public override void ExecuteCmdlet() { if (VaultExistsInCurrentSubscription(this.VaultName)) { throw new ArgumentException(PSKeyVaultProperties.Resources.VaultAlreadyExists); } var newVault = KeyVaultManagementClient.CreateNewVault(new PSKeyVaultModels.VaultCreationParameters() { VaultName = this.VaultName, ResourceGroupName = this.ResourceGroupName, Location = this.Location, EnabledForDeployment = this.EnabledForDeployment.IsPresent, SkuFamilyName = DefaultSkuFamily, SkuName = string.IsNullOrWhiteSpace(this.Sku) ? DefaultSkuName : this.Sku, TenantId = GetTenantId(), ObjectId = GetCurrentUsersObjectId(), PermissionsToKeys = DefaultPermissionsToKeys, PermissionsToSecrets = DefaultPermissionsToSecrets, Tags = this.Tag }, ActiveDirectoryClient ); this.WriteObject(newVault); }
public override void ExecuteCmdlet() { WriteWarning("The usage of Tag parameter in this cmdlet will be modified in a future release. This will impact creating, updating and appending tags for Azure resources. For more details about the change, please visit https://github.com/Azure/azure-powershell/issues/726#issuecomment-213545494"); if (VaultExistsInCurrentSubscription(this.VaultName)) { throw new ArgumentException(PSKeyVaultProperties.Resources.VaultAlreadyExists); } var userObjectId = Guid.Empty; AccessPolicyEntry accessPolicy = null; try { userObjectId = GetCurrentUsersObjectId(); } catch (Exception ex) { // Show the graph exceptions as a warning, but still proceed to create a vault with no access policy // This is to unblock Key Vault in Fairfax as Graph has issues in this environment. WriteWarning(ex.Message); } if (userObjectId != Guid.Empty) { accessPolicy = new AccessPolicyEntry() { TenantId = GetTenantId(), ObjectId = userObjectId, PermissionsToKeys = DefaultPermissionsToKeys, PermissionsToSecrets = DefaultPermissionsToSecrets }; } var newVault = KeyVaultManagementClient.CreateNewVault(new PSKeyVaultModels.VaultCreationParameters() { VaultName = this.VaultName, ResourceGroupName = this.ResourceGroupName, Location = this.Location, EnabledForDeployment = this.EnabledForDeployment.IsPresent, EnabledForTemplateDeployment = EnabledForTemplateDeployment.IsPresent, EnabledForDiskEncryption = EnabledForDiskEncryption.IsPresent, SkuFamilyName = DefaultSkuFamily, SkuName = string.IsNullOrWhiteSpace(this.Sku) ? DefaultSkuName : this.Sku, TenantId = GetTenantId(), AccessPolicy = accessPolicy, Tags = this.Tag }, ActiveDirectoryClient ); this.WriteObject(newVault); if (accessPolicy == null) { WriteWarning(PSKeyVaultProperties.Resources.VaultNoAccessPolicyWarning); } }
public override void ExecuteCmdlet() { if (VaultExistsInCurrentSubscription(this.VaultName)) { throw new ArgumentException(PSKeyVaultProperties.Resources.VaultAlreadyExists); } var userObjectId = Guid.Empty; AccessPolicyEntry accessPolicy = null; try { userObjectId = GetCurrentUsersObjectId(); } catch (Exception ex) { // Show the graph exceptions as a warning, but still proceed to create a vault with no access policy // This is to unblock Key Vault in Fairfax as Graph has issues in this environment. WriteWarning(ex.Message); } if (userObjectId != Guid.Empty) { accessPolicy = new AccessPolicyEntry() { TenantId = GetTenantId(), ObjectId = userObjectId, PermissionsToKeys = DefaultPermissionsToKeys, PermissionsToSecrets = DefaultPermissionsToSecrets }; } var newVault = KeyVaultManagementClient.CreateNewVault(new PSKeyVaultModels.VaultCreationParameters() { VaultName = this.VaultName, ResourceGroupName = this.ResourceGroupName, Location = this.Location, EnabledForDeployment = this.EnabledForDeployment.IsPresent, EnabledForTemplateDeployment = EnabledForTemplateDeployment.IsPresent, EnabledForDiskEncryption = EnabledForDiskEncryption.IsPresent, SkuFamilyName = DefaultSkuFamily, SkuName = string.IsNullOrWhiteSpace(this.Sku) ? DefaultSkuName : this.Sku, TenantId = GetTenantId(), AccessPolicy = accessPolicy, Tags = this.Tag }, ActiveDirectoryClient ); this.WriteObject(newVault); if (accessPolicy == null) { WriteWarning(PSKeyVaultProperties.Resources.VaultNoAccessPolicyWarning); } }
public override void ExecuteCmdlet() { if (ShouldProcess(VaultName, Properties.Resources.RecoverVault)) { var newVault = KeyVaultManagementClient.CreateNewVault(new PSKeyVaultModels.VaultCreationParameters() { VaultName = this.VaultName, ResourceGroupName = this.ResourceGroupName, Location = this.Location, Tags = this.Tag, CreateMode = CreateMode.Recover }); this.WriteObject(newVault); } }
public override void ExecuteCmdlet() { if (InputObject != null) { WriteWarning("Undo-AzureRmKeyVaultRemoval: ResourceGroupName will be removed from the InputObject parameter set in May 2018, and will instead be obtained from the ResourceId."); VaultName = InputObject.VaultName; Location = InputObject.Location; } if (ShouldProcess(VaultName, Properties.Resources.RecoverVault)) { var newVault = KeyVaultManagementClient.CreateNewVault(new VaultCreationParameters() { VaultName = this.VaultName, ResourceGroupName = this.ResourceGroupName, Location = this.Location, Tags = this.Tag, CreateMode = CreateMode.Recover }); this.WriteObject(newVault); } }
public override void ExecuteCmdlet() { if (InputObject != null) { VaultName = InputObject.VaultName; Location = InputObject.Location; var resourceIdentifier = new ResourceIdentifier(InputObject.ResourceId); ResourceGroupName = resourceIdentifier.ResourceGroupName; } if (ShouldProcess(VaultName, Properties.Resources.RecoverVault)) { var newVault = KeyVaultManagementClient.CreateNewVault(new VaultCreationParameters() { VaultName = this.VaultName, ResourceGroupName = this.ResourceGroupName, Location = this.Location, Tags = this.Tag, CreateMode = CreateMode.Recover }); this.WriteObject(newVault); } }
public override void ExecuteCmdlet() { if (ShouldProcess(Name, Properties.Resources.CreateKeyVault)) { if (VaultExistsInCurrentSubscription(Name)) { throw new ArgumentException(Resources.VaultAlreadyExists); } var userObjectId = string.Empty; AccessPolicyEntry accessPolicy = null; try { userObjectId = GetCurrentUsersObjectId(); } catch (Exception ex) { // Show the graph exceptions as a warning, but still proceed to create a vault with no access policy // This is to unblock Key Vault in Fairfax as Graph has issues in this environment. WriteWarning(ex.Message); } if (!string.IsNullOrWhiteSpace(userObjectId)) { accessPolicy = new AccessPolicyEntry() { TenantId = GetTenantId(), ObjectId = userObjectId, Permissions = new Permissions { Keys = DefaultPermissionsToKeys, Secrets = DefaultPermissionsToSecrets, Certificates = DefaultPermissionsToCertificates, Storage = DefaultPermissionsToStorage } }; } var newVault = KeyVaultManagementClient.CreateNewVault(new VaultCreationParameters() { VaultName = this.Name, ResourceGroupName = this.ResourceGroupName, Location = this.Location, EnabledForDeployment = this.EnabledForDeployment.IsPresent, EnabledForTemplateDeployment = EnabledForTemplateDeployment.IsPresent, EnabledForDiskEncryption = EnabledForDiskEncryption.IsPresent, EnableSoftDelete = EnableSoftDelete.IsPresent, EnablePurgeProtection = EnablePurgeProtection.IsPresent, SkuFamilyName = DefaultSkuFamily, SkuName = this.Sku, TenantId = GetTenantId(), AccessPolicy = accessPolicy, NetworkAcls = new NetworkRuleSet(), // New key-vault takes in default network rule set Tags = this.Tag }, ActiveDirectoryClient); this.WriteObject(newVault); if (accessPolicy == null) { WriteWarning(Resources.VaultNoAccessPolicyWarning); } } }
public override void ExecuteCmdlet() { MSGraphMessageHelper.WriteMessageForCmdletsSwallowException(this); if (ShouldProcess(Name, Properties.Resources.CreateKeyVault)) { if (VaultExistsInCurrentSubscription(Name)) { throw new ArgumentException(Resources.VaultAlreadyExists); } var userObjectId = string.Empty; AccessPolicyEntry accessPolicy = null; try { userObjectId = GetCurrentUsersObjectId(); } catch (Exception ex) { // Show the graph exceptions as a warning, but still proceed to create a vault with no access policy // This is to unblock Key Vault in Fairfax as Graph has issues in this environment. WriteWarning(ex.Message); } if (!string.IsNullOrWhiteSpace(userObjectId)) { accessPolicy = new AccessPolicyEntry() { TenantId = GetTenantId(), ObjectId = userObjectId, Permissions = new Permissions { Keys = DefaultPermissionsToKeys, Secrets = DefaultPermissionsToSecrets, Certificates = DefaultPermissionsToCertificates, Storage = DefaultPermissionsToStorage } }; } var newVault = KeyVaultManagementClient.CreateNewVault(new VaultCreationOrUpdateParameters() { Name = this.Name, ResourceGroupName = this.ResourceGroupName, Location = this.Location, EnabledForDeployment = this.EnabledForDeployment.IsPresent, EnabledForTemplateDeployment = EnabledForTemplateDeployment.IsPresent, EnabledForDiskEncryption = EnabledForDiskEncryption.IsPresent, EnableSoftDelete = null, EnablePurgeProtection = EnablePurgeProtection.IsPresent ? true : (bool?)null, // false is not accepted EnableRbacAuthorization = EnableRbacAuthorization.IsPresent, /* * If retention days is not specified, use the default value, * else use the vault user provides */ SoftDeleteRetentionInDays = this.IsParameterBound(c => c.SoftDeleteRetentionInDays) ? SoftDeleteRetentionInDays : Constants.DefaultSoftDeleteRetentionDays, SkuFamilyName = DefaultSkuFamily, SkuName = this.Sku, TenantId = GetTenantId(), AccessPolicy = accessPolicy, NetworkAcls = new NetworkRuleSet(), // New key-vault takes in default network rule set Tags = this.Tag }, GraphClient, NetworkRuleSet); this.WriteObject(newVault); if (accessPolicy == null) { WriteWarning(Resources.VaultNoAccessPolicyWarning); } } }