public async Task Get()
{
#region Snippet:Managing_KeyVaults_GetAVault
VaultCollection vaultCollection = resourceGroup.GetVaults();
VaultResource vault = await vaultCollection.GetAsync("myVault");
Console.WriteLine(vault.Data.Name);
#endregion
}
public async Task KeyVaultManagementVaultTestCompoundIdentityAccessControlPolicy()
{
IgnoreTestInLiveMode();
AccessPolicy.ApplicationId = Guid.Parse(TestEnvironment.ClientId);
VaultProperties.EnableSoftDelete = null;
VaultCreateOrUpdateContent parameters = new VaultCreateOrUpdateContent(Location, VaultProperties);
parameters.Tags.InitializeFrom(Tags);
ArmOperation <VaultResource> createVault = await VaultCollection.CreateOrUpdateAsync(WaitUntil.Completed, VaultName, parameters).ConfigureAwait(false);
VaultResource vaultResponse = createVault.Value;
ValidateVault(vaultResponse.Data,
VaultName,
ResGroupName,
TestEnvironment.SubscriptionId,
TenantIdGuid,
Location,
"A",
KeyVaultSkuName.Standard,
true,
true,
true,
true,
new[] { AccessPolicy },
Tags);
// Get
Response <VaultResource> retrievedVault = await VaultCollection.GetAsync(VaultName);
ValidateVault(retrievedVault.Value.Data,
VaultName,
ResGroupName,
TestEnvironment.SubscriptionId,
TenantIdGuid,
Location,
"A",
KeyVaultSkuName.Standard,
true,
true,
true,
true,
new[] { AccessPolicy },
Tags);
// Delete
await retrievedVault.Value.DeleteAsync(WaitUntil.Completed);
Assert.ThrowsAsync <RequestFailedException>(async() =>
{
await VaultCollection.GetAsync(VaultName);
});
}
public async Task Delete()
{
#region Snippet:Managing_KeyVaults_DeleteAVault
VaultCollection vaultCollection = resourceGroup.GetVaults();
VaultResource vault = await vaultCollection.GetAsync("myVault");
await vault.DeleteAsync(WaitUntil.Completed);
#endregion
}
public async Task KeyVaultManagementRecoverDeletedVault()
{
IgnoreTestInLiveMode();
VaultCreateOrUpdateContent parameters = new VaultCreateOrUpdateContent(Location, VaultProperties);
parameters.Tags.InitializeFrom(Tags);
ArmOperation <VaultResource> createdVault = await VaultCollection.CreateOrUpdateAsync(WaitUntil.Completed, VaultName, parameters).ConfigureAwait(false);
VaultResource vaultValue = createdVault.Value;
// Delete
await vaultValue.DeleteAsync(WaitUntil.Completed);
// Get deleted vault
Assert.ThrowsAsync <RequestFailedException>(async() =>
{
await VaultCollection.GetAsync(VaultName);
});
parameters = new VaultCreateOrUpdateContent(Location, VaultProperties);
parameters.Tags.InitializeFrom(Tags);
// Recover in default mode
ArmOperation <VaultResource> recoveredRawVault = await VaultCollection.CreateOrUpdateAsync(WaitUntil.Completed, VaultName, parameters).ConfigureAwait(false);
VaultResource recoveredVault = recoveredRawVault.Value;
Assert.True(recoveredVault.Data.IsEqual(vaultValue.Data));
// Get recovered vault
Response <VaultResource> getResult = await VaultCollection.GetAsync(VaultName);
// Delete
await getResult.Value.DeleteAsync(WaitUntil.Completed);
VaultProperties.CreateMode = VaultCreateMode.Recover;
parameters = new VaultCreateOrUpdateContent(Location, VaultProperties);
// Recover in recover mode
ArmOperation <VaultResource> recoveredRawVault2 = await VaultCollection.CreateOrUpdateAsync(WaitUntil.Completed, VaultName, parameters).ConfigureAwait(false);
VaultResource recoveredVault2 = recoveredRawVault.Value;
Assert.True(recoveredVault2.Data.IsEqual(vaultValue.Data));
// Get recovered vault
getResult = await VaultCollection.GetAsync(VaultName);
// Delete
await getResult.Value.DeleteAsync(WaitUntil.Completed);
}
public async Task NewCode()
{
#region Snippet:Changelog_NewCode
ArmClient armClient = new ArmClient(new DefaultAzureCredential());
SubscriptionResource subscription = await armClient.GetDefaultSubscriptionAsync();
ResourceGroupResource resourceGroup = await subscription.GetResourceGroups().GetAsync("myRgName");
VaultCollection vaultCollection = resourceGroup.GetVaults();
VaultCreateOrUpdateParameters parameters = new VaultCreateOrUpdateParameters(AzureLocation.WestUS2, new VaultProperties(Guid.NewGuid(), new KeyVaultSku(KeyVaultSkuFamily.A, KeyVaultSkuName.Standard)));
ArmOperation <VaultResource> lro = await vaultCollection.CreateOrUpdateAsync(WaitUntil.Completed, "myVaultName", parameters);
VaultResource vault = lro.Value;
#endregion
}
public async Task KeyVaultManagementListVaults()
{
IgnoreTestInLiveMode();
int n = 3;
int top = 2;
VaultProperties.EnableSoftDelete = null;
List <string> resourceIds = new List <string>();
List <VaultResource> vaultList = new List <VaultResource>();
for (int i = 0; i < n; i++)
{
string vaultName = Recording.GenerateAssetName("sdktest-vault-");
VaultCreateOrUpdateContent parameters = new VaultCreateOrUpdateContent(Location, VaultProperties);
parameters.Tags.InitializeFrom(Tags);
ArmOperation <VaultResource> createdVault = await VaultCollection.CreateOrUpdateAsync(WaitUntil.Completed, vaultName, parameters).ConfigureAwait(false);
VaultResource vaultValue = createdVault.Value;
Assert.NotNull(vaultValue);
Assert.NotNull(vaultValue.Id);
resourceIds.Add(vaultValue.Id);
vaultList.Add(vaultValue);
}
AsyncPageable <VaultResource> vaults = VaultCollection.GetAllAsync(top);
await foreach (var v in vaults)
{
Assert.True(resourceIds.Remove(v.Id));
}
Assert.True(resourceIds.Count == 0);
AsyncPageable <VaultResource> allVaults = VaultCollection.GetAllAsync(top);
Assert.NotNull(vaults);
// Delete
foreach (var item in vaultList)
{
await item.DeleteAsync(WaitUntil.Completed);
}
}
public async Task CreateOrUpdate()
{
#region Snippet:Managing_KeyVaults_CreateAVault
VaultCollection vaultCollection = resourceGroup.GetVaults();
string vaultName = "myVault";
Guid tenantIdGuid = new Guid("Your tenantId");
string objectId = "Your Object Id";
IdentityAccessPermissions permissions = new IdentityAccessPermissions
{
Keys = { new KeyPermission("all") },
Secrets = { new SecretPermission("all") },
Certificates = { new CertificatePermission("all") },
Storage = { new StoragePermission("all") },
};
AccessPolicyEntry AccessPolicy = new AccessPolicyEntry(tenantIdGuid, objectId, permissions);
VaultProperties VaultProperties = new VaultProperties(tenantIdGuid, new KeyVaultSku(KeyVaultSkuFamily.A, KeyVaultSkuName.Standard));
VaultProperties.EnabledForDeployment = true;
VaultProperties.EnabledForDiskEncryption = true;
VaultProperties.EnabledForTemplateDeployment = true;
VaultProperties.EnableSoftDelete = true;
VaultProperties.VaultUri = new Uri("http://vaulturi.com");
VaultProperties.NetworkAcls = new NetworkRuleSet()
{
Bypass = "******",
DefaultAction = "Allow",
IPRules =
{
new IPRule("1.2.3.4/32"),
new IPRule("1.0.0.0/25")
}
};
VaultProperties.AccessPolicies.Add(AccessPolicy);
VaultCreateOrUpdateContent parameters = new VaultCreateOrUpdateContent(AzureLocation.WestUS, VaultProperties);
var rawVault = await vaultCollection.CreateOrUpdateAsync(WaitUntil.Started, vaultName, parameters).ConfigureAwait(false);
VaultResource vault = await rawVault.WaitForCompletionAsync();
#endregion
}
public async Task KeyVaultManagementListDeletedVaults()
{
IgnoreTestInLiveMode();
int n = 3;
List <string> resourceIds = new List <string>();
List <VaultResource> vaultList = new List <VaultResource>();
VaultCreateOrUpdateContent parameters = new VaultCreateOrUpdateContent(Location, VaultProperties);
parameters.Tags.InitializeFrom(Tags);
for (int i = 0; i < n; i++)
{
string vaultName = Recording.GenerateAssetName("sdktest-vault-");
ArmOperation <VaultResource> createdRawVault = await VaultCollection.CreateOrUpdateAsync(WaitUntil.Completed, vaultName, parameters).ConfigureAwait(false);
VaultResource createdVault = createdRawVault.Value;
Assert.NotNull(createdVault.Data);
Assert.NotNull(createdVault.Data.Id);
resourceIds.Add(createdVault.Data.Id);
vaultList.Add(createdVault);
await createdVault.DeleteAsync(WaitUntil.Completed).ConfigureAwait(false);
Response <DeletedVaultResource> deletedVault = await DeletedVaultCollection.GetAsync(Location, vaultName).ConfigureAwait(false);
Assert.IsTrue(deletedVault.Value.Data.Name.Equals(createdVault.Data.Name));
}
List <DeletedVaultResource> deletedVaults = Subscription.GetDeletedVaultsAsync().ToEnumerableAsync().Result;
Assert.NotNull(deletedVaults);
foreach (var v in deletedVaults)
{
bool exists = resourceIds.Remove(v.Data.Properties.VaultId);
if (resourceIds.Count == 0)
{
break;
}
}
Assert.True(resourceIds.Count == 0);
}
public async Task PrivateEndpointConnectionCreateAndUpdate()
{
/*
* CAUTION: all private endpoint methods do not work properly now, so just temporally use Network's private endpoint methods for testing.
* Will confirm service team that this is expected.
*/
// Create a vault first
VaultResource vaultResource = (await CreateVault()).Value;
// Create a vnet
VirtualNetworkResource vnetResource = (await createVirtualNetwork()).Value;
// Create the private endpoint
PrivateEndpointData privateEndpointData = new PrivateEndpointData
{
Location = Location,
Subnet = vnetResource.Data.Subnets[0],
ManualPrivateLinkServiceConnections =
{
new PrivateLinkServiceConnection
{
Name = Recording.GenerateAssetName("pec"),
// TODO: externalize or create the service on-demand, like virtual network
//PrivateLinkServiceId = $"/subscriptions/{SubscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.KeyVault/vaults/{vaultName}",
PrivateLinkServiceId = vaultResource.Data.Id.ToString(),
RequestMessage = "SDK test",
GroupIds = { "vault" }
}
},
};
string privateEndpointName = Recording.GenerateAssetName("pe-");
PrivateEndpointCollection privateEndpointCollection = ResourceGroupResource.GetPrivateEndpoints();
PrivateEndpointResource privateEndpoint = (await privateEndpointCollection.CreateOrUpdateAsync(WaitUntil.Completed, privateEndpointName, privateEndpointData)).Value;
// get
privateEndpoint = (await privateEndpointCollection.GetAsync(privateEndpointName)).Value;
Assert.AreEqual(privateEndpoint.Data.Name, privateEndpointName);
Assert.AreEqual(privateEndpoint.Data.Location, Location.ToString());
Assert.IsEmpty(privateEndpoint.Data.Tags);
// update
privateEndpointData.Tags.Add("test", "test");
privateEndpoint = (await privateEndpointCollection.CreateOrUpdateAsync(WaitUntil.Completed, privateEndpoint.Data.Name, privateEndpointData)).Value;
Assert.AreEqual(privateEndpoint.Data.Name, privateEndpointName);
Assert.AreEqual(privateEndpoint.Data.Location, Location.ToString());
Assert.That(privateEndpoint.Data.Tags, Has.Count.EqualTo(1));
Assert.That(privateEndpoint.Data.Tags, Does.ContainKey("test").WithValue("test"));
// list
List <PrivateEndpointResource> privateEndpoints = (await privateEndpointCollection.GetAllAsync().ToEnumerableAsync());
Assert.That(privateEndpoints, Has.Count.EqualTo(1));
Assert.AreEqual(privateEndpointName, privateEndpoint.Data.Name);
// delete
await privateEndpoint.DeleteAsync(WaitUntil.Completed);
// list all
privateEndpoints = (await Subscription.GetPrivateEndpointsAsync().ToEnumerableAsync());
Assert.That(privateEndpoints, Has.None.Matches <PrivateEndpointResource>(p => p.Data.Name == privateEndpointName));
}
public async Task WebAppKeyVaultConnectionCRUD()
{
string resourceGroupName = Recording.GenerateAssetName("SdkRg");
string webAppName = Recording.GenerateAssetName("SdkWeb");
string vaultName = Recording.GenerateAssetName("SdkVault");
string linkerName = Recording.GenerateAssetName("SdkLinker");
// create resource group
await ResourceGroups.CreateOrUpdateAsync(WaitUntil.Completed, resourceGroupName, new Resources.ResourceGroupData(DefaultLocation));
ResourceGroupResource resourceGroup = await ResourceGroups.GetAsync(resourceGroupName);
// create web app
WebSiteCollection webSites = resourceGroup.GetWebSites();
await webSites.CreateOrUpdateAsync(WaitUntil.Completed, webAppName, new WebSiteData(DefaultLocation));
WebSiteResource webapp = await webSites.GetAsync(webAppName);
// create key vault
VaultCollection vaults = resourceGroup.GetVaults();
var vaultProperties = new VaultProperties(new Guid(TestEnvironment.TenantId), new KeyVaultSku(KeyVaultSkuFamily.A, KeyVaultSkuName.Standard));
vaultProperties.AccessPolicies.Clear();
await vaults.CreateOrUpdateAsync(WaitUntil.Completed, vaultName, new VaultCreateOrUpdateContent(DefaultLocation, vaultProperties));
VaultResource vault = await vaults.GetAsync(vaultName);
// create service linker
LinkerResourceCollection linkers = webapp.GetLinkerResources();
var linkerData = new LinkerResourceData
{
TargetService = new Models.AzureResource
{
Id = vault.Id,
},
AuthInfo = new SystemAssignedIdentityAuthInfo(),
ClientType = ClientType.Dotnet,
};
await linkers.CreateOrUpdateAsync(WaitUntil.Completed, linkerName, linkerData);
// list service linker
var linkerResources = await linkers.GetAllAsync().ToEnumerableAsync();
Assert.AreEqual(1, linkerResources.Count);
Assert.AreEqual(linkerName, linkerResources[0].Data.Name);
// get service linker
LinkerResource linker = await linkers.GetAsync(linkerName);
Assert.IsTrue(linker.Id.ToString().StartsWith(webapp.Id.ToString(), StringComparison.InvariantCultureIgnoreCase));
Assert.AreEqual(vault.Id.ToString(), (linker.Data.TargetService as AzureResource).Id);
Assert.AreEqual(AuthType.SystemAssignedIdentity, linker.Data.AuthInfo.AuthType);
// get service linker configurations
SourceConfigurationResult configurations = await linker.GetConfigurationsAsync();
foreach (var configuration in configurations.Configurations)
{
Assert.IsNotNull(configuration.Name);
Assert.IsNotNull(configuration.Value);
}
// delete service linker
var operation = await linker.DeleteAsync(WaitUntil.Completed);
Assert.IsTrue(operation.HasCompleted);
}
