[KeyVault] az keyvault recover: Support MHSM

src/azure-cli/azure/cli/command_modules/keyvault/_validators.py

@@ -16,7 +16,7 @@
 
 from azure.cli.core.commands.client_factory import get_mgmt_service_client
 from azure.cli.core.commands.validators import validate_tags
-from azure.cli.core.azclierror import InvalidArgumentValueError, RequiredArgumentMissingError
+from azure.cli.core.azclierror import RequiredArgumentMissingError
 
 
 secret_text_encoding_values = ['utf-8', 'utf-16le', 'utf-16be', 'ascii']
@@ -289,9 +289,6 @@ def validate_deleted_vault_or_hsm_name(cmd, ns):
     vault_name = getattr(ns, 'vault_name', None)
     hsm_name = getattr(ns, 'hsm_name', None)
 
-    if hsm_name and 'keyvault recover' in cmd.name:
-        raise InvalidArgumentValueError('Operation "recover" has not been supported for HSM.')
-
     if not vault_name and not hsm_name:
         raise CLIError('Please specify --vault-name or --hsm-name.')
 
@@ -312,19 +309,18 @@ def validate_deleted_vault_or_hsm_name(cmd, ns):
         if vault_name:
             id_comps = parse_resource_id(resource.properties.vault_id)
         else:
-            id_comps = parse_resource_id(resource.id)
+            id_comps = parse_resource_id(resource.properties.mhsm_id)
 
     # otherwise, iterate through deleted vaults to find one with a matching name
     else:
         for v in client.list_deleted():
             if vault_name:
                 id_comps = parse_resource_id(v.properties.vault_id)
             else:
-                id_comps = parse_resource_id(v.id)
+                id_comps = parse_resource_id(v.properties.mhsm_id)
             if id_comps['name'].lower() == resource_name.lower():
                 resource = v
-                ns.location = resource.properties.location if vault_name \
-                    else resource.additional_properties.get('location')
+                ns.location = resource.properties.location
                 break
 
     # if the vault was not found, throw an error

src/azure-cli/azure/cli/command_modules/keyvault/custom.py

@@ -405,16 +405,17 @@ def recover_hsm(cmd, client, hsm_name, resource_group_name, location, no_wait=Fa
 
     ManagedHsm = cmd.get_models('ManagedHsm', resource_type=ResourceType.MGMT_KEYVAULT)
     ManagedHsmSku = cmd.get_models('ManagedHsmSku', resource_type=ResourceType.MGMT_KEYVAULT)
-    CreateMode = cmd.get_models('CreateMode', resource_type=ResourceType.MGMT_KEYVAULT)
 
     # tenantId and sku shouldn't be required
     profile = Profile(cli_ctx=cmd.cli_ctx)
     _, _, tenant_id = profile.get_login_credentials(
         resource=cmd.cli_ctx.cloud.endpoints.active_directory_graph_resource_id)
 
+    # Use 'Recover' as 'create_mode' temporarily since it's a bug from service side making 'create_mode' case-sensitive
+    # Will change it back to CreateMode.recover.value('recover') from SDK definition after service fix
     parameters = ManagedHsm(location=location,
                             sku=ManagedHsmSku(name='Standard_B1', family='B'),
-                            properties={'tenant_id': tenant_id, 'create_mode': CreateMode.recover.value})
+                            properties={'tenant_id': tenant_id, 'create_mode': 'Recover'})
 
     return sdk_no_wait(
         no_wait, client.begin_create_or_update,