public void CreateRoleAssignment()
{
// Replace client with the Instrumented Client.
client = Client;
List <KeyVaultRoleDefinition> definitions = client.GetRoleDefinitions(KeyVaultRoleScope.Global).ToList();
_roleDefinitionId = definitions.FirstOrDefault(d => d.RoleName == RoleName).Id;
// Replace roleDefinitionId with a role definition Id from the definitions returned from GetRoleAssignments.
string definitionIdToAssign = _roleDefinitionId;
// Replace objectId with the service principal object id.
string servicePrincipalObjectId = _objectId;
#region Snippet:CreateRoleAssignment
//@@string definitionIdToAssign = "<roleDefinitionId>";
//@@string servicePrincipalObjectId = "<objectId>";
KeyVaultRoleAssignmentProperties properties = new KeyVaultRoleAssignmentProperties(definitionIdToAssign, servicePrincipalObjectId);
//@@RoleAssignment createdAssignment = client.CreateRoleAssignment(RoleAssignmentScope.Global, properties);
/*@@*/ KeyVaultRoleAssignment createdAssignment = client.CreateRoleAssignment(KeyVaultRoleScope.Global, properties, _roleAssignmentId);
#endregion
#region Snippet:GetRoleAssignment
KeyVaultRoleAssignment fetchedAssignment = client.GetRoleAssignment(KeyVaultRoleScope.Global, createdAssignment.Name);
#endregion
#region Snippet:DeleteRoleAssignment
KeyVaultRoleAssignment deletedAssignment = client.DeleteRoleAssignment(KeyVaultRoleScope.Global, createdAssignment.Name);
#endregion
}
internal KeyVaultRoleAssignment(string id, string name, string type, KeyVaultRoleAssignmentProperties properties)
{
Id = id;
Name = name;
Type = type;
Properties = properties;
}
public async Task CreateRoleAssignment()
{
List <KeyVaultRoleDefinition> definitions = await Client.GetRoleDefinitionsAsync(KeyVaultRoleScope.Global).ToEnumerableAsync().ConfigureAwait(false);
var definitionToAssign = definitions.FirstOrDefault(d => d.RoleName.Contains(RoleName));
var properties = new KeyVaultRoleAssignmentProperties(definitionToAssign.Id, TestEnvironment.ClientObjectId);
KeyVaultRoleAssignment result = await Client.CreateRoleAssignmentAsync(KeyVaultRoleScope.Global, properties, _roleAssignmentId).ConfigureAwait(false);
RegisterForCleanup(result);
Assert.That(result.Id, Is.Not.Null);
Assert.That(result.Name, Is.Not.Null);
Assert.That(result.Type, Is.Not.Null);
Assert.That(result.Properties.PrincipalId, Is.EqualTo(properties.PrincipalId));
Assert.That(result.Properties.RoleDefinitionId, Is.EqualTo(properties.RoleDefinitionId));
}
public async Task CreateRoleAssignmentAsync()
{
// Replace client with the Instrumented Client.
client = Client;
List <KeyVaultRoleDefinition> definitions = await client.GetRoleDefinitionsAsync(KeyVaultRoleScope.Global).ToEnumerableAsync().ConfigureAwait(false);
_roleDefinitionId = definitions.FirstOrDefault(d => d.RoleName == RoleName).Id;
// Replace roleDefinitionId with a role definition Id from the definitions returned from GetRoleDefinitionsAsync.
string definitionIdToAssign = _roleDefinitionId;
// Replace objectId with the service principal object id.
string servicePrincipalObjectId = _objectId;
#region Snippet:CreateRoleAssignmentKeysScope
//@@string definitionIdToAssign = "<roleDefinitionId>";
//@@string servicePrincipalObjectId = "<objectId>";
KeyVaultRoleAssignmentProperties properties = new KeyVaultRoleAssignmentProperties(definitionIdToAssign, servicePrincipalObjectId);
//@@RoleAssignment keysScopedAssignment = await client.CreateRoleAssignmentAsync(RoleAssignmentScope.Global, properties);
/*@@*/ KeyVaultRoleAssignment keysScopedAssignment = await client.CreateRoleAssignmentAsync(KeyVaultRoleScope.Keys, properties, _roleAssignmentId).ConfigureAwait(false);
#endregion
RegisterForCleanup(keysScopedAssignment);
// Make sure we have a key to secure.
KeyClient keyClient = KeyClient;
KeyVaultKey createdKey = await keyClient.CreateKeyAsync(Recording.GenerateId(), KeyType.Oct);
string keyName = createdKey.Name;
RegisterKeyForCleanup(keyName);
#region Snippet:CreateRoleAssignmentKeyScope
//@@string keyName = "<your-key-name>";
KeyVaultKey key = await keyClient.GetKeyAsync(keyName);
//@@RoleAssignment keyScopedAssignment = await client.CreateRoleAssignmentAsync(new RoleAssignmentScope(key.Id), properties);
/*@@*/ KeyVaultRoleAssignment keyScopedAssignment = await client.CreateRoleAssignmentAsync(new KeyVaultRoleScope(key.Id), properties, _roleAssignmentId).ConfigureAwait(false);
#endregion
RegisterForCleanup(keyScopedAssignment);
}
public void CreateRoleAssignment()
{
client = Client;
Pageable <KeyVaultRoleDefinition> allDefinitions = client.GetRoleDefinitions(KeyVaultRoleScope.Global);
_roleDefinitionId = allDefinitions.FirstOrDefault(d => d.RoleName == RoleName).Id;
// Replace roleDefinitionId with a role definition Id from the definitions returned from the List the role definitions section above
string definitionIdToAssign = _roleDefinitionId;
// Replace objectId with the service principal object id from the Create/Get credentials section above
string servicePrincipalObjectId = _objectId;
#region Snippet:ReadmeCreateRoleAssignment
// Replace <roleDefinitionId> with a role definition Id from the definitions returned from the List the role definitions section above
//@@string definitionIdToAssign = "<roleDefinitionId>";
// Replace <objectId> with the service principal object id from the Create/Get credentials section above
//@@string servicePrincipalObjectId = "<objectId>";
KeyVaultRoleAssignmentProperties properties = new KeyVaultRoleAssignmentProperties(definitionIdToAssign, servicePrincipalObjectId);
//@@RoleAssignment createdAssignment = client.CreateRoleAssignment(RoleAssignmentScope.Global, properties);
/*@@*/
KeyVaultRoleAssignment createdAssignment = client.CreateRoleAssignment(KeyVaultRoleScope.Global, properties, _roleAssignmentId);
Console.WriteLine(createdAssignment.Name);
Console.WriteLine(createdAssignment.Properties.PrincipalId);
Console.WriteLine(createdAssignment.Properties.RoleDefinitionId);
KeyVaultRoleAssignment fetchedAssignment = client.GetRoleAssignment(KeyVaultRoleScope.Global, createdAssignment.Name);
Console.WriteLine(fetchedAssignment.Name);
Console.WriteLine(fetchedAssignment.Properties.PrincipalId);
Console.WriteLine(fetchedAssignment.Properties.RoleDefinitionId);
KeyVaultRoleAssignment deletedAssignment = client.DeleteRoleAssignment(KeyVaultRoleScope.Global, createdAssignment.Name);
Console.WriteLine(deletedAssignment.Name);
Console.WriteLine(deletedAssignment.Properties.PrincipalId);
Console.WriteLine(deletedAssignment.Properties.RoleDefinitionId);
#endregion
}
