private Azure(RestClient restClient, string subscriptionId, string tenantId, IAuthenticated authenticated) { resourceManager = ResourceManager.Fluent.ResourceManager.Authenticate(restClient).WithSubscription(subscriptionId); storageManager = StorageManager.Authenticate(restClient, subscriptionId); computeManager = ComputeManager.Authenticate(restClient, subscriptionId); networkManager = NetworkManager.Authenticate(restClient, subscriptionId); batchManager = BatchManager.Authenticate(restClient, subscriptionId); keyVaultManager = KeyVaultManager.Authenticate(restClient, subscriptionId, tenantId); trafficManager = TrafficManager.Fluent.TrafficManager.Authenticate(restClient, subscriptionId); dnsZoneManager = DnsZoneManager.Authenticate(restClient, subscriptionId); sqlManager = SqlManager.Authenticate(restClient, subscriptionId); redisManager = RedisManager.Authenticate(restClient, subscriptionId); cdnManager = CdnManager.Authenticate(restClient, subscriptionId); appServiceManager = AppServiceManager.Authenticate(restClient, subscriptionId, tenantId); searchManager = SearchManager.Authenticate(restClient, subscriptionId); serviceBusManager = ServiceBusManager.Authenticate(restClient, subscriptionId); containerInstanceManager = ContainerInstanceManager.Authenticate(restClient, subscriptionId); registryManager = RegistryManager.Authenticate(restClient, subscriptionId); containerServiceManager = ContainerServiceManager.Authenticate(restClient, subscriptionId); cosmosDBManager = CosmosDBManager.Authenticate(restClient, subscriptionId); authorizationManager = AuthorizationManager.Authenticate(restClient, subscriptionId); msiManager = MsiManager.Authenticate(restClient, subscriptionId); batchAIManager = BatchAIManager.Authenticate(restClient, subscriptionId); monitorManager = MonitorManager.Authenticate(restClient, subscriptionId); eventHubManager = EventHubManager.Authenticate(restClient, subscriptionId); SubscriptionId = subscriptionId; this.authenticated = authenticated; }
public HomeController( IKeyVaultManager keyVaultManager, IConfiguration configuration ) { _keyVaultManager = keyVaultManager; _configuration = configuration; }
public AppServiceManager(RestClient restClient, string subscriptionId, string tenantId) : base(restClient, subscriptionId, WebSiteManagementClient.NewInstance(restClient)) { Inner.SubscriptionId = subscriptionId; keyVaultManager = KeyVault.Fluent.KeyVaultManager.Authenticate(restClient, subscriptionId, tenantId); storageManager = Storage.Fluent.StorageManager.Authenticate(restClient, subscriptionId); graphRbacManager = Graph.RBAC.Fluent.GraphRbacManager.Authenticate(restClient, tenantId); this.tenantId = tenantId; this.restClient = restClient; }
public AppServiceManager(RestClient restClient, string subscriptionId, string tenantId) : base(restClient, subscriptionId, new WebSiteManagementClient(new Uri(restClient.BaseUri), restClient.Credentials, restClient.RootHttpHandler, restClient.Handlers.ToArray()) { SubscriptionId = subscriptionId }) { keyVaultManager = KeyVault.Fluent.KeyVaultManager.Authenticate(restClient, subscriptionId, tenantId); storageManager = Storage.Fluent.StorageManager.Authenticate(restClient, subscriptionId); this.tenantId = tenantId; this.restClient = restClient; }
public SshCredsManager(EnvironmentConfiguration config, IKeyVaultManager keyVaultManager, ICredentialLookup credentialLookup, IShellRunner shellRunner, IVmManager vmManager, IPathHelper appFolderFinder, ILogger <SshCredsManager> logger, IOSHandler osHandler, IMachineIpManager machineIpManager) { this.config = config; this.keyVaultManager = keyVaultManager; this.credentialLookup = credentialLookup; this.shellRunner = shellRunner; this.vmManager = vmManager; this.appFolderFinder = appFolderFinder; this.logger = logger; this.osHandler = osHandler; this.machineIpManager = machineIpManager; sshHostLookup = new Lazy <Task <string> >(() => vmManager.GetPublicIp(config.PublicIpName)); sshStateLoad = new Lazy <Task <SshState> >(() => LoadSshState()); }
public void CanCRUDKeyVault() { using (var context = FluentMockContext.Start(GetType().FullName)) { // Create user service principal String sp = SdkContext.RandomResourceName("sp", 20); String us = SdkContext.RandomResourceName("us", 20); IGraphRbacManager graphManager = TestHelper.CreateGraphRbacManager(); string vaultName1 = TestUtilities.GenerateName("vault1"); string rgName = TestUtilities.GenerateName("rgNEMV"); IKeyVaultManager manager = TestHelper.CreateKeyVaultManager(); IServicePrincipal servicePrincipal = graphManager.ServicePrincipals .Define(sp) .WithNewApplication("http://" + sp) .Create(); IActiveDirectoryUser user = graphManager.Users .Define(us) .WithEmailAlias(us) .WithPassword("P@$$w0rd") .Create(); //var spnCredentialsClientId = HttpMockServer.Variables[ConnectionStringKeys.ServicePrincipalKey]; try { IVault vault = manager.Vaults .Define(vaultName1) .WithRegion(Region.USWest) .WithNewResourceGroup(rgName) .DefineAccessPolicy() .ForServicePrincipal("http://" + sp) .AllowKeyPermissions(KeyPermissions.List) .AllowSecretAllPermissions() .AllowCertificatePermissions(CertificatePermissions.Get) .Attach() .DefineAccessPolicy() .ForUser(us) .AllowKeyAllPermissions() .AllowSecretAllPermissions() .AllowCertificatePermissions(CertificatePermissions.Get, CertificatePermissions.List, CertificatePermissions.Create) .Attach() .Create(); Assert.NotNull(vault); Assert.Equal(vaultName1, vault.Name); foreach (IAccessPolicy policy in vault.AccessPolicies) { if (policy.ObjectId.Equals(servicePrincipal.Id)) { Assert.Equal(1, policy.Permissions.Keys.Count); Assert.Equal(KeyPermissions.List.Value, policy.Permissions.Keys[0]); Assert.Equal(8, policy.Permissions.Secrets.Count); Assert.Equal(1, policy.Permissions.Certificates.Count); Assert.Equal(CertificatePermissions.Get.Value, policy.Permissions.Certificates[0]); } if (policy.ObjectId.Equals(user.Id)) { Assert.Equal(16, policy.Permissions.Keys.Count); Assert.Equal(8, policy.Permissions.Secrets.Count); Assert.Equal(3, policy.Permissions.Certificates.Count); } } vault = vault.Update() .UpdateAccessPolicy(servicePrincipal.Id) .AllowKeyAllPermissions() .DisallowSecretAllPermissions() .AllowCertificateAllPermissions() .Parent() .Apply(); foreach (IAccessPolicy policy in vault.AccessPolicies) { if (policy.ObjectId.Equals(servicePrincipal.Id)) { Assert.Equal(16, policy.Permissions.Keys.Count); Assert.Equal(0, policy.Permissions.Secrets.Count); Assert.Equal(14, policy.Permissions.Certificates.Count); } } } finally { try { TestHelper.CreateResourceManager().ResourceGroups.DeleteByName(rgName); } catch { } } } }
public void CanCRUDKeyVault() { using (var context = FluentMockContext.Start(GetType().FullName)) { string vaultName1 = TestUtilities.GenerateName("vault1"); string vaultName2 = TestUtilities.GenerateName("vault2"); string rgName = TestUtilities.GenerateName("rgNEMV"); IKeyVaultManager manager = TestHelper.CreateKeyVaultManager(); var spnCredentialsClientId = HttpMockServer.Variables[ConnectionStringKeys.ServicePrincipalKey]; try { IVault vault1 = manager.Vaults .Define(vaultName1) .WithRegion(Region.USWest) .WithNewResourceGroup(rgName) .WithEmptyAccessPolicy() .Create(); Assert.NotNull(vault1); Assert.Equal(vaultName1, vault1.Name); Assert.Equal(0, vault1.AccessPolicies.Count); vault1 = vault1.Update() .DefineAccessPolicy() .ForServicePrincipal(spnCredentialsClientId) .AllowKeyAllPermissions() .AllowSecretPermissions(SecretPermissions.Get) .AllowSecretPermissions(SecretPermissions.List) .Attach() .Apply(); Assert.NotNull(vault1); Assert.Equal(1, vault1.AccessPolicies.Count); Assert.Equal(KeyPermissions.All.ToString(), vault1.AccessPolicies[0].Permissions.Keys[0]); Assert.Equal(2, vault1.AccessPolicies[0].Permissions.Secrets.Count); vault1 = vault1.Update() .WithDeploymentEnabled() .WithTemplateDeploymentEnabled() .UpdateAccessPolicy(vault1.AccessPolicies.First().ObjectId) .AllowSecretAllPermissions() .Parent() .Apply(); Assert.Equal(1, vault1.AccessPolicies.Count); Assert.Equal(3, vault1.AccessPolicies[0].Permissions.Secrets.Count); IVault vault2 = manager.Vaults .Define(vaultName2) .WithRegion(Region.USEast) .WithExistingResourceGroup(rgName) .DefineAccessPolicy() .ForServicePrincipal(spnCredentialsClientId) .AllowKeyPermissions(KeyPermissions.Get) .AllowKeyPermissions(KeyPermissions.List) .AllowKeyPermissions(KeyPermissions.Decrypt) .AllowSecretPermissions(SecretPermissions.Get) .Attach() .Create(); Assert.Equal(1, vault2.AccessPolicies.Count); Assert.Equal(3, vault2.AccessPolicies[0].Permissions.Keys.Count); var vaults = manager.Vaults.ListByResourceGroup(rgName); Assert.Equal(2, vaults.Count()); manager.Vaults.DeleteById(vault1.Id); manager.Vaults.DeleteById(vault2.Id); vaults = manager.Vaults.ListByResourceGroup(rgName); Assert.Empty(vaults); } finally { try { TestHelper.CreateResourceManager().ResourceGroups.DeleteByName(rgName); } catch { } } } }
public void CanCRUDSecret() { using (var context = FluentMockContext.Start(GetType().FullName)) { IGraphRbacManager graphManager = TestHelper.CreateGraphRbacManager(); string vaultName1 = TestUtilities.GenerateName("vault1"); string secretName = TestUtilities.GenerateName("secret1"); string rgName = TestUtilities.GenerateName("rgNEMV"); IKeyVaultManager manager = TestHelper.CreateKeyVaultManager(); var spnCredentialsClientId = HttpMockServer.Variables[ConnectionStringKeys.ServicePrincipalKey]; try { IVault vault = manager.Vaults .Define(vaultName1) .WithRegion(Region.USWest) .WithNewResourceGroup(rgName) .DefineAccessPolicy() .ForServicePrincipal(spnCredentialsClientId) .AllowKeyAllPermissions() .AllowSecretAllPermissions() .Attach() .Create(); Assert.NotNull(vault); SdkContext.DelayProvider.Delay(10000); var secret = vault.Secrets.Define(secretName) .WithValue("Some secret value") .Create(); Assert.NotNull(secret); Assert.NotNull(secret.Id); Assert.Equal("Some secret value", secret.Value); secret = secret.Update() .WithValue("Some updated value") .Apply(); Assert.Equal("Some updated value", secret.Value); var versions = secret.ListVersions(); int count = 2; foreach (var version in versions) { if ("Some secret value" == version.Value) { count--; } if ("Some updated value" == version.Value) { count--; } } Assert.Equal(0, count); } finally { try { TestHelper.CreateResourceManager().ResourceGroups.DeleteByName(rgName); } catch { } } } }
public KeyVaultAccessManager(IKeyVaultManager keyVaultManager) { this.keyVaultManager = keyVaultManager; }
public CredentialLookup(IKeyVaultManager keyVaultManager, IStringGenerator stringGenerator) { this.keyVaultManager = keyVaultManager; this.stringGenerator = stringGenerator; }