Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[keyvault-admin] Support Role-based Access Control (RBAC) for data plane via new KeyVaultAccessControlClient #7279

Closed
heaths opened this issue Feb 6, 2020 · 8 comments · Fixed by #9668 or #10815
Closed

[keyvault-admin] Support Role-based Access Control (RBAC) for data plane via new KeyVaultAccessControlClient #7279

heaths opened this issue Feb 6, 2020 · 8 comments · Fixed by #9668 or #10815
Labels
Client This issue points to a problem in the data-plane of the library. KeyVault
Milestone
[2020] September

Comments

@heaths
Copy link
Member

heaths commented Feb 6, 2020

No description provided.

@heaths heaths added Client This issue points to a problem in the data-plane of the library. KeyVault labels Feb 6, 2020
@heaths heaths mentioned this issue Feb 6, 2020
Closed
4 tasks
@heaths heaths added this to the [2020] March milestone Feb 6, 2020
@heaths heaths mentioned this issue Feb 14, 2020
Closed
3 tasks
@heaths heaths modified the milestones: [2020] March, [2020] April Feb 14, 2020
@sadasant sadasant modified the milestones: [2020] April, [2020] June Apr 2, 2020
@AlexGhiondea AlexGhiondea modified the milestones: [2020] June, [2020] July Apr 29, 2020
@sadasant
Copy link
Contributor

https://github.com/Azure/azure-sdk-for-net/tree/master/sdk/keyvault/Azure.Security.KeyVault.Administration

@heaths
Copy link
Member Author

heaths commented Jun 18, 2020
edited
Loading

Note that we won't have an AdministrationClient, but:

  • KeyVaultAccessControlClient
  • KeyVaultBackupClient

/cc @jonathandturner @iscai-msft @chlowell @g2vinay @vcolin7 as an FYI

@vcolin7
Copy link
Member

vcolin7 commented Jun 18, 2020
edited
Loading

@heaths Our other clients in Java don't have a KeyVault prefix, do we want to add it to this one and the backup/restore client?

@ramya-rao-a ramya-rao-a changed the title Support Role-based Access Control (RBAC) for data plane Support Role-based Access Control (RBAC) for data plane via KeyVaultAccessControlClient Jun 18, 2020
@ramya-rao-a ramya-rao-a changed the title Support Role-based Access Control (RBAC) for data plane via KeyVaultAccessControlClient Support Role-based Access Control (RBAC) for data plane via new KeyVaultAccessControlClient Jun 18, 2020
@heaths
Copy link
Member Author

heaths commented Jun 18, 2020

Definitely should for the RBAC client because we are working on eventual plans to have a generic one, which may well be AccessControlClient. For (KeyVault)BackupClient, @christothes discussed it and were worried that archboard would flag it since something like "BackupClient" would be pretty generic and might clash with other libraries (even outside of Azure SDK), which is why, for example, we prefaced "Certificate", "Key", "Secret", et. al. with "KeyVault". So, my recommendation is, yes, we should preface those class names. But it's certainly open for discussion.

@sadasant sadasant mentioned this issue Jun 23, 2020
Merged
1 task
@sadasant sadasant modified the milestones: [2020] July, [2020] September Jul 2, 2020
@sadasant
Copy link
Contributor

sadasant commented Jul 2, 2020
edited
Loading

This issue was moved to September. I'm reopening it since the new client still needs the convenience layer.

@sadasant sadasant reopened this Jul 2, 2020
@sadasant sadasant changed the title Support Role-based Access Control (RBAC) for data plane via new KeyVaultAccessControlClient [keyvault-admin] Support Role-based Access Control (RBAC) for data plane via new KeyVaultAccessControlClient Jul 2, 2020
@sadasant sadasant mentioned this issue Jul 2, 2020
Closed
6 tasks
@sadasant sadasant mentioned this issue Aug 24, 2020
Closed
5 tasks
@sadasant
Copy link
Contributor

Added this issue to track the work needed more easily: #10799

@sadasant sadasant mentioned this issue Sep 1, 2020
Merged
@sadasant
Copy link
Contributor

sadasant commented Sep 1, 2020

Some notes regarding how I came up with PR #10815:

@heaths
Copy link
Member Author

heaths commented Sep 1, 2020

  1. Extreme nit: It's ".NET". Don't make me start writing "Typescript"! 😁
  2. @christothes hadn't yet updated the model names. I thought we agreed in Teams on "KeyVault" as a prefix to all/most of the types; though, it seems you did preface them all except scope, which we may want to do because that one is Key Vault-specific.

@github-actions github-actions bot locked and limited conversation to collaborators Apr 12, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
Client This issue points to a problem in the data-plane of the library. KeyVault
Projects
None yet
Milestone
[2020] September
4 participants
@sadasant @heaths @vcolin7 @AlexGhiondea