public async Task KeyVaultManagementVaultTestCompoundIdentityAccessControlPolicy()
{
AccessPolicy.ApplicationId = Guid.Parse(TestEnvironment.ClientId);
VaultProperties.EnableSoftDelete = null;
var parameters = new VaultCreateOrUpdateParameters(Location, VaultProperties);
parameters.Tags.InitializeFrom(Tags);
var createVault = await VaultCollection.CreateOrUpdateAsync(true,
vaultName : VaultName,
parameters : parameters
).ConfigureAwait(false);
var vaultResponse = createVault.Value;
ValidateVault(vaultResponse.Data,
VaultName,
ResGroupName,
TestEnvironment.SubscriptionId,
TenantIdGuid,
Location,
"A",
SkuName.Standard,
true,
true,
true,
true,
new[] { AccessPolicy },
Tags);
// Get
var retrievedVault = await VaultCollection.GetAsync(VaultName);
ValidateVault(retrievedVault.Value.Data,
VaultName,
ResGroupName,
TestEnvironment.SubscriptionId,
TenantIdGuid,
Location,
"A",
SkuName.Standard,
true,
true,
true,
true,
new[] { AccessPolicy },
Tags);
// Delete
await retrievedVault.Value.DeleteAsync(true);
Assert.ThrowsAsync <RequestFailedException>(async() =>
{
await VaultCollection.GetAsync(VaultName);
});
}
public async Task Get()
{
#region Snippet:Managing_KeyVaults_GetAVault
VaultCollection vaultCollection = resourceGroup.GetVaults();
VaultResource vault = await vaultCollection.GetAsync("myVault");
Console.WriteLine(vault.Data.Name);
#endregion
}
public async Task Delete()
{
#region Snippet:Managing_KeyVaults_DeleteAVault
VaultCollection vaultCollection = resourceGroup.GetVaults();
VaultResource vault = await vaultCollection.GetAsync("myVault");
await vault.DeleteAsync(WaitUntil.Completed);
#endregion
}
public async Task KeyVaultManagementRecoverDeletedVault()
{
IgnoreTestInLiveMode();
VaultCreateOrUpdateContent parameters = new VaultCreateOrUpdateContent(Location, VaultProperties);
parameters.Tags.InitializeFrom(Tags);
ArmOperation <VaultResource> createdVault = await VaultCollection.CreateOrUpdateAsync(WaitUntil.Completed, VaultName, parameters).ConfigureAwait(false);
VaultResource vaultValue = createdVault.Value;
// Delete
await vaultValue.DeleteAsync(WaitUntil.Completed);
// Get deleted vault
Assert.ThrowsAsync <RequestFailedException>(async() =>
{
await VaultCollection.GetAsync(VaultName);
});
parameters = new VaultCreateOrUpdateContent(Location, VaultProperties);
parameters.Tags.InitializeFrom(Tags);
// Recover in default mode
ArmOperation <VaultResource> recoveredRawVault = await VaultCollection.CreateOrUpdateAsync(WaitUntil.Completed, VaultName, parameters).ConfigureAwait(false);
VaultResource recoveredVault = recoveredRawVault.Value;
Assert.True(recoveredVault.Data.IsEqual(vaultValue.Data));
// Get recovered vault
Response <VaultResource> getResult = await VaultCollection.GetAsync(VaultName);
// Delete
await getResult.Value.DeleteAsync(WaitUntil.Completed);
VaultProperties.CreateMode = VaultCreateMode.Recover;
parameters = new VaultCreateOrUpdateContent(Location, VaultProperties);
// Recover in recover mode
ArmOperation <VaultResource> recoveredRawVault2 = await VaultCollection.CreateOrUpdateAsync(WaitUntil.Completed, VaultName, parameters).ConfigureAwait(false);
VaultResource recoveredVault2 = recoveredRawVault.Value;
Assert.True(recoveredVault2.Data.IsEqual(vaultValue.Data));
// Get recovered vault
getResult = await VaultCollection.GetAsync(VaultName);
// Delete
await getResult.Value.DeleteAsync(WaitUntil.Completed);
}
public async Task KeyVaultManagementRecoverDeletedVault()
{
var parameters = new VaultCreateOrUpdateParameters(Location, VaultProperties);
parameters.Tags.InitializeFrom(Tags);
var createdVault = await VaultCollection.CreateOrUpdateAsync(true, VaultName, parameters).ConfigureAwait(false);
var vaultValue = createdVault.Value;
// Delete
await vaultValue.DeleteAsync(true);
// Get deleted vault
Assert.ThrowsAsync <RequestFailedException>(async() =>
{
await VaultCollection.GetAsync(VaultName);
});
parameters = new VaultCreateOrUpdateParameters(Location, VaultProperties);
parameters.Tags.InitializeFrom(Tags);
// Recover in default mode
var recoveredRawVault = await VaultCollection.CreateOrUpdateAsync(true, VaultName, parameters).ConfigureAwait(false);
var recoveredVault = recoveredRawVault.Value;
Assert.True(recoveredVault.Data.IsEqual(vaultValue.Data));
// Get recovered vault
var getResult = await VaultCollection.GetAsync(VaultName);
// Delete
await getResult.Value.DeleteAsync(true);
VaultProperties.CreateMode = CreateMode.Recover;
parameters = new VaultCreateOrUpdateParameters(Location, VaultProperties);
// Recover in recover mode
var recoveredRawVault2 = await VaultCollection.CreateOrUpdateAsync(true, VaultName, parameters).ConfigureAwait(false);
var recoveredVault2 = recoveredRawVault.Value;
Assert.True(recoveredVault2.Data.IsEqual(vaultValue.Data));
// Get recovered vault
getResult = await VaultCollection.GetAsync(VaultName);
// Delete
await getResult.Value.DeleteAsync(true);
}
public async Task KeyVaultManagementVaultCreateUpdateDelete()
{
VaultProperties.EnableSoftDelete = null;
var parameters = new VaultCreateOrUpdateParameters(Location, VaultProperties);
parameters.Tags.InitializeFrom(Tags);
var rawVault = await VaultCollection.CreateOrUpdateAsync(true, VaultName, parameters).ConfigureAwait(false);
var createdVault = rawVault.Value.Data;
ValidateVault(createdVault,
VaultName,
ResGroupName,
TestEnvironment.SubscriptionId,
TenantIdGuid,
Location,
"A",
SkuName.Standard,
true,
true,
true,
true, // enableSoftDelete defaults to true
new[] { AccessPolicy },
VaultProperties.NetworkAcls,
Tags);
//Update
AccessPolicy.Permissions.Secrets.Clear();
AccessPolicy.Permissions.Secrets.Add(SecretPermissions.Get);
AccessPolicy.Permissions.Secrets.Add(SecretPermissions.Set);
(AccessPolicy.Permissions.Keys as ChangeTrackingList <KeyPermissions>).Reset();
AccessPolicy.Permissions.Storage.Clear();
AccessPolicy.Permissions.Storage.Add(StoragePermissions.Get);
AccessPolicy.Permissions.Storage.Add(StoragePermissions.Regeneratekey);
createdVault.Properties.AccessPolicies.Clear();
createdVault.Properties.AccessPolicies.Add(AccessPolicy);
createdVault.Properties.Sku.Name = SkuName.Premium;
parameters = new VaultCreateOrUpdateParameters(Location, createdVault.Properties);
parameters.Tags.InitializeFrom(Tags);
var rawUpdateVault = await VaultCollection.CreateOrUpdateAsync(true, VaultName, parameters).ConfigureAwait(false);
var updateVault = rawUpdateVault.Value.Data;
ValidateVault(updateVault,
VaultName,
ResGroupName,
TestEnvironment.SubscriptionId,
TenantIdGuid,
Location,
"A",
SkuName.Premium,
true,
true,
true,
true,
new[] { AccessPolicy },
VaultProperties.NetworkAcls,
Tags);
var rawRetrievedVault = await VaultCollection.GetAsync(VaultName);
var retrievedVault = rawRetrievedVault.Value.Data;
ValidateVault(retrievedVault,
VaultName,
ResGroupName,
TestEnvironment.SubscriptionId,
TenantIdGuid,
Location,
"A",
SkuName.Premium,
true,
true,
true,
true,
new[] { AccessPolicy },
VaultProperties.NetworkAcls,
Tags);
// Delete
var deleteVault = await rawRetrievedVault.Value.DeleteAsync(true);
Assert.ThrowsAsync <RequestFailedException>(async() =>
{
await VaultCollection.GetAsync(VaultName);
});
}
public async Task KeyVaultManagementVaultCreateUpdateDelete()
{
IgnoreTestInLiveMode();
VaultProperties.EnableSoftDelete = null;
VaultCreateOrUpdateContent parameters = new VaultCreateOrUpdateContent(Location, VaultProperties);
parameters.Tags.InitializeFrom(Tags);
ArmOperation <VaultResource> rawVault = await VaultCollection.CreateOrUpdateAsync(WaitUntil.Completed, VaultName, parameters).ConfigureAwait(false);
VaultData createdVault = rawVault.Value.Data;
ValidateVault(createdVault,
VaultName,
ResGroupName,
TestEnvironment.SubscriptionId,
TenantIdGuid,
Location,
"A",
KeyVaultSkuName.Standard,
true,
true,
true,
true, // enableSoftDelete defaults to true
new[] { AccessPolicy },
VaultProperties.NetworkRuleSet,
Tags);
//Update
AccessPolicy.Permissions.Secrets.Clear();
AccessPolicy.Permissions.Secrets.Add(SecretPermission.Get);
AccessPolicy.Permissions.Secrets.Add(SecretPermission.Set);
(AccessPolicy.Permissions.Keys as ChangeTrackingList <KeyPermission>).Reset();
AccessPolicy.Permissions.Storage.Clear();
AccessPolicy.Permissions.Storage.Add(StoragePermission.Get);
AccessPolicy.Permissions.Storage.Add(StoragePermission.RegenerateKey);
createdVault.Properties.AccessPolicies.Clear();
createdVault.Properties.AccessPolicies.Add(AccessPolicy);
createdVault.Properties.Sku.Name = KeyVaultSkuName.Premium;
parameters = new VaultCreateOrUpdateContent(Location, createdVault.Properties);
parameters.Tags.InitializeFrom(Tags);
ArmOperation <VaultResource> rawUpdateVault = await VaultCollection.CreateOrUpdateAsync(WaitUntil.Completed, VaultName, parameters).ConfigureAwait(false);
VaultData updateVault = rawUpdateVault.Value.Data;
ValidateVault(updateVault,
VaultName,
ResGroupName,
TestEnvironment.SubscriptionId,
TenantIdGuid,
Location,
"A",
KeyVaultSkuName.Premium,
true,
true,
true,
true,
new[] { AccessPolicy },
VaultProperties.NetworkRuleSet,
Tags);
Response <VaultResource> rawRetrievedVault = await VaultCollection.GetAsync(VaultName);
VaultData retrievedVault = rawRetrievedVault.Value.Data;
ValidateVault(retrievedVault,
VaultName,
ResGroupName,
TestEnvironment.SubscriptionId,
TenantIdGuid,
Location,
"A",
KeyVaultSkuName.Premium,
true,
true,
true,
true,
new[] { AccessPolicy },
VaultProperties.NetworkRuleSet,
Tags);
// Delete
ArmOperation deleteVault = await rawRetrievedVault.Value.DeleteAsync(WaitUntil.Completed);
Assert.ThrowsAsync <RequestFailedException>(async() =>
{
await VaultCollection.GetAsync(VaultName);
});
}
public async Task WebAppKeyVaultConnectionCRUD()
{
string resourceGroupName = Recording.GenerateAssetName("SdkRg");
string webAppName = Recording.GenerateAssetName("SdkWeb");
string vaultName = Recording.GenerateAssetName("SdkVault");
string linkerName = Recording.GenerateAssetName("SdkLinker");
// create resource group
await ResourceGroups.CreateOrUpdateAsync(WaitUntil.Completed, resourceGroupName, new Resources.ResourceGroupData(DefaultLocation));
ResourceGroupResource resourceGroup = await ResourceGroups.GetAsync(resourceGroupName);
// create web app
WebSiteCollection webSites = resourceGroup.GetWebSites();
await webSites.CreateOrUpdateAsync(WaitUntil.Completed, webAppName, new WebSiteData(DefaultLocation));
WebSiteResource webapp = await webSites.GetAsync(webAppName);
// create key vault
VaultCollection vaults = resourceGroup.GetVaults();
var vaultProperties = new VaultProperties(new Guid(TestEnvironment.TenantId), new KeyVaultSku(KeyVaultSkuFamily.A, KeyVaultSkuName.Standard));
vaultProperties.AccessPolicies.Clear();
await vaults.CreateOrUpdateAsync(WaitUntil.Completed, vaultName, new VaultCreateOrUpdateContent(DefaultLocation, vaultProperties));
VaultResource vault = await vaults.GetAsync(vaultName);
// create service linker
LinkerResourceCollection linkers = webapp.GetLinkerResources();
var linkerData = new LinkerResourceData
{
TargetService = new Models.AzureResource
{
Id = vault.Id,
},
AuthInfo = new SystemAssignedIdentityAuthInfo(),
ClientType = ClientType.Dotnet,
};
await linkers.CreateOrUpdateAsync(WaitUntil.Completed, linkerName, linkerData);
// list service linker
var linkerResources = await linkers.GetAllAsync().ToEnumerableAsync();
Assert.AreEqual(1, linkerResources.Count);
Assert.AreEqual(linkerName, linkerResources[0].Data.Name);
// get service linker
LinkerResource linker = await linkers.GetAsync(linkerName);
Assert.IsTrue(linker.Id.ToString().StartsWith(webapp.Id.ToString(), StringComparison.InvariantCultureIgnoreCase));
Assert.AreEqual(vault.Id.ToString(), (linker.Data.TargetService as AzureResource).Id);
Assert.AreEqual(AuthType.SystemAssignedIdentity, linker.Data.AuthInfo.AuthType);
// get service linker configurations
SourceConfigurationResult configurations = await linker.GetConfigurationsAsync();
foreach (var configuration in configurations.Configurations)
{
Assert.IsNotNull(configuration.Name);
Assert.IsNotNull(configuration.Value);
}
// delete service linker
var operation = await linker.DeleteAsync(WaitUntil.Completed);
Assert.IsTrue(operation.HasCompleted);
}