public void CreateKeyVaultDisableSoftDelete()
{
using (MockContext context = MockContext.Start(this.GetType()))
{
var testBase = new KeyVaultTestBase(context);
testBase.accPol.ApplicationId = Guid.Parse(testBase.applicationId);
testBase.vaultProperties.EnableSoftDelete = false; // <-- disable soft delete
var vault = testBase.client.Vaults.CreateOrUpdate(
resourceGroupName: testBase.rgName,
vaultName: testBase.vaultName,
parameters: new VaultCreateOrUpdateParameters
{
Location = testBase.location,
Tags = testBase.tags,
Properties = testBase.vaultProperties
}
);
Assert.False(vault.Properties.EnableSoftDelete);
// Delete
testBase.client.Vaults.Delete(
resourceGroupName: testBase.rgName,
vaultName: testBase.vaultName);
}
}
public void KeyVaultManagementListDeletedVaults()
{
int n = 3;
using (MockContext context = MockContext.Start(this.GetType()))
{
var testBase = new KeyVaultTestBase(context);
List <string> resourceIds = new List <string>();
List <string> vaultNameList = new List <string>();
for (int i = 0; i < n; i++)
{
string vaultName = TestUtilities.GenerateName("sdktestvault");
var createdVault = testBase.client.Vaults.CreateOrUpdate(
resourceGroupName: testBase.rgName,
vaultName: vaultName,
parameters: new VaultCreateOrUpdateParameters
{
Location = testBase.location,
Tags = testBase.tags,
Properties = testBase.vaultProperties
}
);
Assert.NotNull(createdVault);
Assert.NotNull(createdVault.Id);
resourceIds.Add(createdVault.Id);
vaultNameList.Add(createdVault.Name);
testBase.client.Vaults.Delete(resourceGroupName: testBase.rgName, vaultName: vaultName);
var deletedVault = testBase.client.Vaults.GetDeleted(vaultName, testBase.location);
deletedVault.IsEqual(createdVault);
}
var deletedVaults = testBase.client.Vaults.ListDeleted();
Assert.NotNull(deletedVaults);
foreach (var v in deletedVaults)
{
var exists = resourceIds.Remove(v.Properties.VaultId);
if (exists)
{
// Purge vault
testBase.client.Vaults.PurgeDeleted(v.Name, testBase.location);
Assert.Throws <CloudException>(() => testBase.client.Vaults.GetDeleted(v.Name, testBase.location));
}
}
while (deletedVaults.NextPageLink != null)
{
deletedVaults = testBase.client.Vaults.ListDeletedNext(deletedVaults.NextPageLink);
Assert.NotNull(deletedVaults);
foreach (var v in deletedVaults)
{
var exists = resourceIds.Remove(v.Id);
if (exists)
{
// Purge vault
testBase.client.Vaults.PurgeDeleted(v.Name, testBase.location);
Assert.Throws <CloudException>(() => testBase.client.Vaults.GetDeleted(v.Name, testBase.location));
}
}
if (resourceIds.Count == 0)
{
break;
}
}
Assert.True(resourceIds.Count == 0);
}
}
public void KeyVaultManagementRecoverDeletedVault()
{
using (MockContext context = MockContext.Start(this.GetType()))
{
var testBase = new KeyVaultTestBase(context);
var createdVault = testBase.client.Vaults.CreateOrUpdate(
resourceGroupName: testBase.rgName,
vaultName: testBase.vaultName,
parameters: new VaultCreateOrUpdateParameters
{
Location = testBase.location,
Tags = testBase.tags,
Properties = testBase.vaultProperties
}
);
// Delete
testBase.client.Vaults.Delete(
resourceGroupName: testBase.rgName,
vaultName: testBase.vaultName);
// Get deleted vault
Assert.Throws <CloudException>(() =>
{
testBase.client.Vaults.Get(
resourceGroupName: testBase.rgName,
vaultName: testBase.vaultName);
});
// Recover in default mode
var recoveredVault = testBase.client.Vaults.CreateOrUpdate(
resourceGroupName: testBase.rgName,
vaultName: testBase.vaultName,
parameters: new VaultCreateOrUpdateParameters
{
Location = testBase.location,
Tags = testBase.tags,
Properties = testBase.vaultProperties
}
);
Assert.True(recoveredVault.IsEqual(createdVault));
// Get recovered vault
testBase.client.Vaults.Get(
resourceGroupName: testBase.rgName,
vaultName: testBase.vaultName);
// Delete
testBase.client.Vaults.Delete(
resourceGroupName: testBase.rgName,
vaultName: testBase.vaultName);
// Recover in recover mode
var recoveredVault2 = testBase.client.Vaults.CreateOrUpdate(
resourceGroupName: testBase.rgName,
vaultName: testBase.vaultName,
parameters: new VaultCreateOrUpdateParameters
{
Location = testBase.location,
Tags = testBase.tags,
Properties = new VaultProperties
{
CreateMode = CreateMode.Recover
}
}
);
Assert.True(recoveredVault2.IsEqual(createdVault));
// Get recovered vault
testBase.client.Vaults.Get(
resourceGroupName: testBase.rgName,
vaultName: testBase.vaultName);
// Delete
testBase.client.Vaults.Delete(
resourceGroupName: testBase.rgName,
vaultName: testBase.vaultName);
}
}
public void KeyVaultManagementListVaults()
{
int n = 3;
int top = 2;
using (MockContext context = MockContext.Start(this.GetType()))
{
var testBase = new KeyVaultTestBase(context);
testBase.vaultProperties.EnableSoftDelete = null;
List <string> resourceIds = new List <string>();
List <string> vaultNameList = new List <string>();
for (int i = 0; i < n; i++)
{
string vaultName = TestUtilities.GenerateName("sdktestvault");
var createdVault = testBase.client.Vaults.CreateOrUpdate(
resourceGroupName: testBase.rgName,
vaultName: vaultName,
parameters: new VaultCreateOrUpdateParameters
{
Location = testBase.location,
Tags = testBase.tags,
Properties = testBase.vaultProperties
}
);
Assert.NotNull(createdVault);
Assert.NotNull(createdVault.Id);
resourceIds.Add(createdVault.Id);
vaultNameList.Add(createdVault.Name);
}
var vaults = testBase.client.Vaults.ListByResourceGroup(testBase.rgName, top);
Assert.NotNull(vaults);
foreach (var v in vaults)
{
Assert.True(resourceIds.Remove(v.Id));
}
while (vaults.NextPageLink != null)
{
vaults = testBase.client.Vaults.ListByResourceGroupNext(vaults.NextPageLink);
Assert.NotNull(vaults);
foreach (var v in vaults)
{
Assert.True(resourceIds.Remove(v.Id));
}
}
Assert.True(resourceIds.Count == 0);
var allVaults = testBase.client.Vaults.List(top);
Assert.NotNull(vaults);
// Delete
foreach (var v in vaultNameList)
{
testBase.client.Vaults.Delete(resourceGroupName: testBase.rgName, vaultName: v);
}
}
}
public void KeyVaultManagementVaultCreateUpdateDelete()
{
using (MockContext context = MockContext.Start(this.GetType()))
{
var testBase = new KeyVaultTestBase(context);
testBase.vaultProperties.EnableSoftDelete = null;
var createdVault = testBase.client.Vaults.CreateOrUpdate(
resourceGroupName: testBase.rgName,
vaultName: testBase.vaultName,
parameters: new VaultCreateOrUpdateParameters
{
Location = testBase.location,
Tags = testBase.tags,
Properties = testBase.vaultProperties
}
);
ValidateVault(createdVault,
testBase.vaultName,
testBase.rgName,
testBase.subscriptionId,
testBase.tenantIdGuid,
testBase.location,
"A",
SkuName.Standard,
true,
true,
true,
true, // enableSoftDelete defaults to true
new[] { testBase.accPol },
testBase.vaultProperties.NetworkAcls,
testBase.tags);
//Update
createdVault.Properties.Sku.Name = SkuName.Premium;
testBase.accPol.Permissions.Secrets = new string[] { "get", "set" };
testBase.accPol.Permissions.Keys = null;
testBase.accPol.Permissions.Storage = new string[] { "get", "regenerateKey" };
createdVault.Properties.AccessPolicies = new[] { testBase.accPol };
var updateVault = testBase.client.Vaults.CreateOrUpdate(
resourceGroupName: testBase.rgName,
vaultName: testBase.vaultName,
parameters: new VaultCreateOrUpdateParameters
{
Location = testBase.location,
Tags = testBase.tags,
Properties = createdVault.Properties
}
);
ValidateVault(updateVault,
testBase.vaultName,
testBase.rgName,
testBase.subscriptionId,
testBase.tenantIdGuid,
testBase.location,
"A",
SkuName.Premium,
true,
true,
true,
true,
new[] { testBase.accPol },
testBase.vaultProperties.NetworkAcls,
testBase.tags);
var retrievedVault = testBase.client.Vaults.Get(
resourceGroupName: testBase.rgName,
vaultName: testBase.vaultName);
ValidateVault(retrievedVault,
testBase.vaultName,
testBase.rgName,
testBase.subscriptionId,
testBase.tenantIdGuid,
testBase.location,
"A",
SkuName.Premium,
true,
true,
true,
true,
new[] { testBase.accPol },
testBase.vaultProperties.NetworkAcls,
testBase.tags);
// Delete
testBase.client.Vaults.Delete(
resourceGroupName: testBase.rgName,
vaultName: testBase.vaultName);
Assert.Throws <CloudException>(() =>
{
testBase.client.Vaults.Get(
resourceGroupName: testBase.rgName,
vaultName: testBase.vaultName);
});
}
}
public void KeyVaultManagementVaultTestCompoundIdentityAccessControlPolicy()
{
using (MockContext context = MockContext.Start(this.GetType()))
{
var testBase = new KeyVaultTestBase(context);
testBase.accPol.ApplicationId = Guid.Parse(testBase.applicationId);
testBase.vaultProperties.EnableSoftDelete = null;
var createVault = testBase.client.Vaults.CreateOrUpdate(
resourceGroupName: testBase.rgName,
vaultName: testBase.vaultName,
parameters: new VaultCreateOrUpdateParameters
{
Location = testBase.location,
Tags = testBase.tags,
Properties = testBase.vaultProperties
}
);
ValidateVault(createVault,
testBase.vaultName,
testBase.rgName,
testBase.subscriptionId,
testBase.tenantIdGuid,
testBase.location,
"A",
SkuName.Standard,
true,
true,
true,
true,
new[] { testBase.accPol },
testBase.tags);
// Get
var retrievedVault = testBase.client.Vaults.Get(
resourceGroupName: testBase.rgName,
vaultName: testBase.vaultName);
ValidateVault(retrievedVault,
testBase.vaultName,
testBase.rgName,
testBase.subscriptionId,
testBase.tenantIdGuid,
testBase.location,
"A",
SkuName.Standard,
true,
true,
true,
true,
new[] { testBase.accPol },
testBase.tags);
// Delete
testBase.client.Vaults.Delete(
resourceGroupName: testBase.rgName,
vaultName: testBase.vaultName);
Assert.Throws <CloudException>(() =>
{
testBase.client.Vaults.Get(
resourceGroupName: testBase.rgName,
vaultName: testBase.vaultName);
});
}
}
public void KeyVaultManagementListVaults()
{
int n = 3;
int top = 2;
using (var undoContext = UndoContext.Current)
{
undoContext.Start();
var testBase = new KeyVaultTestBase();
var client = testBase.client;
string rgName = TestUtilities.GenerateName("sdktestrg");
var tenantIdGuid = Guid.Parse(testBase.tenantId);
var objectIdGuid = Guid.Parse(testBase.objectId);
var tags = new Dictionary <string, string> {
{ "tag1", "value1" }, { "tag2", "value2" }, { "tag3", "value3" }
};
testBase.resourcesClient.ResourceGroups.CreateOrUpdate(rgName, new ResourceGroup {
Location = testBase.location
});
List <string> resourceIds = new List <string>();
for (int i = 0; i < n; i++)
{
string vaultName = TestUtilities.GenerateName("sdktestvault");
var createResponse = client.Vaults.CreateOrUpdate(
resourceGroupName: rgName,
vaultName: vaultName,
parameters: new VaultCreateOrUpdateParameters
{
Location = testBase.location,
Tags = tags,
Properties = new VaultProperties
{
EnabledForDeployment = true,
Sku = new Sku {
Family = "A", Name = "Standard"
},
TenantId = tenantIdGuid,
VaultUri = "",
AccessPolicies = new[]
{
new AccessPolicyEntry
{
TenantId = tenantIdGuid,
ObjectId = objectIdGuid,
PermissionsToKeys = new string[] { "all" },
PermissionsToSecrets = new string[] { "all" }
}
}
}
}
);
Assert.NotNull(createResponse);
Assert.True(createResponse.StatusCode == HttpStatusCode.OK);
Assert.NotNull(createResponse.Vault);
Assert.NotNull(createResponse.Vault.Id);
resourceIds.Add(createResponse.Vault.Id);
}
var listResponse = client.Vaults.List(rgName, top);
Assert.Equal(HttpStatusCode.OK, listResponse.StatusCode);
Assert.NotNull(listResponse);
Assert.NotNull(listResponse.Vaults);
foreach (var v in listResponse.Vaults)
{
Assert.True(resourceIds.Remove(v.Id));
}
while (listResponse.NextLink != null)
{
listResponse = client.Vaults.ListNext(listResponse.NextLink);
Assert.Equal(HttpStatusCode.OK, listResponse.StatusCode);
Assert.NotNull(listResponse);
foreach (var v in listResponse.Vaults)
{
Assert.True(resourceIds.Remove(v.Id));
}
}
Assert.True(resourceIds.Count == 0);
}
}
public void KeyVaultManagementVaultCreateUpdateDelete()
{
using (var undoContext = UndoContext.Current)
{
undoContext.Start();
var testBase = new KeyVaultTestBase();
var client = testBase.client;
string rgName = TestUtilities.GenerateName("sdktestrg");
testBase.resourcesClient.ResourceGroups.CreateOrUpdate(rgName, new ResourceGroup {
Location = testBase.location
});
string vaultName = TestUtilities.GenerateName("sdktestvault");
var tenantIdGuid = Guid.Parse(testBase.tenantId);
var objectIdGuid = Guid.Parse(testBase.objectId);
var tags = new Dictionary <string, string> {
{ "tag1", "value1" }, { "tag2", "value2" }, { "tag3", "value3" }
};
var accPol = new AccessPolicyEntry
{
TenantId = tenantIdGuid,
ObjectId = objectIdGuid,
PermissionsToKeys = new string[] { "all" },
PermissionsToSecrets = null
};
var createResponse = client.Vaults.CreateOrUpdate(
resourceGroupName: rgName,
vaultName: vaultName,
parameters: new VaultCreateOrUpdateParameters
{
Location = testBase.location,
Tags = tags,
Properties = new VaultProperties
{
EnabledForDeployment = true,
Sku = new Sku {
Family = "A", Name = "Standard"
},
TenantId = tenantIdGuid,
VaultUri = "",
AccessPolicies = new[]
{
accPol
}
}
}
);
ValidateVaultGetResponse(createResponse,
vaultName,
rgName,
testBase.subscriptionId,
tenantIdGuid,
testBase.location,
"A",
"Standard",
true,
new[] { accPol },
tags);
//Update
createResponse.Vault.Properties.Sku.Name = "Premium";
accPol.PermissionsToSecrets = new string[] { "get", "set" };
accPol.PermissionsToKeys = null;
createResponse.Vault.Properties.AccessPolicies = new[] { accPol };
var updateResponse = client.Vaults.CreateOrUpdate(
resourceGroupName: rgName,
vaultName: vaultName,
parameters: new VaultCreateOrUpdateParameters
{
Location = testBase.location,
Tags = tags,
Properties = createResponse.Vault.Properties
}
);
ValidateVaultGetResponse(updateResponse,
vaultName,
rgName,
testBase.subscriptionId,
tenantIdGuid,
testBase.location,
"A",
"Premium",
true,
new[] { accPol },
tags);
var getResponse = client.Vaults.Get(
resourceGroupName: rgName,
vaultName: vaultName);
ValidateVaultGetResponse(getResponse,
vaultName,
rgName,
testBase.subscriptionId,
tenantIdGuid,
testBase.location,
"A",
"Premium",
true,
new[] { accPol },
tags);
// Delete
var deleteResponse = client.Vaults.Delete(
resourceGroupName: rgName,
vaultName: vaultName);
Assert.Throws <CloudException>(() =>
{
client.Vaults.Get(
resourceGroupName: rgName,
vaultName: vaultName);
});
}
}
public void KeyVaultManagementListVaults()
{
int n = 3;
int top = 2;
using (MockContext context = MockContext.Start(this.GetType().FullName))
{
var testBase = new KeyVaultTestBase(context);
var client = testBase.client;
string rgName = TestUtilities.GenerateName("sdktestrg");
var tenantIdGuid = Guid.Parse(testBase.tenantId);
var objectIdGuid = Guid.Parse(testBase.objectId);
var tags = new Dictionary <string, string> {
{ "tag1", "value1" }, { "tag2", "value2" }, { "tag3", "value3" }
};
testBase.resourcesClient.ResourceGroups.CreateOrUpdate(rgName, new ResourceGroup {
Location = testBase.location
});
List <string> resourceIds = new List <string>();
List <string> vaultNameList = new List <string>();
for (int i = 0; i < n; i++)
{
string vaultName = TestUtilities.GenerateName("sdktestvault");
var createdVault = client.Vaults.CreateOrUpdate(
resourceGroupName: rgName,
vaultName: vaultName,
parameters: new VaultCreateOrUpdateParameters
{
Location = testBase.location,
Tags = tags,
Properties = new VaultProperties
{
EnabledForDeployment = true,
EnabledForDiskEncryption = true,
EnabledForTemplateDeployment = true,
Sku = new Microsoft.Azure.Management.KeyVault.Models.Sku {
Name = SkuName.Standard
},
TenantId = tenantIdGuid,
VaultUri = "",
AccessPolicies = new[]
{
new AccessPolicyEntry
{
TenantId = tenantIdGuid,
ObjectId = objectIdGuid,
Permissions = new Permissions {
Keys = new string[] { "all" },
Secrets = new string[] { "all" },
Certificates = new string[] { "all" }
}
}
}
}
}
);
Assert.NotNull(createdVault);
Assert.NotNull(createdVault.Id);
resourceIds.Add(createdVault.Id);
vaultNameList.Add(createdVault.Name);
}
var vaults = client.Vaults.ListByResourceGroup(rgName, top);
Assert.NotNull(vaults);
foreach (var v in vaults)
{
Assert.True(resourceIds.Remove(v.Id));
}
while (vaults.NextPageLink != null)
{
vaults = client.Vaults.ListNext(vaults.NextPageLink);
Assert.NotNull(vaults);
foreach (var v in vaults)
{
Assert.True(resourceIds.Remove(v.Id));
}
}
Assert.True(resourceIds.Count == 0);
var allVaults = client.Vaults.List(top);
Assert.NotNull(vaults);
// Delete
foreach (var v in vaultNameList)
{
client.Vaults.Delete(resourceGroupName: rgName, vaultName: v);
}
}
}
public void KeyVaultManagementVaultCreateUpdateDelete()
{
using (MockContext context = MockContext.Start(this.GetType().FullName))
{
var testBase = new KeyVaultTestBase(context);
var client = testBase.client;
string rgName = TestUtilities.GenerateName("sdktestrg");
testBase.resourcesClient.ResourceGroups.CreateOrUpdate(rgName, new ResourceGroup {
Location = testBase.location
});
string vaultName = TestUtilities.GenerateName("sdktestvault");
var tenantIdGuid = Guid.Parse(testBase.tenantId);
var objectIdGuid = Guid.Parse(testBase.objectId);
var tags = new Dictionary <string, string> {
{ "tag1", "value1" }, { "tag2", "value2" }, { "tag3", "value3" }
};
var accPol = new AccessPolicyEntry
{
TenantId = tenantIdGuid,
ObjectId = objectIdGuid,
Permissions = new Permissions
{
Keys = new string[] { "all" },
Secrets = null,
Certificates = new string[] { "all" }
}
};
var createdVault = client.Vaults.CreateOrUpdate(
resourceGroupName: rgName,
vaultName: vaultName,
parameters: new VaultCreateOrUpdateParameters
{
Location = testBase.location,
Tags = tags,
Properties = new VaultProperties
{
EnabledForDeployment = true,
EnabledForDiskEncryption = true,
EnabledForTemplateDeployment = true,
Sku = new Microsoft.Azure.Management.KeyVault.Models.Sku {
Name = SkuName.Standard
},
TenantId = tenantIdGuid,
VaultUri = "",
AccessPolicies = new[]
{
accPol
}
}
}
);
ValidateVault(createdVault,
vaultName,
rgName,
testBase.subscriptionId,
tenantIdGuid,
testBase.location,
"A",
SkuName.Standard,
true,
true,
true,
new[] { accPol },
tags);
//Update
createdVault.Properties.Sku.Name = SkuName.Premium;
accPol.Permissions.Secrets = new string[] { "get", "set" };
accPol.Permissions.Keys = null;
createdVault.Properties.AccessPolicies = new[] { accPol };
var updateVault = client.Vaults.CreateOrUpdate(
resourceGroupName: rgName,
vaultName: vaultName,
parameters: new VaultCreateOrUpdateParameters
{
Location = testBase.location,
Tags = tags,
Properties = createdVault.Properties
}
);
ValidateVault(updateVault,
vaultName,
rgName,
testBase.subscriptionId,
tenantIdGuid,
testBase.location,
"A",
SkuName.Premium,
true,
true,
true,
new[] { accPol },
tags);
var retrievedVault = client.Vaults.Get(
resourceGroupName: rgName,
vaultName: vaultName);
ValidateVault(retrievedVault,
vaultName,
rgName,
testBase.subscriptionId,
tenantIdGuid,
testBase.location,
"A",
SkuName.Premium,
true,
true,
true,
new[] { accPol },
tags);
// Delete
client.Vaults.Delete(
resourceGroupName: rgName,
vaultName: vaultName);
Assert.Throws <CloudException>(() =>
{
client.Vaults.Get(
resourceGroupName: rgName,
vaultName: vaultName);
});
}
}
