/// <summary> /// Create a new vault /// </summary> /// <param name="parameters">vault creation parameters</param> /// <param name="adClient">the active directory client</param> /// <returns></returns> public PSVault CreateNewVault(VaultCreationParameters parameters, ActiveDirectoryClient adClient = null) { if (parameters == null) { throw new ArgumentNullException("parameters"); } if (string.IsNullOrWhiteSpace(parameters.VaultName)) { throw new ArgumentNullException("parameters.VaultName"); } if (string.IsNullOrWhiteSpace(parameters.ResourceGroupName)) { throw new ArgumentNullException("parameters.ResourceGroupName"); } if (string.IsNullOrWhiteSpace(parameters.Location)) { throw new ArgumentNullException("parameters.Location"); } if (string.IsNullOrWhiteSpace(parameters.SkuName)) { throw new ArgumentNullException("parameters.SkuName"); } if (string.IsNullOrWhiteSpace(parameters.SkuFamilyName)) { throw new ArgumentNullException("parameters.SkuFamilyName"); } if (parameters.TenantId == null || parameters.TenantId == Guid.Empty) { throw new ArgumentException("parameters.TenantId"); } var response = this.KeyVaultManagementClient.Vaults.CreateOrUpdate( resourceGroupName: parameters.ResourceGroupName, vaultName: parameters.VaultName, parameters: new VaultCreateOrUpdateParameters() { Location = parameters.Location, Tags = TagsConversionHelper.CreateTagDictionary(parameters.Tags, validate: true), Properties = new VaultProperties { Sku = new Sku { Family = parameters.SkuFamilyName, Name = parameters.SkuName }, EnabledForDeployment = parameters.EnabledForDeployment, EnabledForTemplateDeployment = parameters.EnabledForTemplateDeployment, EnabledForDiskEncryption = parameters.EnabledForDiskEncryption, TenantId = parameters.TenantId, VaultUri = "", AccessPolicies = (parameters.AccessPolicy != null) ? new[] { parameters.AccessPolicy } : new AccessPolicyEntry[] { } } }); return(new PSVault(response.Vault, adClient)); }
/// <summary> /// Create a new vault /// </summary> /// <param name="parameters">vault creation parameters</param> /// <param name="adClient">the active directory client</param> /// <returns></returns> public PSVault CreateNewVault(VaultCreationParameters parameters, ActiveDirectoryClient adClient = null) { if (parameters == null) throw new ArgumentNullException("parameters"); if (string.IsNullOrWhiteSpace(parameters.VaultName)) throw new ArgumentNullException("parameters.VaultName"); if (string.IsNullOrWhiteSpace(parameters.ResourceGroupName)) throw new ArgumentNullException("parameters.ResourceGroupName"); if (string.IsNullOrWhiteSpace(parameters.Location)) throw new ArgumentNullException("parameters.Location"); if (string.IsNullOrWhiteSpace(parameters.SkuName)) throw new ArgumentNullException("parameters.SkuName"); if (string.IsNullOrWhiteSpace(parameters.SkuFamilyName)) throw new ArgumentNullException("parameters.SkuFamilyName"); if (parameters.TenantId == null || parameters.TenantId == Guid.Empty) throw new ArgumentException("parameters.TenantId"); if (parameters.ObjectId == null || parameters.ObjectId == Guid.Empty) throw new ArgumentException("parameters.ObjectId"); var response = this.KeyVaultManagementClient.Vaults.CreateOrUpdate( resourceGroupName: parameters.ResourceGroupName, vaultName: parameters.VaultName, parameters: new VaultCreateOrUpdateParameters() { Location = parameters.Location, Tags = TagsConversionHelper.CreateTagDictionary(parameters.Tags, validate: true), Properties = new VaultProperties { Sku = new Sku { Family = parameters.SkuFamilyName, Name = parameters.SkuName }, EnabledForDeployment = parameters.EnabledForDeployment, EnabledForTemplateDeployment = parameters.EnabledForTemplateDeployment, EnabledForDiskEncryption = parameters.EnabledForDiskEncryption, TenantId = parameters.TenantId, VaultUri = "", AccessPolicies = new [] { new AccessPolicyEntry { TenantId = parameters.TenantId, ObjectId = parameters.ObjectId, PermissionsToKeys = parameters.PermissionsToKeys, PermissionsToSecrets = parameters.PermissionsToSecrets } } } } ); return new PSVault(response.Vault, adClient); }
/// <summary> /// Create a new vault /// </summary> /// <param name="parameters">vault creation parameters</param> /// <param name="adClient">the active directory client</param> /// <returns></returns> public PSKeyVault CreateNewVault(VaultCreationParameters parameters, ActiveDirectoryClient adClient = null) { if (parameters == null) { throw new ArgumentNullException("parameters"); } if (string.IsNullOrWhiteSpace(parameters.VaultName)) { throw new ArgumentNullException("parameters.VaultName"); } if (string.IsNullOrWhiteSpace(parameters.ResourceGroupName)) { throw new ArgumentNullException("parameters.ResourceGroupName"); } if (string.IsNullOrWhiteSpace(parameters.Location)) { throw new ArgumentNullException("parameters.Location"); } var properties = new VaultProperties(); if (parameters.CreateMode != CreateMode.Recover) { if (string.IsNullOrWhiteSpace(parameters.SkuFamilyName)) { throw new ArgumentNullException("parameters.SkuFamilyName"); } if (parameters.TenantId == Guid.Empty) { throw new ArgumentException("parameters.TenantId"); } properties.Sku = new Sku { Name = parameters.SkuName, }; properties.EnabledForDeployment = parameters.EnabledForDeployment; properties.EnabledForTemplateDeployment = parameters.EnabledForTemplateDeployment; properties.EnabledForDiskEncryption = parameters.EnabledForDiskEncryption; properties.EnableSoftDelete = parameters.EnableSoftDelete.HasValue && parameters.EnableSoftDelete.Value ? true : (bool?)null; properties.EnablePurgeProtection = parameters.EnablePurgeProtection.HasValue && parameters.EnablePurgeProtection.Value ? true : (bool?)null; // properties.SoftDeleteRetentionInDays = parameters.SoftDeleteRetentionInDays; properties.TenantId = parameters.TenantId; properties.VaultUri = ""; properties.AccessPolicies = (parameters.AccessPolicy != null) ? new[] { parameters.AccessPolicy } : new AccessPolicyEntry[] { }; properties.NetworkAcls = parameters.NetworkAcls; } else { properties.CreateMode = CreateMode.Recover; } var response = KeyVaultManagementClient.Vaults.CreateOrUpdate( resourceGroupName: parameters.ResourceGroupName, vaultName: parameters.VaultName, parameters: new VaultCreateOrUpdateParameters { Location = parameters.Location, Tags = TagsConversionHelper.CreateTagDictionary(parameters.Tags, validate: true), Properties = properties }); return(new PSKeyVault(response, adClient)); }