public void CreateRoleAssignment()
{
client = Client;
#region Snippet:CreateRoleAssignment
// Replace roleDefinitionId with a role definition Id from the definitions returned from the List the role definitions section above
string definitionIdToAssign = roleDefinitionId;
// Replace objectId with the service principal object id from the Create/Get credentials section above
string servicePrincipalObjectId = objectId;
RoleAssignmentProperties properties = new RoleAssignmentProperties(definitionIdToAssign, servicePrincipalObjectId);
RoleAssignment createdAssignment = client.CreateRoleAssignment(RoleAssignmentScope.Global, properties);
Console.WriteLine(createdAssignment.Name);
Console.WriteLine(createdAssignment.Properties.PrincipalId);
Console.WriteLine(createdAssignment.Properties.RoleDefinitionId);
RoleAssignment fetchedAssignment = client.GetRoleAssignment(RoleAssignmentScope.Global, createdAssignment.Name);
Console.WriteLine(fetchedAssignment.Name);
Console.WriteLine(fetchedAssignment.Properties.PrincipalId);
Console.WriteLine(fetchedAssignment.Properties.RoleDefinitionId);
RoleAssignment deletedAssignment = client.DeleteRoleAssignment(RoleAssignmentScope.Global, createdAssignment.Name);
Console.WriteLine(deletedAssignment.Name);
Console.WriteLine(deletedAssignment.Properties.PrincipalId);
Console.WriteLine(deletedAssignment.Properties.RoleDefinitionId);
#endregion
}
public void CreateClient()
{
// Environment variable with the Key Vault endpoint.
string keyVaultUrl = TestEnvironment.ManagedHsmUrl;
#region Snippet:HelloCreateKeyVaultAccessControlClient
KeyVaultAccessControlClient client = new KeyVaultAccessControlClient(new Uri(keyVaultUrl), new DefaultAzureCredential());
#endregion
client = Client;
}
public void RoleAssignmentNotFound()
{
client = Client;
#region Snippet:RoleAssignmentNotFound
try
{
RoleAssignment roleAssignment = client.GetRoleAssignment(RoleAssignmentScope.Global, "invalid-name");
}
catch (RequestFailedException ex)
{
Console.WriteLine(ex.ToString());
}
#endregion
}
public void GetRoleDefinitions()
{
client = Client;
#region Snippet:GetRoleDefinitions
Pageable <RoleDefinition> allDefinitions = client.GetRoleDefinitions(RoleAssignmentScope.Global);
foreach (RoleDefinition roleDefinition in allDefinitions)
{
Console.WriteLine(roleDefinition.Id);
Console.WriteLine(roleDefinition.RoleName);
Console.WriteLine(roleDefinition.Description);
Console.WriteLine();
}
#endregion
}
public void CreateClient()
{
// Environment variable with the Key Vault endpoint.
string keyVaultUrl = TestEnvironment.ManagedHsmUrl;
#region Snippet:CreateKeyVaultAccessControlClient
// Create a new access control client using the default credential from Azure.Identity using environment variables previously set,
// including AZURE_CLIENT_ID, AZURE_CLIENT_SECRET, and AZURE_TENANT_ID.
KeyVaultAccessControlClient client = new KeyVaultAccessControlClient(vaultUri: new Uri(keyVaultUrl), credential: new DefaultAzureCredential());
/*@@*/ client = Client;
// Retrieve all the role definitions.
List <KeyVaultRoleDefinition> roleDefinitions = client.GetRoleDefinitions(KeyVaultRoleScope.Global).ToList();
// Retrieve all the role assignments.
List <KeyVaultRoleAssignment> roleAssignments = client.GetRoleAssignments(KeyVaultRoleScope.Global).ToList();
#endregion
}
public void CreateClient()
{
// Environment variable with the Key Vault endpoint.
string keyVaultUrl = TestEnvironment.KeyVaultUrl;
#region Snippet:CreateKeyVaultAccessControlClient
// Create a new access control client using the default credential from Azure.Identity using environment variables previously set,
// including AZURE_CLIENT_ID, AZURE_CLIENT_SECRET, and AZURE_TENANT_ID.
KeyVaultAccessControlClient client = new KeyVaultAccessControlClient(vaultUri: new Uri(keyVaultUrl), credential: new DefaultAzureCredential());
/*@@*/ client = Client;
// Retrieve all the role definitions.
List <RoleDefinition> roleDefinitions = client.GetRoleDefinitions(RoleAssignmentScope.Global).ToList();
// Retrieve all the role assignments.
List <RoleAssignment> roleAssignments = client.GetRoleAssignments(RoleAssignmentScope.Global).ToList();
#endregion
this.client = client;
objectId = TestEnvironment.ClientObjectId;
roleDefinitionId = roleDefinitions.FirstOrDefault(d => d.RoleName.Equals("Azure Key Vault Managed HSM Crypto User")).Name;
}
