Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add Cmk Payload to Common Types #20144

Merged
merged 3 commits into from
Oct 18, 2022
Merged
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Original file line number Diff line number Diff line change
@@ -0,0 +1,71 @@
{
"swagger": "2.0",
"info": {
"version": "4.0",
"title": "Common types"
},
"paths": {},
"definitions": {
"encryption": {
"type": "object",
"description": "(Optional) Discouraged to include in resource definition. Only needed where it is possible to disable platform (AKA infrastructure) encryption. Azure SQL TDE is an example of this. Values are enabled and disabled.",
"properties": {
"infrastructureEncryption": {
abatishchev marked this conversation as resolved.
Show resolved Hide resolved
"type": "string",
"enum": [
"enabled",
"disabled"
],
"x-ms-enum": {
"name": "InfrastructureEncryption",
"modelAsString": true
},
"description": "Values are enabled and disabled."
},
"customerManagedKeyEncryption": {
"description": "All Customer-managed key encryption properties for the resource.",
"$ref": "#/definitions/customerManagedKeyEncryption"
}
}
},
"customerManagedKeyEncryption": {
"type": "object",
"description": "All Customer-managed key encryption properties for the resource.",
"properties": {
abatishchev marked this conversation as resolved.
Show resolved Hide resolved
"keyEncryptionKeyIdentity": {
"type": "object",
"description": "All identity configuration for Customer-managed key settings defining which identity should be used to auth to Key Vault.",
"properties": {
"identityType": {
"type": "string",
"enum": [
"systemAssignedIdentity",
"userAssignedIdentity",
"delegatedResourceIdentity"
],
"x-ms-enum": {
"name": "IdentityType",
"modelAsString": true
},
"description": "Values can be systemAssignedIdentity or userAssignedIdentity"
},
"userAssignedIdentityResourceId": {
"type": "string",
shavital7 marked this conversation as resolved.
Show resolved Hide resolved
"format": "arm-id",
"description": "user assigned identity to use for accessing key encryption key Url. Ex: /subscriptions/fa5fc227-a624-475e-b696-cdd604c735bc/resourceGroups/<resource group>/providers/Microsoft.ManagedIdentity/userAssignedIdentities/myId. Mutually exclusive with identityType systemAssignedIdentity and delegatedResourceIdentity."
},
"delegatedIdentityClientId": {
abatishchev marked this conversation as resolved.
Show resolved Hide resolved
"type": "string",
"format": "uuid",
"description": "delegated identity to use for accessing key encryption key Url. Ex: /subscriptions/fa5fc227-a624-475e-b696-cdd604c735bc/resourceGroups/<resource group>/providers/Microsoft.ManagedIdentity/userAssignedIdentities/myId. Mutually exclusive with identityType systemAssignedIdentity and userAssignedIdentity - internal use only."
}
}
},
"keyEncryptionKeyUrl": {
"type": "string",
"description": "key encryption key Url, versioned or non-versioned. Ex: https://contosovault.vault.azure.net/keys/contosokek/562a4bb76b524a1493a6afe8e536ee78 or https://contosovault.vault.azure.net/keys/contosokek."
}
}
}
}
}