/// <summary>
/// Creates a <see cref="RoleAssignment"/>.
/// </summary>
/// <param name="roleScope"> The scope of the role assignment to create. </param>
/// <param name="properties"> Properties for the role assignment. </param>
/// <param name="name">The name used to create the role assignment.</param>
/// <param name="cancellationToken"> The cancellation token to use. </param>
/// <exception cref="RequestFailedException">The server returned an error. See <see cref="Exception.Message"/> for details returned from the server.</exception>
/// <exception cref="ArgumentNullException"><paramref name="roleScope"/> or <paramref name="properties"/> is null.</exception>
public virtual async Task <Response <RoleAssignment> > CreateRoleAssignmentAsync(RoleAssignmentScope roleScope, RoleAssignmentProperties properties, Guid name = default, CancellationToken cancellationToken = default)
{
using DiagnosticScope scope = _diagnostics.CreateScope($"{nameof(KeyVaultAccessControlClient)}.{nameof(CreateRoleAssignment)}");
scope.Start();
try
{
var _name = name == default ? Guid.NewGuid().ToString() : name.ToString();
return(await _assignmentsRestClient.CreateAsync(VaultUri.AbsoluteUri, roleScope.ToString(), _name, properties, cancellationToken)
.ConfigureAwait(false));
}
catch (Exception ex)
{
scope.Failed(ex);
throw;
}
}
/// <summary>
/// Creates a <see cref="KeyVaultRoleAssignment"/>.
/// </summary>
/// <param name="roleScope">The scope of the role assignment to create.</param>
/// <param name="roleDefinitionId">The role definition ID used in the role assignment.</param>
/// <param name="principalId">The principal ID assigned to the role. This maps to the ID inside the Active Directory. It can point to a user, service principal, or security group.</param>
/// <param name="roleAssignmentName">Optional name used to create the role assignment. A new <see cref="Guid"/> will be generated if not specified.</param>
/// <param name="cancellationToken">A <see cref="CancellationToken"/> controlling the request lifetime.</param>
/// <exception cref="RequestFailedException">The server returned an error. See <see cref="Exception.Message"/> for details returned from the server.</exception>
/// <exception cref="ArgumentNullException"><paramref name="roleDefinitionId"/> or <paramref name="principalId"/> is null.</exception>
/// <exception cref="ArgumentException"><paramref name="roleDefinitionId"/> or <paramref name="principalId"/> is empty.</exception>
/// <returns>A <see cref="Task{TResult}"/> containing the result of the asynchronous operation.</returns>
public virtual async Task <Response <KeyVaultRoleAssignment> > CreateRoleAssignmentAsync(KeyVaultRoleScope roleScope, string roleDefinitionId, string principalId, Guid?roleAssignmentName = default, CancellationToken cancellationToken = default)
{
Argument.AssertNotNullOrEmpty(roleDefinitionId, nameof(roleDefinitionId));
Argument.AssertNotNullOrEmpty(principalId, nameof(principalId));
using DiagnosticScope scope = _diagnostics.CreateScope($"{nameof(KeyVaultAccessControlClient)}.{nameof(CreateRoleAssignment)}");
scope.Start();
try
{
var _name = (roleAssignmentName ?? Guid.NewGuid()).ToString();
var properties = new KeyVaultRoleAssignmentProperties(roleDefinitionId, principalId);
return(await _assignmentsRestClient.CreateAsync(VaultUri.AbsoluteUri, roleScope.ToString(), _name, new RoleAssignmentCreateParameters(properties), cancellationToken)
.ConfigureAwait(false));
}
catch (Exception ex)
{
scope.Failed(ex);
throw;
}
}
