From 3fcd69bc736592f5a4aee9f5588877cf3711d20b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Daniel=20Rodr=C3=ADguez?= Date: Fri, 21 May 2021 13:33:53 -0400 Subject: [PATCH] [Key Vault] Update READMEs with links to RBAC (#15352) --- sdk/keyvault/keyvault-certificates/README.md | 2 ++ sdk/keyvault/keyvault-keys/README.md | 4 ++++ sdk/keyvault/keyvault-secrets/README.md | 2 ++ 3 files changed, 8 insertions(+) diff --git a/sdk/keyvault/keyvault-certificates/README.md b/sdk/keyvault/keyvault-certificates/README.md index 56023e5d0b4d..dba58ca43c74 100644 --- a/sdk/keyvault/keyvault-certificates/README.md +++ b/sdk/keyvault/keyvault-certificates/README.md @@ -84,6 +84,8 @@ Use the [Azure Cloud Shell](https://shell.azure.com/bash) snippet below to creat > --certificate-permissions: > Accepted values: backup, create, delete, deleteissuers, get, getissuers, import, list, listissuers, managecontacts, manageissuers, purge, recover, restore, setissuers, update + If you have enabled role-based access control (RBAC) for Key Vault instead, you can find roles like "Key Vault Certificates Officer" in our [RBAC guide](https://docs.microsoft.com/azure/key-vault/general/rbac-guide). + - Use the above mentioned Key Vault name to retrieve details of your Vault which also contains your Key Vault URL: ```Bash az keyvault show --name diff --git a/sdk/keyvault/keyvault-keys/README.md b/sdk/keyvault/keyvault-keys/README.md index b13ced0ed3ff..e8a413748ab6 100644 --- a/sdk/keyvault/keyvault-keys/README.md +++ b/sdk/keyvault/keyvault-keys/README.md @@ -92,6 +92,10 @@ Use the [Azure CLI][azure-cli] snippet below to create/get client secret credent > --key-permissions: > Accepted values: backup, create, decrypt, delete, encrypt, get, import, list, purge, recover, restore, sign, unwrapKey, update, verify, wrapKey + If you have enabled role-based access control (RBAC) for Key Vault instead, you can find roles like "Key Vault Crypto Officer" in our [RBAC guide](https://docs.microsoft.com/azure/key-vault/general/rbac-guide). + + If you are managing your keys using Managed HSM, read about its [access control](https://docs.microsoft.com/azure/key-vault/managed-hsm/access-control) that supports different built-in roles isolated from Azure Resource Manager (ARM). + - Use the above mentioned Key Vault name to retrieve details of your Vault which also contains your Key Vault URL: ```Bash az keyvault show --name diff --git a/sdk/keyvault/keyvault-secrets/README.md b/sdk/keyvault/keyvault-secrets/README.md index 4636ba1c1237..43cd844cc7c7 100644 --- a/sdk/keyvault/keyvault-secrets/README.md +++ b/sdk/keyvault/keyvault-secrets/README.md @@ -85,6 +85,8 @@ Use the [Azure Cloud Shell](https://shell.azure.com/bash) snippet below to creat > --secret-permissions: > Accepted values: backup, delete, get, list, purge, recover, restore, set + If you have enabled role-based access control (RBAC) for Key Vault instead, you can find roles like "Key Vault Secrets Officer" in our [RBAC guide](https://docs.microsoft.com/azure/key-vault/general/rbac-guide). + - Use the above mentioned Key Vault name to retrieve details of your Vault which also contains your Key Vault URL: ```Bash az keyvault show --name