + }, + "x-ms-examples": { + "Create a new vault or update an existing vault": { + "$ref": "./examples/createVault.json" + }, + "Create or update a vault with network acls": { + "$ref": "./examples/createVaultWithNetworkAcls.json" + } + }, + "produces": [ + "application/json" + ], + "consumes": [ + "application/json" + ] + }, + "patch": { + "tags": [ + "Vaults" + ], + "operationId": "Vaults_Update", + "description": "Update a key vault in the specified subscription.", + "parameters": [ + { + "name": "resourceGroupName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the Resource Group to which the server belongs." + }, + { + "name": "vaultName", + "in": "path", + "required": true, + "type": "string", + "pattern": "^[a-zA-Z0-9-]{3,24}$", + "description": "Name of the vault" + }, + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "name": "parameters", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/VaultPatchParameters" + }, + "description": "Parameters to patch the vault" + }, + { + "$ref": "#/parameters/SubscriptionIdParameter" + } + ], + "responses": { + "201": { + "description": "Patched vault", + "schema": { + "$ref": "#/definitions/Vault" + } + }, + "200": { + "description": "Patched vault", + "schema": { + "$ref": "#/definitions/Vault" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "common.json#/definitions/CloudError" + } + } + }, + "x-ms-examples": { + "Update an existing vault": { + "$ref": "./examples/updateVault.json" + } + }, + "produces": [ + "application/json" + ], + "consumes": [ + "application/json" + ] + }, + "delete": { + "tags": [ + "Vaults" + ], + "operationId": "Vaults_Delete", + "description": "Deletes the specified Azure key vault.", + "parameters": [ + { + "name": "resourceGroupName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the Resource Group to which the vault belongs." + }, + { + "name": "vaultName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the vault to delete" + }, + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/SubscriptionIdParameter" + } + ], + "responses": { + "200": { + "description": "OK Response." + }, + "204": { + "description": "No Content." + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "common.json#/definitions/CloudError" + } + } + }, + "x-ms-examples": { + "Delete a vault": { + "$ref": "./examples/deleteVault.json" + } + }, + "produces": [ + "application/json" + ], + "consumes": [ + "application/json" + ] + }, + "get": { + "tags": [ + "Vaults" + ], + "operationId": "Vaults_Get", + "description": "Gets the specified Azure key vault.", + "parameters": [ + { + "name": "resourceGroupName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the Resource Group to which the vault belongs." + }, + { + "name": "vaultName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the vault." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/SubscriptionIdParameter" + } + ], + "responses": { + "200": { + "description": "Retrieved vault", + "schema": { + "$ref": "#/definitions/Vault" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "common.json#/definitions/CloudError" + } + } + }, + "x-ms-examples": { + "Retrieve a vault": { + "$ref": "./examples/getVault.json" + } + }, + "produces": [ + "application/json" + ], + "consumes": [ + "application/json" + ] + } + }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.KeyVault/vaults/{vaultName}/accessPolicies/{operationKind}": { + "put": { + "tags": [ + "Vaults" + ], + "operationId": "Vaults_UpdateAccessPolicy", + "description": "Update access policies in a key vault in the specified subscription.", + "parameters": [ + { + "name": "resourceGroupName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the Resource Group to which the vault belongs." + }, + { + "name": "vaultName", + "in": "path", + "required": true, + "type": "string", + "pattern": "^[a-zA-Z0-9-]{3,24}$", + "description": "Name of the vault" + }, + { + "name": "operationKind", + "in": "path", + "required": true, + "type": "string", + "enum": [ + "add", + "replace", + "remove" + ], + "x-ms-enum": { + "name": "AccessPolicyUpdateKind", + "modelAsString": false + }, + "description": "Name of the operation" + }, + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "name": "parameters", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/VaultAccessPolicyParameters" + }, + "description": "Access policy to merge into the vault" + }, + { + "$ref": "#/parameters/SubscriptionIdParameter" + } + ], + "responses": { + "201": { + "description": "The updated access policies", + "schema": { + "$ref": "#/definitions/VaultAccessPolicyParameters" + } + }, + "200": { + "description": "The updated access policies", + "schema": { + "$ref": "#/definitions/VaultAccessPolicyParameters" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "common.json#/definitions/CloudError" + } + } + }, + "x-ms-examples": { + "Add an access policy, or update an access policy with new permissions": { + "$ref": "./examples/updateAccessPoliciesAdd.json" + } + }, + "produces": [ + "application/json" + ], + "consumes": [ + "application/json" + ] + } + }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.KeyVault/vaults": { + "get": { + "tags": [ + "Vaults" + ], + "operationId": "Vaults_ListByResourceGroup", + "description": "The List operation gets information about the vaults associated with the subscription and within the specified resource group.", + "parameters": [ + { + "name": "resourceGroupName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the Resource Group to which the vault belongs." + }, + { + "name": "$top", + "in": "query", + "type": "integer", + "format": "int32", + "description": "Maximum number of results to return." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/SubscriptionIdParameter" + } + ], + "responses": { + "200": { + "description": "Get information about all key vaults in the specified resource group.", + "schema": { + "$ref": "#/definitions/VaultListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "common.json#/definitions/CloudError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + }, + "x-ms-examples": { + "List vaults in the specified resource group": { + "$ref": "./examples/listVaultByResourceGroup.json" + } + }, + "produces": [ + "application/json" + ], + "consumes": [ + "application/json" + ] + } + }, + "/subscriptions/{subscriptionId}/providers/Microsoft.KeyVault/vaults": { + "get": { + "tags": [ + "Vaults" + ], + "operationId": "Vaults_ListBySubscription", + "description": "The List operation gets information about the vaults associated with the subscription.", + "parameters": [ + { + "name": "$top", + "in": "query", + "type": "integer", + "format": "int32", + "description": "Maximum number of results to return." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/SubscriptionIdParameter" + } + ], + "responses": { + "200": { + "description": "Get information about all key vaults in the specified subscription.", + "schema": { + "$ref": "#/definitions/VaultListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "common.json#/definitions/CloudError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + }, + "x-ms-examples": { + "List vaults in the specified subscription": { + "$ref": "./examples/listVaultBySubscription.json" + } + }, + "produces": [ + "application/json" + ], + "consumes": [ + "application/json" + ] + } + }, + "/subscriptions/{subscriptionId}/providers/Microsoft.KeyVault/deletedVaults": { + "get": { + "tags": [ + "Vaults" + ], + "operationId": "Vaults_ListDeleted", + "description": "Gets information about the deleted vaults in a subscription.", + "parameters": [ + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/SubscriptionIdParameter" + } + ], + "responses": { + "200": { + "description": "Retrieved information about all deleted key vaults in a subscription.", + "schema": { + "$ref": "#/definitions/DeletedVaultListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "common.json#/definitions/CloudError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + }, + "x-ms-examples": { + "List deleted vaults in the specified subscription": { + "$ref": "./examples/listDeletedVaults.json" + } + }, + "produces": [ + "application/json" + ], + "consumes": [ + "application/json" + ] + } + }, + "/subscriptions/{subscriptionId}/providers/Microsoft.KeyVault/locations/{location}/deletedVaults/{vaultName}": { + "get": { + "tags": [ + "Vaults" + ], + "operationId": "Vaults_GetDeleted", + "description": "Gets the deleted Azure key vault.", + "parameters": [ + { + "name": "vaultName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the vault." + }, + { + "name": "location", + "in": "path", + "required": true, + "type": "string", + "description": "The location of the deleted vault." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/SubscriptionIdParameter" + } + ], + "responses": { + "200": { + "description": "Retrieved information about the deleted vault.", + "schema": { + "$ref": "#/definitions/DeletedVault" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "common.json#/definitions/CloudError" + } + } + }, + "x-ms-examples": { + "Retrieve a deleted vault": { + "$ref": "./examples/getDeletedVault.json" + } + }, + "produces": [ + "application/json" + ], + "consumes": [ + "application/json" + ] + } + }, + "/subscriptions/{subscriptionId}/providers/Microsoft.KeyVault/locations/{location}/deletedVaults/{vaultName}/purge": { + "post": { + "tags": [ + "Vaults" + ], + "operationId": "Vaults_PurgeDeleted", + "x-ms-long-running-operation": true, + "description": "Permanently deletes the specified vault. aka Purges the deleted Azure key vault.", + "parameters": [ + { + "name": "vaultName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the soft-deleted vault." + }, + { + "name": "location", + "in": "path", + "required": true, + "type": "string", + "description": "The location of the soft-deleted vault." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/SubscriptionIdParameter" + } + ], + "responses": { + "200": { + "description": "The vault is purged." + }, + "202": { + "description": "Vault is being purged." + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "common.json#/definitions/CloudError" + } + } + }, + "x-ms-examples": { + "Purge a deleted vault": { + "$ref": "./examples/purgeDeletedVault.json" + } + }, + "produces": [ + "application/json" + ], + "consumes": [ + "application/json" + ] + } + }, + "/subscriptions/{subscriptionId}/resources": { + "get": { + "tags": [ + "Vaults" + ], + "operationId": "Vaults_List", + "description": "The List operation gets information about the vaults associated with the subscription.", + "parameters": [ + { + "name": "$filter", + "in": "query", + "required": true, + "type": "string", + "enum": [ + "resourceType eq 'Microsoft.KeyVault/vaults'" + ], + "x-ms-enum": { + "name": "VaultListFilterTypes", + "modelAsString": false + }, + "description": "The filter to apply on the operation." + }, + { + "name": "$top", + "in": "query", + "type": "integer", + "format": "int32", + "description": "Maximum number of results to return." + }, + { + "name": "api-version", + "in": "query", + "required": true, + "x-ms-api-version": false, + "type": "string", + "enum": [ + "2015-11-01" + ], + "x-ms-enum": { + "name": "ResourceManagerApiVersions", + "modelAsString": false + }, + "description": "Azure Resource Manager Api Version." + }, + { + "$ref": "#/parameters/SubscriptionIdParameter" + } + ], + "responses": { + "200": { + "description": "Get information about all key vaults in the subscription.", + "schema": { + "$ref": "#/definitions/ResourceListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "common.json#/definitions/CloudError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + }, + "x-ms-examples": { + "List vaults in the specified subscription": { + "$ref": "./examples/listVault.json" + } + }, + "produces": [ + "application/json" + ] + } + }, + "/subscriptions/{subscriptionId}/providers/Microsoft.KeyVault/checkNameAvailability": { + "post": { + "tags": [ + "Vaults" + ], + "operationId": "Vaults_CheckNameAvailability", + "description": "Checks that the vault name is valid and is not already in use.", + "parameters": [ + { + "name": "vaultName", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/VaultCheckNameAvailabilityParameters" + }, + "description": "The name of the vault." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/SubscriptionIdParameter" + } + ], + "responses": { + "200": { + "description": "OK -- Operation to check the vault name availability was successful.", + "schema": { + "$ref": "#/definitions/CheckNameAvailabilityResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "common.json#/definitions/CloudError" + } + } + }, + "x-ms-examples": { + "Validate a vault name": { + "$ref": "./examples/checkVaultNameAvailability.json" + } + }, + "produces": [ + "application/json" + ], + "consumes": [ + "application/json" + ] + } + }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.KeyVault/vaults/{vaultName}/privateEndpointConnections/{privateEndpointConnectionName}": { + "get": { + "tags": [ + "PrivateEndpointConnections" + ], + "operationId": "PrivateEndpointConnections_Get", + "description": "Gets the specified private endpoint connection associated with the key vault.", + "x-ms-examples": { + "KeyVaultGetPrivateEndpointConnection": { + "$ref": "./examples/getPrivateEndpointConnection.json" + } + }, + "parameters": [ + { + "$ref": "#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "#/parameters/ResourceGroupName" + }, + { + "$ref": "#/parameters/VaultName" + }, + { + "$ref": "#/parameters/PrivateEndpointConnectionName" + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "Private endpoint connection successfully returned.", + "schema": { + "$ref": "#/definitions/PrivateEndpointConnection" + } + }, + "204": { + "description": "The private endpoint connection does not exist." + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "common.json#/definitions/CloudError" + } + } + } + }, + "put": { + "tags": [ + "PrivateEndpointConnections" + ], + "operationId": "PrivateEndpointConnections_Put", + "description": "Updates the specified private endpoint connection associated with the key vault.", + "x-ms-examples": { + "KeyVaultPutPrivateEndpointConnection": { + "$ref": "./examples/putPrivateEndpointConnection.json" + } + }, + "parameters": [ + { + "$ref": "#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "#/parameters/ResourceGroupName" + }, + { + "$ref": "#/parameters/VaultName" + }, + { + "$ref": "#/parameters/PrivateEndpointConnectionName" + }, + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "name": "properties", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/PrivateEndpointConnection" + }, + "description": "The intended state of private endpoint connection." + } + ], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The state of private endpoint connection was updated successfully.", + "headers": { + "Retry-After": { + "description": "(specified only if operation does not finish synchronously) The recommended number of seconds to wait before calling the URI specified in Azure-AsyncOperation.", + "type": "integer", + "format": "int32" + }, + "Azure-AsyncOperation": { + "description": "(specified only if operation does not finish synchronously) The URI to poll for completion status. The response of this URI may be synchronous or asynchronous.", + "type": "string" + } + }, + "schema": { + "$ref": "#/definitions/PrivateEndpointConnection" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "common.json#/definitions/CloudError" + } + } + } + }, + "delete": { + "tags": [ + "PrivateEndpointConnections" + ], + "operationId": "PrivateEndpointConnections_Delete", + "description": "Deletes the specified private endpoint connection associated with the key vault.", + "x-ms-examples": { + "KeyVaultDeletePrivateEndpointConnection": { + "$ref": "./examples/deletePrivateEndpointConnection.json" + } + }, + "parameters": [ + { + "$ref": "#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "#/parameters/ResourceGroupName" + }, + { + "$ref": "#/parameters/VaultName" + }, + { + "$ref": "#/parameters/PrivateEndpointConnectionName" + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The private endpoint connection was successfully deleted.", + "schema": { + "$ref": "#/definitions/PrivateEndpointConnection" + } + }, + "202": { + "description": "The private endpoint connection is being deleted.", + "headers": { + "Retry-After": { + "description": "The recommended number of seconds to wait before calling the URI specified in the location header.", + "type": "integer", + "format": "int32" + }, + "Location": { + "description": "The URI to poll for completion status.", + "type": "string" + } + } + }, + "204": { + "description": "The private endpoint connection does not exist." + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "common.json#/definitions/CloudError" + } + } + }, + "x-ms-long-running-operation": true + } + }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.KeyVault/vaults/{vaultName}/privateEndpointConnections": { + "get": { + "tags": [ + "PrivateEndpointConnections" + ], + "operationId": "PrivateEndpointConnections_ListByResource", + "description": "The List operation gets information about the private endpoint connections associated with the vault.", + "x-ms-examples": { + "KeyVaultListPrivateEndpointConnection": { + "$ref": "./examples/listPrivateEndpointConnection.json" + } + }, + "parameters": [ + { + "$ref": "#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "#/parameters/ResourceGroupName" + }, + { + "$ref": "#/parameters/VaultName" + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "Get information about all private endpoint connections in the specified resource group.", + "schema": { + "$ref": "#/definitions/PrivateEndpointConnectionListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "common.json#/definitions/CloudError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + } + } + }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.KeyVault/vaults/{vaultName}/privateLinkResources": { + "get": { + "tags": [ + "PrivateLinkResources" + ], + "operationId": "PrivateLinkResources_ListByVault", + "description": "Gets the private link resources supported for the key vault.", + "x-ms-examples": { + "KeyVaultListPrivateLinkResources": { + "$ref": "./examples/listPrivateLinkResources.json" + } + }, + "parameters": [ + { + "$ref": "#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "#/parameters/ResourceGroupName" + }, + { + "$ref": "#/parameters/VaultName" + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "Successfully retrieved private link resources.", + "schema": { + "$ref": "#/definitions/PrivateLinkResourceListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "common.json#/definitions/CloudError" + } + } + } + } + } + }, + "definitions": { + "Sku": { + "properties": { + "family": { + "type": "string", + "description": "SKU family name", + "enum": [ + "A" + ], + "x-ms-client-default": "A", + "x-ms-enum": { + "name": "SkuFamily", + "modelAsString": true + } + }, + "name": { + "type": "string", + "description": "SKU name to specify whether the key vault is a standard vault or a premium vault.", + "enum": [ + "standard", + "premium" + ], + "x-ms-enum": { + "name": "SkuName", + "modelAsString": false + } + } + }, + "description": "SKU details", + "required": [ + "name", + "family" + ], + "type": "object" + }, + "AccessPolicyEntry": { + "properties": { + "tenantId": { + "type": "string", + "format": "uuid", + "description": "The Azure Active Directory tenant ID that should be used for authenticating requests to the key vault." + }, + "objectId": { + "type": "string", + "description": "The object ID of a user, service principal or security group in the Azure Active Directory tenant for the vault. The object ID must be unique for the list of access policies." + }, + "applicationId": { + "type": "string", + "format": "uuid", + "description": " Application ID of the client making request on behalf of a principal" + }, + "permissions": { + "$ref": "#/definitions/Permissions", + "description": "Permissions the identity has for keys, secrets and certificates." + } + }, + "description": "An identity that have access to the key vault. All identities in the array must use the same tenant ID as the key vault's tenant ID.", + "required": [ + "tenantId", + "objectId", + "permissions" + ], + "type": "object" + }, + "Permissions": { + "properties": { + "keys": { + "type": "array", + "items": { + "type": "string", + "enum": [ + "all", + "encrypt", + "decrypt", + "wrapKey", + "unwrapKey", + "sign", + "verify", + "get", + "list", + "create", + "update", + "import", + "delete", + "backup", + "restore", + "recover", + "purge", + "release", + "rotate", + "getrotationpolicy", + "setrotationpolicy" + ], + "x-ms-enum": { + "name": "KeyPermissions", + "modelAsString": true + } + }, + "description": "Permissions to keys" + }, + "secrets": { + "type": "array", + "items": { + "type": "string", + "enum": [ + "all", + "get", + "list", + "set", + "delete", + "backup", + "restore", + "recover", + "purge" + ], + "x-ms-enum": { + "name": "SecretPermissions", + "modelAsString": true + } + }, + "description": "Permissions to secrets" + }, + "certificates": { + "type": "array", + "items": { + "type": "string", + "enum": [ + "all", + "get", + "list", + "delete", + "create", + "import", + "update", + "managecontacts", + "getissuers", + "listissuers", + "setissuers", + "deleteissuers", + "manageissuers", + "recover", + "purge", + "backup", + "restore" + ], + "x-ms-enum": { + "name": "CertificatePermissions", + "modelAsString": true + } + }, + "description": "Permissions to certificates" + }, + "storage": { + "type": "array", + "items": { + "type": "string", + "enum": [ + "all", + "get", + "list", + "delete", + "set", + "update", + "regeneratekey", + "recover", + "purge", + "backup", + "restore", + "setsas", + "listsas", + "getsas", + "deletesas" + ], + "x-ms-enum": { + "name": "StoragePermissions", + "modelAsString": true + } + }, + "description": "Permissions to storage accounts" + } + }, + "description": "Permissions the identity has for keys, secrets, certificates and storage.", + "type": "object" + }, + "VaultProperties": { + "properties": { + "tenantId": { + "type": "string", + "format": "uuid", + "description": "The Azure Active Directory tenant ID that should be used for authenticating requests to the key vault." + }, + "sku": { + "$ref": "#/definitions/Sku", + "description": "SKU details" + }, + "accessPolicies": { + "type": "array", + "items": { + "$ref": "#/definitions/AccessPolicyEntry" + }, + "x-ms-identifiers": [ + "tenantId", + "objectId", + "permissions" + ], + "description": "An array of 0 to 1024 identities that have access to the key vault. All identities in the array must use the same tenant ID as the key vault's tenant ID. When `createMode` is set to `recover`, access policies are not required. Otherwise, access policies are required." + }, + "vaultUri": { + "type": "string", + "description": "The URI of the vault for performing operations on keys and secrets." + }, + "hsmPoolResourceId": { + "type": "string", + "description": "The resource id of HSM Pool.", + "readOnly": true + }, + "enabledForDeployment": { + "type": "boolean", + "description": "Property to specify whether Azure Virtual Machines are permitted to retrieve certificates stored as secrets from the key vault." + }, + "enabledForDiskEncryption": { + "type": "boolean", + "description": "Property to specify whether Azure Disk Encryption is permitted to retrieve secrets from the vault and unwrap keys." + }, + "enabledForTemplateDeployment": { + "type": "boolean", + "description": "Property to specify whether Azure Resource Manager is permitted to retrieve secrets from the key vault." + }, + "enableSoftDelete": { + "type": "boolean", + "default": true, + "description": "Property to specify whether the 'soft delete' functionality is enabled for this key vault. If it's not set to any value(true or false) when creating new key vault, it will be set to true by default. Once set to true, it cannot be reverted to false." + }, + "softDeleteRetentionInDays": { + "type": "integer", + "format": "int32", + "default": 90, + "description": "softDelete data retention days. It accepts >=7 and <=90." + }, + "enableRbacAuthorization": { + "type": "boolean", + "default": false, + "description": "Property that controls how data actions are authorized. When true, the key vault will use Role Based Access Control (RBAC) for authorization of data actions, and the access policies specified in vault properties will be ignored. When false, the key vault will use the access policies specified in vault properties, and any policy stored on Azure Resource Manager will be ignored. If null or not specified, the vault is created with the default value of false. Note that management actions are always authorized with RBAC." + }, + "createMode": { + "type": "string", + "description": "The vault's create mode to indicate whether the vault need to be recovered or not.", + "enum": [ + "recover", + "default" + ], + "x-ms-enum": { + "name": "CreateMode", + "modelAsString": false + }, + "x-ms-mutability": [ + "create", + "update" + ] + }, + "enablePurgeProtection": { + "type": "boolean", + "description": "Property specifying whether protection against purge is enabled for this vault. Setting this property to true activates protection against purge for this vault and its content - only the Key Vault service may initiate a hard, irrecoverable deletion. The setting is effective only if soft delete is also enabled. Enabling this functionality is irreversible - that is, the property does not accept false as its value." + }, + "networkAcls": { + "$ref": "#/definitions/NetworkRuleSet", + "description": "Rules governing the accessibility of the key vault from specific network locations." + }, + "provisioningState": { + "type": "string", + "description": "Provisioning state of the vault.", + "enum": [ + "Succeeded", + "RegisteringDns" + ], + "x-ms-enum": { + "name": "VaultProvisioningState", + "modelAsString": true + } + }, + "privateEndpointConnections": { + "readOnly": true, + "type": "array", + "items": { + "$ref": "#/definitions/PrivateEndpointConnectionItem" + }, + "description": "List of private endpoint connections associated with the key vault." + }, + "publicNetworkAccess": { + "type": "string", + "default": "enabled", + "description": "Property to specify whether the vault will accept traffic from public internet. If set to 'disabled' all traffic except private endpoint traffic and that that originates from trusted services will be blocked. This will override the set firewall rules, meaning that even if the firewall rules are present we will not honor the rules." + } + }, + "required": [ + "tenantId", + "sku" + ], + "description": "Properties of the vault", + "type": "object" + }, + "VaultPatchProperties": { + "properties": { + "tenantId": { + "type": "string", + "format": "uuid", + "description": "The Azure Active Directory tenant ID that should be used for authenticating requests to the key vault." + }, + "sku": { + "$ref": "#/definitions/Sku", + "description": "SKU details" + }, + "accessPolicies": { + "type": "array", + "items": { + "$ref": "#/definitions/AccessPolicyEntry" + }, + "x-ms-identifiers": [ + "tenantId", + "objectId", + "permissions" + ], + "description": "An array of 0 to 16 identities that have access to the key vault. All identities in the array must use the same tenant ID as the key vault's tenant ID." + }, + "enabledForDeployment": { + "type": "boolean", + "description": "Property to specify whether Azure Virtual Machines are permitted to retrieve certificates stored as secrets from the key vault." + }, + "enabledForDiskEncryption": { + "type": "boolean", + "description": "Property to specify whether Azure Disk Encryption is permitted to retrieve secrets from the vault and unwrap keys." + }, + "enabledForTemplateDeployment": { + "type": "boolean", + "description": "Property to specify whether Azure Resource Manager is permitted to retrieve secrets from the key vault." + }, + "enableSoftDelete": { + "type": "boolean", + "description": "Property to specify whether the 'soft delete' functionality is enabled for this key vault. Once set to true, it cannot be reverted to false." + }, + "enableRbacAuthorization": { + "type": "boolean", + "description": "Property that controls how data actions are authorized. When true, the key vault will use Role Based Access Control (RBAC) for authorization of data actions, and the access policies specified in vault properties will be ignored. When false, the key vault will use the access policies specified in vault properties, and any policy stored on Azure Resource Manager will be ignored. If null or not specified, the value of this property will not change." + }, + "softDeleteRetentionInDays": { + "type": "integer", + "format": "int32", + "description": "softDelete data retention days. It accepts >=7 and <=90." + }, + "createMode": { + "type": "string", + "description": "The vault's create mode to indicate whether the vault need to be recovered or not.", + "enum": [ + "recover", + "default" + ], + "x-ms-enum": { + "name": "CreateMode", + "modelAsString": false + } + }, + "enablePurgeProtection": { + "type": "boolean", + "description": "Property specifying whether protection against purge is enabled for this vault. Setting this property to true activates protection against purge for this vault and its content - only the Key Vault service may initiate a hard, irrecoverable deletion. The setting is effective only if soft delete is also enabled. Enabling this functionality is irreversible - that is, the property does not accept false as its value." + }, + "networkAcls": { + "$ref": "#/definitions/NetworkRuleSet", + "description": "A collection of rules governing the accessibility of the vault from specific network locations." + }, + "publicNetworkAccess": { + "type": "string", + "description": "Property to specify whether the vault will accept traffic from public internet. If set to 'disabled' all traffic except private endpoint traffic and that that originates from trusted services will be blocked. This will override the set firewall rules, meaning that even if the firewall rules are present we will not honor the rules." + } + }, + "description": "Properties of the vault", + "type": "object" + }, + "VaultAccessPolicyProperties": { + "properties": { + "accessPolicies": { + "type": "array", + "items": { + "$ref": "#/definitions/AccessPolicyEntry" + }, + "x-ms-identifiers": [ + "tenantId", + "objectId", + "permissions" + ], + "description": "An array of 0 to 16 identities that have access to the key vault. All identities in the array must use the same tenant ID as the key vault's tenant ID." + } + }, + "required": [ + "accessPolicies" + ], + "description": "Properties of the vault access policy", + "type": "object" + }, + "DeletedVaultProperties": { + "properties": { + "vaultId": { + "readOnly": true, + "type": "string", + "description": "The resource id of the original vault." + }, + "location": { + "readOnly": true, + "type": "string", + "description": "The location of the original vault." + }, + "deletionDate": { + "readOnly": true, + "type": "string", + "format": "date-time", + "description": "The deleted date." + }, + "scheduledPurgeDate": { + "readOnly": true, + "type": "string", + "format": "date-time", + "description": "The scheduled purged date." + }, + "tags": { + "readOnly": true, + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Tags of the original vault." + }, + "purgeProtectionEnabled": { + "readOnly": true, + "type": "boolean", + "description": "Purge protection status of the original vault." + } + }, + "description": "Properties of the deleted vault.", + "type": "object" + }, + "VaultCreateOrUpdateParameters": { + "properties": { + "location": { + "type": "string", + "description": "The supported Azure location where the key vault should be created." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The tags that will be assigned to the key vault." + }, + "properties": { + "$ref": "#/definitions/VaultProperties", + "description": "Properties of the vault" + } + }, + "description": "Parameters for creating or updating a vault", + "required": [ + "location", + "properties" + ], + "x-ms-azure-resource": true, + "type": "object" + }, + "VaultPatchParameters": { + "properties": { + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The tags that will be assigned to the key vault. " + }, + "properties": { + "$ref": "#/definitions/VaultPatchProperties", + "description": "Properties of the vault" + } + }, + "description": "Parameters for creating or updating a vault", + "x-ms-azure-resource": true, + "type": "object" + }, + "VaultAccessPolicyParameters": { + "properties": { + "id": { + "readOnly": true, + "type": "string", + "description": "The resource id of the access policy." + }, + "name": { + "readOnly": true, + "type": "string", + "description": "The resource name of the access policy." + }, + "type": { + "readOnly": true, + "type": "string", + "description": "The resource name of the access policy." + }, + "location": { + "readOnly": true, + "type": "string", + "description": "The resource type of the access policy." + }, + "properties": { + "$ref": "#/definitions/VaultAccessPolicyProperties", + "description": "Properties of the access policy" + } + }, + "description": "Parameters for updating the access policy in a vault", + "required": [ + "properties" + ], + "x-ms-azure-resource": true, + "type": "object" + }, + "Vault": { + "properties": { + "id": { + "readOnly": true, + "type": "string", + "description": "Fully qualified identifier of the key vault resource." + }, + "name": { + "readOnly": true, + "type": "string", + "description": "Name of the key vault resource." + }, + "type": { + "readOnly": true, + "type": "string", + "description": "Resource type of the key vault resource." + }, + "location": { + "type": "string", + "description": "Azure location of the key vault resource." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Tags assigned to the key vault resource." + }, + "systemData": { + "description": "System metadata for the key vault.", + "$ref": "common.json#/definitions/SystemData" + }, + "properties": { + "$ref": "#/definitions/VaultProperties", + "description": "Properties of the vault" + } + }, + "required": [ + "properties" + ], + "description": "Resource information with extended details.", + "x-ms-azure-resource": true, + "type": "object" + }, + "DeletedVault": { + "properties": { + "id": { + "readOnly": true, + "type": "string", + "description": "The resource ID for the deleted key vault." + }, + "name": { + "readOnly": true, + "type": "string", + "description": "The name of the key vault." + }, + "type": { + "readOnly": true, + "type": "string", + "description": "The resource type of the key vault." + }, + "properties": { + "$ref": "#/definitions/DeletedVaultProperties", + "description": "Properties of the vault" + } + }, + "description": "Deleted vault information with extended details.", + "type": "object" + }, + "VaultListResult": { + "properties": { + "value": { + "type": "array", + "items": { + "$ref": "#/definitions/Vault" + }, + "description": "The list of vaults." + }, + "nextLink": { + "type": "string", + "description": "The URL to get the next set of vaults." + } + }, + "description": "List of vaults", + "type": "object" + }, + "DeletedVaultListResult": { + "properties": { + "value": { + "type": "array", + "items": { + "$ref": "#/definitions/DeletedVault" + }, + "description": "The list of deleted vaults." + }, + "nextLink": { + "type": "string", + "description": "The URL to get the next set of deleted vaults." + } + }, + "description": "List of vaults", + "type": "object" + }, + "ResourceListResult": { + "properties": { + "value": { + "type": "array", + "items": { + "$ref": "#/definitions/Resource" + }, + "description": "The list of vault resources." + }, + "nextLink": { + "type": "string", + "description": "The URL to get the next set of vault resources." + } + }, + "description": "List of vault resources.", + "type": "object" + }, + "Resource": { + "properties": { + "id": { + "readOnly": true, + "type": "string", + "description": "Fully qualified identifier of the key vault resource." + }, + "name": { + "readOnly": true, + "type": "string", + "description": "Name of the key vault resource." + }, + "type": { + "readOnly": true, + "type": "string", + "description": "Resource type of the key vault resource." + }, + "location": { + "readOnly": true, + "type": "string", + "description": "Azure location of the key vault resource." + }, + "tags": { + "readOnly": true, + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Tags assigned to the key vault resource." + } + }, + "description": "Key Vault resource", + "x-ms-azure-resource": true, + "type": "object" + }, + "VaultCheckNameAvailabilityParameters": { + "properties": { + "name": { + "type": "string", + "description": "The vault name." + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.KeyVault/vaults" + ], + "x-ms-enum": { + "name": "Type", + "modelAsString": false + }, + "description": "The type of resource, Microsoft.KeyVault/vaults" + } + }, + "required": [ + "name", + "type" + ], + "description": "The parameters used to check the availability of the vault name.", + "type": "object" + }, + "CheckNameAvailabilityResult": { + "properties": { + "nameAvailable": { + "readOnly": true, + "type": "boolean", + "description": "A boolean value that indicates whether the name is available for you to use. If true, the name is available. If false, the name has already been taken or is invalid and cannot be used." + }, + "reason": { + "readOnly": true, + "type": "string", + "description": "The reason that a vault name could not be used. The Reason element is only returned if NameAvailable is false.", + "enum": [ + "AccountNameInvalid", + "AlreadyExists" + ], + "x-ms-enum": { + "name": "Reason", + "modelAsString": false + } + }, + "message": { + "readOnly": true, + "type": "string", + "description": "An error message explaining the Reason value in more detail." + } + }, + "description": "The CheckNameAvailability operation response.", + "type": "object" + }, + "NetworkRuleSet": { + "properties": { + "bypass": { + "type": "string", + "description": "Tells what traffic can bypass network rules. This can be 'AzureServices' or 'None'. If not specified the default is 'AzureServices'.", + "enum": [ + "AzureServices", + "None" + ], + "x-ms-enum": { + "name": "NetworkRuleBypassOptions", + "modelAsString": true + } + }, + "defaultAction": { + "type": "string", + "description": "The default action when no rule from ipRules and from virtualNetworkRules match. This is only used after the bypass property has been evaluated.", + "enum": [ + "Allow", + "Deny" + ], + "x-ms-enum": { + "name": "NetworkRuleAction", + "modelAsString": true + } + }, + "ipRules": { + "type": "array", + "items": { + "$ref": "#/definitions/IPRule" + }, + "description": "The list of IP address rules." + }, + "virtualNetworkRules": { + "type": "array", + "items": { + "$ref": "#/definitions/VirtualNetworkRule" + }, + "x-ms-identifiers": [ + "id" + ], + "description": "The list of virtual network rules." + } + }, + "description": "A set of rules governing the network accessibility of a vault.", + "type": "object" + }, + "IPRule": { + "properties": { + "value": { + "type": "string", + "description": "An IPv4 address range in CIDR notation, such as '124.56.78.91' (simple IP address) or '124.56.78.0/24' (all addresses that start with 124.56.78)." + } + }, + "required": [ + "value" + ], + "description": "A rule governing the accessibility of a vault from a specific ip address or ip range.", + "type": "object" + }, + "VirtualNetworkRule": { + "properties": { + "id": { + "type": "string", + "description": "Full resource id of a vnet subnet, such as '/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworks/test-vnet/subnets/subnet1'." + }, + "ignoreMissingVnetServiceEndpoint": { + "type": "boolean", + "description": "Property to specify whether NRP will ignore the check if parent subnet has serviceEndpoints configured." + } + }, + "required": [ + "id" + ], + "description": "A rule governing the accessibility of a vault from a specific virtual network.", + "type": "object" + }, + "PrivateEndpointConnectionItem": { + "properties": { + "id": { + "type": "string", + "description": "Id of private endpoint connection." + }, + "etag": { + "type": "string", + "description": "Modified whenever there is a change in the state of private endpoint connection." + }, + "properties": { + "$ref": "#/definitions/PrivateEndpointConnectionProperties", + "x-ms-client-flatten": true, + "description": "Private endpoint connection properties." + } + }, + "description": "Private endpoint connection item.", + "type": "object" + }, + "PrivateEndpointConnection": { + "properties": { + "properties": { + "$ref": "#/definitions/PrivateEndpointConnectionProperties", + "x-ms-client-flatten": true, + "description": "Resource properties." + }, + "etag": { + "type": "string", + "description": "Modified whenever there is a change in the state of private endpoint connection." + } + }, + "allOf": [ + { + "$ref": "#/definitions/Resource" + } + ], + "description": "Private endpoint connection resource.", + "x-ms-azure-resource": true, + "type": "object" + }, + "PrivateEndpointConnectionListResult": { + "properties": { + "value": { + "type": "array", + "items": { + "$ref": "#/definitions/PrivateEndpointConnection" + }, + "description": "The list of private endpoint connections." + }, + "nextLink": { + "type": "string", + "description": "The URL to get the next set of private endpoint connections." + } + }, + "description": "List of private endpoint connections.", + "type": "object" + }, + "PrivateEndpointConnectionProperties": { + "properties": { + "privateEndpoint": { + "$ref": "#/definitions/PrivateEndpoint", + "description": "Properties of the private endpoint object." + }, + "privateLinkServiceConnectionState": { + "$ref": "#/definitions/PrivateLinkServiceConnectionState", + "description": "Approval state of the private link connection." + }, + "provisioningState": { + "$ref": "#/definitions/PrivateEndpointConnectionProvisioningState", + "description": "Provisioning state of the private endpoint connection." + } + }, + "description": "Properties of the private endpoint connection resource.", + "type": "object" + }, + "PrivateEndpoint": { + "properties": { + "id": { + "readOnly": true, + "type": "string", + "description": "Full identifier of the private endpoint resource." + } + }, + "description": "Private endpoint object properties.", + "type": "object" + }, + "PrivateLinkServiceConnectionState": { + "properties": { + "status": { + "$ref": "#/definitions/PrivateEndpointServiceConnectionStatus", + "description": "Indicates whether the connection has been approved, rejected or removed by the key vault owner." + }, + "description": { + "type": "string", + "description": "The reason for approval or rejection." + }, + "actionsRequired": { + "type": "string", + "description": "A message indicating if changes on the service provider require any updates on the consumer.", + "enum": [ + "None" + ], + "x-ms-enum": { + "name": "ActionsRequired", + "modelAsString": true + } + } + }, + "description": "An object that represents the approval state of the private link connection.", + "type": "object" + }, + "PrivateEndpointServiceConnectionStatus": { + "type": "string", + "description": "The private endpoint connection status.", + "enum": [ + "Pending", + "Approved", + "Rejected", + "Disconnected" + ], + "x-ms-enum": { + "name": "PrivateEndpointServiceConnectionStatus", + "modelAsString": true + } + }, + "PrivateEndpointConnectionProvisioningState": { + "type": "string", + "readOnly": true, + "description": "The current provisioning state.", + "enum": [ + "Succeeded", + "Creating", + "Updating", + "Deleting", + "Failed", + "Disconnected" + ], + "x-ms-enum": { + "name": "PrivateEndpointConnectionProvisioningState", + "modelAsString": true + } + }, + "PrivateLinkResourceListResult": { + "properties": { + "value": { + "type": "array", + "description": "Array of private link resources", + "items": { + "$ref": "#/definitions/PrivateLinkResource" + } + } + }, + "description": "A list of private link resources", + "type": "object" + }, + "PrivateLinkResource": { + "properties": { + "properties": { + "$ref": "#/definitions/PrivateLinkResourceProperties", + "description": "Resource properties.", + "x-ms-client-flatten": true + } + }, + "allOf": [ + { + "$ref": "#/definitions/Resource" + } + ], + "description": "A private link resource", + "type": "object" + }, + "PrivateLinkResourceProperties": { + "properties": { + "groupId": { + "description": "Group identifier of private link resource.", + "type": "string", + "readOnly": true + }, + "requiredMembers": { + "description": "Required member names of private link resource.", + "type": "array", + "items": { + "type": "string" + }, + "readOnly": true + }, + "requiredZoneNames": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Required DNS zone names of the the private link resource." + } + }, + "description": "Properties of a private link resource.", + "type": "object" + } + }, + "parameters": { + "SubscriptionIdParameter": { + "name": "subscriptionId", + "in": "path", + "required": true, + "type": "string", + "description": "Subscription credentials which uniquely identify Microsoft Azure subscription. The subscription ID forms part of the URI for every service call." + }, + "ResourceGroupName": { + "name": "resourceGroupName", + "in": "path", + "required": true, + "type": "string", + "description": "Name of the resource group that contains the key vault.", + "x-ms-parameter-location": "method" + }, + "VaultName": { + "name": "vaultName", + "in": "path", + "required": true, + "type": "string", + "pattern": "^[a-zA-Z0-9-]{3,24}$", + "description": "The name of the key vault.", + "x-ms-parameter-location": "method" + }, + "PrivateEndpointConnectionName": { + "name": "privateEndpointConnectionName", + "in": "path", + "required": true, + "type": "string", + "description": "Name of the private endpoint connection associated with the key vault.", + "x-ms-parameter-location": "method" + }, + "ApiVersionParameter": { + "name": "api-version", + "in": "query", + "required": true, + "type": "string", + "description": "Client Api Version." + } + }, + "securityDefinitions": { + "azure_auth": { + "type": "oauth2", + "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", + "flow": "implicit", + "description": "Azure Active Directory OAuth2 Flow", + "scopes": { + "user_impersonation": "impersonate your user account" + } + } + } +} diff --git a/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/managedHsm.json b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/managedHsm.json new file mode 100644 index 000000000000..34b98d90b272 --- /dev/null +++ b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/managedHsm.json @@ -0,0 +1,1737 @@ +{ + "swagger": "2.0", + "info": { + "title": "KeyVaultManagementClient", + "description": "The Azure management API provides a RESTful set of web services that interact with Azure Key Vault.", + "version": "2023-07-01" + }, + "host": "management.azure.com", + "schemes": [ + "https" + ], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "security": [ + { + "azure_auth": [ + "user_impersonation" + ] + } + ], + "securityDefinitions": { + "azure_auth": { + "type": "oauth2", + "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", + "flow": "implicit", + "description": "Azure Active Directory OAuth2 Flow", + "scopes": { + "user_impersonation": "impersonate your user account" + } + } + }, + "paths": { + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.KeyVault/managedHSMs/{name}": { + "put": { + "tags": [ + "ManagedHsms" + ], + "operationId": "ManagedHsms_CreateOrUpdate", + "x-ms-long-running-operation": true, + "description": "Create or update a managed HSM Pool in the specified subscription.", + "parameters": [ + { + "$ref": "#/parameters/ManagedHsmResourceGroupName" + }, + { + "name": "name", + "in": "path", + "required": true, + "type": "string", + "description": "Name of the managed HSM Pool" + }, + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "name": "parameters", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/ManagedHsm" + }, + "description": "Parameters to create or update the managed HSM Pool" + }, + { + "$ref": "#/parameters/SubscriptionIdParameter" + } + ], + "responses": { + "202": { + "description": "Accepted and the operation will complete asynchronously.", + "headers": { + "Location": { + "description": "The URI to poll for completion status.", + "type": "string" + } + }, + "schema": { + "$ref": "#/definitions/ManagedHsm" + } + }, + "200": { + "description": "Created or updated managed HSM Pool", + "schema": { + "$ref": "#/definitions/ManagedHsm" + } + }, + "default": { + "description": "The error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/ManagedHsmError" + } + } + }, + "x-ms-examples": { + "Create a new managed HSM Pool or update an existing managed HSM Pool": { + "$ref": "./examples/ManagedHsm_CreateOrUpdate.json" + } + } + }, + "patch": { + "tags": [ + "ManagedHsms" + ], + "operationId": "ManagedHsms_Update", + "x-ms-long-running-operation": true, + "description": "Update a managed HSM Pool in the specified subscription.", + "parameters": [ + { + "$ref": "#/parameters/ManagedHsmResourceGroupName" + }, + { + "name": "name", + "in": "path", + "required": true, + "type": "string", + "description": "Name of the managed HSM Pool" + }, + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "name": "parameters", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/ManagedHsm" + }, + "description": "Parameters to patch the managed HSM Pool" + }, + { + "$ref": "#/parameters/SubscriptionIdParameter" + } + ], + "responses": { + "202": { + "description": "Accepted and the operation will complete asynchronously.", + "headers": { + "Location": { + "description": "The URI to poll for completion status.", + "type": "string" + } + }, + "schema": { + "$ref": "#/definitions/ManagedHsm" + } + }, + "200": { + "description": "Patched managed HSM Pool", + "schema": { + "$ref": "#/definitions/ManagedHsm" + } + }, + "default": { + "description": "The error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/ManagedHsmError" + } + } + }, + "x-ms-examples": { + "Update an existing managed HSM Pool": { + "$ref": "./examples/ManagedHsm_Update.json" + } + } + }, + "delete": { + "tags": [ + "ManagedHsms" + ], + "operationId": "ManagedHsms_Delete", + "x-ms-long-running-operation": true, + "description": "Deletes the specified managed HSM Pool.", + "parameters": [ + { + "$ref": "#/parameters/ManagedHsmResourceGroupName" + }, + { + "name": "name", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the managed HSM Pool to delete" + }, + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/SubscriptionIdParameter" + } + ], + "responses": { + "204": { + "description": "Request successful. Resource does not exist." + }, + "202": { + "description": "Accepted and the operation will complete asynchronously.", + "headers": { + "Location": { + "description": "The URI to poll for completion status.", + "type": "string" + } + } + }, + "200": { + "description": "Delete successful." + }, + "default": { + "description": "The error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/ManagedHsmError" + } + } + }, + "x-ms-examples": { + "Delete a managed HSM Pool": { + "$ref": "./examples/ManagedHsm_Delete.json" + } + } + }, + "get": { + "tags": [ + "ManagedHsms" + ], + "operationId": "ManagedHsms_Get", + "description": "Gets the specified managed HSM Pool.", + "parameters": [ + { + "$ref": "#/parameters/ManagedHsmResourceGroupName" + }, + { + "name": "name", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the managed HSM Pool." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/SubscriptionIdParameter" + } + ], + "responses": { + "200": { + "description": "Retrieved managed HSM Pool", + "schema": { + "$ref": "#/definitions/ManagedHsm" + } + }, + "204": { + "description": "Request successful. Resource does not exist." + }, + "default": { + "description": "The error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/ManagedHsmError" + } + } + }, + "x-ms-examples": { + "Retrieve a managed HSM Pool": { + "$ref": "./examples/ManagedHsm_Get.json" + } + } + } + }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.KeyVault/managedHSMs": { + "get": { + "tags": [ + "ManagedHsms" + ], + "operationId": "ManagedHsms_ListByResourceGroup", + "description": "The List operation gets information about the managed HSM Pools associated with the subscription and within the specified resource group.", + "parameters": [ + { + "$ref": "#/parameters/ManagedHsmResourceGroupName" + }, + { + "name": "$top", + "in": "query", + "type": "integer", + "format": "int32", + "description": "Maximum number of results to return." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/SubscriptionIdParameter" + } + ], + "responses": { + "200": { + "description": "Get information about all managed HSM Pools in the specified resource group.", + "schema": { + "$ref": "#/definitions/ManagedHsmListResult" + } + }, + "default": { + "description": "The error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/ManagedHsmError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + }, + "x-ms-examples": { + "List managed HSM Pools in a resource group": { + "$ref": "./examples/ManagedHsm_ListByResourceGroup.json" + } + } + } + }, + "/subscriptions/{subscriptionId}/providers/Microsoft.KeyVault/managedHSMs": { + "get": { + "tags": [ + "ManagedHsms" + ], + "operationId": "ManagedHsms_ListBySubscription", + "description": "The List operation gets information about the managed HSM Pools associated with the subscription.", + "parameters": [ + { + "name": "$top", + "in": "query", + "type": "integer", + "format": "int32", + "description": "Maximum number of results to return." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/SubscriptionIdParameter" + } + ], + "responses": { + "200": { + "description": "Get information about all managed HSM Pools in the specified subscription.", + "schema": { + "$ref": "#/definitions/ManagedHsmListResult" + } + }, + "default": { + "description": "The error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/ManagedHsmError" + } + } + }, + "x-ms-examples": { + "List managed HSM Pools in a subscription": { + "$ref": "./examples/ManagedHsm_ListBySubscription.json" + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + } + } + }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.KeyVault/managedHSMs/{name}/privateEndpointConnections": { + "get": { + "tags": [ + "MHSMListPrivateEndpointConnections" + ], + "operationId": "MHSMPrivateEndpointConnections_ListByResource", + "description": "The List operation gets information about the private endpoint connections associated with the managed HSM Pool.", + "parameters": [ + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "#/parameters/ManagedHsmResourceGroupName" + }, + { + "name": "name", + "in": "path", + "required": true, + "type": "string", + "description": "Name of the managed HSM Pool" + } + ], + "responses": { + "200": { + "description": "Get information about all managed HSM Pools in the specified subscription.", + "schema": { + "$ref": "#/definitions/MHSMPrivateEndpointConnectionsListResult" + } + }, + "default": { + "description": "The error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/ManagedHsmError" + } + } + }, + "x-ms-examples": { + "List managed HSM Pools in a subscription": { + "$ref": "./examples/ManagedHsm_ListPrivateEndpointConnectionsByResource.json" + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + } + } + }, + "/subscriptions/{subscriptionId}/providers/Microsoft.KeyVault/deletedManagedHSMs": { + "get": { + "tags": [ + "ManagedHsms" + ], + "operationId": "ManagedHsms_ListDeleted", + "description": "The List operation gets information about the deleted managed HSMs associated with the subscription.", + "parameters": [ + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/SubscriptionIdParameter" + } + ], + "responses": { + "200": { + "description": "Retrieved information about all managed HSMs in the specified subscription.", + "schema": { + "$ref": "#/definitions/DeletedManagedHsmListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/ManagedHsmError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + }, + "x-ms-examples": { + "List deleted managed HSMs in the specified subscription": { + "$ref": "./examples/DeletedManagedHsm_List.json" + } + } + } + }, + "/subscriptions/{subscriptionId}/providers/Microsoft.KeyVault/locations/{location}/deletedManagedHSMs/{name}": { + "get": { + "tags": [ + "ManagedHsms" + ], + "operationId": "ManagedHsms_GetDeleted", + "description": "Gets the specified deleted managed HSM.", + "parameters": [ + { + "name": "name", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the deleted managed HSM." + }, + { + "name": "location", + "in": "path", + "required": true, + "type": "string", + "description": "The location of the deleted managed HSM." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/SubscriptionIdParameter" + } + ], + "responses": { + "200": { + "description": "Retrieved information about the specified deleted managed HSM.", + "schema": { + "$ref": "#/definitions/DeletedManagedHsm" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/ManagedHsmError" + } + } + }, + "x-ms-examples": { + "Retrieve a deleted managed HSM": { + "$ref": "./examples/DeletedManagedHsm_Get.json" + } + } + } + }, + "/subscriptions/{subscriptionId}/providers/Microsoft.KeyVault/locations/{location}/deletedManagedHSMs/{name}/purge": { + "post": { + "tags": [ + "ManagedHsms" + ], + "operationId": "ManagedHsms_PurgeDeleted", + "x-ms-long-running-operation": true, + "description": "Permanently deletes the specified managed HSM.", + "parameters": [ + { + "name": "name", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the soft-deleted managed HSM." + }, + { + "name": "location", + "in": "path", + "required": true, + "type": "string", + "description": "The location of the soft-deleted managed HSM." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/SubscriptionIdParameter" + } + ], + "responses": { + "202": { + "description": "Accepted and the operation will complete asynchronously.", + "headers": { + "Location": { + "description": "The URI to poll for completion status.", + "type": "string" + } + } + }, + "default": { + "description": "The error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/ManagedHsmError" + } + } + }, + "x-ms-examples": { + "Purge a managed HSM Pool": { + "$ref": "./examples/DeletedManagedHsm_Purge.json" + } + } + } + }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.KeyVault/managedHSMs/{name}/privateEndpointConnections/{privateEndpointConnectionName}": { + "get": { + "tags": [ + "MHSMPrivateEndpointConnections" + ], + "operationId": "MHSMPrivateEndpointConnections_Get", + "description": "Gets the specified private endpoint connection associated with the managed HSM Pool.", + "x-ms-examples": { + "ManagedHsmGetPrivateEndpointConnection": { + "$ref": "./examples/ManagedHsm_getPrivateEndpointConnection.json" + } + }, + "parameters": [ + { + "$ref": "#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "#/parameters/ManagedHsmResourceGroupName" + }, + { + "name": "name", + "in": "path", + "required": true, + "type": "string", + "description": "Name of the managed HSM Pool" + }, + { + "$ref": "#/parameters/MHSMPrivateEndpointConnectionName" + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "Private endpoint connection successfully returned.", + "schema": { + "$ref": "#/definitions/MHSMPrivateEndpointConnection" + } + }, + "default": { + "description": "The error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/ManagedHsmError" + } + } + } + }, + "put": { + "tags": [ + "MHSMPrivateEndpointConnections" + ], + "operationId": "MHSMPrivateEndpointConnections_Put", + "description": "Updates the specified private endpoint connection associated with the managed hsm pool.", + "x-ms-examples": { + "ManagedHsmPutPrivateEndpointConnection": { + "$ref": "./examples/ManagedHsm_putPrivateEndpointConnection.json" + } + }, + "parameters": [ + { + "$ref": "#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "#/parameters/ManagedHsmResourceGroupName" + }, + { + "name": "name", + "in": "path", + "required": true, + "type": "string", + "description": "Name of the managed HSM Pool" + }, + { + "$ref": "#/parameters/MHSMPrivateEndpointConnectionName" + }, + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "name": "properties", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MHSMPrivateEndpointConnection" + }, + "description": "The intended state of private endpoint connection." + } + ], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The state of private endpoint connection was updated successfully.", + "headers": { + "Retry-After": { + "description": "(specified only if operation does not finish synchronously) The recommended number of seconds to wait before calling the URI specified in Azure-AsyncOperation.", + "type": "integer", + "format": "int32" + }, + "Azure-AsyncOperation": { + "description": "(specified only if operation does not finish synchronously) The URI to poll for completion status. The response of this URI may be synchronous or asynchronous.", + "type": "string" + } + }, + "schema": { + "$ref": "#/definitions/MHSMPrivateEndpointConnection" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "common.json#/definitions/CloudError" + } + } + } + }, + "delete": { + "tags": [ + "MHSMPrivateEndpointConnections" + ], + "operationId": "MHSMPrivateEndpointConnections_Delete", + "x-ms-long-running-operation": true, + "description": "Deletes the specified private endpoint connection associated with the managed hsm pool.", + "x-ms-examples": { + "ManagedHsmDeletePrivateEndpointConnection": { + "$ref": "./examples/ManagedHsm_deletePrivateEndpointConnection.json" + } + }, + "parameters": [ + { + "$ref": "#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "#/parameters/ManagedHsmResourceGroupName" + }, + { + "name": "name", + "in": "path", + "required": true, + "type": "string", + "description": "Name of the managed HSM Pool" + }, + { + "$ref": "#/parameters/MHSMPrivateEndpointConnectionName" + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The private endpoint connection was successfully deleted.", + "schema": { + "$ref": "#/definitions/MHSMPrivateEndpointConnection" + } + }, + "202": { + "description": "The private endpoint connection is being deleted.", + "headers": { + "Location": { + "description": "The URI to poll for completion status.", + "type": "string" + } + } + }, + "204": { + "description": "The private endpoint connection does not exist." + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "common.json#/definitions/CloudError" + } + } + } + } + }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.KeyVault/managedHSMs/{name}/privateLinkResources": { + "get": { + "tags": [ + "MHSMPrivateLinkResources" + ], + "operationId": "MHSMPrivateLinkResources_ListByMHSMResource", + "description": "Gets the private link resources supported for the managed hsm pool.", + "x-ms-examples": { + "KeyVaultListPrivateLinkResources": { + "$ref": "./examples/ManagedHsm_listPrivateLinkResources.json" + } + }, + "parameters": [ + { + "$ref": "#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "#/parameters/ManagedHsmResourceGroupName" + }, + { + "name": "name", + "in": "path", + "required": true, + "type": "string", + "description": "Name of the managed HSM Pool" + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "Successfully retrieved private link resources.", + "schema": { + "$ref": "#/definitions/MHSMPrivateLinkResourceListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "common.json#/definitions/CloudError" + } + } + } + } + }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.KeyVault/managedHSMs/{name}/regions": { + "get": { + "tags": [ + "MHSMListRegions" + ], + "operationId": "MHSMRegions_ListByResource", + "description": "The List operation gets information about the regions associated with the managed HSM Pool.", + "parameters": [ + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "#/parameters/ManagedHsmResourceGroupName" + }, + { + "name": "name", + "in": "path", + "required": true, + "type": "string", + "description": "Name of the managed HSM Pool" + } + ], + "responses": { + "200": { + "description": "Get information about all managed HSM Pools in the specified subscription.", + "schema": { + "$ref": "#/definitions/MHSMRegionsListResult" + } + }, + "default": { + "description": "The error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/ManagedHsmError" + } + } + }, + "x-ms-examples": { + "List managed HSM Pools in a subscription": { + "$ref": "./examples/ManagedHsm_ListRegionsByResource.json" + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + } + } + }, + "/subscriptions/{subscriptionId}/providers/Microsoft.KeyVault/checkMhsmNameAvailability": { + "post": { + "tags": [ + "ManagedHsms" + ], + "operationId": "ManagedHsms_CheckMhsmNameAvailability", + "description": "Checks that the managed hsm name is valid and is not already in use.", + "parameters": [ + { + "name": "mhsmName", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/CheckMhsmNameAvailabilityParameters" + }, + "description": "The name of the managed hsm." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/SubscriptionIdParameter" + } + ], + "responses": { + "200": { + "description": "OK -- Operation to check the mhsm name availability was successful.", + "schema": { + "$ref": "#/definitions/CheckMhsmNameAvailabilityResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "common.json#/definitions/CloudError" + } + } + }, + "x-ms-examples": { + "Validate a managed hsm name": { + "$ref": "./examples/ManagedHsm_checkMhsmNameAvailability.json" + } + }, + "produces": [ + "application/json" + ] + } + } + }, + "definitions": { + "ManagedHsmSku": { + "properties": { + "family": { + "type": "string", + "description": "SKU Family of the managed HSM Pool", + "enum": [ + "B" + ], + "x-ms-client-default": "B", + "x-ms-enum": { + "name": "ManagedHsmSkuFamily", + "modelAsString": true + } + }, + "name": { + "type": "string", + "description": "SKU of the managed HSM Pool", + "enum": [ + "Standard_B1", + "Custom_B32", + "Custom_B6" + ], + "x-ms-enum": { + "name": "ManagedHsmSkuName", + "modelAsString": false + } + } + }, + "description": "SKU details", + "required": [ + "name", + "family" + ], + "type": "object" + }, + "ManagedHsmProperties": { + "properties": { + "tenantId": { + "type": "string", + "format": "uuid", + "description": "The Azure Active Directory tenant ID that should be used for authenticating requests to the managed HSM pool." + }, + "initialAdminObjectIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Array of initial administrators object ids for this managed hsm pool." + }, + "hsmUri": { + "type": "string", + "readOnly": true, + "description": "The URI of the managed hsm pool for performing operations on keys." + }, + "enableSoftDelete": { + "type": "boolean", + "default": true, + "description": "Property to specify whether the 'soft delete' functionality is enabled for this managed HSM pool. Soft delete is enabled by default for all managed HSMs and is immutable." + }, + "softDeleteRetentionInDays": { + "type": "integer", + "format": "int32", + "default": 90, + "description": "Soft deleted data retention days. When you delete an HSM or a key, it will remain recoverable for the configured retention period or for a default period of 90 days. It accepts values between 7 and 90." + }, + "enablePurgeProtection": { + "type": "boolean", + "default": true, + "description": "Property specifying whether protection against purge is enabled for this managed HSM pool. Setting this property to true activates protection against purge for this managed HSM pool and its content - only the Managed HSM service may initiate a hard, irrecoverable deletion. Enabling this functionality is irreversible." + }, + "createMode": { + "type": "string", + "description": "The create mode to indicate whether the resource is being created or is being recovered from a deleted resource.", + "enum": [ + "recover", + "default" + ], + "x-ms-enum": { + "name": "CreateMode", + "modelAsString": false, + "values": [ + { + "value": "recover", + "description": "Recover the managed HSM pool from a soft-deleted resource." + }, + { + "value": "default", + "description": "Create a new managed HSM pool. This is the default option." + } + ] + }, + "x-ms-mutability": [ + "create", + "update" + ] + }, + "statusMessage": { + "readOnly": true, + "type": "string", + "description": "Resource Status Message." + }, + "provisioningState": { + "readOnly": true, + "type": "string", + "description": "Provisioning state.", + "enum": [ + "Succeeded", + "Provisioning", + "Failed", + "Updating", + "Deleting", + "Activated", + "SecurityDomainRestore", + "Restoring" + ], + "x-ms-enum": { + "name": "ProvisioningState", + "modelAsString": true, + "values": [ + { + "value": "Succeeded", + "description": "The managed HSM Pool has been full provisioned." + }, + { + "value": "Provisioning", + "description": "The managed HSM Pool is currently being provisioned." + }, + { + "value": "Failed", + "description": "Provisioning of the managed HSM Pool has failed." + }, + { + "value": "Updating", + "description": "The managed HSM Pool is currently being updated." + }, + { + "value": "Deleting", + "description": "The managed HSM Pool is currently being deleted." + }, + { + "value": "Activated", + "description": "The managed HSM pool is ready for normal use." + }, + { + "value": "SecurityDomainRestore", + "description": "The managed HSM pool is waiting for a security domain restore action." + }, + { + "value": "Restoring", + "description": "The managed HSM pool is being restored from full HSM backup." + } + ] + } + }, + "networkAcls": { + "$ref": "#/definitions/MHSMNetworkRuleSet", + "description": "Rules governing the accessibility of the key vault from specific network locations." + }, + "regions": { + "type": "array", + "items": { + "$ref": "#/definitions/MHSMGeoReplicatedRegion" + }, + "x-ms-identifiers": [ + "name" + ], + "description": "List of all regions associated with the managed hsm pool." + }, + "privateEndpointConnections": { + "readOnly": true, + "type": "array", + "items": { + "$ref": "#/definitions/MHSMPrivateEndpointConnectionItem" + }, + "description": "List of private endpoint connections associated with the managed hsm pool." + }, + "publicNetworkAccess": { + "description": "Control permission to the managed HSM from public networks.", + "enum": [ + "Enabled", + "Disabled" + ], + "default": "Enabled", + "type": "string", + "x-ms-enum": { + "name": "PublicNetworkAccess", + "modelAsString": true + } + }, + "scheduledPurgeDate": { + "readOnly": true, + "type": "string", + "format": "date-time", + "description": "The scheduled purge date in UTC." + }, + "securityDomainProperties": { + "readOnly": true, + "$ref": "#/definitions/ManagedHSMSecurityDomainProperties", + "description": "Managed HSM security domain properties." + } + }, + "description": "Properties of the managed HSM Pool", + "type": "object" + }, + "ManagedHsm": { + "properties": { + "properties": { + "$ref": "#/definitions/ManagedHsmProperties", + "description": "Properties of the managed HSM" + } + }, + "allOf": [ + { + "$ref": "#/definitions/ManagedHsmResource" + } + ], + "description": "Resource information with extended details.", + "type": "object" + }, + "ManagedHsmResource": { + "properties": { + "id": { + "readOnly": true, + "type": "string", + "description": "The Azure Resource Manager resource ID for the managed HSM Pool." + }, + "name": { + "readOnly": true, + "type": "string", + "description": "The name of the managed HSM Pool." + }, + "type": { + "readOnly": true, + "type": "string", + "description": "The resource type of the managed HSM Pool." + }, + "location": { + "type": "string", + "description": "The supported Azure location where the managed HSM Pool should be created.", + "x-ms-mutability": [ + "create", + "read" + ] + }, + "sku": { + "$ref": "#/definitions/ManagedHsmSku", + "description": "SKU details" + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Resource tags" + }, + "systemData": { + "$ref": "common.json#/definitions/SystemData" + }, + "identity": { + "$ref": "../../../../../common-types/resource-management/v5/managedidentity.json#/definitions/ManagedServiceIdentity" + } + }, + "description": "Managed HSM resource", + "x-ms-azure-resource": true, + "type": "object" + }, + "ManagedHsmListResult": { + "properties": { + "value": { + "type": "array", + "items": { + "$ref": "#/definitions/ManagedHsm" + }, + "description": "The list of managed HSM Pools." + }, + "nextLink": { + "type": "string", + "description": "The URL to get the next set of managed HSM Pools." + } + }, + "description": "List of managed HSM Pools", + "type": "object" + }, + "MHSMPrivateEndpointConnectionsListResult": { + "properties": { + "value": { + "type": "array", + "items": { + "$ref": "#/definitions/MHSMPrivateEndpointConnection" + }, + "description": "The private endpoint connection associated with a managed HSM Pools." + }, + "nextLink": { + "type": "string", + "description": "The URL to get the next set of managed HSM Pools." + } + }, + "description": "List of private endpoint connections associated with a managed HSM Pools", + "type": "object" + }, + "MHSMRegionsListResult": { + "type": "object", + "properties": { + "value": { + "type": "array", + "items": { + "$ref": "#/definitions/MHSMGeoReplicatedRegion" + }, + "x-ms-identifiers": [ + "name" + ], + "description": "The region associated with a managed HSM Pools." + }, + "nextLink": { + "type": "string", + "description": "The URL to get the next set of managed HSM Pools." + } + }, + "description": "List of regions associated with a managed HSM Pools" + }, + "ManagedHsmError": { + "properties": { + "error": { + "readOnly": true, + "description": "The server error.", + "$ref": "#/definitions/Error" + } + }, + "description": "The error exception.", + "type": "object" + }, + "Error": { + "properties": { + "code": { + "type": "string", + "readOnly": true, + "description": "The error code." + }, + "message": { + "type": "string", + "readOnly": true, + "description": "The error message." + }, + "innererror": { + "x-ms-client-name": "innerError", + "readOnly": true, + "description": "The inner error, contains a more specific error code.", + "$ref": "#/definitions/Error" + } + }, + "description": "The server error.", + "type": "object" + }, + "DeletedManagedHsm": { + "properties": { + "id": { + "readOnly": true, + "type": "string", + "description": "The Azure Resource Manager resource ID for the deleted managed HSM Pool." + }, + "name": { + "readOnly": true, + "type": "string", + "description": "The name of the managed HSM Pool." + }, + "type": { + "readOnly": true, + "type": "string", + "description": "The resource type of the managed HSM Pool." + }, + "properties": { + "$ref": "#/definitions/DeletedManagedHsmProperties", + "description": "Properties of the deleted managed HSM" + } + }, + "type": "object" + }, + "DeletedManagedHsmProperties": { + "properties": { + "mhsmId": { + "readOnly": true, + "type": "string", + "description": "The resource id of the original managed HSM." + }, + "location": { + "readOnly": true, + "type": "string", + "description": "The location of the original managed HSM." + }, + "deletionDate": { + "readOnly": true, + "type": "string", + "format": "date-time", + "description": "The deleted date." + }, + "scheduledPurgeDate": { + "readOnly": true, + "type": "string", + "format": "date-time", + "description": "The scheduled purged date." + }, + "purgeProtectionEnabled": { + "readOnly": true, + "type": "boolean", + "description": "Purge protection status of the original managed HSM." + }, + "tags": { + "readOnly": true, + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Tags of the original managed HSM." + } + }, + "description": "Properties of the deleted managed HSM.", + "type": "object" + }, + "DeletedManagedHsmListResult": { + "properties": { + "value": { + "type": "array", + "items": { + "$ref": "#/definitions/DeletedManagedHsm" + }, + "description": "The list of deleted managed HSM Pools." + }, + "nextLink": { + "type": "string", + "description": "The URL to get the next set of deleted managed HSM Pools." + } + }, + "description": "List of deleted managed HSM Pools", + "type": "object" + }, + "MHSMGeoReplicatedRegion": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "Name of the geo replicated region." + }, + "provisioningState": { + "$ref": "#/definitions/MHSMGeoReplicationRegionProvisioningState", + "description": "Provisioning state of the geo replicated region." + }, + "isPrimary": { + "type": "boolean", + "description": "A boolean value that indicates whether the region is the primary region or a secondary region." + } + }, + "description": "A region that this managed HSM Pool has been extended to." + }, + "MHSMNetworkRuleSet": { + "properties": { + "bypass": { + "type": "string", + "description": "Tells what traffic can bypass network rules. This can be 'AzureServices' or 'None'. If not specified the default is 'AzureServices'.", + "enum": [ + "AzureServices", + "None" + ], + "x-ms-enum": { + "name": "NetworkRuleBypassOptions", + "modelAsString": true + } + }, + "defaultAction": { + "type": "string", + "description": "The default action when no rule from ipRules and from virtualNetworkRules match. This is only used after the bypass property has been evaluated.", + "enum": [ + "Allow", + "Deny" + ], + "x-ms-enum": { + "name": "NetworkRuleAction", + "modelAsString": true + } + }, + "ipRules": { + "type": "array", + "items": { + "$ref": "#/definitions/MHSMIPRule" + }, + "x-ms-identifiers": [ + "value" + ], + "description": "The list of IP address rules." + }, + "virtualNetworkRules": { + "type": "array", + "items": { + "$ref": "#/definitions/MHSMVirtualNetworkRule" + }, + "description": "The list of virtual network rules." + } + }, + "description": "A set of rules governing the network accessibility of a managed hsm pool.", + "type": "object" + }, + "MHSMIPRule": { + "properties": { + "value": { + "type": "string", + "description": "An IPv4 address range in CIDR notation, such as '124.56.78.91' (simple IP address) or '124.56.78.0/24' (all addresses that start with 124.56.78)." + } + }, + "required": [ + "value" + ], + "description": "A rule governing the accessibility of a managed HSM pool from a specific IP address or IP range.", + "type": "object" + }, + "MHSMVirtualNetworkRule": { + "properties": { + "id": { + "type": "string", + "description": "Full resource id of a vnet subnet, such as '/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworks/test-vnet/subnets/subnet1'." + } + }, + "required": [ + "id" + ], + "description": "A rule governing the accessibility of a managed hsm pool from a specific virtual network.", + "type": "object" + }, + "MHSMPrivateEndpointConnectionItem": { + "properties": { + "id": { + "type": "string", + "description": "Id of private endpoint connection." + }, + "etag": { + "type": "string", + "description": "Modified whenever there is a change in the state of private endpoint connection." + }, + "properties": { + "$ref": "#/definitions/MHSMPrivateEndpointConnectionProperties", + "x-ms-client-flatten": true, + "description": "Private endpoint connection properties." + } + }, + "description": "Private endpoint connection item.", + "type": "object" + }, + "MHSMPrivateEndpointConnection": { + "properties": { + "properties": { + "$ref": "#/definitions/MHSMPrivateEndpointConnectionProperties", + "x-ms-client-flatten": true, + "description": "Resource properties." + }, + "etag": { + "type": "string", + "description": "Modified whenever there is a change in the state of private endpoint connection." + } + }, + "allOf": [ + { + "$ref": "#/definitions/ManagedHsmResource" + } + ], + "description": "Private endpoint connection resource.", + "x-ms-azure-resource": true, + "type": "object" + }, + "MHSMPrivateEndpointConnectionProperties": { + "properties": { + "privateEndpoint": { + "$ref": "#/definitions/MHSMPrivateEndpoint", + "description": "Properties of the private endpoint object." + }, + "privateLinkServiceConnectionState": { + "$ref": "#/definitions/MHSMPrivateLinkServiceConnectionState", + "description": "Approval state of the private link connection." + }, + "provisioningState": { + "$ref": "#/definitions/MHSMPrivateEndpointConnectionProvisioningState", + "description": "Provisioning state of the private endpoint connection." + } + }, + "description": "Properties of the private endpoint connection resource.", + "type": "object" + }, + "MHSMPrivateEndpoint": { + "properties": { + "id": { + "readOnly": true, + "type": "string", + "description": "Full identifier of the private endpoint resource." + } + }, + "description": "Private endpoint object properties.", + "type": "object" + }, + "MHSMPrivateLinkServiceConnectionState": { + "properties": { + "status": { + "$ref": "#/definitions/MHSMPrivateEndpointServiceConnectionStatus", + "description": "Indicates whether the connection has been approved, rejected or removed by the key vault owner." + }, + "description": { + "type": "string", + "description": "The reason for approval or rejection." + }, + "actionsRequired": { + "type": "string", + "description": "A message indicating if changes on the service provider require any updates on the consumer.", + "enum": [ + "None" + ], + "x-ms-enum": { + "name": "ActionsRequired", + "modelAsString": true + } + } + }, + "description": "An object that represents the approval state of the private link connection.", + "type": "object" + }, + "MHSMPrivateEndpointServiceConnectionStatus": { + "type": "string", + "description": "The private endpoint connection status.", + "enum": [ + "Pending", + "Approved", + "Rejected", + "Disconnected" + ], + "x-ms-enum": { + "name": "PrivateEndpointServiceConnectionStatus", + "modelAsString": true + } + }, + "MHSMPrivateEndpointConnectionProvisioningState": { + "type": "string", + "readOnly": true, + "description": "The current provisioning state.", + "enum": [ + "Succeeded", + "Creating", + "Updating", + "Deleting", + "Failed", + "Disconnected" + ], + "x-ms-enum": { + "name": "PrivateEndpointConnectionProvisioningState", + "modelAsString": true + } + }, + "MHSMPrivateLinkResourceListResult": { + "properties": { + "value": { + "type": "array", + "description": "Array of private link resources", + "items": { + "$ref": "#/definitions/MHSMPrivateLinkResource" + } + } + }, + "description": "A list of private link resources", + "type": "object" + }, + "MHSMPrivateLinkResource": { + "properties": { + "properties": { + "$ref": "#/definitions/MHSMPrivateLinkResourceProperties", + "description": "Resource properties.", + "x-ms-client-flatten": true + } + }, + "allOf": [ + { + "$ref": "#/definitions/ManagedHsmResource" + } + ], + "description": "A private link resource", + "type": "object" + }, + "MHSMPrivateLinkResourceProperties": { + "properties": { + "groupId": { + "description": "Group identifier of private link resource.", + "type": "string", + "readOnly": true + }, + "requiredMembers": { + "description": "Required member names of private link resource.", + "type": "array", + "items": { + "type": "string" + }, + "readOnly": true + }, + "requiredZoneNames": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Required DNS zone names of the the private link resource." + } + }, + "description": "Properties of a private link resource.", + "type": "object" + }, + "MHSMGeoReplicationRegionProvisioningState": { + "type": "string", + "readOnly": true, + "description": "The current provisioning state.", + "enum": [ + "Preprovisioning", + "Provisioning", + "Succeeded", + "Failed", + "Deleting", + "Cleanup" + ], + "x-ms-enum": { + "name": "GeoReplicationRegionProvisioningState", + "modelAsString": true + } + }, + "CheckMhsmNameAvailabilityParameters": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The managed hsm name." + } + }, + "required": [ + "name" + ], + "description": "The parameters used to check the availability of the managed hsm name." + }, + "CheckMhsmNameAvailabilityResult": { + "type": "object", + "properties": { + "nameAvailable": { + "readOnly": true, + "type": "boolean", + "description": "A boolean value that indicates whether the name is available for you to use. If true, the name is available. If false, the name has already been taken or is invalid and cannot be used." + }, + "reason": { + "readOnly": true, + "type": "string", + "description": "The reason that a managed hsm name could not be used. The reason element is only returned if NameAvailable is false.", + "enum": [ + "AccountNameInvalid", + "AlreadyExists" + ], + "x-ms-enum": { + "name": "Reason", + "modelAsString": true + } + }, + "message": { + "readOnly": true, + "type": "string", + "description": "An error message explaining the Reason value in more detail." + } + }, + "description": "The CheckMhsmNameAvailability operation response." + }, + "ManagedHSMSecurityDomainProperties": { + "type": "object", + "properties": { + "activationStatus": { + "readOnly": true, + "type": "string", + "description": "Activation Status", + "enum": [ + "Active", + "NotActivated", + "Unknown", + "Failed" + ], + "x-ms-enum": { + "name": "ActivationStatus", + "modelAsString": true, + "values": [ + { + "value": "Active", + "description": "The managed HSM Pool is active." + }, + { + "value": "NotActivated", + "description": "The managed HSM Pool is not yet activated." + }, + { + "value": "Unknown", + "description": "An unknown error occurred while activating managed hsm." + }, + { + "value": "Failed", + "description": "Failed to activate managed hsm." + } + ] + } + }, + "activationStatusMessage": { + "readOnly": true, + "type": "string", + "description": "Activation Status Message." + } + }, + "description": "The security domain properties of the managed hsm." + } + }, + "parameters": { + "SubscriptionIdParameter": { + "name": "subscriptionId", + "in": "path", + "required": true, + "type": "string", + "description": "Subscription credentials which uniquely identify Microsoft Azure subscription. The subscription ID forms part of the URI for every service call." + }, + "ApiVersionParameter": { + "name": "api-version", + "in": "query", + "required": true, + "type": "string", + "description": "Client Api Version." + }, + "ManagedHsmResourceGroupName": { + "name": "resourceGroupName", + "in": "path", + "required": true, + "type": "string", + "description": "Name of the resource group that contains the managed HSM pool.", + "x-ms-parameter-location": "method" + }, + "MHSMPrivateEndpointConnectionName": { + "name": "privateEndpointConnectionName", + "in": "path", + "required": true, + "type": "string", + "description": "Name of the private endpoint connection associated with the managed hsm pool.", + "x-ms-parameter-location": "method" + } + } +} diff --git a/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/providers.json b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/providers.json new file mode 100644 index 000000000000..c2b6d101059a --- /dev/null +++ b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/providers.json @@ -0,0 +1,288 @@ +{ + "swagger": "2.0", + "info": { + "version": "2023-07-01", + "title": "KeyVaultManagementClient", + "description": "The Azure management API provides a RESTful set of web services that interact with Azure Key Vault." + }, + "host": "management.azure.com", + "schemes": [ + "https" + ], + "produces": [ + "application/json" + ], + "consumes": [ + "application/json" + ], + "paths": { + "/providers/Microsoft.KeyVault/operations": { + "get": { + "tags": [ + "Operations" + ], + "description": "Lists all of the available Key Vault Rest API operations.", + "operationId": "Operations_List", + "parameters": [ + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK. The request has succeeded.", + "schema": { + "$ref": "#/definitions/OperationListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "common.json#/definitions/CloudError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + }, + "x-ms-examples": { + "Lists available Rest API operations.": { + "$ref": "./examples/listOperations.json" + } + }, + "produces": [ + "application/json" + ], + "consumes": [ + "application/json" + ] + } + } + }, + "definitions": { + "OperationListResult": { + "description": "Result of the request to list Storage operations. It contains a list of operations and a URL link to get the next set of results.", + "properties": { + "value": { + "type": "array", + "items": { + "$ref": "#/definitions/Operation" + }, + "x-ms-identifiers": [], + "description": "List of Storage operations supported by the Storage resource provider." + }, + "nextLink": { + "type": "string", + "description": "The URL to get the next set of operations." + } + }, + "type": "object" + }, + "Operation": { + "description": "Key Vault REST API operation definition.", + "type": "object", + "properties": { + "name": { + "description": "Operation name: {provider}/{resource}/{operation}", + "type": "string" + }, + "display": { + "description": "Display metadata associated with the operation.", + "properties": { + "provider": { + "description": "Service provider: Microsoft Key Vault.", + "type": "string" + }, + "resource": { + "description": "Resource on which the operation is performed etc.", + "type": "string" + }, + "operation": { + "description": "Type of operation: get, read, delete, etc.", + "type": "string" + }, + "description": { + "description": "Description of operation.", + "type": "string" + } + } + }, + "origin": { + "type": "string", + "description": "The origin of operations." + }, + "properties": { + "description": "Properties of operation, include metric specifications.", + "x-ms-client-flatten": true, + "x-ms-client-name": "OperationProperties", + "$ref": "#/definitions/OperationProperties" + }, + "isDataAction": { + "type": "boolean", + "description": "Property to specify whether the action is a data action." + } + } + }, + "OperationProperties": { + "description": "Properties of operation, include metric specifications.", + "properties": { + "serviceSpecification": { + "$ref": "#/definitions/ServiceSpecification", + "description": "One property of operation, include metric specifications." + } + }, + "type": "object" + }, + "ServiceSpecification": { + "description": "One property of operation, include log specifications.", + "properties": { + "logSpecifications": { + "description": "Log specifications of operation.", + "type": "array", + "items": { + "$ref": "#/definitions/LogSpecification" + }, + "x-ms-identifiers": [ + "name" + ] + }, + "metricSpecifications": { + "description": "Metric specifications of operation.", + "type": "array", + "items": { + "$ref": "#/definitions/MetricSpecification" + }, + "x-ms-identifiers": [ + "name" + ] + } + }, + "type": "object" + }, + "LogSpecification": { + "description": "Log specification of operation.", + "properties": { + "name": { + "type": "string", + "description": "Name of log specification." + }, + "displayName": { + "type": "string", + "description": "Display name of log specification." + }, + "blobDuration": { + "type": "string", + "description": "Blob duration of specification." + } + }, + "type": "object" + }, + "MetricSpecification": { + "description": "Metric specification of operation.", + "properties": { + "name": { + "type": "string", + "description": "Name of metric specification." + }, + "displayName": { + "type": "string", + "description": "Display name of metric specification." + }, + "displayDescription": { + "type": "string", + "description": "Display description of metric specification." + }, + "unit": { + "type": "string", + "description": "The metric unit. Possible values include: 'Bytes', 'Count', 'Milliseconds'." + }, + "aggregationType": { + "type": "string", + "description": "The metric aggregation type. Possible values include: 'Average', 'Count', 'Total'." + }, + "supportedAggregationTypes": { + "type": "array", + "description": "The supported aggregation types for the metrics.", + "items": { + "type": "string" + } + }, + "supportedTimeGrainTypes": { + "type": "array", + "description": "The supported time grain types for the metrics.", + "items": { + "type": "string" + } + }, + "lockAggregationType": { + "type": "string", + "description": "The metric lock aggregation type." + }, + "dimensions": { + "type": "array", + "description": "The dimensions of metric", + "items": { + "$ref": "#/definitions/DimensionProperties" + }, + "x-ms-identifiers": [ + "name" + ] + }, + "fillGapWithZero": { + "type": "boolean", + "description": "Property to specify whether to fill gap with zero." + }, + "internalMetricName": { + "type": "string", + "description": "The internal metric name." + } + }, + "type": "object" + }, + "DimensionProperties": { + "description": "Type of operation: get, read, delete, etc.", + "properties": { + "name": { + "type": "string", + "description": "Name of dimension." + }, + "displayName": { + "type": "string", + "description": "Display name of dimension." + }, + "toBeExportedForShoebox": { + "type": "boolean", + "description": "Property to specify whether the dimension should be exported for Shoebox." + } + }, + "type": "object" + } + }, + "parameters": { + "SubscriptionIdParameter": { + "name": "subscriptionId", + "in": "path", + "required": true, + "type": "string", + "description": "Subscription credentials which uniquely identify Microsoft Azure subscription. The subscription ID forms part of the URI for every service call." + }, + "ApiVersionParameter": { + "name": "api-version", + "in": "query", + "required": true, + "type": "string", + "description": "Client Api Version." + } + }, + "securityDefinitions": { + "azure_auth": { + "type": "oauth2", + "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", + "flow": "implicit", + "description": "Azure Active Directory OAuth2 Flow", + "scopes": { + "user_impersonation": "impersonate your user account" + } + } + } +} diff --git a/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/secrets.json b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/secrets.json new file mode 100644 index 000000000000..593f884b28ef --- /dev/null +++ b/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2023-07-01/secrets.json @@ -0,0 +1,491 @@ +{ + "swagger": "2.0", + "info": { + "version": "2023-07-01", + "title": "KeyVaultManagementClient", + "description": "The Azure management API provides a RESTful set of web services that interact with Azure Key Vault." + }, + "host": "management.azure.com", + "schemes": [ + "https" + ], + "paths": { + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.KeyVault/vaults/{vaultName}/secrets/{secretName}": { + "put": { + "tags": [ + "Secrets" + ], + "operationId": "Secrets_CreateOrUpdate", + "description": "Create or update a secret in a key vault in the specified subscription. NOTE: This API is intended for internal use in ARM deployments. Users should use the data-plane REST service for interaction with vault secrets.", + "parameters": [ + { + "name": "resourceGroupName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the Resource Group to which the vault belongs." + }, + { + "name": "vaultName", + "in": "path", + "required": true, + "type": "string", + "pattern": "^[a-zA-Z0-9-]{3,24}$", + "description": "Name of the vault" + }, + { + "name": "secretName", + "in": "path", + "required": true, + "type": "string", + "pattern": "^[a-zA-Z0-9-]{1,127}$", + "description": "Name of the secret. The value you provide may be copied globally for the purpose of running the service. The value provided should not include personally identifiable or sensitive information." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "name": "parameters", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/SecretCreateOrUpdateParameters" + }, + "description": "Parameters to create or update the secret" + }, + { + "$ref": "#/parameters/SubscriptionIdParameter" + } + ], + "responses": { + "201": { + "description": "Created or updated vault", + "schema": { + "$ref": "#/definitions/Secret" + } + }, + "200": { + "description": "Created or updated secret", + "schema": { + "$ref": "#/definitions/Secret" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "common.json#/definitions/CloudError" + } + } + }, + "x-ms-examples": { + "Create a secret": { + "$ref": "./examples/createSecret.json" + } + }, + "produces": [ + "application/json" + ], + "consumes": [ + "application/json" + ] + }, + "patch": { + "tags": [ + "Secrets" + ], + "operationId": "Secrets_Update", + "description": "Update a secret in the specified subscription. NOTE: This API is intended for internal use in ARM deployments. Users should use the data-plane REST service for interaction with vault secrets.", + "parameters": [ + { + "name": "resourceGroupName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the Resource Group to which the vault belongs." + }, + { + "name": "vaultName", + "in": "path", + "required": true, + "type": "string", + "pattern": "^[a-zA-Z0-9-]{3,24}$", + "description": "Name of the vault" + }, + { + "name": "secretName", + "in": "path", + "required": true, + "type": "string", + "pattern": "^[a-zA-Z0-9-]{1,127}$", + "description": "Name of the secret" + }, + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "name": "parameters", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/SecretPatchParameters" + }, + "description": "Parameters to patch the secret" + }, + { + "$ref": "#/parameters/SubscriptionIdParameter" + } + ], + "responses": { + "201": { + "description": "Patched secret", + "schema": { + "$ref": "#/definitions/Secret" + } + }, + "200": { + "description": "Patched secret", + "schema": { + "$ref": "#/definitions/Secret" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "common.json#/definitions/CloudError" + } + } + }, + "x-ms-examples": { + "Update a secret": { + "$ref": "./examples/updateSecret.json" + } + }, + "produces": [ + "application/json" + ], + "consumes": [ + "application/json" + ] + }, + "get": { + "tags": [ + "Secrets" + ], + "operationId": "Secrets_Get", + "description": "Gets the specified secret. NOTE: This API is intended for internal use in ARM deployments. Users should use the data-plane REST service for interaction with vault secrets.", + "parameters": [ + { + "name": "resourceGroupName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the Resource Group to which the vault belongs." + }, + { + "name": "vaultName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the vault." + }, + { + "name": "secretName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the secret." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/SubscriptionIdParameter" + } + ], + "responses": { + "200": { + "description": "Retrieved secret", + "schema": { + "$ref": "#/definitions/Secret" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "common.json#/definitions/CloudError" + } + } + }, + "x-ms-examples": { + "Get a secret": { + "$ref": "./examples/getSecret.json" + } + }, + "produces": [ + "application/json" + ], + "consumes": [ + "application/json" + ] + } + }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.KeyVault/vaults/{vaultName}/secrets": { + "get": { + "tags": [ + "Secrets" + ], + "operationId": "Secrets_List", + "description": "The List operation gets information about the secrets in a vault. NOTE: This API is intended for internal use in ARM deployments. Users should use the data-plane REST service for interaction with vault secrets.", + "parameters": [ + { + "name": "resourceGroupName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the Resource Group to which the vault belongs." + }, + { + "name": "vaultName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the vault." + }, + { + "name": "$top", + "in": "query", + "type": "integer", + "format": "int32", + "description": "Maximum number of results to return." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/SubscriptionIdParameter" + } + ], + "responses": { + "200": { + "description": "Get information about secrets in the specified vault.", + "schema": { + "$ref": "#/definitions/SecretListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "common.json#/definitions/CloudError" + } + } + }, + "x-ms-examples": { + "List secrets in the vault": { + "$ref": "./examples/listSecrets.json" + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + }, + "produces": [ + "application/json" + ], + "consumes": [ + "application/json" + ] + } + } + }, + "definitions": { + "Attributes": { + "properties": { + "enabled": { + "type": "boolean", + "description": "Determines whether the object is enabled." + }, + "nbf": { + "x-ms-client-name": "NotBefore", + "type": "integer", + "format": "unixtime", + "description": "Not before date in seconds since 1970-01-01T00:00:00Z." + }, + "exp": { + "x-ms-client-name": "Expires", + "type": "integer", + "format": "unixtime", + "description": "Expiry date in seconds since 1970-01-01T00:00:00Z." + }, + "created": { + "type": "integer", + "format": "unixtime", + "readOnly": true, + "description": "Creation time in seconds since 1970-01-01T00:00:00Z." + }, + "updated": { + "type": "integer", + "format": "unixtime", + "readOnly": true, + "description": "Last updated time in seconds since 1970-01-01T00:00:00Z." + } + }, + "description": "The object attributes managed by the KeyVault service.", + "type": "object" + }, + "SecretProperties": { + "properties": { + "value": { + "type": "string", + "description": "The value of the secret. NOTE: 'value' will never be returned from the service, as APIs using this model are is intended for internal use in ARM deployments. Users should use the data-plane REST service for interaction with vault secrets." + }, + "contentType": { + "type": "string", + "description": "The content type of the secret." + }, + "attributes": { + "$ref": "#/definitions/SecretAttributes", + "description": "The attributes of the secret." + }, + "secretUri": { + "type": "string", + "description": "The URI to retrieve the current version of the secret.", + "readOnly": true + }, + "secretUriWithVersion": { + "type": "string", + "description": "The URI to retrieve the specific version of the secret.", + "readOnly": true + } + }, + "description": "Properties of the secret", + "type": "object" + }, + "SecretPatchProperties": { + "properties": { + "value": { + "type": "string", + "description": "The value of the secret." + }, + "contentType": { + "type": "string", + "description": "The content type of the secret." + }, + "attributes": { + "$ref": "#/definitions/SecretAttributes", + "description": "The attributes of the secret." + } + }, + "description": "Properties of the secret", + "type": "object" + }, + "SecretAttributes": { + "allOf": [ + { + "$ref": "#/definitions/Attributes" + } + ], + "description": "The secret management attributes.", + "type": "object" + }, + "SecretCreateOrUpdateParameters": { + "properties": { + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The tags that will be assigned to the secret. " + }, + "properties": { + "$ref": "#/definitions/SecretProperties", + "description": "Properties of the secret" + } + }, + "description": "Parameters for creating or updating a secret", + "required": [ + "properties" + ], + "x-ms-azure-resource": true, + "type": "object" + }, + "SecretPatchParameters": { + "properties": { + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The tags that will be assigned to the secret. " + }, + "properties": { + "$ref": "#/definitions/SecretPatchProperties", + "description": "Properties of the secret" + } + }, + "description": "Parameters for patching a secret", + "x-ms-azure-resource": true, + "type": "object" + }, + "Secret": { + "properties": { + "properties": { + "$ref": "#/definitions/SecretProperties", + "description": "Properties of the secret" + } + }, + "required": [ + "properties" + ], + "allOf": [ + { + "$ref": "./keyvault.json#/definitions/Resource" + } + ], + "description": "Resource information with extended details.", + "type": "object" + }, + "SecretListResult": { + "properties": { + "value": { + "type": "array", + "items": { + "$ref": "#/definitions/Secret" + }, + "description": "The list of secrets." + }, + "nextLink": { + "type": "string", + "description": "The URL to get the next set of secrets." + } + }, + "description": "List of secrets", + "type": "object" + } + }, + "parameters": { + "SubscriptionIdParameter": { + "name": "subscriptionId", + "in": "path", + "required": true, + "type": "string", + "description": "Subscription credentials which uniquely identify Microsoft Azure subscription. The subscription ID forms part of the URI for every service call." + }, + "ApiVersionParameter": { + "name": "api-version", + "in": "query", + "required": true, + "type": "string", + "description": "Client Api Version." + } + }, + "securityDefinitions": { + "azure_auth": { + "type": "oauth2", + "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", + "flow": "implicit", + "description": "Azure Active Directory OAuth2 Flow", + "scopes": { + "user_impersonation": "impersonate your user account" + } + } + } +} diff --git a/specification/keyvault/resource-manager/readme.md b/specification/keyvault/resource-manager/readme.md index f92a28449645..fd0cc5138f89 100644 --- a/specification/keyvault/resource-manager/readme.md +++ b/specification/keyvault/resource-manager/readme.md @@ -26,14 +26,29 @@ These are the global settings for the KeyVault API. ``` yaml openapi-type: arm -tag: package-2023-02 +tag: package-2023-07 ``` + +### Tag: package-2023-07 + +These settings apply only when `--tag=package-2023-07` is specified on the command line. + +```yaml $(tag) == 'package-2023-07' +input-file: + - Microsoft.KeyVault/stable/2023-07-01/common.json + - Microsoft.KeyVault/stable/2023-07-01/keys.json + - Microsoft.KeyVault/stable/2023-07-01/keysManagedHsm.json + - Microsoft.KeyVault/stable/2023-07-01/keyvault.json + - Microsoft.KeyVault/stable/2023-07-01/managedHsm.json + - Microsoft.KeyVault/stable/2023-07-01/providers.json + - Microsoft.KeyVault/stable/2023-07-01/secrets.json +``` ### Tag: package-2023-02 These settings apply only when `--tag=package-2023-02` is specified on the command line. -```yaml $(tag) == 'package-2023-02' +``` yaml $(tag) == 'package-2023-02' input-file: - Microsoft.KeyVault/stable/2023-02-01/common.json - Microsoft.KeyVault/stable/2023-02-01/keys.json diff --git a/specification/keyvault/resource-manager/readme.python.md b/specification/keyvault/resource-manager/readme.python.md index b30c0d7fa0d1..bd1089a6a70c 100644 --- a/specification/keyvault/resource-manager/readme.python.md +++ b/specification/keyvault/resource-manager/readme.python.md @@ -19,7 +19,7 @@ Generate all API versions currently shipped for this package ```yaml $(python) multiapi: true -default-api-version: "2023-02-01" +default-api-version: "2023-07-01" clear-output-folder: true batch: - tag: package-2019-09 @@ -31,6 +31,7 @@ batch: - tag: package-2021-10 - tag: package-2022-07 - tag: package-2023-02 + - tag: package-2023-07 - multiapiscript: true ``` @@ -40,6 +41,15 @@ clear-output-folder: false perform-load: false ``` +### Tag: package-2023-07 and python + +These settings apply only when `--tag=package-2023-07 --python` is specified on the command line. + +``` yaml $(tag) == 'package-2023-07' +namespace: azure.mgmt.keyvault.v2023_07_01 +output-folder: $(python-sdks-folder)/keyvault/azure-mgmt-keyvault/azure/mgmt/keyvault/v2023_07_01 +``` + ### Tag: package-2023-02 and python These settings apply only when `--tag=package-2023-02 --python` is specified on the command line.