diff --git a/sdk/keyvault/azkeys/CHANGELOG.md b/sdk/keyvault/azkeys/CHANGELOG.md index 111c2b12e1c8..99de24f2db86 100644 --- a/sdk/keyvault/azkeys/CHANGELOG.md +++ b/sdk/keyvault/azkeys/CHANGELOG.md @@ -3,8 +3,15 @@ ## 0.3.1 (Unreleased) ### Features Added +* Adds the `ReleasePolicy` parameter to the `UpdateKeyPropertiesOptions` struct. +* Adds the `Immutable` boolean to the `KeyReleasePolicy` model. ### Breaking Changes +* Changed the `Data` to `EncodedPolicy` on the `KeyReleasePolicy` struct. +* Changed the `Tags` properties from `map[string]*string` to `map[string]string`. +* Changed the `Updated`, `Created`, and `Expires` properties to `UpdatedOn`, `CreatedOn`, and `ExpiresOn`. +* Renamed `JSONWebKeyOperation` to `KeyOperation`. +* Renamed `JSONWebKeyCurveName` to `KeyCurveName` ### Bugs Fixed diff --git a/sdk/keyvault/azkeys/autorest.md b/sdk/keyvault/azkeys/autorest.md index e530df9fc0ae..3c65d9af8d39 100644 --- a/sdk/keyvault/azkeys/autorest.md +++ b/sdk/keyvault/azkeys/autorest.md @@ -6,10 +6,10 @@ These settings apply only when `--go` is specified on the command line. go: true version: "^3.0.0" input-file: -- https://github.com/Azure/azure-rest-api-specs/blob/ecdce42924ed0f7e60a32c74bc0eb674ca6d4aae/specification/keyvault/data-plane/Microsoft.KeyVault/preview/7.3-preview/common.json -- https://github.com/Azure/azure-rest-api-specs/blob/ecdce42924ed0f7e60a32c74bc0eb674ca6d4aae/specification/keyvault/data-plane/Microsoft.KeyVault/preview/7.3-preview/keys.json -- https://github.com/Azure/azure-rest-api-specs/blob/ecdce42924ed0f7e60a32c74bc0eb674ca6d4aae/specification/keyvault/data-plane/Microsoft.KeyVault/preview/7.3-preview/rbac.json -- https://github.com/Azure/azure-rest-api-specs/blob/ecdce42924ed0f7e60a32c74bc0eb674ca6d4aae/specification/keyvault/data-plane/Microsoft.KeyVault/preview/7.3-preview/securitydomain.json +- https://github.com/Azure/azure-rest-api-specs/blob/8a061f1e9031450b9eb5546d242f2a28c93eaa69/specification/keyvault/data-plane/Microsoft.KeyVault/preview/7.3-preview/common.json +- https://github.com/Azure/azure-rest-api-specs/blob/8a061f1e9031450b9eb5546d242f2a28c93eaa69/specification/keyvault/data-plane/Microsoft.KeyVault/preview/7.3-preview/keys.json +- https://github.com/Azure/azure-rest-api-specs/blob/8a061f1e9031450b9eb5546d242f2a28c93eaa69/specification/keyvault/data-plane/Microsoft.KeyVault/preview/7.3-preview/rbac.json +- https://github.com/Azure/azure-rest-api-specs/blob/8a061f1e9031450b9eb5546d242f2a28c93eaa69/specification/keyvault/data-plane/Microsoft.KeyVault/preview/7.3-preview/securitydomain.json license-header: MICROSOFT_MIT_NO_VERSION clear-output-folder: true output-folder: internal/generated @@ -18,6 +18,6 @@ openapi-type: "data-plane" security: "AADToken" security-scopes: "https://vault.azure.net/.default" use: "@autorest/go@4.0.0-preview.35" -module-version: 0.1.0 +module-version: 0.3.0 export-clients: true ``` diff --git a/sdk/keyvault/azkeys/client.go b/sdk/keyvault/azkeys/client.go index 1618f7f74ae1..6824bbfdf5d6 100644 --- a/sdk/keyvault/azkeys/client.go +++ b/sdk/keyvault/azkeys/client.go @@ -68,12 +68,12 @@ func NewClient(vaultUrl string, credential azcore.TokenCredential, options *Clie // CreateKeyOptions contains the optional parameters for the KeyVaultClient.CreateKey method. type CreateKeyOptions struct { - // Elliptic curve name. For valid values, see JsonWebKeyCurveName. - Curve *JSONWebKeyCurveName `json:"crv,omitempty"` + // Elliptic curve name. For valid values, see KeyCurveName. + Curve *KeyCurveName `json:"crv,omitempty"` // The attributes of a key managed by the key vault service. - KeyAttributes *KeyAttributes `json:"attributes,omitempty"` - KeyOps []*JSONWebKeyOperation `json:"key_ops,omitempty"` + KeyAttributes *KeyAttributes `json:"attributes,omitempty"` + KeyOperations []*KeyOperation `json:"key_ops,omitempty"` // The key size in bits. For example: 2048, 3072, or 4096 for RSA. KeySize *int32 `json:"key_size,omitempty"` @@ -98,8 +98,11 @@ func (c *CreateKeyOptions) toKeyCreateParameters(keyType KeyType) generated.KeyC } var ops []*generated.JSONWebKeyOperation - for _, o := range c.KeyOps { - ops = append(ops, (*generated.JSONWebKeyOperation)(o)) + if c.KeyOperations != nil { + ops = make([]*generated.JSONWebKeyOperation, len(c.KeyOperations)) + for i, o := range c.KeyOperations { + ops[i] = (*generated.JSONWebKeyOperation)(o) + } } return generated.KeyCreateParameters{ @@ -151,8 +154,8 @@ func (c *Client) CreateKey(ctx context.Context, name string, keyType KeyType, op // CreateECKeyOptions contains the optional parameters for the KeyVaultClient.CreateECKey method type CreateECKeyOptions struct { - // Elliptic curve name. For valid values, see JsonWebKeyCurveName. - CurveName *JSONWebKeyCurveName `json:"crv,omitempty"` + // Elliptic curve name. For valid values, see KeyCurveName. + CurveName *KeyCurveName `json:"crv,omitempty"` // Application specific metadata in the form of key-value pairs. Tags map[string]string `json:"tags,omitempty"` @@ -274,7 +277,7 @@ func (c *Client) CreateOCTKey(ctx context.Context, name string, options *CreateO // CreateRSAKeyOptions contains the optional parameters for the Client.CreateRSAKey method. type CreateRSAKeyOptions struct { // Hardware Protected OCT Key - HardwareProtected bool + HardwareProtected *bool // The key size in bits. For example: 2048, 3072, or 4096 for RSA. KeySize *int32 `json:"key_size,omitempty"` @@ -284,15 +287,36 @@ type CreateRSAKeyOptions struct { // Application specific metadata in the form of key-value pairs. Tags map[string]string `json:"tags,omitempty"` + + // Elliptic curve name. For valid values, see KeyCurveName. + Curve *KeyCurveName `json:"crv,omitempty"` + + // The attributes of a key managed by the key vault service. + KeyAttributes *KeyAttributes `json:"attributes,omitempty"` + KeyOperations []*KeyOperation `json:"key_ops,omitempty"` + + // The policy rules under which the key can be exported. + ReleasePolicy *KeyReleasePolicy `json:"release_policy,omitempty"` } // convert CreateRSAKeyOptions to generated.KeyCreateParameters func (c CreateRSAKeyOptions) toKeyCreateParameters(k KeyType) generated.KeyCreateParameters { + var keyOps []*generated.JSONWebKeyOperation + if c.KeyOperations != nil { + keyOps = make([]*generated.JSONWebKeyOperation, len(c.KeyOperations)) + for i, k := range c.KeyOperations { + keyOps[i] = (*generated.JSONWebKeyOperation)(k) + } + } return generated.KeyCreateParameters{ Kty: k.toGenerated(), + Curve: (*generated.JSONWebKeyCurveName)(c.Curve), KeySize: c.KeySize, PublicExponent: c.PublicExponent, Tags: convertToGeneratedMap(c.Tags), + KeyAttributes: c.KeyAttributes.toGenerated(), + KeyOps: keyOps, + ReleasePolicy: c.ReleasePolicy.toGenerated(), } } @@ -322,7 +346,7 @@ func createRSAKeyResponseFromGenerated(i generated.KeyVaultClientCreateKeyRespon func (c *Client) CreateRSAKey(ctx context.Context, name string, options *CreateRSAKeyOptions) (CreateRSAKeyResponse, error) { keyType := RSA - if options != nil && options.HardwareProtected { + if options != nil && options.HardwareProtected != nil && *options.HardwareProtected { keyType = RSAHSM } else if options == nil { options = &CreateRSAKeyOptions{} @@ -877,8 +901,11 @@ type UpdateKeyPropertiesOptions struct { // The attributes of a key managed by the key vault service. KeyAttributes *KeyAttributes `json:"attributes,omitempty"` - // Json web key operations. For more information on possible key operations, see JsonWebKeyOperation. - KeyOps []*JSONWebKeyOperation `json:"key_ops,omitempty"` + // Json web key operations. For more information on possible key operations, see KeyOperation. + KeyOps []*KeyOperation `json:"key_ops,omitempty"` + + // The policy rules under which the key can be exported. + ReleasePolicy *KeyReleasePolicy `json:"release_policy,omitempty"` // Application specific metadata in the form of key-value pairs. Tags map[string]string `json:"tags,omitempty"` @@ -892,13 +919,17 @@ func (u UpdateKeyPropertiesOptions) toKeyUpdateParameters() generated.KeyUpdateP } var ops []*generated.JSONWebKeyOperation - for _, o := range u.KeyOps { - ops = append(ops, (*generated.JSONWebKeyOperation)(o)) + if u.KeyOps != nil { + ops = make([]*generated.JSONWebKeyOperation, len(u.KeyOps)) + for i, o := range u.KeyOps { + ops[i] = (*generated.JSONWebKeyOperation)(o) + } } return generated.KeyUpdateParameters{ KeyOps: ops, KeyAttributes: attribs, + ReleasePolicy: u.ReleasePolicy.toGenerated(), Tags: convertToGeneratedMap(u.Tags), } } @@ -1393,9 +1424,9 @@ func (c *Client) ReleaseKey(ctx context.Context, name string, target string, opt name, options.Version, generated.KeyReleaseParameters{ - Target: &target, - Enc: (*generated.KeyEncryptionAlgorithm)(options.Enc), - Nonce: options.Nonce, + TargetAttestationToken: &target, + Enc: (*generated.KeyEncryptionAlgorithm)(options.Enc), + Nonce: options.Nonce, }, &generated.KeyVaultClientReleaseOptions{}, ) @@ -1430,11 +1461,10 @@ func (u UpdateKeyRotationPolicyOptions) toGenerated() generated.KeyRotationPolic attribs = u.Attributes.toGenerated() } var la []*generated.LifetimeActions - for _, l := range u.LifetimeActions { - if l == nil { - la = append(la, nil) - } else { - la = append(la, l.toGenerated()) + if la != nil { + la = make([]*generated.LifetimeActions, len(u.LifetimeActions)) + for i, l := range u.LifetimeActions { + la[i] = l.toGenerated() } } @@ -1448,6 +1478,7 @@ func (u UpdateKeyRotationPolicyOptions) toGenerated() generated.KeyRotationPolic // UpdateKeyRotationPolicyResponse contains the response for the Client.UpdateKeyRotationPolicy function type UpdateKeyRotationPolicyResponse struct { KeyRotationPolicy + // RawResponse contains the underlying HTTP response. RawResponse *http.Response } diff --git a/sdk/keyvault/azkeys/client_test.go b/sdk/keyvault/azkeys/client_test.go index 14da1978cc7b..8d5bf9c4063a 100644 --- a/sdk/keyvault/azkeys/client_test.go +++ b/sdk/keyvault/azkeys/client_test.go @@ -8,6 +8,7 @@ package azkeys import ( "context" + "encoding/json" "errors" "fmt" "net/http" @@ -52,7 +53,7 @@ func TestCreateKeyRSA(t *testing.T) { require.NoError(t, err) require.NotNil(t, resp.Key) - resp2, err := client.CreateRSAKey(ctx, key+"hsm", &CreateRSAKeyOptions{HardwareProtected: true}) + resp2, err := client.CreateRSAKey(ctx, key+"hsm", &CreateRSAKeyOptions{HardwareProtected: to.BoolPtr(true)}) require.NoError(t, err) require.NotNil(t, resp2.Key) @@ -386,7 +387,7 @@ func TestUpdateKeyProperties(t *testing.T) { key, err := createRandomName(t, "key") require.NoError(t, err) - _, err = client.CreateRSAKey(ctx, key, nil) + _, err = client.CreateRSAKey(ctx, key, &CreateRSAKeyOptions{}) require.NoError(t, err) defer cleanUpKey(t, client, key) @@ -395,15 +396,13 @@ func TestUpdateKeyProperties(t *testing.T) { "Tag1": "Val1", }, KeyAttributes: &KeyAttributes{ - Attributes: Attributes{ - Expires: to.TimePtr(time.Now().AddDate(1, 0, 0)), - }, + ExpiresOn: to.TimePtr(time.Now().AddDate(1, 0, 0)), }, }) require.NoError(t, err) require.NotNil(t, resp.Attributes) require.Equal(t, resp.Tags["Tag1"], "Val1") - require.NotNil(t, resp.Attributes.Updated) + require.NotNil(t, resp.Attributes.UpdatedOn) invalid, err := client.UpdateKeyProperties(ctx, "doesnotexist", nil) require.Error(t, err) @@ -412,6 +411,78 @@ func TestUpdateKeyProperties(t *testing.T) { } } +func TestUpdateKeyPropertiesImmutable(t *testing.T) { + for _, testType := range testTypes { + t.Run(fmt.Sprintf("%s_%s", t.Name(), testType), func(t *testing.T) { + if testType == HSMTEST { + t.Skip("HSM does not recognize immutable yet.") + } + stop := startTest(t) + defer stop() + err := recording.SetBodilessMatcher(t, nil) + require.NoError(t, err) + + client, err := createClient(t, testType) + require.NoError(t, err) + + key, err := createRandomName(t, "immuta") + require.NoError(t, err) + + marshalledPolicy, err := json.Marshal(map[string]interface{}{ + "anyOf": []map[string]interface{}{ + { + "anyOf": []map[string]interface{}{ + { + "claim": "sdk-test", + "equals": "true", + }}, + "authority": os.Getenv("AZURE_KEYVAULT_ATTESTATION_URL"), + }, + }, + "version": "1.0.0", + }) + require.NoError(t, err) + + _, err = client.CreateRSAKey(ctx, key, &CreateRSAKeyOptions{ + HardwareProtected: to.BoolPtr(true), + KeyAttributes: &KeyAttributes{ + Exportable: to.BoolPtr(true), + }, + ReleasePolicy: &KeyReleasePolicy{ + Immutable: to.BoolPtr(true), + EncodedPolicy: marshalledPolicy, + }, + KeyOperations: []*KeyOperation{KeyOperationEncrypt.ToPtr(), KeyOperationDecrypt.ToPtr()}, + }) + require.NoError(t, err) + defer cleanUpKey(t, client, key) + + newMarshalledPolicy, err := json.Marshal(map[string]interface{}{ + "anyOf": []map[string]interface{}{ + { + "anyOf": []map[string]interface{}{ + { + "claim": "sdk-test", + "equals": "false", + }}, + "authority": os.Getenv("AZURE_KEYVAULT_ATTESTATION_URL"), + }, + }, + "version": "1.0.0", + }) + require.NoError(t, err) + + _, err = client.UpdateKeyProperties(ctx, key, &UpdateKeyPropertiesOptions{ + ReleasePolicy: &KeyReleasePolicy{ + Immutable: to.BoolPtr(true), + EncodedPolicy: newMarshalledPolicy, + }, + }) + require.Error(t, err) + }) + } +} + func TestListDeletedKeys(t *testing.T) { for _, testType := range testTypes { t.Run(fmt.Sprintf("%s_%s", t.Name(), testType), func(t *testing.T) { diff --git a/sdk/keyvault/azkeys/constants.go b/sdk/keyvault/azkeys/constants.go index fbd73635f5bc..8d63188a4eaf 100644 --- a/sdk/keyvault/azkeys/constants.go +++ b/sdk/keyvault/azkeys/constants.go @@ -78,43 +78,43 @@ func recoveryLevelToGenerated(d *DeletionRecoveryLevel) *generated.DeletionRecov } } -// JSONWebKeyCurveName - Elliptic curve name. For valid values, see JsonWebKeyCurveName. -type JSONWebKeyCurveName string +// KeyCurveName - Elliptic curve name. For valid values, see KeyCurveName. +type KeyCurveName string const ( - // JSONWebKeyCurveNameP256 - The NIST P-256 elliptic curve, AKA SECG curve SECP256R1. - JSONWebKeyCurveNameP256 JSONWebKeyCurveName = "P-256" + // KeyCurveNameP256 - The NIST P-256 elliptic curve, AKA SECG curve SECP256R1. + KeyCurveNameP256 KeyCurveName = "P-256" - // JSONWebKeyCurveNameP256K - The SECG SECP256K1 elliptic curve. - JSONWebKeyCurveNameP256K JSONWebKeyCurveName = "P-256K" + // KeyCurveNameP256K - The SECG SECP256K1 elliptic curve. + KeyCurveNameP256K KeyCurveName = "P-256K" - // JSONWebKeyCurveNameP384 - The NIST P-384 elliptic curve, AKA SECG curve SECP384R1. - JSONWebKeyCurveNameP384 JSONWebKeyCurveName = "P-384" + // KeyCurveNameP384 - The NIST P-384 elliptic curve, AKA SECG curve SECP384R1. + KeyCurveNameP384 KeyCurveName = "P-384" - // JSONWebKeyCurveNameP521 - The NIST P-521 elliptic curve, AKA SECG curve SECP521R1. - JSONWebKeyCurveNameP521 JSONWebKeyCurveName = "P-521" + // KeyCurveNameP521 - The NIST P-521 elliptic curve, AKA SECG curve SECP521R1. + KeyCurveNameP521 KeyCurveName = "P-521" ) -// ToPtr returns a *JSONWebKeyCurveName pointing to the current value. -func (c JSONWebKeyCurveName) ToPtr() *JSONWebKeyCurveName { +// ToPtr returns a *KeyCurveName pointing to the current value. +func (c KeyCurveName) ToPtr() *KeyCurveName { return &c } -// JSONWebKeyOperation - JSON web key operations. For more information, see JsonWebKeyOperation. -type JSONWebKeyOperation string +// KeyOperation - JSON web key operations. For more information, see KeyOperation. +type KeyOperation string const ( - JSONWebKeyOperationDecrypt JSONWebKeyOperation = "decrypt" - JSONWebKeyOperationEncrypt JSONWebKeyOperation = "encrypt" - JSONWebKeyOperationImport JSONWebKeyOperation = "import" - JSONWebKeyOperationSign JSONWebKeyOperation = "sign" - JSONWebKeyOperationUnwrapKey JSONWebKeyOperation = "unwrapKey" - JSONWebKeyOperationVerify JSONWebKeyOperation = "verify" - JSONWebKeyOperationWrapKey JSONWebKeyOperation = "wrapKey" + KeyOperationDecrypt KeyOperation = "decrypt" + KeyOperationEncrypt KeyOperation = "encrypt" + KeyOperationImport KeyOperation = "import" + KeyOperationSign KeyOperation = "sign" + KeyOperationUnwrapKey KeyOperation = "unwrapKey" + KeyOperationVerify KeyOperation = "verify" + KeyOperationWrapKey KeyOperation = "wrapKey" ) -// ToPtr returns a *JSONWebKeyOperation pointing to the current value. -func (c JSONWebKeyOperation) ToPtr() *JSONWebKeyOperation { +// ToPtr returns a *KeyOperation pointing to the current value. +func (c KeyOperation) ToPtr() *KeyOperation { return &c } diff --git a/sdk/keyvault/azkeys/constants_test.go b/sdk/keyvault/azkeys/constants_test.go index e65db25a5f02..cfd86651e696 100644 --- a/sdk/keyvault/azkeys/constants_test.go +++ b/sdk/keyvault/azkeys/constants_test.go @@ -16,10 +16,10 @@ func TestToPtrMethods(t *testing.T) { d := DeletionRecoveryLevelCustomizedRecoverable require.Equal(t, d.ToPtr(), &d) - j := JSONWebKeyCurveNameP256 + j := KeyCurveNameP256 require.Equal(t, j.ToPtr(), &j) - o := JSONWebKeyOperationDecrypt + o := KeyOperationDecrypt require.Equal(t, o.ToPtr(), &o) a := KeyEncryptionAlgorithmRSAAESKEYWRAP256 diff --git a/sdk/keyvault/azkeys/example_test.go b/sdk/keyvault/azkeys/example_test.go index ab3dbcc1663f..885a0da9d6f9 100644 --- a/sdk/keyvault/azkeys/example_test.go +++ b/sdk/keyvault/azkeys/example_test.go @@ -64,7 +64,7 @@ func ExampleClient_CreateECKey() { panic(err) } - resp, err := client.CreateECKey(context.TODO(), "new-rsa-key", &azkeys.CreateECKeyOptions{CurveName: azkeys.JSONWebKeyCurveNameP256.ToPtr()}) + resp, err := client.CreateECKey(context.TODO(), "new-rsa-key", &azkeys.CreateECKeyOptions{CurveName: azkeys.KeyCurveNameP256.ToPtr()}) if err != nil { panic(err) } diff --git a/sdk/keyvault/azkeys/internal/generated/keyvault_client.go b/sdk/keyvault/azkeys/internal/generated/keyvault_client.go index 90ee07b40551..344f254a9011 100644 --- a/sdk/keyvault/azkeys/internal/generated/keyvault_client.go +++ b/sdk/keyvault/azkeys/internal/generated/keyvault_client.go @@ -11,12 +11,13 @@ package generated import ( "context" "errors" - "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" - "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" "net/http" "net/url" "strconv" "strings" + + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" ) // KeyVaultClient contains the methods for the KeyVaultClient group. @@ -315,62 +316,6 @@ func (client *KeyVaultClient) encryptHandleResponse(resp *http.Response) (KeyVau return result, nil } -// Export - The export key operation is applicable to all key types. The target key must be marked exportable. This operation -// requires the keys/export permission. -// If the operation fails it returns an *azcore.ResponseError type. -// vaultBaseURL - The vault name, for example https://myvault.vault.azure.net. -// keyName - The name of the key to get. -// keyVersion - Adding the version parameter retrieves a specific version of a key. -// parameters - The parameters for the key export operation. -// options - KeyVaultClientExportOptions contains the optional parameters for the KeyVaultClient.Export method. -func (client *KeyVaultClient) Export(ctx context.Context, vaultBaseURL string, keyName string, keyVersion string, parameters KeyExportParameters, options *KeyVaultClientExportOptions) (KeyVaultClientExportResponse, error) { - req, err := client.exportCreateRequest(ctx, vaultBaseURL, keyName, keyVersion, parameters, options) - if err != nil { - return KeyVaultClientExportResponse{}, err - } - resp, err := client.pl.Do(req) - if err != nil { - return KeyVaultClientExportResponse{}, err - } - if !runtime.HasStatusCode(resp, http.StatusOK) { - return KeyVaultClientExportResponse{}, runtime.NewResponseError(resp) - } - return client.exportHandleResponse(resp) -} - -// exportCreateRequest creates the Export request. -func (client *KeyVaultClient) exportCreateRequest(ctx context.Context, vaultBaseURL string, keyName string, keyVersion string, parameters KeyExportParameters, options *KeyVaultClientExportOptions) (*policy.Request, error) { - host := "{vaultBaseUrl}" - host = strings.ReplaceAll(host, "{vaultBaseUrl}", vaultBaseURL) - urlPath := "/keys/{key-name}/{key-version}/export" - if keyName == "" { - return nil, errors.New("parameter keyName cannot be empty") - } - urlPath = strings.ReplaceAll(urlPath, "{key-name}", url.PathEscape(keyName)) - if keyVersion == "" { - return nil, errors.New("parameter keyVersion cannot be empty") - } - urlPath = strings.ReplaceAll(urlPath, "{key-version}", url.PathEscape(keyVersion)) - req, err := runtime.NewRequest(ctx, http.MethodPost, runtime.JoinPaths(host, urlPath)) - if err != nil { - return nil, err - } - reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "7.3-preview") - req.Raw().URL.RawQuery = reqQP.Encode() - req.Raw().Header.Set("Accept", "application/json") - return req, runtime.MarshalAsJSON(req, parameters) -} - -// exportHandleResponse handles the Export response. -func (client *KeyVaultClient) exportHandleResponse(resp *http.Response) (KeyVaultClientExportResponse, error) { - result := KeyVaultClientExportResponse{RawResponse: resp} - if err := runtime.UnmarshalAsJSON(resp, &result.KeyBundle); err != nil { - return KeyVaultClientExportResponse{}, err - } - return result, nil -} - // GetDeletedKey - The Get Deleted Key operation is applicable for soft-delete enabled vaults. While the operation can be // invoked on any vault, it will return an error if invoked on a non soft-delete enabled vault. This // operation requires the keys/get permission. diff --git a/sdk/keyvault/azkeys/internal/generated/models.go b/sdk/keyvault/azkeys/internal/generated/models.go index a9952e614c11..8352f3e8f23a 100644 --- a/sdk/keyvault/azkeys/internal/generated/models.go +++ b/sdk/keyvault/azkeys/internal/generated/models.go @@ -867,7 +867,7 @@ type KeyProperties struct { // KeyReleaseParameters - The release key parameters. type KeyReleaseParameters struct { // REQUIRED; The attestation assertion for the target of the key release. - Target *string `json:"target,omitempty"` + TargetAttestationToken *string `json:"target,omitempty"` // The encryption algorithm to use to protected the exported key material Enc *KeyEncryptionAlgorithm `json:"enc,omitempty"` @@ -881,14 +881,19 @@ type KeyReleasePolicy struct { ContentType *string `json:"contentType,omitempty"` // Blob encoding the policy rules under which the key can be released. - Data []byte `json:"data,omitempty"` + EncodedPolicy []byte `json:"data,omitempty"` + + // Defines the mutability state of the policy. Once marked immutable, this flag cannot be reset and the policy cannot be changed + // under any circumstances. + Immutable *bool `json:"immutable,omitempty"` } // MarshalJSON implements the json.Marshaller interface for type KeyReleasePolicy. func (k KeyReleasePolicy) MarshalJSON() ([]byte, error) { objectMap := make(map[string]interface{}) populate(objectMap, "contentType", k.ContentType) - populateByteArray(objectMap, "data", k.Data, runtime.Base64URLFormat) + populateByteArray(objectMap, "data", k.EncodedPolicy, runtime.Base64URLFormat) + populate(objectMap, "immutable", k.Immutable) return json.Marshal(objectMap) } @@ -905,7 +910,10 @@ func (k *KeyReleasePolicy) UnmarshalJSON(data []byte) error { err = unpopulate(val, &k.ContentType) delete(rawMsg, key) case "data": - err = runtime.DecodeByteArray(string(val), &k.Data, runtime.Base64URLFormat) + err = runtime.DecodeByteArray(string(val), &k.EncodedPolicy, runtime.Base64URLFormat) + delete(rawMsg, key) + case "immutable": + err = unpopulate(val, &k.Immutable) delete(rawMsg, key) } if err != nil { @@ -1115,11 +1123,6 @@ type KeyVaultClientEncryptOptions struct { // placeholder for future optional parameters } -// KeyVaultClientExportOptions contains the optional parameters for the KeyVaultClient.Export method. -type KeyVaultClientExportOptions struct { - // placeholder for future optional parameters -} - // KeyVaultClientGetDeletedKeyOptions contains the optional parameters for the KeyVaultClient.GetDeletedKey method. type KeyVaultClientGetDeletedKeyOptions struct { // placeholder for future optional parameters diff --git a/sdk/keyvault/azkeys/internal/generated/response_types.go b/sdk/keyvault/azkeys/internal/generated/response_types.go index 8a23005e2f25..127b86d9921c 100644 --- a/sdk/keyvault/azkeys/internal/generated/response_types.go +++ b/sdk/keyvault/azkeys/internal/generated/response_types.go @@ -213,18 +213,6 @@ type KeyVaultClientEncryptResult struct { KeyOperationResult } -// KeyVaultClientExportResponse contains the response from method KeyVaultClient.Export. -type KeyVaultClientExportResponse struct { - KeyVaultClientExportResult - // RawResponse contains the underlying HTTP response. - RawResponse *http.Response -} - -// KeyVaultClientExportResult contains the result from method KeyVaultClient.Export. -type KeyVaultClientExportResult struct { - KeyBundle -} - // KeyVaultClientGetDeletedKeyResponse contains the response from method KeyVaultClient.GetDeletedKey. type KeyVaultClientGetDeletedKeyResponse struct { KeyVaultClientGetDeletedKeyResult diff --git a/sdk/keyvault/azkeys/internal/generated/time_unix.go b/sdk/keyvault/azkeys/internal/generated/time_unix.go index ef296335710b..4a512a4ccc05 100644 --- a/sdk/keyvault/azkeys/internal/generated/time_unix.go +++ b/sdk/keyvault/azkeys/internal/generated/time_unix.go @@ -11,10 +11,11 @@ package generated import ( "encoding/json" "fmt" - "github.com/Azure/azure-sdk-for-go/sdk/azcore" "reflect" "strings" "time" + + "github.com/Azure/azure-sdk-for-go/sdk/azcore" ) type timeUnix time.Time diff --git a/sdk/keyvault/azkeys/models.go b/sdk/keyvault/azkeys/models.go index c4c4a7d03fe4..d6ebb243e3e6 100644 --- a/sdk/keyvault/azkeys/models.go +++ b/sdk/keyvault/azkeys/models.go @@ -18,40 +18,61 @@ type Attributes struct { Enabled *bool `json:"enabled,omitempty"` // Expiry date in UTC. - Expires *time.Time `json:"exp,omitempty"` + ExpiresOn *time.Time `json:"exp,omitempty"` // Not before date in UTC. NotBefore *time.Time `json:"nbf,omitempty"` // READ-ONLY; Creation time in UTC. - Created *time.Time `json:"created,omitempty" azure:"ro"` + CreatedOn *time.Time `json:"created,omitempty" azure:"ro"` // READ-ONLY; Last updated time in UTC. - Updated *time.Time `json:"updated,omitempty" azure:"ro"` + UpdatedOn *time.Time `json:"updated,omitempty" azure:"ro"` } // KeyAttributes - The attributes of a key managed by the key vault service. type KeyAttributes struct { - Attributes - // READ-ONLY; softDelete data retention days. + // Determines whether the object is enabled. + Enabled *bool `json:"enabled,omitempty"` + + // Expiry date in UTC. + ExpiresOn *time.Time `json:"exp,omitempty"` + + // Indicates if the private key can be exported. + Exportable *bool `json:"exportable,omitempty"` + + // Not before date in UTC. + NotBefore *time.Time `json:"nbf,omitempty"` + + // READ-ONLY; Creation time in UTC. + CreatedOn *time.Time `json:"created,omitempty" azure:"ro"` + + // READ-ONLY; softDelete data retention days. Value should be >=7 and <=90 when softDelete enabled, otherwise 0. RecoverableDays *int32 `json:"recoverableDays,omitempty" azure:"ro"` - // READ-ONLY; Reflects the deletion recovery level currently in effect for keys in the current vault. If it contains 'Purgeable' the key can be permanently - // deleted by a privileged user; otherwise, only the system + // READ-ONLY; Reflects the deletion recovery level currently in effect for keys in the current vault. If it contains 'Purgeable' + // the key can be permanently deleted by a privileged user; otherwise, only the system // can purge the key, at the end of the retention interval. RecoveryLevel *DeletionRecoveryLevel `json:"recoveryLevel,omitempty" azure:"ro"` + + // READ-ONLY; Last updated time in UTC. + UpdatedOn *time.Time `json:"updated,omitempty" azure:"ro"` } // converts a KeyAttributes to *generated.KeyAttributes -func (k KeyAttributes) toGenerated() *generated.KeyAttributes { +func (k *KeyAttributes) toGenerated() *generated.KeyAttributes { + if k == nil { + return nil + } return &generated.KeyAttributes{ RecoverableDays: k.RecoverableDays, RecoveryLevel: recoveryLevelToGenerated(k.RecoveryLevel), Enabled: k.Enabled, - Expires: k.Expires, + Expires: k.ExpiresOn, NotBefore: k.NotBefore, - Created: k.Created, - Updated: k.Updated, + Created: k.CreatedOn, + Updated: k.UpdatedOn, + Exportable: k.Exportable, } } @@ -64,13 +85,12 @@ func keyAttributesFromGenerated(i *generated.KeyAttributes) *KeyAttributes { return &KeyAttributes{ RecoverableDays: i.RecoverableDays, RecoveryLevel: DeletionRecoveryLevel(*i.RecoveryLevel).ToPtr(), - Attributes: Attributes{ - Enabled: i.Enabled, - Expires: i.Expires, - NotBefore: i.NotBefore, - Created: i.Created, - Updated: i.Updated, - }, + Enabled: i.Enabled, + ExpiresOn: i.Expires, + NotBefore: i.NotBefore, + CreatedOn: i.Created, + UpdatedOn: i.Updated, + Exportable: i.Exportable, } } @@ -94,8 +114,8 @@ type KeyBundle struct { // JSONWebKey - As of http://tools.ietf.org/html/draft-ietf-jose-json-web-key-18 type JSONWebKey struct { - // Elliptic curve name. For valid values, see JsonWebKeyCurveName. - Crv *JSONWebKeyCurveName `json:"crv,omitempty"` + // Elliptic curve name. For valid values, see KeyCurveName. + Crv *KeyCurveName `json:"crv,omitempty"` // RSA private exponent, or the D component of an EC private key. D []byte `json:"d,omitempty"` @@ -148,7 +168,7 @@ func jsonWebKeyFromGenerated(i *generated.JSONWebKey) *JSONWebKey { } return &JSONWebKey{ - Crv: (*JSONWebKeyCurveName)(i.Crv), + Crv: (*KeyCurveName)(i.Crv), D: i.D, DP: i.DP, DQ: i.DQ, @@ -284,13 +304,12 @@ func deletedKeyItemFromGenerated(i *generated.DeletedKeyItem) *DeletedKeyItem { ScheduledPurgeDate: i.ScheduledPurgeDate, KeyItem: KeyItem{ Attributes: &KeyAttributes{ - Attributes: Attributes{ - Enabled: i.Attributes.Enabled, - Expires: i.Attributes.Expires, - NotBefore: i.Attributes.NotBefore, - Created: i.Attributes.Created, - Updated: i.Attributes.Updated, - }, + Enabled: i.Attributes.Enabled, + ExpiresOn: i.Attributes.Expires, + NotBefore: i.Attributes.NotBefore, + CreatedOn: i.Attributes.Created, + UpdatedOn: i.Attributes.Updated, + Exportable: i.Attributes.Exportable, RecoverableDays: i.Attributes.RecoverableDays, RecoveryLevel: (*DeletionRecoveryLevel)(i.Attributes.RecoveryLevel), }, @@ -306,7 +325,23 @@ type KeyReleasePolicy struct { ContentType *string `json:"contentType,omitempty"` // Blob encoding the policy rules under which the key can be released. - Data []byte `json:"data,omitempty"` + EncodedPolicy []byte `json:"data,omitempty"` + + // Defines the mutability state of the policy. Once marked immutable, this flag cannot be reset and the policy cannot be changed + // under any circumstances. + Immutable *bool `json:"immutable,omitempty"` +} + +func (k *KeyReleasePolicy) toGenerated() *generated.KeyReleasePolicy { + if k == nil { + return nil + } + + return &generated.KeyReleasePolicy{ + ContentType: k.ContentType, + EncodedPolicy: k.EncodedPolicy, + Immutable: k.Immutable, + } } func keyReleasePolicyFromGenerated(i *generated.KeyReleasePolicy) *KeyReleasePolicy { @@ -314,8 +349,9 @@ func keyReleasePolicyFromGenerated(i *generated.KeyReleasePolicy) *KeyReleasePol return nil } return &KeyReleasePolicy{ - ContentType: i.ContentType, - Data: i.Data, + ContentType: i.ContentType, + EncodedPolicy: i.EncodedPolicy, + Immutable: i.Immutable, } } @@ -363,7 +399,10 @@ type LifetimeActions struct { Trigger *LifetimeActionsTrigger `json:"trigger,omitempty"` } -func (l LifetimeActions) toGenerated() *generated.LifetimeActions { +func (l *LifetimeActions) toGenerated() *generated.LifetimeActions { + if l == nil { + return nil + } return &generated.LifetimeActions{ Action: &generated.LifetimeActionsType{ Type: (*generated.ActionType)(l.Action.Type), diff --git a/sdk/keyvault/azkeys/testdata/recordings/TestUpdateKeyPropertiesImmutable/TestUpdateKeyPropertiesImmutable_NON-HSM.json b/sdk/keyvault/azkeys/testdata/recordings/TestUpdateKeyPropertiesImmutable/TestUpdateKeyPropertiesImmutable_NON-HSM.json new file mode 100644 index 000000000000..c066c8b86029 --- /dev/null +++ b/sdk/keyvault/azkeys/testdata/recordings/TestUpdateKeyPropertiesImmutable/TestUpdateKeyPropertiesImmutable_NON-HSM.json @@ -0,0 +1,683 @@ +{ + "Entries": [ + { + "RequestUri": "https://fakekvurl.vault.azure.net/keys/immuta3226834185/create?api-version=7.3-preview", + "RequestMethod": "POST", + "RequestHeaders": { + ":method": "POST", + "Accept": "application/json", + "Accept-Encoding": "gzip", + "Content-Length": "0", + "User-Agent": "azsdk-go-generated/v0.3.0 azsdk-go-azcore/v0.21.0 (go1.17; Windows_NT)" + }, + "RequestBody": null, + "StatusCode": 401, + "ResponseHeaders": { + "Cache-Control": "no-cache", + "Content-Length": "97", + "Content-Type": "application/json; charset=utf-8", + "Date": "Thu, 27 Jan 2022 23:17:37 GMT", + "Expires": "-1", + "Pragma": "no-cache", + "Strict-Transport-Security": "max-age=31536000;includeSubDomains", + "WWW-Authenticate": "Bearer authorization=\u0022https://login.windows.net/00000000-0000-0000-0000-000000000000\u0022, resource=\u0022https://vault.azure.net\u0022", + "X-Content-Type-Options": "nosniff", + "x-ms-keyvault-network-info": "conn_type=Ipv4;addr=72.49.29.93;act_addr_fam=InterNetwork;", + "x-ms-keyvault-region": "westus2", + "x-ms-keyvault-service-version": "1.9.264.2", + "x-ms-request-id": "c2b50cf1-4e91-45a7-8560-95d1cc97a306", + "X-Powered-By": "ASP.NET" + }, + "ResponseBody": { + "error": { + "code": "Unauthorized", + "message": "AKV10000: Request is missing a Bearer or PoP token." + } + } + }, + { + "RequestUri": "https://fakekvurl.vault.azure.net/keys/immuta3226834185/create?api-version=7.3-preview", + "RequestMethod": "POST", + "RequestHeaders": { + ":method": "POST", + "Accept": "application/json", + "Accept-Encoding": "gzip", + "Authorization": "Sanitized", + "Content-Length": "303", + "Content-Type": "application/json", + "User-Agent": "azsdk-go-generated/v0.3.0 azsdk-go-azcore/v0.21.0 (go1.17; Windows_NT)" + }, + "RequestBody": { + "attributes": { + "exportable": true + }, + "key_ops": [ + "encrypt", + "decrypt" + ], + "kty": "RSA-HSM", + "release_policy": { + "data": "eyJhbnlPZiI6W3siYW55T2YiOlt7ImNsYWltIjoic2RrLXRlc3QiLCJlcXVhbHMiOiJ0cnVlIn1dLCJhdXRob3JpdHkiOiJodHRwczovL3Jvc2VidWRzaXRlLmF6dXJld2Vic2l0ZXMubmV0LyJ9XSwidmVyc2lvbiI6IjEuMC4wIn0", + "immutable": true + } + }, + "StatusCode": 200, + "ResponseHeaders": { + "Cache-Control": "no-cache", + "Content-Length": "945", + "Content-Type": "application/json; charset=utf-8", + "Date": "Thu, 27 Jan 2022 23:17:39 GMT", + "Expires": "-1", + "Pragma": "no-cache", + "Strict-Transport-Security": "max-age=31536000;includeSubDomains", + "X-Content-Type-Options": "nosniff", + "x-ms-keyvault-network-info": "conn_type=Ipv4;addr=72.49.29.93;act_addr_fam=InterNetwork;", + "x-ms-keyvault-region": "westus2", + "x-ms-keyvault-service-version": "1.9.264.2", + "x-ms-request-id": "d13b0a60-cf3e-472d-ade5-2f899950e2b9", + "X-Powered-By": "ASP.NET" + }, + "ResponseBody": { + "key": { + "kid": "https://fakekvurl.vault.azure.net/keys/immuta3226834185/5957a67dcae54057be9ecc0465219d34", + "kty": "RSA-HSM", + "key_ops": [ + "encrypt", + "decrypt" + ], + "n": "qEhwJt166k-_CzbO9ctSLS0yPxmKo5JsGc8tJ5RP5GZUdYXjRKUwCWnn-Nf190HioaWLJwQ1Ngyg1zbcONTVM5OMuoOEB433mbLeNlO3I47ugEliXVsCMxb8jXUyZTqB1cOfw3zju0VEJw1kkHyn_DIa3owo8wSfigUg57rIXBqAdwWGuxFbN1w9mh1cQrwf0a3H52iCvrzhnXpnTUTgdngmjRmqVgdpKPKrEfRhFBsr5M08pkqJXfVSR4WDDIsTMDZ7jsR2jf0b1nHxySl4jNEbqQbJAmFAYWsvQHFtQZMQbHXSjazBYTqGZkawcQ6AOSI5lpanW1yUmgJrsWR5vQ", + "e": "AAEAAQ" + }, + "attributes": { + "enabled": true, + "created": 1643325459, + "updated": 1643325459, + "recoveryLevel": "CustomizedRecoverable\u002BPurgeable", + "recoverableDays": 7, + "exportable": true + }, + "release_policy": { + "contentType": "application/json; charset=utf-8", + "data": "eyJ2ZXJzaW9uIjoiMS4wLjAiLCJhbnlPZiI6W3siYXV0aG9yaXR5IjoiaHR0cHM6Ly9yb3NlYnVkc2l0ZS5henVyZXdlYnNpdGVzLm5ldC8iLCJhbnlPZiI6W3siY2xhaW0iOiJzZGstdGVzdCIsImVxdWFscyI6InRydWUifV19XX0", + "immutable": true + } + } + }, + { + "RequestUri": "https://fakekvurl.vault.azure.net/keys/immuta3226834185/?api-version=7.3-preview", + "RequestMethod": "PATCH", + "RequestHeaders": { + "Accept": "application/json", + "Accept-Encoding": "gzip", + "Authorization": "Sanitized", + "Content-Length": "223", + "Content-Type": "application/json", + "User-Agent": "azsdk-go-generated/v0.3.0 azsdk-go-azcore/v0.21.0 (go1.17; Windows_NT)" + }, + "RequestBody": { + "release_policy": { + "data": "eyJhbnlPZiI6W3siYW55T2YiOlt7ImNsYWltIjoic2RrLXRlc3QiLCJlcXVhbHMiOiJmYWxzZSJ9XSwiYXV0aG9yaXR5IjoiaHR0cHM6Ly9yb3NlYnVkc2l0ZS5henVyZXdlYnNpdGVzLm5ldC8ifV0sInZlcnNpb24iOiIxLjAuMCJ9", + "immutable": true + } + }, + "StatusCode": 400, + "ResponseHeaders": { + "Cache-Control": "no-cache", + "Content-Length": "108", + "Content-Type": "application/json; charset=utf-8", + "Date": "Thu, 27 Jan 2022 23:17:39 GMT", + "Expires": "-1", + "Pragma": "no-cache", + "Strict-Transport-Security": "max-age=31536000;includeSubDomains", + "X-Content-Type-Options": "nosniff", + "x-ms-keyvault-network-info": "conn_type=Ipv4;addr=72.49.29.93;act_addr_fam=InterNetwork;", + "x-ms-keyvault-region": "westus2", + "x-ms-keyvault-service-version": "1.9.264.2", + "x-ms-request-id": "3efc8ee0-e45b-4b1d-abf1-550e188d95f1", + "X-Powered-By": "ASP.NET" + }, + "ResponseBody": { + "error": { + "code": "BadParameter", + "message": "AKV.SKR.1020: Immutable Key Release Policy cannot be modified." + } + } + }, + { + "RequestUri": "https://fakekvurl.vault.azure.net/keys/immuta3226834185?api-version=7.3-preview", + "RequestMethod": "DELETE", + "RequestHeaders": { + "Accept": "application/json", + "Accept-Encoding": "gzip", + "Authorization": "Sanitized", + "User-Agent": "azsdk-go-generated/v0.3.0 azsdk-go-azcore/v0.21.0 (go1.17; Windows_NT)" + }, + "RequestBody": null, + "StatusCode": 200, + "ResponseHeaders": { + "Cache-Control": "no-cache", + "Content-Length": "811", + "Content-Type": "application/json; charset=utf-8", + "Date": "Thu, 27 Jan 2022 23:17:39 GMT", + "Expires": "-1", + "Pragma": "no-cache", + "Strict-Transport-Security": "max-age=31536000;includeSubDomains", + "X-Content-Type-Options": "nosniff", + "x-ms-keyvault-network-info": "conn_type=Ipv4;addr=72.49.29.93;act_addr_fam=InterNetwork;", + "x-ms-keyvault-region": "westus2", + "x-ms-keyvault-service-version": "1.9.264.2", + "x-ms-request-id": "4bb97ea1-5493-4c3f-ba8b-4e47dff1635f", + "X-Powered-By": "ASP.NET" + }, + "ResponseBody": { + "recoveryId": "https://fakekvurl.vault.azure.net/deletedkeys/immuta3226834185", + "deletedDate": 1643325460, + "scheduledPurgeDate": 1643930260, + "key": { + "kid": "https://fakekvurl.vault.azure.net/keys/immuta3226834185/5957a67dcae54057be9ecc0465219d34", + "kty": "RSA-HSM", + "key_ops": [ + "encrypt", + "decrypt" + ], + "n": "qEhwJt166k-_CzbO9ctSLS0yPxmKo5JsGc8tJ5RP5GZUdYXjRKUwCWnn-Nf190HioaWLJwQ1Ngyg1zbcONTVM5OMuoOEB433mbLeNlO3I47ugEliXVsCMxb8jXUyZTqB1cOfw3zju0VEJw1kkHyn_DIa3owo8wSfigUg57rIXBqAdwWGuxFbN1w9mh1cQrwf0a3H52iCvrzhnXpnTUTgdngmjRmqVgdpKPKrEfRhFBsr5M08pkqJXfVSR4WDDIsTMDZ7jsR2jf0b1nHxySl4jNEbqQbJAmFAYWsvQHFtQZMQbHXSjazBYTqGZkawcQ6AOSI5lpanW1yUmgJrsWR5vQ", + "e": "AAEAAQ" + }, + "attributes": { + "enabled": true, + "created": 1643325459, + "updated": 1643325459, + "recoveryLevel": "CustomizedRecoverable\u002BPurgeable", + "recoverableDays": 7, + "exportable": true + } + } + }, + { + "RequestUri": "https://fakekvurl.vault.azure.net/deletedkeys/immuta3226834185?api-version=7.3-preview", + "RequestMethod": "GET", + "RequestHeaders": { + ":method": "GET", + "Accept": "application/json", + "Accept-Encoding": "gzip", + "Authorization": "Sanitized", + "User-Agent": "azsdk-go-generated/v0.3.0 azsdk-go-azcore/v0.21.0 (go1.17; Windows_NT)" + }, + "RequestBody": null, + "StatusCode": 404, + "ResponseHeaders": { + "Cache-Control": "no-cache", + "Content-Length": "84", + "Content-Type": "application/json; charset=utf-8", + "Date": "Thu, 27 Jan 2022 23:17:39 GMT", + "Expires": "-1", + "Pragma": "no-cache", + "Strict-Transport-Security": "max-age=31536000;includeSubDomains", + "X-Content-Type-Options": "nosniff", + "x-ms-keyvault-network-info": "conn_type=Ipv4;addr=72.49.29.93;act_addr_fam=InterNetwork;", + "x-ms-keyvault-region": "westus2", + "x-ms-keyvault-service-version": "1.9.264.2", + "x-ms-request-id": "ee6788a9-df9b-436d-a77f-91c1718fb0ea", + "X-Powered-By": "ASP.NET" + }, + "ResponseBody": { + "error": { + "code": "KeyNotFound", + "message": "Deleted Key not found: immuta3226834185" + } + } + }, + { + "RequestUri": "https://fakekvurl.vault.azure.net/deletedkeys/immuta3226834185?api-version=7.3-preview", + "RequestMethod": "GET", + "RequestHeaders": { + ":method": "GET", + "Accept": "application/json", + "Accept-Encoding": "gzip", + "Authorization": "Sanitized", + "User-Agent": "azsdk-go-generated/v0.3.0 azsdk-go-azcore/v0.21.0 (go1.17; Windows_NT)" + }, + "RequestBody": null, + "StatusCode": 404, + "ResponseHeaders": { + "Cache-Control": "no-cache", + "Content-Length": "84", + "Content-Type": "application/json; charset=utf-8", + "Date": "Thu, 27 Jan 2022 23:17:39 GMT", + "Expires": "-1", + "Pragma": "no-cache", + "Strict-Transport-Security": "max-age=31536000;includeSubDomains", + "X-Content-Type-Options": "nosniff", + "x-ms-keyvault-network-info": "conn_type=Ipv4;addr=72.49.29.93;act_addr_fam=InterNetwork;", + "x-ms-keyvault-region": "westus2", + "x-ms-keyvault-service-version": "1.9.264.2", + "x-ms-request-id": "9cd7b6c6-283f-4f82-ae44-7dc01d178c4a", + "X-Powered-By": "ASP.NET" + }, + "ResponseBody": { + "error": { + "code": "KeyNotFound", + "message": "Deleted Key not found: immuta3226834185" + } + } + }, + { + "RequestUri": "https://fakekvurl.vault.azure.net/deletedkeys/immuta3226834185?api-version=7.3-preview", + "RequestMethod": "GET", + "RequestHeaders": { + ":method": "GET", + "Accept": "application/json", + "Accept-Encoding": "gzip", + "Authorization": "Sanitized", + "User-Agent": "azsdk-go-generated/v0.3.0 azsdk-go-azcore/v0.21.0 (go1.17; Windows_NT)" + }, + "RequestBody": null, + "StatusCode": 404, + "ResponseHeaders": { + "Cache-Control": "no-cache", + "Content-Length": "84", + "Content-Type": "application/json; charset=utf-8", + "Date": "Thu, 27 Jan 2022 23:17:39 GMT", + "Expires": "-1", + "Pragma": "no-cache", + "Strict-Transport-Security": "max-age=31536000;includeSubDomains", + "X-Content-Type-Options": "nosniff", + "x-ms-keyvault-network-info": "conn_type=Ipv4;addr=72.49.29.93;act_addr_fam=InterNetwork;", + "x-ms-keyvault-region": "westus2", + "x-ms-keyvault-service-version": "1.9.264.2", + "x-ms-request-id": "2ef6c3e7-c192-4d8a-b437-10633c8f59a6", + "X-Powered-By": "ASP.NET" + }, + "ResponseBody": { + "error": { + "code": "KeyNotFound", + "message": "Deleted Key not found: immuta3226834185" + } + } + }, + { + "RequestUri": "https://fakekvurl.vault.azure.net/deletedkeys/immuta3226834185?api-version=7.3-preview", + "RequestMethod": "GET", + "RequestHeaders": { + ":method": "GET", + "Accept": "application/json", + "Accept-Encoding": "gzip", + "Authorization": "Sanitized", + "User-Agent": "azsdk-go-generated/v0.3.0 azsdk-go-azcore/v0.21.0 (go1.17; Windows_NT)" + }, + "RequestBody": null, + "StatusCode": 404, + "ResponseHeaders": { + "Cache-Control": "no-cache", + "Content-Length": "84", + "Content-Type": "application/json; charset=utf-8", + "Date": "Thu, 27 Jan 2022 23:17:40 GMT", + "Expires": "-1", + "Pragma": "no-cache", + "Strict-Transport-Security": "max-age=31536000;includeSubDomains", + "X-Content-Type-Options": "nosniff", + "x-ms-keyvault-network-info": "conn_type=Ipv4;addr=72.49.29.93;act_addr_fam=InterNetwork;", + "x-ms-keyvault-region": "westus2", + "x-ms-keyvault-service-version": "1.9.264.2", + "x-ms-request-id": "42ff1ef8-ef4e-465e-b570-0cd08daf1bef", + "X-Powered-By": "ASP.NET" + }, + "ResponseBody": { + "error": { + "code": "KeyNotFound", + "message": "Deleted Key not found: immuta3226834185" + } + } + }, + { + "RequestUri": "https://fakekvurl.vault.azure.net/deletedkeys/immuta3226834185?api-version=7.3-preview", + "RequestMethod": "GET", + "RequestHeaders": { + ":method": "GET", + "Accept": "application/json", + "Accept-Encoding": "gzip", + "Authorization": "Sanitized", + "User-Agent": "azsdk-go-generated/v0.3.0 azsdk-go-azcore/v0.21.0 (go1.17; Windows_NT)" + }, + "RequestBody": null, + "StatusCode": 404, + "ResponseHeaders": { + "Cache-Control": "no-cache", + "Content-Length": "84", + "Content-Type": "application/json; charset=utf-8", + "Date": "Thu, 27 Jan 2022 23:17:40 GMT", + "Expires": "-1", + "Pragma": "no-cache", + "Strict-Transport-Security": "max-age=31536000;includeSubDomains", + "X-Content-Type-Options": "nosniff", + "x-ms-keyvault-network-info": "conn_type=Ipv4;addr=72.49.29.93;act_addr_fam=InterNetwork;", + "x-ms-keyvault-region": "westus2", + "x-ms-keyvault-service-version": "1.9.264.2", + "x-ms-request-id": "6bf0ec99-e7cb-4192-90ce-bafe8eb68cef", + "X-Powered-By": "ASP.NET" + }, + "ResponseBody": { + "error": { + "code": "KeyNotFound", + "message": "Deleted Key not found: immuta3226834185" + } + } + }, + { + "RequestUri": "https://fakekvurl.vault.azure.net/deletedkeys/immuta3226834185?api-version=7.3-preview", + "RequestMethod": "GET", + "RequestHeaders": { + ":method": "GET", + "Accept": "application/json", + "Accept-Encoding": "gzip", + "Authorization": "Sanitized", + "User-Agent": "azsdk-go-generated/v0.3.0 azsdk-go-azcore/v0.21.0 (go1.17; Windows_NT)" + }, + "RequestBody": null, + "StatusCode": 404, + "ResponseHeaders": { + "Cache-Control": "no-cache", + "Content-Length": "84", + "Content-Type": "application/json; charset=utf-8", + "Date": "Thu, 27 Jan 2022 23:17:40 GMT", + "Expires": "-1", + "Pragma": "no-cache", + "Strict-Transport-Security": "max-age=31536000;includeSubDomains", + "X-Content-Type-Options": "nosniff", + "x-ms-keyvault-network-info": "conn_type=Ipv4;addr=72.49.29.93;act_addr_fam=InterNetwork;", + "x-ms-keyvault-region": "westus2", + "x-ms-keyvault-service-version": "1.9.264.2", + "x-ms-request-id": "fe03f0a7-e0ba-445b-b4b5-f19a1edbde95", + "X-Powered-By": "ASP.NET" + }, + "ResponseBody": { + "error": { + "code": "KeyNotFound", + "message": "Deleted Key not found: immuta3226834185" + } + } + }, + { + "RequestUri": "https://fakekvurl.vault.azure.net/deletedkeys/immuta3226834185?api-version=7.3-preview", + "RequestMethod": "GET", + "RequestHeaders": { + ":method": "GET", + "Accept": "application/json", + "Accept-Encoding": "gzip", + "Authorization": "Sanitized", + "User-Agent": "azsdk-go-generated/v0.3.0 azsdk-go-azcore/v0.21.0 (go1.17; Windows_NT)" + }, + "RequestBody": null, + "StatusCode": 404, + "ResponseHeaders": { + "Cache-Control": "no-cache", + "Content-Length": "84", + "Content-Type": "application/json; charset=utf-8", + "Date": "Thu, 27 Jan 2022 23:17:42 GMT", + "Expires": "-1", + "Pragma": "no-cache", + "Strict-Transport-Security": "max-age=31536000;includeSubDomains", + "X-Content-Type-Options": "nosniff", + "x-ms-keyvault-network-info": "conn_type=Ipv4;addr=72.49.29.93;act_addr_fam=InterNetwork;", + "x-ms-keyvault-region": "westus2", + "x-ms-keyvault-service-version": "1.9.264.2", + "x-ms-request-id": "5d82450f-2e39-451c-bdf4-8d4825a00158", + "X-Powered-By": "ASP.NET" + }, + "ResponseBody": { + "error": { + "code": "KeyNotFound", + "message": "Deleted Key not found: immuta3226834185" + } + } + }, + { + "RequestUri": "https://fakekvurl.vault.azure.net/deletedkeys/immuta3226834185?api-version=7.3-preview", + "RequestMethod": "GET", + "RequestHeaders": { + ":method": "GET", + "Accept": "application/json", + "Accept-Encoding": "gzip", + "Authorization": "Sanitized", + "User-Agent": "azsdk-go-generated/v0.3.0 azsdk-go-azcore/v0.21.0 (go1.17; Windows_NT)" + }, + "RequestBody": null, + "StatusCode": 404, + "ResponseHeaders": { + "Cache-Control": "no-cache", + "Content-Length": "84", + "Content-Type": "application/json; charset=utf-8", + "Date": "Thu, 27 Jan 2022 23:17:42 GMT", + "Expires": "-1", + "Pragma": "no-cache", + "Strict-Transport-Security": "max-age=31536000;includeSubDomains", + "X-Content-Type-Options": "nosniff", + "x-ms-keyvault-network-info": "conn_type=Ipv4;addr=72.49.29.93;act_addr_fam=InterNetwork;", + "x-ms-keyvault-region": "westus2", + "x-ms-keyvault-service-version": "1.9.264.2", + "x-ms-request-id": "01c5c824-18b3-4871-896c-1d3235265be2", + "X-Powered-By": "ASP.NET" + }, + "ResponseBody": { + "error": { + "code": "KeyNotFound", + "message": "Deleted Key not found: immuta3226834185" + } + } + }, + { + "RequestUri": "https://fakekvurl.vault.azure.net/deletedkeys/immuta3226834185?api-version=7.3-preview", + "RequestMethod": "GET", + "RequestHeaders": { + ":method": "GET", + "Accept": "application/json", + "Accept-Encoding": "gzip", + "Authorization": "Sanitized", + "User-Agent": "azsdk-go-generated/v0.3.0 azsdk-go-azcore/v0.21.0 (go1.17; Windows_NT)" + }, + "RequestBody": null, + "StatusCode": 404, + "ResponseHeaders": { + "Cache-Control": "no-cache", + "Content-Length": "84", + "Content-Type": "application/json; charset=utf-8", + "Date": "Thu, 27 Jan 2022 23:17:42 GMT", + "Expires": "-1", + "Pragma": "no-cache", + "Strict-Transport-Security": "max-age=31536000;includeSubDomains", + "X-Content-Type-Options": "nosniff", + "x-ms-keyvault-network-info": "conn_type=Ipv4;addr=72.49.29.93;act_addr_fam=InterNetwork;", + "x-ms-keyvault-region": "westus2", + "x-ms-keyvault-service-version": "1.9.264.2", + "x-ms-request-id": "4b910b16-b1af-49b2-a674-09f358614f34", + "X-Powered-By": "ASP.NET" + }, + "ResponseBody": { + "error": { + "code": "KeyNotFound", + "message": "Deleted Key not found: immuta3226834185" + } + } + }, + { + "RequestUri": "https://fakekvurl.vault.azure.net/deletedkeys/immuta3226834185?api-version=7.3-preview", + "RequestMethod": "GET", + "RequestHeaders": { + ":method": "GET", + "Accept": "application/json", + "Accept-Encoding": "gzip", + "Authorization": "Sanitized", + "User-Agent": "azsdk-go-generated/v0.3.0 azsdk-go-azcore/v0.21.0 (go1.17; Windows_NT)" + }, + "RequestBody": null, + "StatusCode": 404, + "ResponseHeaders": { + "Cache-Control": "no-cache", + "Content-Length": "84", + "Content-Type": "application/json; charset=utf-8", + "Date": "Thu, 27 Jan 2022 23:17:43 GMT", + "Expires": "-1", + "Pragma": "no-cache", + "Strict-Transport-Security": "max-age=31536000;includeSubDomains", + "X-Content-Type-Options": "nosniff", + "x-ms-keyvault-network-info": "conn_type=Ipv4;addr=72.49.29.93;act_addr_fam=InterNetwork;", + "x-ms-keyvault-region": "westus2", + "x-ms-keyvault-service-version": "1.9.264.2", + "x-ms-request-id": "8804293c-9e35-4c63-9bce-93f3e24eef20", + "X-Powered-By": "ASP.NET" + }, + "ResponseBody": { + "error": { + "code": "KeyNotFound", + "message": "Deleted Key not found: immuta3226834185" + } + } + }, + { + "RequestUri": "https://fakekvurl.vault.azure.net/deletedkeys/immuta3226834185?api-version=7.3-preview", + "RequestMethod": "GET", + "RequestHeaders": { + ":method": "GET", + "Accept": "application/json", + "Accept-Encoding": "gzip", + "Authorization": "Sanitized", + "User-Agent": "azsdk-go-generated/v0.3.0 azsdk-go-azcore/v0.21.0 (go1.17; Windows_NT)" + }, + "RequestBody": null, + "StatusCode": 404, + "ResponseHeaders": { + "Cache-Control": "no-cache", + "Content-Length": "84", + "Content-Type": "application/json; charset=utf-8", + "Date": "Thu, 27 Jan 2022 23:17:43 GMT", + "Expires": "-1", + "Pragma": "no-cache", + "Strict-Transport-Security": "max-age=31536000;includeSubDomains", + "X-Content-Type-Options": "nosniff", + "x-ms-keyvault-network-info": "conn_type=Ipv4;addr=72.49.29.93;act_addr_fam=InterNetwork;", + "x-ms-keyvault-region": "westus2", + "x-ms-keyvault-service-version": "1.9.264.2", + "x-ms-request-id": "d1668d1e-528a-454b-9779-6c447c5d5f34", + "X-Powered-By": "ASP.NET" + }, + "ResponseBody": { + "error": { + "code": "KeyNotFound", + "message": "Deleted Key not found: immuta3226834185" + } + } + }, + { + "RequestUri": "https://fakekvurl.vault.azure.net/deletedkeys/immuta3226834185?api-version=7.3-preview", + "RequestMethod": "GET", + "RequestHeaders": { + ":method": "GET", + "Accept": "application/json", + "Accept-Encoding": "gzip", + "Authorization": "Sanitized", + "User-Agent": "azsdk-go-generated/v0.3.0 azsdk-go-azcore/v0.21.0 (go1.17; Windows_NT)" + }, + "RequestBody": null, + "StatusCode": 404, + "ResponseHeaders": { + "Cache-Control": "no-cache", + "Content-Length": "84", + "Content-Type": "application/json; charset=utf-8", + "Date": "Thu, 27 Jan 2022 23:17:43 GMT", + "Expires": "-1", + "Pragma": "no-cache", + "Strict-Transport-Security": "max-age=31536000;includeSubDomains", + "X-Content-Type-Options": "nosniff", + "x-ms-keyvault-network-info": "conn_type=Ipv4;addr=72.49.29.93;act_addr_fam=InterNetwork;", + "x-ms-keyvault-region": "westus2", + "x-ms-keyvault-service-version": "1.9.264.2", + "x-ms-request-id": "03db9b8d-0bba-43a9-a1dd-f6da76428478", + "X-Powered-By": "ASP.NET" + }, + "ResponseBody": { + "error": { + "code": "KeyNotFound", + "message": "Deleted Key not found: immuta3226834185" + } + } + }, + { + "RequestUri": "https://fakekvurl.vault.azure.net/deletedkeys/immuta3226834185?api-version=7.3-preview", + "RequestMethod": "GET", + "RequestHeaders": { + ":method": "GET", + "Accept": "application/json", + "Accept-Encoding": "gzip", + "Authorization": "Sanitized", + "User-Agent": "azsdk-go-generated/v0.3.0 azsdk-go-azcore/v0.21.0 (go1.17; Windows_NT)" + }, + "RequestBody": null, + "StatusCode": 200, + "ResponseHeaders": { + "Cache-Control": "no-cache", + "Content-Length": "811", + "Content-Type": "application/json; charset=utf-8", + "Date": "Thu, 27 Jan 2022 23:17:44 GMT", + "Expires": "-1", + "Pragma": "no-cache", + "Strict-Transport-Security": "max-age=31536000;includeSubDomains", + "X-Content-Type-Options": "nosniff", + "x-ms-keyvault-network-info": "conn_type=Ipv4;addr=72.49.29.93;act_addr_fam=InterNetwork;", + "x-ms-keyvault-region": "westus2", + "x-ms-keyvault-service-version": "1.9.264.2", + "x-ms-request-id": "f648a098-e6c8-4310-b6b8-b5f76e101abe", + "X-Powered-By": "ASP.NET" + }, + "ResponseBody": { + "recoveryId": "https://fakekvurl.vault.azure.net/deletedkeys/immuta3226834185", + "deletedDate": 1643325460, + "scheduledPurgeDate": 1643930260, + "key": { + "kid": "https://fakekvurl.vault.azure.net/keys/immuta3226834185/5957a67dcae54057be9ecc0465219d34", + "kty": "RSA-HSM", + "key_ops": [ + "encrypt", + "decrypt" + ], + "n": "qEhwJt166k-_CzbO9ctSLS0yPxmKo5JsGc8tJ5RP5GZUdYXjRKUwCWnn-Nf190HioaWLJwQ1Ngyg1zbcONTVM5OMuoOEB433mbLeNlO3I47ugEliXVsCMxb8jXUyZTqB1cOfw3zju0VEJw1kkHyn_DIa3owo8wSfigUg57rIXBqAdwWGuxFbN1w9mh1cQrwf0a3H52iCvrzhnXpnTUTgdngmjRmqVgdpKPKrEfRhFBsr5M08pkqJXfVSR4WDDIsTMDZ7jsR2jf0b1nHxySl4jNEbqQbJAmFAYWsvQHFtQZMQbHXSjazBYTqGZkawcQ6AOSI5lpanW1yUmgJrsWR5vQ", + "e": "AAEAAQ" + }, + "attributes": { + "enabled": true, + "created": 1643325459, + "updated": 1643325459, + "recoveryLevel": "CustomizedRecoverable\u002BPurgeable", + "recoverableDays": 7, + "exportable": true + } + } + }, + { + "RequestUri": "https://fakekvurl.vault.azure.net/deletedkeys/immuta3226834185?api-version=7.3-preview", + "RequestMethod": "DELETE", + "RequestHeaders": { + "Accept": "application/json", + "Accept-Encoding": "gzip", + "Authorization": "Sanitized", + "User-Agent": "azsdk-go-generated/v0.3.0 azsdk-go-azcore/v0.21.0 (go1.17; Windows_NT)" + }, + "RequestBody": null, + "StatusCode": 204, + "ResponseHeaders": { + "Cache-Control": "no-cache", + "Date": "Thu, 27 Jan 2022 23:17:44 GMT", + "Expires": "-1", + "Pragma": "no-cache", + "Strict-Transport-Security": "max-age=31536000;includeSubDomains", + "X-Content-Type-Options": "nosniff", + "x-ms-keyvault-network-info": "conn_type=Ipv4;addr=72.49.29.93;act_addr_fam=InterNetwork;", + "x-ms-keyvault-region": "westus2", + "x-ms-keyvault-service-version": "1.9.264.2", + "x-ms-request-id": "54fb00cd-600d-427c-bd5b-532f2c141e53", + "X-Powered-By": "ASP.NET" + }, + "ResponseBody": null + } + ], + "Variables": {} +}