public override void ExecuteCmdlet()
{
if (VaultExistsInCurrentSubscription(this.VaultName))
{
throw new ArgumentException(PSKeyVaultProperties.Resources.VaultAlreadyExists);
}
var newVault = KeyVaultManagementClient.CreateNewVault(new PSKeyVaultModels.VaultCreationParameters()
{
VaultName = this.VaultName,
ResourceGroupName = this.ResourceGroupName,
Location = this.Location,
EnabledForDeployment = this.EnabledForDeployment.IsPresent,
SkuFamilyName = DefaultSkuFamily,
SkuName = string.IsNullOrWhiteSpace(this.Sku) ? DefaultSkuName : this.Sku,
TenantId = GetTenantId(),
ObjectId = GetCurrentUsersObjectId(),
PermissionsToKeys = DefaultPermissionsToKeys,
PermissionsToSecrets = DefaultPermissionsToSecrets,
Tags = this.Tag
},
ActiveDirectoryClient
);
this.WriteObject(newVault);
}
public override void ExecuteCmdlet()
{
WriteWarning("The usage of Tag parameter in this cmdlet will be modified in a future release. This will impact creating, updating and appending tags for Azure resources. For more details about the change, please visit https://github.com/Azure/azure-powershell/issues/726#issuecomment-213545494");
if (VaultExistsInCurrentSubscription(this.VaultName))
{
throw new ArgumentException(PSKeyVaultProperties.Resources.VaultAlreadyExists);
}
var userObjectId = Guid.Empty;
AccessPolicyEntry accessPolicy = null;
try
{
userObjectId = GetCurrentUsersObjectId();
}
catch (Exception ex)
{
// Show the graph exceptions as a warning, but still proceed to create a vault with no access policy
// This is to unblock Key Vault in Fairfax as Graph has issues in this environment.
WriteWarning(ex.Message);
}
if (userObjectId != Guid.Empty)
{
accessPolicy = new AccessPolicyEntry()
{
TenantId = GetTenantId(),
ObjectId = userObjectId,
PermissionsToKeys = DefaultPermissionsToKeys,
PermissionsToSecrets = DefaultPermissionsToSecrets
};
}
var newVault = KeyVaultManagementClient.CreateNewVault(new PSKeyVaultModels.VaultCreationParameters()
{
VaultName = this.VaultName,
ResourceGroupName = this.ResourceGroupName,
Location = this.Location,
EnabledForDeployment = this.EnabledForDeployment.IsPresent,
EnabledForTemplateDeployment = EnabledForTemplateDeployment.IsPresent,
EnabledForDiskEncryption = EnabledForDiskEncryption.IsPresent,
SkuFamilyName = DefaultSkuFamily,
SkuName = string.IsNullOrWhiteSpace(this.Sku) ? DefaultSkuName : this.Sku,
TenantId = GetTenantId(),
AccessPolicy = accessPolicy,
Tags = this.Tag
},
ActiveDirectoryClient
);
this.WriteObject(newVault);
if (accessPolicy == null)
{
WriteWarning(PSKeyVaultProperties.Resources.VaultNoAccessPolicyWarning);
}
}
public override void ExecuteCmdlet()
{
if (VaultExistsInCurrentSubscription(this.VaultName))
{
throw new ArgumentException(PSKeyVaultProperties.Resources.VaultAlreadyExists);
}
var userObjectId = Guid.Empty;
AccessPolicyEntry accessPolicy = null;
try
{
userObjectId = GetCurrentUsersObjectId();
}
catch (Exception ex)
{
// Show the graph exceptions as a warning, but still proceed to create a vault with no access policy
// This is to unblock Key Vault in Fairfax as Graph has issues in this environment.
WriteWarning(ex.Message);
}
if (userObjectId != Guid.Empty)
{
accessPolicy = new AccessPolicyEntry()
{
TenantId = GetTenantId(),
ObjectId = userObjectId,
PermissionsToKeys = DefaultPermissionsToKeys,
PermissionsToSecrets = DefaultPermissionsToSecrets
};
}
var newVault = KeyVaultManagementClient.CreateNewVault(new PSKeyVaultModels.VaultCreationParameters()
{
VaultName = this.VaultName,
ResourceGroupName = this.ResourceGroupName,
Location = this.Location,
EnabledForDeployment = this.EnabledForDeployment.IsPresent,
EnabledForTemplateDeployment = EnabledForTemplateDeployment.IsPresent,
EnabledForDiskEncryption = EnabledForDiskEncryption.IsPresent,
SkuFamilyName = DefaultSkuFamily,
SkuName = string.IsNullOrWhiteSpace(this.Sku) ? DefaultSkuName : this.Sku,
TenantId = GetTenantId(),
AccessPolicy = accessPolicy,
Tags = this.Tag
},
ActiveDirectoryClient
);
this.WriteObject(newVault);
if (accessPolicy == null)
{
WriteWarning(PSKeyVaultProperties.Resources.VaultNoAccessPolicyWarning);
}
}
public override void ExecuteCmdlet()
{
if (ShouldProcess(VaultName, Properties.Resources.RecoverVault))
{
var newVault = KeyVaultManagementClient.CreateNewVault(new PSKeyVaultModels.VaultCreationParameters()
{
VaultName = this.VaultName,
ResourceGroupName = this.ResourceGroupName,
Location = this.Location,
Tags = this.Tag,
CreateMode = CreateMode.Recover
});
this.WriteObject(newVault);
}
}
public override void ExecuteCmdlet()
{
if (InputObject != null)
{
WriteWarning("Undo-AzureRmKeyVaultRemoval: ResourceGroupName will be removed from the InputObject parameter set in May 2018, and will instead be obtained from the ResourceId.");
VaultName = InputObject.VaultName;
Location = InputObject.Location;
}
if (ShouldProcess(VaultName, Properties.Resources.RecoverVault))
{
var newVault = KeyVaultManagementClient.CreateNewVault(new VaultCreationParameters()
{
VaultName = this.VaultName,
ResourceGroupName = this.ResourceGroupName,
Location = this.Location,
Tags = this.Tag,
CreateMode = CreateMode.Recover
});
this.WriteObject(newVault);
}
}
public override void ExecuteCmdlet()
{
if (InputObject != null)
{
VaultName = InputObject.VaultName;
Location = InputObject.Location;
var resourceIdentifier = new ResourceIdentifier(InputObject.ResourceId);
ResourceGroupName = resourceIdentifier.ResourceGroupName;
}
if (ShouldProcess(VaultName, Properties.Resources.RecoverVault))
{
var newVault = KeyVaultManagementClient.CreateNewVault(new VaultCreationParameters()
{
VaultName = this.VaultName,
ResourceGroupName = this.ResourceGroupName,
Location = this.Location,
Tags = this.Tag,
CreateMode = CreateMode.Recover
});
this.WriteObject(newVault);
}
}
public override void ExecuteCmdlet()
{
if (ShouldProcess(Name, Properties.Resources.CreateKeyVault))
{
if (VaultExistsInCurrentSubscription(Name))
{
throw new ArgumentException(Resources.VaultAlreadyExists);
}
var userObjectId = string.Empty;
AccessPolicyEntry accessPolicy = null;
try
{
userObjectId = GetCurrentUsersObjectId();
}
catch (Exception ex)
{
// Show the graph exceptions as a warning, but still proceed to create a vault with no access policy
// This is to unblock Key Vault in Fairfax as Graph has issues in this environment.
WriteWarning(ex.Message);
}
if (!string.IsNullOrWhiteSpace(userObjectId))
{
accessPolicy = new AccessPolicyEntry()
{
TenantId = GetTenantId(),
ObjectId = userObjectId,
Permissions = new Permissions
{
Keys = DefaultPermissionsToKeys,
Secrets = DefaultPermissionsToSecrets,
Certificates = DefaultPermissionsToCertificates,
Storage = DefaultPermissionsToStorage
}
};
}
var newVault = KeyVaultManagementClient.CreateNewVault(new VaultCreationParameters()
{
VaultName = this.Name,
ResourceGroupName = this.ResourceGroupName,
Location = this.Location,
EnabledForDeployment = this.EnabledForDeployment.IsPresent,
EnabledForTemplateDeployment = EnabledForTemplateDeployment.IsPresent,
EnabledForDiskEncryption = EnabledForDiskEncryption.IsPresent,
EnableSoftDelete = EnableSoftDelete.IsPresent,
EnablePurgeProtection = EnablePurgeProtection.IsPresent,
SkuFamilyName = DefaultSkuFamily,
SkuName = this.Sku,
TenantId = GetTenantId(),
AccessPolicy = accessPolicy,
NetworkAcls = new NetworkRuleSet(), // New key-vault takes in default network rule set
Tags = this.Tag
},
ActiveDirectoryClient);
this.WriteObject(newVault);
if (accessPolicy == null)
{
WriteWarning(Resources.VaultNoAccessPolicyWarning);
}
}
}
public override void ExecuteCmdlet()
{
MSGraphMessageHelper.WriteMessageForCmdletsSwallowException(this);
if (ShouldProcess(Name, Properties.Resources.CreateKeyVault))
{
if (VaultExistsInCurrentSubscription(Name))
{
throw new ArgumentException(Resources.VaultAlreadyExists);
}
var userObjectId = string.Empty;
AccessPolicyEntry accessPolicy = null;
try
{
userObjectId = GetCurrentUsersObjectId();
}
catch (Exception ex)
{
// Show the graph exceptions as a warning, but still proceed to create a vault with no access policy
// This is to unblock Key Vault in Fairfax as Graph has issues in this environment.
WriteWarning(ex.Message);
}
if (!string.IsNullOrWhiteSpace(userObjectId))
{
accessPolicy = new AccessPolicyEntry()
{
TenantId = GetTenantId(),
ObjectId = userObjectId,
Permissions = new Permissions
{
Keys = DefaultPermissionsToKeys,
Secrets = DefaultPermissionsToSecrets,
Certificates = DefaultPermissionsToCertificates,
Storage = DefaultPermissionsToStorage
}
};
}
var newVault = KeyVaultManagementClient.CreateNewVault(new VaultCreationOrUpdateParameters()
{
Name = this.Name,
ResourceGroupName = this.ResourceGroupName,
Location = this.Location,
EnabledForDeployment = this.EnabledForDeployment.IsPresent,
EnabledForTemplateDeployment = EnabledForTemplateDeployment.IsPresent,
EnabledForDiskEncryption = EnabledForDiskEncryption.IsPresent,
EnableSoftDelete = null,
EnablePurgeProtection = EnablePurgeProtection.IsPresent ? true : (bool?)null, // false is not accepted
EnableRbacAuthorization = EnableRbacAuthorization.IsPresent,
/*
* If retention days is not specified, use the default value,
* else use the vault user provides
*/
SoftDeleteRetentionInDays = this.IsParameterBound(c => c.SoftDeleteRetentionInDays)
? SoftDeleteRetentionInDays
: Constants.DefaultSoftDeleteRetentionDays,
SkuFamilyName = DefaultSkuFamily,
SkuName = this.Sku,
TenantId = GetTenantId(),
AccessPolicy = accessPolicy,
NetworkAcls = new NetworkRuleSet(), // New key-vault takes in default network rule set
Tags = this.Tag
},
GraphClient,
NetworkRuleSet);
this.WriteObject(newVault);
if (accessPolicy == null)
{
WriteWarning(Resources.VaultNoAccessPolicyWarning);
}
}
}
