Пример #1
        //Azure Key Vault sample for managing key vaults -
        //   - Create a key vault
        //   - Authorize an application
        //   - Update a key vault
        //     - alter configurations
        //     - change permissions
        //   - Create another key vault
        //   - List key vaults
        //   - Delete a key vault.
        public static async Task RunSample(TokenCredential credential)
            string subscriptionId = Environment.GetEnvironmentVariable("AZURE_SUBSCRIPTION_ID");
            Guid   tenantId       = new Guid(Environment.GetEnvironmentVariable("AZURE_TENANT_ID"));
            // Please pre-define the Client's Object in Environment Variable settings
            string objectId   = Environment.GetEnvironmentVariable("AZURE_OBJECT_ID");
            string vaultName1 = Utilities.RandomResourceName("vault1", 20);
            string vaultName2 = Utilities.RandomResourceName("vault2", 20);
            string rgName     = Utilities.RandomResourceName("rgNEMV", 24);
            string region     = "eastus";

            var keyVaultManagementClient = new KeyVaultManagementClient(subscriptionId, credential);
            var vaults = keyVaultManagementClient.Vaults;

                await ResourceGroupHelper.CreateOrUpdateResourceGroup(rgName, region);

                // Create a key vault with empty access policy

                Utilities.Log("Creating a key vault...");

                var vaultProperties = new VaultProperties(tenantId, new Sku(SkuName.Standard))
                    AccessPolicies = new[] { new AccessPolicyEntry(tenantId, objectId, new Permissions()) }
                var vaultParameters = new VaultCreateOrUpdateParameters(region, vaultProperties);

                var rawResult = await vaults.StartCreateOrUpdateAsync(rgName, vaultName1, vaultParameters);

                var vault1 = (await rawResult.WaitForCompletionAsync()).Value;

                Utilities.Log("Created key vault");

                // Authorize an application

                Utilities.Log("Authorizing the application associated with the current service principal...");

                var permissions = new Permissions
                    Keys    = new KeyPermissions[] { new KeyPermissions("all") },
                    Secrets = new SecretPermissions[] { new SecretPermissions("get"), new SecretPermissions("list") },
                var accessPolicyEntry      = new AccessPolicyEntry(tenantId, objectId, permissions);
                var accessPolicyProperties = new VaultAccessPolicyProperties(new[] { accessPolicyEntry });
                var accessPolicyParameters = new VaultAccessPolicyParameters(accessPolicyProperties);

                await vaults.UpdateAccessPolicyAsync(rgName, vaultName1, AccessPolicyUpdateKind.Add, accessPolicyParameters);

                vault1 = (await vaults.GetAsync(rgName, vaultName1)).Value;

                Utilities.Log("Updated key vault");

                // Update a key vault

                Utilities.Log("Update a key vault to enable deployments and add permissions to the application...");

                permissions = new Permissions
                    Secrets = new SecretPermissions[] { new SecretPermissions("all") }
                accessPolicyEntry = new AccessPolicyEntry(tenantId, objectId, permissions);
                var vaultPatchProperties = new VaultPatchProperties
                    EnabledForDeployment         = true,
                    EnabledForTemplateDeployment = true,
                    AccessPolicies = new[] { accessPolicyEntry }
                var vaultPatchParameters = new VaultPatchParameters
                    Properties = vaultPatchProperties
                await vaults.UpdateAsync(rgName, vaultName1, vaultPatchParameters);

                vault1 = (await vaults.GetAsync(rgName, vaultName1)).Value;

                Utilities.Log("Updated key vault");
                // Print the network security group

                // Create another key vault

                Utilities.Log("Create another key vault");

                permissions = new Permissions
                    Keys    = new KeyPermissions[] { new KeyPermissions("list"), new KeyPermissions("get"), new KeyPermissions("decrypt") },
                    Secrets = new SecretPermissions[] { new SecretPermissions("get") },
                accessPolicyEntry = new AccessPolicyEntry(tenantId, objectId, permissions);
                vaultProperties   = new VaultProperties(tenantId, new Sku(SkuName.Standard))
                    AccessPolicies = new[] { accessPolicyEntry }
                vaultParameters = new VaultCreateOrUpdateParameters(region, vaultProperties);

                rawResult = await vaults.StartCreateOrUpdateAsync(rgName, vaultName2, vaultParameters);

                var vault2 = (await rawResult.WaitForCompletionAsync()).Value;

                Utilities.Log("Created key vault");
                // Print the network security group

                // List key vaults

                Utilities.Log("Listing key vaults...");

                foreach (var vault in (await vaults.ListByResourceGroupAsync(rgName).ToEnumerableAsync()))

                // Delete key vaults
                Utilities.Log("Deleting the key vaults");
                await vaults.DeleteAsync(rgName, vaultName1);

                await vaults.DeleteAsync(rgName, vaultName2);

                Utilities.Log("Deleted the key vaults");
                    await ResourceGroupHelper.DeleteResourceGroup(rgName);
                catch (NullReferenceException)
                    Utilities.Log("Did not create any resources in Azure. No clean up is necessary");
                catch (Exception ex)
        public async Task <Response <VaultData> > UpdateAsync(string resourceGroupName, string vaultName, IDictionary <string, string> tags = null, VaultPatchProperties properties = null, CancellationToken cancellationToken = default)
            if (resourceGroupName == null)
                throw new ArgumentNullException(nameof(resourceGroupName));
            if (vaultName == null)
                throw new ArgumentNullException(nameof(vaultName));

            using var message = CreateUpdateRequest(resourceGroupName, vaultName, tags, properties);
            await _pipeline.SendAsync(message, cancellationToken).ConfigureAwait(false);

            switch (message.Response.Status)
            case 200:
            case 201:
                VaultData value = default;
                using var document = await JsonDocument.ParseAsync(message.Response.ContentStream, default, cancellationToken).ConfigureAwait(false);

                value = VaultData.DeserializeVaultData(document.RootElement);
                return(Response.FromValue(value, message.Response));
Пример #3
 public virtual Response <Vault> Update(IDictionary <string, string> tags = null, VaultPatchProperties properties = null, CancellationToken cancellationToken = default)
     using var scope = _clientDiagnostics.CreateScope("Vault.Update");
         var response = _restClient.Update(Id.ResourceGroupName, Id.Name, tags, properties, cancellationToken);
         return(Response.FromValue(new Vault(this, response.Value), response.GetRawResponse()));
     catch (Exception e)
        internal HttpMessage CreateUpdateRequest(string resourceGroupName, string vaultName, IDictionary <string, string> tags, VaultPatchProperties properties)
            var message = _pipeline.CreateMessage();
            var request = message.Request;

            request.Method = RequestMethod.Patch;
            var uri = new RawRequestUriBuilder();

            uri.AppendPath("/subscriptions/", false);
            uri.AppendPath(subscriptionId, true);
            uri.AppendPath("/resourceGroups/", false);
            uri.AppendPath(resourceGroupName, true);
            uri.AppendPath("/providers/Microsoft.KeyVault/vaults/", false);
            uri.AppendPath(vaultName, true);
            uri.AppendQuery("api-version", apiVersion, true);
            request.Uri = uri;
            request.Headers.Add("Accept", "application/json");
            request.Headers.Add("Content-Type", "application/json");
            VaultPatchParameters vaultPatchParameters = new VaultPatchParameters()
                Properties = properties

            if (tags != null)
                foreach (var value in tags)
            var model   = vaultPatchParameters;
            var content = new Utf8JsonRequestContent();

            request.Content = content;
            message.SetProperty("UserAgentOverride", _userAgent);