From 003fa41843cfea248af5c0dda3669220c8a8730c Mon Sep 17 00:00:00 2001 From: Heath Stewart Date: Wed, 9 Jun 2021 11:13:36 -0700 Subject: [PATCH] Fix HSM RBAC test failures and snippets (#21719) --- .../samples/Sample1_RbacHelloWorldAsync.md | 2 +- .../samples/Sample1_RbacHelloWorldSync.md | 2 +- .../samples/Sample2_RbacScopeAssignment.md | 4 +- .../tests/AccessControlClientLiveTests.cs | 21 +- .../tests/AccessControlTestBase.cs | 3 +- .../CreateRoleAssignment.json | 78 +++--- .../CreateRoleAssignmentAsync.json | 76 ++++-- .../DeleteRoleAssignment.json | 92 +++++--- .../DeleteRoleAssignmentAsync.json | 98 +++++--- .../GetRoleAssignment.json | 100 +++++--- .../GetRoleAssignmentAsync.json | 96 +++++--- .../CreateRoleAssignment.json | 108 +++++---- .../RbacHelloWorld/CreateRoleAssignment.json | 106 +++++---- .../CreateRoleAssignmentAsyncAsync.json | 116 +++++---- .../CreateRoleAssignmentAsync.json | 223 +++++++++++------- .../CreateRoleAssignmentAsyncAsync.json | 194 +++++++++------ .../samples/AccessControlSampleSnippets.cs | 7 +- .../tests/samples/Sample1_RbacHelloWorld.cs | 14 +- .../samples/Sample2_RbacScopeAssignment.cs | 13 +- 19 files changed, 831 insertions(+), 522 deletions(-) diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/samples/Sample1_RbacHelloWorldAsync.md b/sdk/keyvault/Azure.Security.KeyVault.Administration/samples/Sample1_RbacHelloWorldAsync.md index b9a10c226bef6..043559b2c2ed9 100644 --- a/sdk/keyvault/Azure.Security.KeyVault.Administration/samples/Sample1_RbacHelloWorldAsync.md +++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/samples/Sample1_RbacHelloWorldAsync.md @@ -54,7 +54,7 @@ az ad signed-in-user show --query objectId string definitionIdToAssign = ""; string servicePrincipalObjectId = ""; -KeyVaultRoleAssignment createdAssignment = await client.CreateRoleAssignmentAsync(RoleAssignmentScope.Global, definitionIdToAssign, servicePrincipalObjectId); +KeyVaultRoleAssignment createdAssignment = await client.CreateRoleAssignmentAsync(KeyVaultRoleScope.Global, definitionIdToAssign, servicePrincipalObjectId); ``` ## Getting a Role Assignment diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/samples/Sample1_RbacHelloWorldSync.md b/sdk/keyvault/Azure.Security.KeyVault.Administration/samples/Sample1_RbacHelloWorldSync.md index 0b22fabc498d0..85dc4dffe6786 100644 --- a/sdk/keyvault/Azure.Security.KeyVault.Administration/samples/Sample1_RbacHelloWorldSync.md +++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/samples/Sample1_RbacHelloWorldSync.md @@ -46,7 +46,7 @@ az ad signed-in-user show --query objectId string definitionIdToAssign = ""; string servicePrincipalObjectId = ""; -KeyVaultRoleAssignment createdAssignment = client.CreateRoleAssignment(RoleAssignmentScope.Global, definitionIdToAssign, servicePrincipalObjectI); +KeyVaultRoleAssignment createdAssignment = client.CreateRoleAssignment(KeyVaultRoleScope.Global, definitionIdToAssign, servicePrincipalObjectId); ``` ## Getting a Role Assignment diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/samples/Sample2_RbacScopeAssignment.md b/sdk/keyvault/Azure.Security.KeyVault.Administration/samples/Sample2_RbacScopeAssignment.md index 575ece5fcb17d..cb9507ad63283 100644 --- a/sdk/keyvault/Azure.Security.KeyVault.Administration/samples/Sample2_RbacScopeAssignment.md +++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/samples/Sample2_RbacScopeAssignment.md @@ -19,7 +19,7 @@ A role definition Id can be obtained from the `Id` property of one of the role d string definitionIdToAssign = ""; string servicePrincipalObjectId = ""; -RoleAssignment keysScopedAssignment = await client.CreateRoleAssignmentAsync(RoleAssignmentScope.Global, definitionIdToAssign, servicePrincipalObjectId); +KeyVaultRoleAssignment keysScopedAssignment = await client.CreateRoleAssignmentAsync(KeyVaultRoleScope.Global, definitionIdToAssign, servicePrincipalObjectId); ``` ## Assigning a Role to a specific Key Scope @@ -31,5 +31,5 @@ We'll also need the name of an existing `KeyVaultKey` to get it from the service string keyName = ""; KeyVaultKey key = await keyClient.GetKeyAsync(keyName); -RoleAssignment keyScopedAssignment = await client.CreateRoleAssignmentAsync(new RoleAssignmentScope(key.Id), definitionIdToAssign, servicePrincipalObjectId); +KeyVaultRoleAssignment keyScopedAssignment = await client.CreateRoleAssignmentAsync(new KeyVaultRoleScope(key.Id), definitionIdToAssign, servicePrincipalObjectId); ``` diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/AccessControlClientLiveTests.cs b/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/AccessControlClientLiveTests.cs index 1af4790b27eed..1d77c7ac36236 100644 --- a/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/AccessControlClientLiveTests.cs +++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/AccessControlClientLiveTests.cs @@ -38,7 +38,7 @@ public async Task GetRoleDefinitions() public async Task GetRoleDefinition() { var description = Recording.GenerateAlphaNumericId("role"); - var name = Recording.Random.NewGuid(); + Guid name = Recording.Random.NewGuid(); CreateOrUpdateRoleDefinitionOptions options = new(KeyVaultRoleScope.Global, name) { @@ -72,7 +72,7 @@ public async Task GetRoleDefinition() public async Task CreateOrUpdateRoleDefinition() { var description = Recording.GenerateAlphaNumericId("role"); - var name = Recording.Random.NewGuid(); + Guid name = Recording.Random.NewGuid(); CreateOrUpdateRoleDefinitionOptions options = new(KeyVaultRoleScope.Global, name) { @@ -116,7 +116,7 @@ public async Task CreateOrUpdateRoleDefinition() public async Task DeleteRoleDefinition() { var description = Recording.GenerateAlphaNumericId("role"); - var name = Recording.Random.NewGuid(); + Guid name = Recording.Random.NewGuid(); CreateOrUpdateRoleDefinitionOptions options = new(KeyVaultRoleScope.Global, name) { @@ -145,9 +145,10 @@ public async Task DeleteRoleDefinition() public async Task CreateRoleAssignment() { List definitions = await Client.GetRoleDefinitionsAsync(KeyVaultRoleScope.Global).ToEnumerableAsync().ConfigureAwait(false); - var definitionToAssign = definitions.FirstOrDefault(d => d.RoleName.Contains(RoleName)); + KeyVaultRoleDefinition definitionToAssign = definitions.First(d => d.RoleName.Contains(RoleName)); - KeyVaultRoleAssignment result = await Client.CreateRoleAssignmentAsync(KeyVaultRoleScope.Global, definitionToAssign.Id, TestEnvironment.ClientObjectId, _roleAssignmentId).ConfigureAwait(false); + Guid roleAssignmentName = Recording.Random.NewGuid(); + KeyVaultRoleAssignment result = await Client.CreateRoleAssignmentAsync(KeyVaultRoleScope.Global, definitionToAssign.Id, TestEnvironment.ClientObjectId, roleAssignmentName).ConfigureAwait(false); RegisterForCleanup(result); @@ -162,9 +163,10 @@ public async Task CreateRoleAssignment() public async Task GetRoleAssignment() { List definitions = await Client.GetRoleDefinitionsAsync(KeyVaultRoleScope.Global).ToEnumerableAsync().ConfigureAwait(false); - var definitionToAssign = definitions.FirstOrDefault(d => d.RoleName.Contains(RoleName)); + KeyVaultRoleDefinition definitionToAssign = definitions.First(d => d.RoleName.Contains(RoleName)); - KeyVaultRoleAssignment assignment = await Client.CreateRoleAssignmentAsync(KeyVaultRoleScope.Global, definitionToAssign.Id, TestEnvironment.ClientObjectId, _roleAssignmentId).ConfigureAwait(false); + Guid roleAssignmentName = Recording.Random.NewGuid(); + KeyVaultRoleAssignment assignment = await Client.CreateRoleAssignmentAsync(KeyVaultRoleScope.Global, definitionToAssign.Id, TestEnvironment.ClientObjectId, roleAssignmentName).ConfigureAwait(false); RegisterForCleanup(assignment); @@ -182,9 +184,10 @@ public async Task GetRoleAssignment() public async Task DeleteRoleAssignment() { List definitions = await Client.GetRoleDefinitionsAsync(KeyVaultRoleScope.Global).ToEnumerableAsync().ConfigureAwait(false); - var definitionToAssign = definitions.FirstOrDefault(d => d.RoleName.Contains(RoleName)); + KeyVaultRoleDefinition definitionToAssign = definitions.First(d => d.RoleName.Contains(RoleName)); - KeyVaultRoleAssignment assignment = await Client.CreateRoleAssignmentAsync(KeyVaultRoleScope.Global, definitionToAssign.Id, TestEnvironment.ClientObjectId, _roleAssignmentId).ConfigureAwait(false); + Guid roleAssignmentName = Recording.Random.NewGuid(); + KeyVaultRoleAssignment assignment = await Client.CreateRoleAssignmentAsync(KeyVaultRoleScope.Global, definitionToAssign.Id, TestEnvironment.ClientObjectId, roleAssignmentName).ConfigureAwait(false); await Client.DeleteRoleAssignmentAsync(KeyVaultRoleScope.Global, assignment.Name).ConfigureAwait(false); } diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/AccessControlTestBase.cs b/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/AccessControlTestBase.cs index fc07a27bb3253..260bf4d5c70d0 100644 --- a/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/AccessControlTestBase.cs +++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/AccessControlTestBase.cs @@ -21,8 +21,7 @@ public abstract class AccessControlTestBase : AdministrationTestBase internal KeyVaultAccessControlClient client; #pragma warning restore IDE1006 // Naming Styles - internal const string RoleName = "Managed HSM Backup"; - internal readonly Guid _roleAssignmentId = new Guid("e7ae2aff-eb17-4c9d-84f0-d12f7f468f16"); + internal const string RoleName = "Managed HSM Backup User"; internal string _roleDefinitionId; internal string _objectId; diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/SessionRecords/AccessControlClientLiveTests/CreateRoleAssignment.json b/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/SessionRecords/AccessControlClientLiveTests/CreateRoleAssignment.json index 3bb87524e3930..9455c0677e660 100644 --- a/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/SessionRecords/AccessControlClientLiveTests/CreateRoleAssignment.json +++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/SessionRecords/AccessControlClientLiveTests/CreateRoleAssignment.json @@ -1,14 +1,14 @@ { "Entries": [ { - "RequestUri": "https://heathskv1hsm.managedhsm.azure.net/providers/Microsoft.Authorization/roleDefinitions?api-version=7.2", + "RequestUri": "https://heathstst2hsm.managedhsm.azure.net/providers/Microsoft.Authorization/roleDefinitions?api-version=7.2", "RequestMethod": "GET", "RequestHeaders": { "Accept": "application/json", - "traceparent": "00-f8a679a1b110964e9f0b17bb33c2b61e-8fe66c1cef0e994f-00", + "traceparent": "00-d604a106498c4041a0f1c72b34f14f72-03639231f7a26b41-00", "User-Agent": [ - "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210413.1", - "(.NET 5.0.4; Microsoft Windows 10.0.19042)" + "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210608.1", + "(.NET Core 4.6.30015.01; Microsoft Windows 10.0.19043 )" ], "x-ms-client-request-id": "5e8636028f65bb56594d809618e68b9c", "x-ms-return-client-request-id": "true" @@ -24,22 +24,22 @@ "WWW-Authenticate": "Bearer authorization=\u0022https://login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47\u0022, resource=\u0022https://managedhsm.azure.net\u0022", "X-Content-Type-Options": "nosniff", "X-Frame-Options": "SAMEORIGIN", - "x-ms-build-version": "1.0.20210329-1-34f5870f-develop", - "x-ms-request-id": "7f82ca6c-9c7e-11eb-acbb-000d3af54d67", + "x-ms-build-version": "1.0.20210520-1-d6634624-develop", + "x-ms-request-id": "7ba65568-c8ab-11eb-80a3-000d3aee668a", "x-ms-server-latency": "0" }, "ResponseBody": "OK" }, { - "RequestUri": "https://heathskv1hsm.managedhsm.azure.net/providers/Microsoft.Authorization/roleDefinitions?api-version=7.2", + "RequestUri": "https://heathstst2hsm.managedhsm.azure.net/providers/Microsoft.Authorization/roleDefinitions?api-version=7.2", "RequestMethod": "GET", "RequestHeaders": { "Accept": "application/json", "Authorization": "Sanitized", - "traceparent": "00-f8a679a1b110964e9f0b17bb33c2b61e-8fe66c1cef0e994f-00", + "traceparent": "00-d604a106498c4041a0f1c72b34f14f72-03639231f7a26b41-00", "User-Agent": [ - "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210413.1", - "(.NET 5.0.4; Microsoft Windows 10.0.19042)" + "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210608.1", + "(.NET Core 4.6.30015.01; Microsoft Windows 10.0.19043 )" ], "x-ms-client-request-id": "5e8636028f65bb56594d809618e68b9c", "x-ms-return-client-request-id": "true" @@ -48,17 +48,17 @@ "StatusCode": 200, "ResponseHeaders": { "Cache-Control": "no-cache", - "Content-Length": "6116", + "Content-Length": "6648", "Content-Security-Policy": "default-src \u0027self\u0027", "Content-Type": "application/json; charset=utf-8", "Strict-Transport-Security": "max-age=31536000; includeSubDomains", "X-Content-Type-Options": "nosniff", "X-Frame-Options": "SAMEORIGIN", - "x-ms-build-version": "1.0.20210329-1-34f5870f-develop", + "x-ms-build-version": "1.0.20210520-1-d6634624-develop", "x-ms-keyvault-network-info": "conn_type=Ipv4;addr=67.171.12.239;act_addr_fam=Ipv4;", "x-ms-keyvault-region": "southcentralus", - "x-ms-request-id": "803fcf0e-9c7e-11eb-acbb-000d3af54d67", - "x-ms-server-latency": "1" + "x-ms-request-id": "7c71d922-c8ab-11eb-80a3-000d3aee668a", + "x-ms-server-latency": "0" }, "ResponseBody": { "value": [ @@ -82,7 +82,7 @@ "notDataActions": [] } ], - "roleName": "Managed HSM Backup", + "roleName": "Managed HSM Backup User", "type": "AKVBuiltInRole" }, "type": "Microsoft.Authorization/roleDefinitions" @@ -107,7 +107,30 @@ "notDataActions": [] } ], - "roleName": "Managed HSM Crypto Service Encryption", + "roleName": "Managed HSM Crypto Service Encryption User", + "type": "AKVBuiltInRole" + }, + "type": "Microsoft.Authorization/roleDefinitions" + }, + { + "id": "Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625c", + "name": "21dbd100-6940-42c2-9190-5d6cb909625c", + "properties": { + "assignableScopes": [ + "/" + ], + "description": "", + "permissions": [ + { + "actions": [], + "dataActions": [ + "Microsoft.KeyVault/managedHsm/keys/release/action" + ], + "notActions": [], + "notDataActions": [] + } + ], + "roleName": "Managed HSM Crypto Service Release User", "type": "AKVBuiltInRole" }, "type": "Microsoft.Authorization/roleDefinitions" @@ -193,7 +216,8 @@ "Microsoft.KeyVault/managedHsm/keys/wrap/action", "Microsoft.KeyVault/managedHsm/keys/unwrap/action", "Microsoft.KeyVault/managedHsm/keys/sign/action", - "Microsoft.KeyVault/managedHsm/keys/verify/action" + "Microsoft.KeyVault/managedHsm/keys/verify/action", + "Microsoft.KeyVault/managedHsm/rng/action" ], "notActions": [], "notDataActions": [] @@ -277,19 +301,19 @@ } }, { - "RequestUri": "https://heathskv1hsm.managedhsm.azure.net/providers/Microsoft.Authorization/roleAssignments/e7ae2aff-eb17-4c9d-84f0-d12f7f468f16?api-version=7.2", + "RequestUri": "https://heathstst2hsm.managedhsm.azure.net/providers/Microsoft.Authorization/roleAssignments/16093e51-ef8c-fc75-0e2d-28064b66eddd?api-version=7.2", "RequestMethod": "PUT", "RequestHeaders": { "Accept": "application/json", "Authorization": "Sanitized", "Content-Length": "196", "Content-Type": "application/json", - "traceparent": "00-a91c25d55947024a8b649c84f1595f8d-312ad8798bd61147-00", + "traceparent": "00-d2aec2ba3bdfe84d8c58ef9ff28ebc89-1cec1d6757809e4b-00", "User-Agent": [ - "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210413.1", - "(.NET 5.0.4; Microsoft Windows 10.0.19042)" + "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210608.1", + "(.NET Core 4.6.30015.01; Microsoft Windows 10.0.19043 )" ], - "x-ms-client-request-id": "16093e51ef8cfc750e2d28064b66eddd", + "x-ms-client-request-id": "2129f472d471715137093daa26bce307", "x-ms-return-client-request-id": "true" }, "RequestBody": { @@ -309,12 +333,12 @@ "X-Frame-Options": "SAMEORIGIN", "x-ms-keyvault-network-info": "conn_type=Ipv4;addr=67.171.12.239;act_addr_fam=Ipv4;", "x-ms-keyvault-region": "southcentralus", - "x-ms-request-id": "805200de-9c7e-11eb-acbb-000d3af54d67", - "x-ms-server-latency": "46" + "x-ms-request-id": "7c92bf2a-c8ab-11eb-80a3-000d3aee668a", + "x-ms-server-latency": "52" }, "ResponseBody": { - "id": "/providers/Microsoft.Authorization/roleAssignments/e7ae2aff-eb17-4c9d-84f0-d12f7f468f16", - "name": "e7ae2aff-eb17-4c9d-84f0-d12f7f468f16", + "id": "/providers/Microsoft.Authorization/roleAssignments/16093e51-ef8c-fc75-0e2d-28064b66eddd", + "name": "16093e51-ef8c-fc75-0e2d-28064b66eddd", "properties": { "principalId": "0aa95430-9a7f-4c8e-8cf6-579278e68947", "roleDefinitionId": "Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8", @@ -325,7 +349,7 @@ } ], "Variables": { - "AZURE_MANAGEDHSM_URL": "https://heathskv1hsm.managedhsm.azure.net/", + "AZURE_MANAGEDHSM_URL": "https://heathstst2hsm.managedhsm.azure.net/", "CLIENT_OBJECTID": "0aa95430-9a7f-4c8e-8cf6-579278e68947", "RandomSeed": "1126588322" } diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/SessionRecords/AccessControlClientLiveTests/CreateRoleAssignmentAsync.json b/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/SessionRecords/AccessControlClientLiveTests/CreateRoleAssignmentAsync.json index 9eb1a477e3d64..9764354194d1d 100644 --- a/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/SessionRecords/AccessControlClientLiveTests/CreateRoleAssignmentAsync.json +++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/SessionRecords/AccessControlClientLiveTests/CreateRoleAssignmentAsync.json @@ -1,14 +1,14 @@ { "Entries": [ { - "RequestUri": "https://heathskv1hsm.managedhsm.azure.net/providers/Microsoft.Authorization/roleDefinitions?api-version=7.2", + "RequestUri": "https://heathstst2hsm.managedhsm.azure.net/providers/Microsoft.Authorization/roleDefinitions?api-version=7.2", "RequestMethod": "GET", "RequestHeaders": { "Accept": "application/json", - "traceparent": "00-ff167c42a81e704cb39119293411a934-1d2c2190fa4d514d-00", + "traceparent": "00-3f479788bf3d5940ab8bfcda1e7a7f09-4667792a4c23dc43-00", "User-Agent": [ - "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210413.1", - "(.NET 5.0.4; Microsoft Windows 10.0.19042)" + "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210608.1", + "(.NET Core 4.6.30015.01; Microsoft Windows 10.0.19043 )" ], "x-ms-client-request-id": "c23c658117723d55cd717f5f53da57f6", "x-ms-return-client-request-id": "true" @@ -24,22 +24,22 @@ "WWW-Authenticate": "Bearer authorization=\u0022https://login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47\u0022, resource=\u0022https://managedhsm.azure.net\u0022", "X-Content-Type-Options": "nosniff", "X-Frame-Options": "SAMEORIGIN", - "x-ms-build-version": "1.0.20210329-1-34f5870f-develop", - "x-ms-request-id": "8162df0c-9c7e-11eb-acbb-000d3af54d67", + "x-ms-build-version": "1.0.20210520-1-d6634624-develop", + "x-ms-request-id": "7e50b178-c8ab-11eb-80a3-000d3aee668a", "x-ms-server-latency": "0" }, "ResponseBody": "OK" }, { - "RequestUri": "https://heathskv1hsm.managedhsm.azure.net/providers/Microsoft.Authorization/roleDefinitions?api-version=7.2", + "RequestUri": "https://heathstst2hsm.managedhsm.azure.net/providers/Microsoft.Authorization/roleDefinitions?api-version=7.2", "RequestMethod": "GET", "RequestHeaders": { "Accept": "application/json", "Authorization": "Sanitized", - "traceparent": "00-ff167c42a81e704cb39119293411a934-1d2c2190fa4d514d-00", + "traceparent": "00-3f479788bf3d5940ab8bfcda1e7a7f09-4667792a4c23dc43-00", "User-Agent": [ - "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210413.1", - "(.NET 5.0.4; Microsoft Windows 10.0.19042)" + "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210608.1", + "(.NET Core 4.6.30015.01; Microsoft Windows 10.0.19043 )" ], "x-ms-client-request-id": "c23c658117723d55cd717f5f53da57f6", "x-ms-return-client-request-id": "true" @@ -48,16 +48,16 @@ "StatusCode": 200, "ResponseHeaders": { "Cache-Control": "no-cache", - "Content-Length": "6116", + "Content-Length": "6648", "Content-Security-Policy": "default-src \u0027self\u0027", "Content-Type": "application/json; charset=utf-8", "Strict-Transport-Security": "max-age=31536000; includeSubDomains", "X-Content-Type-Options": "nosniff", "X-Frame-Options": "SAMEORIGIN", - "x-ms-build-version": "1.0.20210329-1-34f5870f-develop", + "x-ms-build-version": "1.0.20210520-1-d6634624-develop", "x-ms-keyvault-network-info": "conn_type=Ipv4;addr=67.171.12.239;act_addr_fam=Ipv4;", "x-ms-keyvault-region": "southcentralus", - "x-ms-request-id": "818f1cfc-9c7e-11eb-acbb-000d3af54d67", + "x-ms-request-id": "7e71807e-c8ab-11eb-80a3-000d3aee668a", "x-ms-server-latency": "0" }, "ResponseBody": { @@ -82,7 +82,7 @@ "notDataActions": [] } ], - "roleName": "Managed HSM Backup", + "roleName": "Managed HSM Backup User", "type": "AKVBuiltInRole" }, "type": "Microsoft.Authorization/roleDefinitions" @@ -107,7 +107,30 @@ "notDataActions": [] } ], - "roleName": "Managed HSM Crypto Service Encryption", + "roleName": "Managed HSM Crypto Service Encryption User", + "type": "AKVBuiltInRole" + }, + "type": "Microsoft.Authorization/roleDefinitions" + }, + { + "id": "Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625c", + "name": "21dbd100-6940-42c2-9190-5d6cb909625c", + "properties": { + "assignableScopes": [ + "/" + ], + "description": "", + "permissions": [ + { + "actions": [], + "dataActions": [ + "Microsoft.KeyVault/managedHsm/keys/release/action" + ], + "notActions": [], + "notDataActions": [] + } + ], + "roleName": "Managed HSM Crypto Service Release User", "type": "AKVBuiltInRole" }, "type": "Microsoft.Authorization/roleDefinitions" @@ -193,7 +216,8 @@ "Microsoft.KeyVault/managedHsm/keys/wrap/action", "Microsoft.KeyVault/managedHsm/keys/unwrap/action", "Microsoft.KeyVault/managedHsm/keys/sign/action", - "Microsoft.KeyVault/managedHsm/keys/verify/action" + "Microsoft.KeyVault/managedHsm/keys/verify/action", + "Microsoft.KeyVault/managedHsm/rng/action" ], "notActions": [], "notDataActions": [] @@ -277,19 +301,19 @@ } }, { - "RequestUri": "https://heathskv1hsm.managedhsm.azure.net/providers/Microsoft.Authorization/roleAssignments/e7ae2aff-eb17-4c9d-84f0-d12f7f468f16?api-version=7.2", + "RequestUri": "https://heathstst2hsm.managedhsm.azure.net/providers/Microsoft.Authorization/roleAssignments/8172d5e4-1db7-e9e5-c84a-d8c05c75332c?api-version=7.2", "RequestMethod": "PUT", "RequestHeaders": { "Accept": "application/json", "Authorization": "Sanitized", "Content-Length": "196", "Content-Type": "application/json", - "traceparent": "00-dc151cad2ce69640aabcdc3185582e1d-ed02bd64aa897a43-00", + "traceparent": "00-ab85eb204692b14bb20bac0c380b46b7-6106d83b109d6049-00", "User-Agent": [ - "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210413.1", - "(.NET 5.0.4; Microsoft Windows 10.0.19042)" + "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210608.1", + "(.NET Core 4.6.30015.01; Microsoft Windows 10.0.19043 )" ], - "x-ms-client-request-id": "8172d5e41db7e9e5c84ad8c05c75332c", + "x-ms-client-request-id": "4334c2dd2f65d8f7bbd070f3aadcca55", "x-ms-return-client-request-id": "true" }, "RequestBody": { @@ -309,12 +333,12 @@ "X-Frame-Options": "SAMEORIGIN", "x-ms-keyvault-network-info": "conn_type=Ipv4;addr=67.171.12.239;act_addr_fam=Ipv4;", "x-ms-keyvault-region": "southcentralus", - "x-ms-request-id": "819d7dce-9c7e-11eb-acbb-000d3af54d67", - "x-ms-server-latency": "50" + "x-ms-request-id": "7e820070-c8ab-11eb-80a3-000d3aee668a", + "x-ms-server-latency": "56" }, "ResponseBody": { - "id": "/providers/Microsoft.Authorization/roleAssignments/e7ae2aff-eb17-4c9d-84f0-d12f7f468f16", - "name": "e7ae2aff-eb17-4c9d-84f0-d12f7f468f16", + "id": "/providers/Microsoft.Authorization/roleAssignments/8172d5e4-1db7-e9e5-c84a-d8c05c75332c", + "name": "8172d5e4-1db7-e9e5-c84a-d8c05c75332c", "properties": { "principalId": "0aa95430-9a7f-4c8e-8cf6-579278e68947", "roleDefinitionId": "Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8", @@ -325,7 +349,7 @@ } ], "Variables": { - "AZURE_MANAGEDHSM_URL": "https://heathskv1hsm.managedhsm.azure.net/", + "AZURE_MANAGEDHSM_URL": "https://heathstst2hsm.managedhsm.azure.net/", "CLIENT_OBJECTID": "0aa95430-9a7f-4c8e-8cf6-579278e68947", "RandomSeed": "1820470144" } diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/SessionRecords/AccessControlClientLiveTests/DeleteRoleAssignment.json b/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/SessionRecords/AccessControlClientLiveTests/DeleteRoleAssignment.json index d114e5b722e59..d32e487fc21d6 100644 --- a/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/SessionRecords/AccessControlClientLiveTests/DeleteRoleAssignment.json +++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/SessionRecords/AccessControlClientLiveTests/DeleteRoleAssignment.json @@ -1,14 +1,14 @@ { "Entries": [ { - "RequestUri": "https://heathskv1hsm.managedhsm.azure.net/providers/Microsoft.Authorization/roleDefinitions?api-version=7.2", + "RequestUri": "https://heathstst2hsm.managedhsm.azure.net/providers/Microsoft.Authorization/roleDefinitions?api-version=7.2", "RequestMethod": "GET", "RequestHeaders": { "Accept": "application/json", - "traceparent": "00-80c614a31a23be428fb66ce77013213f-ebc6165bcb822b4c-00", + "traceparent": "00-5a5812d917a1da4d8c2fdc22519164ee-4920c311dc68dd43-00", "User-Agent": [ - "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210413.1", - "(.NET 5.0.4; Microsoft Windows 10.0.19042)" + "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210608.1", + "(.NET Core 4.6.30015.01; Microsoft Windows 10.0.19043 )" ], "x-ms-client-request-id": "5f9412fda0f0133d146f7775c4434755", "x-ms-return-client-request-id": "true" @@ -24,22 +24,22 @@ "WWW-Authenticate": "Bearer authorization=\u0022https://login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47\u0022, resource=\u0022https://managedhsm.azure.net\u0022", "X-Content-Type-Options": "nosniff", "X-Frame-Options": "SAMEORIGIN", - "x-ms-build-version": "1.0.20210329-1-34f5870f-develop", - "x-ms-request-id": "808fdddc-9c7e-11eb-acbb-000d3af54d67", + "x-ms-build-version": "1.0.20210520-1-d6634624-develop", + "x-ms-request-id": "7d00781c-c8ab-11eb-80a3-000d3aee668a", "x-ms-server-latency": "0" }, "ResponseBody": "OK" }, { - "RequestUri": "https://heathskv1hsm.managedhsm.azure.net/providers/Microsoft.Authorization/roleDefinitions?api-version=7.2", + "RequestUri": "https://heathstst2hsm.managedhsm.azure.net/providers/Microsoft.Authorization/roleDefinitions?api-version=7.2", "RequestMethod": "GET", "RequestHeaders": { "Accept": "application/json", "Authorization": "Sanitized", - "traceparent": "00-80c614a31a23be428fb66ce77013213f-ebc6165bcb822b4c-00", + "traceparent": "00-5a5812d917a1da4d8c2fdc22519164ee-4920c311dc68dd43-00", "User-Agent": [ - "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210413.1", - "(.NET 5.0.4; Microsoft Windows 10.0.19042)" + "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210608.1", + "(.NET Core 4.6.30015.01; Microsoft Windows 10.0.19043 )" ], "x-ms-client-request-id": "5f9412fda0f0133d146f7775c4434755", "x-ms-return-client-request-id": "true" @@ -48,16 +48,16 @@ "StatusCode": 200, "ResponseHeaders": { "Cache-Control": "no-cache", - "Content-Length": "6116", + "Content-Length": "6648", "Content-Security-Policy": "default-src \u0027self\u0027", "Content-Type": "application/json; charset=utf-8", "Strict-Transport-Security": "max-age=31536000; includeSubDomains", "X-Content-Type-Options": "nosniff", "X-Frame-Options": "SAMEORIGIN", - "x-ms-build-version": "1.0.20210329-1-34f5870f-develop", + "x-ms-build-version": "1.0.20210520-1-d6634624-develop", "x-ms-keyvault-network-info": "conn_type=Ipv4;addr=67.171.12.239;act_addr_fam=Ipv4;", "x-ms-keyvault-region": "southcentralus", - "x-ms-request-id": "80c30b76-9c7e-11eb-acbb-000d3af54d67", + "x-ms-request-id": "7d43626c-c8ab-11eb-80a3-000d3aee668a", "x-ms-server-latency": "0" }, "ResponseBody": { @@ -82,7 +82,7 @@ "notDataActions": [] } ], - "roleName": "Managed HSM Backup", + "roleName": "Managed HSM Backup User", "type": "AKVBuiltInRole" }, "type": "Microsoft.Authorization/roleDefinitions" @@ -107,7 +107,30 @@ "notDataActions": [] } ], - "roleName": "Managed HSM Crypto Service Encryption", + "roleName": "Managed HSM Crypto Service Encryption User", + "type": "AKVBuiltInRole" + }, + "type": "Microsoft.Authorization/roleDefinitions" + }, + { + "id": "Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625c", + "name": "21dbd100-6940-42c2-9190-5d6cb909625c", + "properties": { + "assignableScopes": [ + "/" + ], + "description": "", + "permissions": [ + { + "actions": [], + "dataActions": [ + "Microsoft.KeyVault/managedHsm/keys/release/action" + ], + "notActions": [], + "notDataActions": [] + } + ], + "roleName": "Managed HSM Crypto Service Release User", "type": "AKVBuiltInRole" }, "type": "Microsoft.Authorization/roleDefinitions" @@ -193,7 +216,8 @@ "Microsoft.KeyVault/managedHsm/keys/wrap/action", "Microsoft.KeyVault/managedHsm/keys/unwrap/action", "Microsoft.KeyVault/managedHsm/keys/sign/action", - "Microsoft.KeyVault/managedHsm/keys/verify/action" + "Microsoft.KeyVault/managedHsm/keys/verify/action", + "Microsoft.KeyVault/managedHsm/rng/action" ], "notActions": [], "notDataActions": [] @@ -277,19 +301,19 @@ } }, { - "RequestUri": "https://heathskv1hsm.managedhsm.azure.net/providers/Microsoft.Authorization/roleAssignments/e7ae2aff-eb17-4c9d-84f0-d12f7f468f16?api-version=7.2", + "RequestUri": "https://heathstst2hsm.managedhsm.azure.net/providers/Microsoft.Authorization/roleAssignments/a62283a0-33cc-d643-d3ca-47462f9e8cc5?api-version=7.2", "RequestMethod": "PUT", "RequestHeaders": { "Accept": "application/json", "Authorization": "Sanitized", "Content-Length": "196", "Content-Type": "application/json", - "traceparent": "00-89fe73699b31f146a2d0424a7710a7c6-b3c8e6d2500a554f-00", + "traceparent": "00-70ee7d2298b5f644a70ec0a30262b4f1-477709573a23474a-00", "User-Agent": [ - "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210413.1", - "(.NET 5.0.4; Microsoft Windows 10.0.19042)" + "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210608.1", + "(.NET Core 4.6.30015.01; Microsoft Windows 10.0.19043 )" ], - "x-ms-client-request-id": "a62283a033ccd643d3ca47462f9e8cc5", + "x-ms-client-request-id": "f213e6c0e20b3b9ee285854e4f62a8b4", "x-ms-return-client-request-id": "true" }, "RequestBody": { @@ -309,12 +333,12 @@ "X-Frame-Options": "SAMEORIGIN", "x-ms-keyvault-network-info": "conn_type=Ipv4;addr=67.171.12.239;act_addr_fam=Ipv4;", "x-ms-keyvault-region": "southcentralus", - "x-ms-request-id": "80d06d34-9c7e-11eb-acbb-000d3af54d67", + "x-ms-request-id": "7d4e58b6-c8ab-11eb-80a3-000d3aee668a", "x-ms-server-latency": "51" }, "ResponseBody": { - "id": "/providers/Microsoft.Authorization/roleAssignments/e7ae2aff-eb17-4c9d-84f0-d12f7f468f16", - "name": "e7ae2aff-eb17-4c9d-84f0-d12f7f468f16", + "id": "/providers/Microsoft.Authorization/roleAssignments/a62283a0-33cc-d643-d3ca-47462f9e8cc5", + "name": "a62283a0-33cc-d643-d3ca-47462f9e8cc5", "properties": { "principalId": "0aa95430-9a7f-4c8e-8cf6-579278e68947", "roleDefinitionId": "Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8", @@ -324,17 +348,17 @@ } }, { - "RequestUri": "https://heathskv1hsm.managedhsm.azure.net/providers/Microsoft.Authorization/roleAssignments/e7ae2aff-eb17-4c9d-84f0-d12f7f468f16?api-version=7.2", + "RequestUri": "https://heathstst2hsm.managedhsm.azure.net/providers/Microsoft.Authorization/roleAssignments/a62283a0-33cc-d643-d3ca-47462f9e8cc5?api-version=7.2", "RequestMethod": "DELETE", "RequestHeaders": { "Accept": "application/json", "Authorization": "Sanitized", - "traceparent": "00-74e7f1be5070cd4aa59c0ccd793bb722-9343f0a52fa73c4c-00", + "traceparent": "00-673bbffe3469fb49b925fcf6225a728e-c0e49b74c842ac49-00", "User-Agent": [ - "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210413.1", - "(.NET 5.0.4; Microsoft Windows 10.0.19042)" + "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210608.1", + "(.NET Core 4.6.30015.01; Microsoft Windows 10.0.19043 )" ], - "x-ms-client-request-id": "f213e6c0e20b3b9ee285854e4f62a8b4", + "x-ms-client-request-id": "ad3530b385f1c965cebe8c2559f6e376", "x-ms-return-client-request-id": "true" }, "RequestBody": null, @@ -349,12 +373,12 @@ "X-Frame-Options": "SAMEORIGIN", "x-ms-keyvault-network-info": "conn_type=Ipv4;addr=67.171.12.239;act_addr_fam=Ipv4;", "x-ms-keyvault-region": "southcentralus", - "x-ms-request-id": "80e267b4-9c7e-11eb-acbb-000d3af54d67", - "x-ms-server-latency": "60" + "x-ms-request-id": "7d6eab02-c8ab-11eb-80a3-000d3aee668a", + "x-ms-server-latency": "50" }, "ResponseBody": { - "id": "/providers/Microsoft.Authorization/roleAssignments/e7ae2aff-eb17-4c9d-84f0-d12f7f468f16", - "name": "e7ae2aff-eb17-4c9d-84f0-d12f7f468f16", + "id": "/providers/Microsoft.Authorization/roleAssignments/a62283a0-33cc-d643-d3ca-47462f9e8cc5", + "name": "a62283a0-33cc-d643-d3ca-47462f9e8cc5", "properties": { "principalId": "0aa95430-9a7f-4c8e-8cf6-579278e68947", "roleDefinitionId": "Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8", @@ -365,7 +389,7 @@ } ], "Variables": { - "AZURE_MANAGEDHSM_URL": "https://heathskv1hsm.managedhsm.azure.net/", + "AZURE_MANAGEDHSM_URL": "https://heathstst2hsm.managedhsm.azure.net/", "CLIENT_OBJECTID": "0aa95430-9a7f-4c8e-8cf6-579278e68947", "RandomSeed": "26204039" } diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/SessionRecords/AccessControlClientLiveTests/DeleteRoleAssignmentAsync.json b/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/SessionRecords/AccessControlClientLiveTests/DeleteRoleAssignmentAsync.json index 4edf4f4c461b9..d2a2b60f99c85 100644 --- a/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/SessionRecords/AccessControlClientLiveTests/DeleteRoleAssignmentAsync.json +++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/SessionRecords/AccessControlClientLiveTests/DeleteRoleAssignmentAsync.json @@ -1,14 +1,14 @@ { "Entries": [ { - "RequestUri": "https://heathskv1hsm.managedhsm.azure.net/providers/Microsoft.Authorization/roleDefinitions?api-version=7.2", + "RequestUri": "https://heathstst2hsm.managedhsm.azure.net/providers/Microsoft.Authorization/roleDefinitions?api-version=7.2", "RequestMethod": "GET", "RequestHeaders": { "Accept": "application/json", - "traceparent": "00-b3c884773e6061429e65e84a8c0102e1-c366fe75faf5784a-00", + "traceparent": "00-9bf38c6e25ef744da7ee2dc52d25f407-3d70c475f5eb7b47-00", "User-Agent": [ - "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210413.1", - "(.NET 5.0.4; Microsoft Windows 10.0.19042)" + "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210608.1", + "(.NET Core 4.6.30015.01; Microsoft Windows 10.0.19043 )" ], "x-ms-client-request-id": "90089dd99809a512d432fd1a0d8f4b26", "x-ms-return-client-request-id": "true" @@ -24,22 +24,22 @@ "WWW-Authenticate": "Bearer authorization=\u0022https://login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47\u0022, resource=\u0022https://managedhsm.azure.net\u0022", "X-Content-Type-Options": "nosniff", "X-Frame-Options": "SAMEORIGIN", - "x-ms-build-version": "1.0.20210329-1-34f5870f-develop", - "x-ms-request-id": "81c2c246-9c7e-11eb-acbb-000d3af54d67", - "x-ms-server-latency": "1" + "x-ms-build-version": "1.0.20210520-1-d6634624-develop", + "x-ms-request-id": "7ec26d86-c8ab-11eb-80a3-000d3aee668a", + "x-ms-server-latency": "0" }, "ResponseBody": "OK" }, { - "RequestUri": "https://heathskv1hsm.managedhsm.azure.net/providers/Microsoft.Authorization/roleDefinitions?api-version=7.2", + "RequestUri": "https://heathstst2hsm.managedhsm.azure.net/providers/Microsoft.Authorization/roleDefinitions?api-version=7.2", "RequestMethod": "GET", "RequestHeaders": { "Accept": "application/json", "Authorization": "Sanitized", - "traceparent": "00-b3c884773e6061429e65e84a8c0102e1-c366fe75faf5784a-00", + "traceparent": "00-9bf38c6e25ef744da7ee2dc52d25f407-3d70c475f5eb7b47-00", "User-Agent": [ - "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210413.1", - "(.NET 5.0.4; Microsoft Windows 10.0.19042)" + "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210608.1", + "(.NET Core 4.6.30015.01; Microsoft Windows 10.0.19043 )" ], "x-ms-client-request-id": "90089dd99809a512d432fd1a0d8f4b26", "x-ms-return-client-request-id": "true" @@ -48,17 +48,17 @@ "StatusCode": 200, "ResponseHeaders": { "Cache-Control": "no-cache", - "Content-Length": "6116", + "Content-Length": "6648", "Content-Security-Policy": "default-src \u0027self\u0027", "Content-Type": "application/json; charset=utf-8", "Strict-Transport-Security": "max-age=31536000; includeSubDomains", "X-Content-Type-Options": "nosniff", "X-Frame-Options": "SAMEORIGIN", - "x-ms-build-version": "1.0.20210329-1-34f5870f-develop", + "x-ms-build-version": "1.0.20210520-1-d6634624-develop", "x-ms-keyvault-network-info": "conn_type=Ipv4;addr=67.171.12.239;act_addr_fam=Ipv4;", "x-ms-keyvault-region": "southcentralus", - "x-ms-request-id": "81ec95bc-9c7e-11eb-acbb-000d3af54d67", - "x-ms-server-latency": "0" + "x-ms-request-id": "7f1e1956-c8ab-11eb-80a3-000d3aee668a", + "x-ms-server-latency": "1" }, "ResponseBody": { "value": [ @@ -82,7 +82,7 @@ "notDataActions": [] } ], - "roleName": "Managed HSM Backup", + "roleName": "Managed HSM Backup User", "type": "AKVBuiltInRole" }, "type": "Microsoft.Authorization/roleDefinitions" @@ -107,7 +107,30 @@ "notDataActions": [] } ], - "roleName": "Managed HSM Crypto Service Encryption", + "roleName": "Managed HSM Crypto Service Encryption User", + "type": "AKVBuiltInRole" + }, + "type": "Microsoft.Authorization/roleDefinitions" + }, + { + "id": "Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625c", + "name": "21dbd100-6940-42c2-9190-5d6cb909625c", + "properties": { + "assignableScopes": [ + "/" + ], + "description": "", + "permissions": [ + { + "actions": [], + "dataActions": [ + "Microsoft.KeyVault/managedHsm/keys/release/action" + ], + "notActions": [], + "notDataActions": [] + } + ], + "roleName": "Managed HSM Crypto Service Release User", "type": "AKVBuiltInRole" }, "type": "Microsoft.Authorization/roleDefinitions" @@ -193,7 +216,8 @@ "Microsoft.KeyVault/managedHsm/keys/wrap/action", "Microsoft.KeyVault/managedHsm/keys/unwrap/action", "Microsoft.KeyVault/managedHsm/keys/sign/action", - "Microsoft.KeyVault/managedHsm/keys/verify/action" + "Microsoft.KeyVault/managedHsm/keys/verify/action", + "Microsoft.KeyVault/managedHsm/rng/action" ], "notActions": [], "notDataActions": [] @@ -277,19 +301,19 @@ } }, { - "RequestUri": "https://heathskv1hsm.managedhsm.azure.net/providers/Microsoft.Authorization/roleAssignments/e7ae2aff-eb17-4c9d-84f0-d12f7f468f16?api-version=7.2", + "RequestUri": "https://heathstst2hsm.managedhsm.azure.net/providers/Microsoft.Authorization/roleAssignments/ffce91e5-1337-4f91-7bd2-6e76b166002d?api-version=7.2", "RequestMethod": "PUT", "RequestHeaders": { "Accept": "application/json", "Authorization": "Sanitized", "Content-Length": "196", "Content-Type": "application/json", - "traceparent": "00-1c343e83b948894191c0484fee799f15-bb2859c19bb53243-00", + "traceparent": "00-50fc12a48e4ce641afd6a398f1d7cb7c-f9cd86c32035d747-00", "User-Agent": [ - "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210413.1", - "(.NET 5.0.4; Microsoft Windows 10.0.19042)" + "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210608.1", + "(.NET Core 4.6.30015.01; Microsoft Windows 10.0.19043 )" ], - "x-ms-client-request-id": "ffce91e513374f917bd26e76b166002d", + "x-ms-client-request-id": "3d63015b5be35d7e1461862d46efbe59", "x-ms-return-client-request-id": "true" }, "RequestBody": { @@ -309,12 +333,12 @@ "X-Frame-Options": "SAMEORIGIN", "x-ms-keyvault-network-info": "conn_type=Ipv4;addr=67.171.12.239;act_addr_fam=Ipv4;", "x-ms-keyvault-region": "southcentralus", - "x-ms-request-id": "81f77aa4-9c7e-11eb-acbb-000d3af54d67", - "x-ms-server-latency": "49" + "x-ms-request-id": "7f4367d8-c8ab-11eb-80a3-000d3aee668a", + "x-ms-server-latency": "48" }, "ResponseBody": { - "id": "/providers/Microsoft.Authorization/roleAssignments/e7ae2aff-eb17-4c9d-84f0-d12f7f468f16", - "name": "e7ae2aff-eb17-4c9d-84f0-d12f7f468f16", + "id": "/providers/Microsoft.Authorization/roleAssignments/ffce91e5-1337-4f91-7bd2-6e76b166002d", + "name": "ffce91e5-1337-4f91-7bd2-6e76b166002d", "properties": { "principalId": "0aa95430-9a7f-4c8e-8cf6-579278e68947", "roleDefinitionId": "Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8", @@ -324,17 +348,17 @@ } }, { - "RequestUri": "https://heathskv1hsm.managedhsm.azure.net/providers/Microsoft.Authorization/roleAssignments/e7ae2aff-eb17-4c9d-84f0-d12f7f468f16?api-version=7.2", + "RequestUri": "https://heathstst2hsm.managedhsm.azure.net/providers/Microsoft.Authorization/roleAssignments/ffce91e5-1337-4f91-7bd2-6e76b166002d?api-version=7.2", "RequestMethod": "DELETE", "RequestHeaders": { "Accept": "application/json", "Authorization": "Sanitized", - "traceparent": "00-9586bc3aab210042b1d25404453c77a6-d8fc7194714b4946-00", + "traceparent": "00-ef02ad768022e24a9eb69bf37c29059f-a6e04b4948c8ab4a-00", "User-Agent": [ - "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210413.1", - "(.NET 5.0.4; Microsoft Windows 10.0.19042)" + "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210608.1", + "(.NET Core 4.6.30015.01; Microsoft Windows 10.0.19043 )" ], - "x-ms-client-request-id": "3d63015b5be35d7e1461862d46efbe59", + "x-ms-client-request-id": "1d6bd4eba934c6290cb81436299bf46e", "x-ms-return-client-request-id": "true" }, "RequestBody": null, @@ -349,12 +373,12 @@ "X-Frame-Options": "SAMEORIGIN", "x-ms-keyvault-network-info": "conn_type=Ipv4;addr=67.171.12.239;act_addr_fam=Ipv4;", "x-ms-keyvault-region": "southcentralus", - "x-ms-request-id": "8209180e-9c7e-11eb-acbb-000d3af54d67", - "x-ms-server-latency": "46" + "x-ms-request-id": "7f599ac6-c8ab-11eb-80a3-000d3aee668a", + "x-ms-server-latency": "49" }, "ResponseBody": { - "id": "/providers/Microsoft.Authorization/roleAssignments/e7ae2aff-eb17-4c9d-84f0-d12f7f468f16", - "name": "e7ae2aff-eb17-4c9d-84f0-d12f7f468f16", + "id": "/providers/Microsoft.Authorization/roleAssignments/ffce91e5-1337-4f91-7bd2-6e76b166002d", + "name": "ffce91e5-1337-4f91-7bd2-6e76b166002d", "properties": { "principalId": "0aa95430-9a7f-4c8e-8cf6-579278e68947", "roleDefinitionId": "Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8", @@ -365,7 +389,7 @@ } ], "Variables": { - "AZURE_MANAGEDHSM_URL": "https://heathskv1hsm.managedhsm.azure.net/", + "AZURE_MANAGEDHSM_URL": "https://heathstst2hsm.managedhsm.azure.net/", "CLIENT_OBJECTID": "0aa95430-9a7f-4c8e-8cf6-579278e68947", "RandomSeed": "829785785" } diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/SessionRecords/AccessControlClientLiveTests/GetRoleAssignment.json b/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/SessionRecords/AccessControlClientLiveTests/GetRoleAssignment.json index 97ce3590ca688..a3bc5091d0bf0 100644 --- a/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/SessionRecords/AccessControlClientLiveTests/GetRoleAssignment.json +++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/SessionRecords/AccessControlClientLiveTests/GetRoleAssignment.json @@ -1,14 +1,14 @@ { "Entries": [ { - "RequestUri": "https://heathskv1hsm.managedhsm.azure.net/providers/Microsoft.Authorization/roleDefinitions?api-version=7.2", + "RequestUri": "https://heathstst2hsm.managedhsm.azure.net/providers/Microsoft.Authorization/roleDefinitions?api-version=7.2", "RequestMethod": "GET", "RequestHeaders": { "Accept": "application/json", - "traceparent": "00-8af5199a0ca4a340a2d5652393198024-992ea3d0e107a649-00", + "traceparent": "00-256ddbfab2aa9247b33e2d6a94f35564-35f319f18bb35b42-00", "User-Agent": [ - "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210413.1", - "(.NET 5.0.4; Microsoft Windows 10.0.19042)" + "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210608.1", + "(.NET Core 4.6.30015.01; Microsoft Windows 10.0.19043 )" ], "x-ms-client-request-id": "495eaeb69be85f6afeff2958f3da8d60", "x-ms-return-client-request-id": "true" @@ -24,22 +24,22 @@ "WWW-Authenticate": "Bearer authorization=\u0022https://login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47\u0022, resource=\u0022https://managedhsm.azure.net\u0022", "X-Content-Type-Options": "nosniff", "X-Frame-Options": "SAMEORIGIN", - "x-ms-build-version": "1.0.20210329-1-34f5870f-develop", - "x-ms-request-id": "80f98098-9c7e-11eb-acbb-000d3af54d67", - "x-ms-server-latency": "1" + "x-ms-build-version": "1.0.20210520-1-d6634624-develop", + "x-ms-request-id": "7d907912-c8ab-11eb-80a3-000d3aee668a", + "x-ms-server-latency": "0" }, "ResponseBody": "OK" }, { - "RequestUri": "https://heathskv1hsm.managedhsm.azure.net/providers/Microsoft.Authorization/roleDefinitions?api-version=7.2", + "RequestUri": "https://heathstst2hsm.managedhsm.azure.net/providers/Microsoft.Authorization/roleDefinitions?api-version=7.2", "RequestMethod": "GET", "RequestHeaders": { "Accept": "application/json", "Authorization": "Sanitized", - "traceparent": "00-8af5199a0ca4a340a2d5652393198024-992ea3d0e107a649-00", + "traceparent": "00-256ddbfab2aa9247b33e2d6a94f35564-35f319f18bb35b42-00", "User-Agent": [ - "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210413.1", - "(.NET 5.0.4; Microsoft Windows 10.0.19042)" + "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210608.1", + "(.NET Core 4.6.30015.01; Microsoft Windows 10.0.19043 )" ], "x-ms-client-request-id": "495eaeb69be85f6afeff2958f3da8d60", "x-ms-return-client-request-id": "true" @@ -48,17 +48,17 @@ "StatusCode": 200, "ResponseHeaders": { "Cache-Control": "no-cache", - "Content-Length": "6116", + "Content-Length": "6648", "Content-Security-Policy": "default-src \u0027self\u0027", "Content-Type": "application/json; charset=utf-8", "Strict-Transport-Security": "max-age=31536000; includeSubDomains", "X-Content-Type-Options": "nosniff", "X-Frame-Options": "SAMEORIGIN", - "x-ms-build-version": "1.0.20210329-1-34f5870f-develop", + "x-ms-build-version": "1.0.20210520-1-d6634624-develop", "x-ms-keyvault-network-info": "conn_type=Ipv4;addr=67.171.12.239;act_addr_fam=Ipv4;", "x-ms-keyvault-region": "southcentralus", - "x-ms-request-id": "811e45cc-9c7e-11eb-acbb-000d3af54d67", - "x-ms-server-latency": "1" + "x-ms-request-id": "7dc4f4ee-c8ab-11eb-80a3-000d3aee668a", + "x-ms-server-latency": "0" }, "ResponseBody": { "value": [ @@ -82,7 +82,7 @@ "notDataActions": [] } ], - "roleName": "Managed HSM Backup", + "roleName": "Managed HSM Backup User", "type": "AKVBuiltInRole" }, "type": "Microsoft.Authorization/roleDefinitions" @@ -107,7 +107,30 @@ "notDataActions": [] } ], - "roleName": "Managed HSM Crypto Service Encryption", + "roleName": "Managed HSM Crypto Service Encryption User", + "type": "AKVBuiltInRole" + }, + "type": "Microsoft.Authorization/roleDefinitions" + }, + { + "id": "Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625c", + "name": "21dbd100-6940-42c2-9190-5d6cb909625c", + "properties": { + "assignableScopes": [ + "/" + ], + "description": "", + "permissions": [ + { + "actions": [], + "dataActions": [ + "Microsoft.KeyVault/managedHsm/keys/release/action" + ], + "notActions": [], + "notDataActions": [] + } + ], + "roleName": "Managed HSM Crypto Service Release User", "type": "AKVBuiltInRole" }, "type": "Microsoft.Authorization/roleDefinitions" @@ -193,7 +216,8 @@ "Microsoft.KeyVault/managedHsm/keys/wrap/action", "Microsoft.KeyVault/managedHsm/keys/unwrap/action", "Microsoft.KeyVault/managedHsm/keys/sign/action", - "Microsoft.KeyVault/managedHsm/keys/verify/action" + "Microsoft.KeyVault/managedHsm/keys/verify/action", + "Microsoft.KeyVault/managedHsm/rng/action" ], "notActions": [], "notDataActions": [] @@ -277,19 +301,19 @@ } }, { - "RequestUri": "https://heathskv1hsm.managedhsm.azure.net/providers/Microsoft.Authorization/roleAssignments/e7ae2aff-eb17-4c9d-84f0-d12f7f468f16?api-version=7.2", + "RequestUri": "https://heathstst2hsm.managedhsm.azure.net/providers/Microsoft.Authorization/roleAssignments/d499b987-5350-1555-5758-ba33a25b0a64?api-version=7.2", "RequestMethod": "PUT", "RequestHeaders": { "Accept": "application/json", "Authorization": "Sanitized", "Content-Length": "196", "Content-Type": "application/json", - "traceparent": "00-adbc7e4cfaf3cb46a88df6b1210b8464-8598b51bcc847e46-00", + "traceparent": "00-228086a5b5f2a14fb83ea50c8d9271ca-3c15dceb1efe834a-00", "User-Agent": [ - "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210413.1", - "(.NET 5.0.4; Microsoft Windows 10.0.19042)" + "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210608.1", + "(.NET Core 4.6.30015.01; Microsoft Windows 10.0.19043 )" ], - "x-ms-client-request-id": "d499b987535015555758ba33a25b0a64", + "x-ms-client-request-id": "599096f85657ea8ac7b19ce201831758", "x-ms-return-client-request-id": "true" }, "RequestBody": { @@ -309,12 +333,12 @@ "X-Frame-Options": "SAMEORIGIN", "x-ms-keyvault-network-info": "conn_type=Ipv4;addr=67.171.12.239;act_addr_fam=Ipv4;", "x-ms-keyvault-region": "southcentralus", - "x-ms-request-id": "8128ee0a-9c7e-11eb-acbb-000d3af54d67", - "x-ms-server-latency": "48" + "x-ms-request-id": "7de32414-c8ab-11eb-80a3-000d3aee668a", + "x-ms-server-latency": "47" }, "ResponseBody": { - "id": "/providers/Microsoft.Authorization/roleAssignments/e7ae2aff-eb17-4c9d-84f0-d12f7f468f16", - "name": "e7ae2aff-eb17-4c9d-84f0-d12f7f468f16", + "id": "/providers/Microsoft.Authorization/roleAssignments/d499b987-5350-1555-5758-ba33a25b0a64", + "name": "d499b987-5350-1555-5758-ba33a25b0a64", "properties": { "principalId": "0aa95430-9a7f-4c8e-8cf6-579278e68947", "roleDefinitionId": "Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8", @@ -324,17 +348,17 @@ } }, { - "RequestUri": "https://heathskv1hsm.managedhsm.azure.net/providers/Microsoft.Authorization/roleAssignments/e7ae2aff-eb17-4c9d-84f0-d12f7f468f16?api-version=7.2", + "RequestUri": "https://heathstst2hsm.managedhsm.azure.net/providers/Microsoft.Authorization/roleAssignments/d499b987-5350-1555-5758-ba33a25b0a64?api-version=7.2", "RequestMethod": "GET", "RequestHeaders": { "Accept": "application/json", "Authorization": "Sanitized", - "traceparent": "00-662a6435a6f9824e98153ccb8926ecba-eea2f757622c6b45-00", + "traceparent": "00-68a913f9e1b3fe43aad631ca55a84ae5-799dbde22a400844-00", "User-Agent": [ - "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210413.1", - "(.NET 5.0.4; Microsoft Windows 10.0.19042)" + "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210608.1", + "(.NET Core 4.6.30015.01; Microsoft Windows 10.0.19043 )" ], - "x-ms-client-request-id": "599096f85657ea8ac7b19ce201831758", + "x-ms-client-request-id": "8f3366912cf663b45948f28fe037bda2", "x-ms-return-client-request-id": "true" }, "RequestBody": null, @@ -347,15 +371,15 @@ "Strict-Transport-Security": "max-age=31536000; includeSubDomains", "X-Content-Type-Options": "nosniff", "X-Frame-Options": "SAMEORIGIN", - "x-ms-build-version": "1.0.20210329-1-34f5870f-develop", + "x-ms-build-version": "1.0.20210520-1-d6634624-develop", "x-ms-keyvault-network-info": "conn_type=Ipv4;addr=67.171.12.239;act_addr_fam=Ipv4;", "x-ms-keyvault-region": "southcentralus", - "x-ms-request-id": "813ac7b0-9c7e-11eb-acbb-000d3af54d67", - "x-ms-server-latency": "0" + "x-ms-request-id": "7df64fc6-c8ab-11eb-80a3-000d3aee668a", + "x-ms-server-latency": "1" }, "ResponseBody": { - "id": "/providers/Microsoft.Authorization/roleAssignments/e7ae2aff-eb17-4c9d-84f0-d12f7f468f16", - "name": "e7ae2aff-eb17-4c9d-84f0-d12f7f468f16", + "id": "/providers/Microsoft.Authorization/roleAssignments/d499b987-5350-1555-5758-ba33a25b0a64", + "name": "d499b987-5350-1555-5758-ba33a25b0a64", "properties": { "principalId": "0aa95430-9a7f-4c8e-8cf6-579278e68947", "roleDefinitionId": "Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8", @@ -366,7 +390,7 @@ } ], "Variables": { - "AZURE_MANAGEDHSM_URL": "https://heathskv1hsm.managedhsm.azure.net/", + "AZURE_MANAGEDHSM_URL": "https://heathstst2hsm.managedhsm.azure.net/", "CLIENT_OBJECTID": "0aa95430-9a7f-4c8e-8cf6-579278e68947", "RandomSeed": "1965379599" } diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/SessionRecords/AccessControlClientLiveTests/GetRoleAssignmentAsync.json b/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/SessionRecords/AccessControlClientLiveTests/GetRoleAssignmentAsync.json index 1aa52d74556d1..4e31cfeb5ea34 100644 --- a/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/SessionRecords/AccessControlClientLiveTests/GetRoleAssignmentAsync.json +++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/SessionRecords/AccessControlClientLiveTests/GetRoleAssignmentAsync.json @@ -1,14 +1,14 @@ { "Entries": [ { - "RequestUri": "https://heathskv1hsm.managedhsm.azure.net/providers/Microsoft.Authorization/roleDefinitions?api-version=7.2", + "RequestUri": "https://heathstst2hsm.managedhsm.azure.net/providers/Microsoft.Authorization/roleDefinitions?api-version=7.2", "RequestMethod": "GET", "RequestHeaders": { "Accept": "application/json", - "traceparent": "00-d97b239c20ea9d4eaa7934345122e845-0af04efcc02c6746-00", + "traceparent": "00-341b49b25d283749bbdbe6566f358d0e-5c87af5c2f59b245-00", "User-Agent": [ - "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210413.1", - "(.NET 5.0.4; Microsoft Windows 10.0.19042)" + "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210608.1", + "(.NET Core 4.6.30015.01; Microsoft Windows 10.0.19043 )" ], "x-ms-client-request-id": "b1527bf3417a79628d90dd6275e693c2", "x-ms-return-client-request-id": "true" @@ -24,22 +24,22 @@ "WWW-Authenticate": "Bearer authorization=\u0022https://login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47\u0022, resource=\u0022https://managedhsm.azure.net\u0022", "X-Content-Type-Options": "nosniff", "X-Frame-Options": "SAMEORIGIN", - "x-ms-build-version": "1.0.20210329-1-34f5870f-develop", - "x-ms-request-id": "821c7cfa-9c7e-11eb-acbb-000d3af54d67", - "x-ms-server-latency": "1" + "x-ms-build-version": "1.0.20210520-1-d6634624-develop", + "x-ms-request-id": "7f78a3c6-c8ab-11eb-80a3-000d3aee668a", + "x-ms-server-latency": "0" }, "ResponseBody": "OK" }, { - "RequestUri": "https://heathskv1hsm.managedhsm.azure.net/providers/Microsoft.Authorization/roleDefinitions?api-version=7.2", + "RequestUri": "https://heathstst2hsm.managedhsm.azure.net/providers/Microsoft.Authorization/roleDefinitions?api-version=7.2", "RequestMethod": "GET", "RequestHeaders": { "Accept": "application/json", "Authorization": "Sanitized", - "traceparent": "00-d97b239c20ea9d4eaa7934345122e845-0af04efcc02c6746-00", + "traceparent": "00-341b49b25d283749bbdbe6566f358d0e-5c87af5c2f59b245-00", "User-Agent": [ - "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210413.1", - "(.NET 5.0.4; Microsoft Windows 10.0.19042)" + "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210608.1", + "(.NET Core 4.6.30015.01; Microsoft Windows 10.0.19043 )" ], "x-ms-client-request-id": "b1527bf3417a79628d90dd6275e693c2", "x-ms-return-client-request-id": "true" @@ -48,17 +48,17 @@ "StatusCode": 200, "ResponseHeaders": { "Cache-Control": "no-cache", - "Content-Length": "6116", + "Content-Length": "6648", "Content-Security-Policy": "default-src \u0027self\u0027", "Content-Type": "application/json; charset=utf-8", "Strict-Transport-Security": "max-age=31536000; includeSubDomains", "X-Content-Type-Options": "nosniff", "X-Frame-Options": "SAMEORIGIN", - "x-ms-build-version": "1.0.20210329-1-34f5870f-develop", + "x-ms-build-version": "1.0.20210520-1-d6634624-develop", "x-ms-keyvault-network-info": "conn_type=Ipv4;addr=67.171.12.239;act_addr_fam=Ipv4;", "x-ms-keyvault-region": "southcentralus", - "x-ms-request-id": "82440a04-9c7e-11eb-acbb-000d3af54d67", - "x-ms-server-latency": "0" + "x-ms-request-id": "7fd78666-c8ab-11eb-80a3-000d3aee668a", + "x-ms-server-latency": "1" }, "ResponseBody": { "value": [ @@ -82,7 +82,7 @@ "notDataActions": [] } ], - "roleName": "Managed HSM Backup", + "roleName": "Managed HSM Backup User", "type": "AKVBuiltInRole" }, "type": "Microsoft.Authorization/roleDefinitions" @@ -107,7 +107,30 @@ "notDataActions": [] } ], - "roleName": "Managed HSM Crypto Service Encryption", + "roleName": "Managed HSM Crypto Service Encryption User", + "type": "AKVBuiltInRole" + }, + "type": "Microsoft.Authorization/roleDefinitions" + }, + { + "id": "Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625c", + "name": "21dbd100-6940-42c2-9190-5d6cb909625c", + "properties": { + "assignableScopes": [ + "/" + ], + "description": "", + "permissions": [ + { + "actions": [], + "dataActions": [ + "Microsoft.KeyVault/managedHsm/keys/release/action" + ], + "notActions": [], + "notDataActions": [] + } + ], + "roleName": "Managed HSM Crypto Service Release User", "type": "AKVBuiltInRole" }, "type": "Microsoft.Authorization/roleDefinitions" @@ -193,7 +216,8 @@ "Microsoft.KeyVault/managedHsm/keys/wrap/action", "Microsoft.KeyVault/managedHsm/keys/unwrap/action", "Microsoft.KeyVault/managedHsm/keys/sign/action", - "Microsoft.KeyVault/managedHsm/keys/verify/action" + "Microsoft.KeyVault/managedHsm/keys/verify/action", + "Microsoft.KeyVault/managedHsm/rng/action" ], "notActions": [], "notDataActions": [] @@ -277,19 +301,19 @@ } }, { - "RequestUri": "https://heathskv1hsm.managedhsm.azure.net/providers/Microsoft.Authorization/roleAssignments/e7ae2aff-eb17-4c9d-84f0-d12f7f468f16?api-version=7.2", + "RequestUri": "https://heathstst2hsm.managedhsm.azure.net/providers/Microsoft.Authorization/roleAssignments/97ca12c5-7d1e-afa6-90e4-cfbfaa6b1783?api-version=7.2", "RequestMethod": "PUT", "RequestHeaders": { "Accept": "application/json", "Authorization": "Sanitized", "Content-Length": "196", "Content-Type": "application/json", - "traceparent": "00-e1664ea2ba66ae42bc650ebd7ebf588b-d00b106b4e0bf24b-00", + "traceparent": "00-3f87ca74ea352d449428742d173dca8f-eacfd20281eee941-00", "User-Agent": [ - "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210413.1", - "(.NET 5.0.4; Microsoft Windows 10.0.19042)" + "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210608.1", + "(.NET Core 4.6.30015.01; Microsoft Windows 10.0.19043 )" ], - "x-ms-client-request-id": "97ca12c57d1eafa690e4cfbfaa6b1783", + "x-ms-client-request-id": "e8814a7bcc82cbf1a39bc7d83ee0eb34", "x-ms-return-client-request-id": "true" }, "RequestBody": { @@ -309,12 +333,12 @@ "X-Frame-Options": "SAMEORIGIN", "x-ms-keyvault-network-info": "conn_type=Ipv4;addr=67.171.12.239;act_addr_fam=Ipv4;", "x-ms-keyvault-region": "southcentralus", - "x-ms-request-id": "824e5da6-9c7e-11eb-acbb-000d3af54d67", + "x-ms-request-id": "7ff6a410-c8ab-11eb-80a3-000d3aee668a", "x-ms-server-latency": "52" }, "ResponseBody": { - "id": "/providers/Microsoft.Authorization/roleAssignments/e7ae2aff-eb17-4c9d-84f0-d12f7f468f16", - "name": "e7ae2aff-eb17-4c9d-84f0-d12f7f468f16", + "id": "/providers/Microsoft.Authorization/roleAssignments/97ca12c5-7d1e-afa6-90e4-cfbfaa6b1783", + "name": "97ca12c5-7d1e-afa6-90e4-cfbfaa6b1783", "properties": { "principalId": "0aa95430-9a7f-4c8e-8cf6-579278e68947", "roleDefinitionId": "Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8", @@ -324,17 +348,17 @@ } }, { - "RequestUri": "https://heathskv1hsm.managedhsm.azure.net/providers/Microsoft.Authorization/roleAssignments/e7ae2aff-eb17-4c9d-84f0-d12f7f468f16?api-version=7.2", + "RequestUri": "https://heathstst2hsm.managedhsm.azure.net/providers/Microsoft.Authorization/roleAssignments/97ca12c5-7d1e-afa6-90e4-cfbfaa6b1783?api-version=7.2", "RequestMethod": "GET", "RequestHeaders": { "Accept": "application/json", "Authorization": "Sanitized", - "traceparent": "00-10df58dea8facd4eb4b5b7f17d6c322c-26e613fa186be04b-00", + "traceparent": "00-248f85ffec6d234ab9bae42798276ed2-bd8174ffc0c1ff4d-00", "User-Agent": [ - "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210413.1", - "(.NET 5.0.4; Microsoft Windows 10.0.19042)" + "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210608.1", + "(.NET Core 4.6.30015.01; Microsoft Windows 10.0.19043 )" ], - "x-ms-client-request-id": "e8814a7bcc82cbf1a39bc7d83ee0eb34", + "x-ms-client-request-id": "eb3678f0958575fdd5a3219572a2cf22", "x-ms-return-client-request-id": "true" }, "RequestBody": null, @@ -347,15 +371,15 @@ "Strict-Transport-Security": "max-age=31536000; includeSubDomains", "X-Content-Type-Options": "nosniff", "X-Frame-Options": "SAMEORIGIN", - "x-ms-build-version": "1.0.20210329-1-34f5870f-develop", + "x-ms-build-version": "1.0.20210520-1-d6634624-develop", "x-ms-keyvault-network-info": "conn_type=Ipv4;addr=67.171.12.239;act_addr_fam=Ipv4;", "x-ms-keyvault-region": "southcentralus", - "x-ms-request-id": "8260c6f8-9c7e-11eb-acbb-000d3af54d67", + "x-ms-request-id": "802389f8-c8ab-11eb-80a3-000d3aee668a", "x-ms-server-latency": "0" }, "ResponseBody": { - "id": "/providers/Microsoft.Authorization/roleAssignments/e7ae2aff-eb17-4c9d-84f0-d12f7f468f16", - "name": "e7ae2aff-eb17-4c9d-84f0-d12f7f468f16", + "id": "/providers/Microsoft.Authorization/roleAssignments/97ca12c5-7d1e-afa6-90e4-cfbfaa6b1783", + "name": "97ca12c5-7d1e-afa6-90e4-cfbfaa6b1783", "properties": { "principalId": "0aa95430-9a7f-4c8e-8cf6-579278e68947", "roleDefinitionId": "Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8", @@ -366,7 +390,7 @@ } ], "Variables": { - "AZURE_MANAGEDHSM_URL": "https://heathskv1hsm.managedhsm.azure.net/", + "AZURE_MANAGEDHSM_URL": "https://heathstst2hsm.managedhsm.azure.net/", "CLIENT_OBJECTID": "0aa95430-9a7f-4c8e-8cf6-579278e68947", "RandomSeed": "1144294929" } diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/SessionRecords/AccessControlSampleSnippets/CreateRoleAssignment.json b/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/SessionRecords/AccessControlSampleSnippets/CreateRoleAssignment.json index 77372a724ca2c..95336fe652f22 100644 --- a/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/SessionRecords/AccessControlSampleSnippets/CreateRoleAssignment.json +++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/SessionRecords/AccessControlSampleSnippets/CreateRoleAssignment.json @@ -1,13 +1,13 @@ { "Entries": [ { - "RequestUri": "https://heathskv1hsm.managedhsm.azure.net/providers/Microsoft.Authorization/roleDefinitions?api-version=7.2", + "RequestUri": "https://heathstst2hsm.managedhsm.azure.net/providers/Microsoft.Authorization/roleDefinitions?api-version=7.2", "RequestMethod": "GET", "RequestHeaders": { "Accept": "application/json", "User-Agent": [ - "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210413.1", - "(.NET 5.0.4; Microsoft Windows 10.0.19042)" + "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210608.1", + "(.NET Core 4.6.30015.01; Microsoft Windows 10.0.19043 )" ], "x-ms-client-request-id": "a89708424c75bad9e33639b9b744e27b", "x-ms-return-client-request-id": "true" @@ -23,21 +23,21 @@ "WWW-Authenticate": "Bearer authorization=\u0022https://login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47\u0022, resource=\u0022https://managedhsm.azure.net\u0022", "X-Content-Type-Options": "nosniff", "X-Frame-Options": "SAMEORIGIN", - "x-ms-build-version": "1.0.20210329-1-34f5870f-develop", - "x-ms-request-id": "2d5e6bbe-9c7f-11eb-afa9-000d3af54d67", - "x-ms-server-latency": "0" + "x-ms-build-version": "1.0.20210520-1-d6634624-develop", + "x-ms-request-id": "02a87b0e-c8ac-11eb-bdae-000d3aedb9e5", + "x-ms-server-latency": "1" }, "ResponseBody": "OK" }, { - "RequestUri": "https://heathskv1hsm.managedhsm.azure.net/providers/Microsoft.Authorization/roleDefinitions?api-version=7.2", + "RequestUri": "https://heathstst2hsm.managedhsm.azure.net/providers/Microsoft.Authorization/roleDefinitions?api-version=7.2", "RequestMethod": "GET", "RequestHeaders": { "Accept": "application/json", "Authorization": "Sanitized", "User-Agent": [ - "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210413.1", - "(.NET 5.0.4; Microsoft Windows 10.0.19042)" + "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210608.1", + "(.NET Core 4.6.30015.01; Microsoft Windows 10.0.19043 )" ], "x-ms-client-request-id": "a89708424c75bad9e33639b9b744e27b", "x-ms-return-client-request-id": "true" @@ -46,17 +46,17 @@ "StatusCode": 200, "ResponseHeaders": { "Cache-Control": "no-cache", - "Content-Length": "6116", + "Content-Length": "6648", "Content-Security-Policy": "default-src \u0027self\u0027", "Content-Type": "application/json; charset=utf-8", "Strict-Transport-Security": "max-age=31536000; includeSubDomains", "X-Content-Type-Options": "nosniff", "X-Frame-Options": "SAMEORIGIN", - "x-ms-build-version": "1.0.20210329-1-34f5870f-develop", + "x-ms-build-version": "1.0.20210520-1-d6634624-develop", "x-ms-keyvault-network-info": "conn_type=Ipv4;addr=67.171.12.239;act_addr_fam=Ipv4;", "x-ms-keyvault-region": "southcentralus", - "x-ms-request-id": "2ddee76c-9c7f-11eb-afa9-000d3af54d67", - "x-ms-server-latency": "0" + "x-ms-request-id": "03877822-c8ac-11eb-bdae-000d3aedb9e5", + "x-ms-server-latency": "1" }, "ResponseBody": { "value": [ @@ -80,7 +80,7 @@ "notDataActions": [] } ], - "roleName": "Managed HSM Backup", + "roleName": "Managed HSM Backup User", "type": "AKVBuiltInRole" }, "type": "Microsoft.Authorization/roleDefinitions" @@ -105,7 +105,30 @@ "notDataActions": [] } ], - "roleName": "Managed HSM Crypto Service Encryption", + "roleName": "Managed HSM Crypto Service Encryption User", + "type": "AKVBuiltInRole" + }, + "type": "Microsoft.Authorization/roleDefinitions" + }, + { + "id": "Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625c", + "name": "21dbd100-6940-42c2-9190-5d6cb909625c", + "properties": { + "assignableScopes": [ + "/" + ], + "description": "", + "permissions": [ + { + "actions": [], + "dataActions": [ + "Microsoft.KeyVault/managedHsm/keys/release/action" + ], + "notActions": [], + "notDataActions": [] + } + ], + "roleName": "Managed HSM Crypto Service Release User", "type": "AKVBuiltInRole" }, "type": "Microsoft.Authorization/roleDefinitions" @@ -191,7 +214,8 @@ "Microsoft.KeyVault/managedHsm/keys/wrap/action", "Microsoft.KeyVault/managedHsm/keys/unwrap/action", "Microsoft.KeyVault/managedHsm/keys/sign/action", - "Microsoft.KeyVault/managedHsm/keys/verify/action" + "Microsoft.KeyVault/managedHsm/keys/verify/action", + "Microsoft.KeyVault/managedHsm/rng/action" ], "notActions": [], "notDataActions": [] @@ -275,7 +299,7 @@ } }, { - "RequestUri": "https://heathskv1hsm.managedhsm.azure.net/providers/Microsoft.Authorization/roleAssignments/e7ae2aff-eb17-4c9d-84f0-d12f7f468f16?api-version=7.2", + "RequestUri": "https://heathstst2hsm.managedhsm.azure.net/providers/Microsoft.Authorization/roleAssignments/9f98a703-f069-a344-e404-498c3486c6bd?api-version=7.2", "RequestMethod": "PUT", "RequestHeaders": { "Accept": "application/json", @@ -283,10 +307,10 @@ "Content-Length": "196", "Content-Type": "application/json", "User-Agent": [ - "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210413.1", - "(.NET 5.0.4; Microsoft Windows 10.0.19042)" + "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210608.1", + "(.NET Core 4.6.30015.01; Microsoft Windows 10.0.19043 )" ], - "x-ms-client-request-id": "9f98a703f069a344e404498c3486c6bd", + "x-ms-client-request-id": "0be3e95248e3e354785d06295258d4bd", "x-ms-return-client-request-id": "true" }, "RequestBody": { @@ -306,12 +330,12 @@ "X-Frame-Options": "SAMEORIGIN", "x-ms-keyvault-network-info": "conn_type=Ipv4;addr=67.171.12.239;act_addr_fam=Ipv4;", "x-ms-keyvault-region": "southcentralus", - "x-ms-request-id": "2de98b86-9c7f-11eb-afa9-000d3af54d67", - "x-ms-server-latency": "121" + "x-ms-request-id": "03ac0412-c8ac-11eb-bdae-000d3aedb9e5", + "x-ms-server-latency": "54" }, "ResponseBody": { - "id": "/providers/Microsoft.Authorization/roleAssignments/e7ae2aff-eb17-4c9d-84f0-d12f7f468f16", - "name": "e7ae2aff-eb17-4c9d-84f0-d12f7f468f16", + "id": "/providers/Microsoft.Authorization/roleAssignments/9f98a703-f069-a344-e404-498c3486c6bd", + "name": "9f98a703-f069-a344-e404-498c3486c6bd", "properties": { "principalId": "0aa95430-9a7f-4c8e-8cf6-579278e68947", "roleDefinitionId": "Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8", @@ -321,16 +345,16 @@ } }, { - "RequestUri": "https://heathskv1hsm.managedhsm.azure.net/providers/Microsoft.Authorization/roleAssignments/e7ae2aff-eb17-4c9d-84f0-d12f7f468f16?api-version=7.2", + "RequestUri": "https://heathstst2hsm.managedhsm.azure.net/providers/Microsoft.Authorization/roleAssignments/9f98a703-f069-a344-e404-498c3486c6bd?api-version=7.2", "RequestMethod": "GET", "RequestHeaders": { "Accept": "application/json", "Authorization": "Sanitized", "User-Agent": [ - "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210413.1", - "(.NET 5.0.4; Microsoft Windows 10.0.19042)" + "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210608.1", + "(.NET Core 4.6.30015.01; Microsoft Windows 10.0.19043 )" ], - "x-ms-client-request-id": "0be3e95248e3e354785d06295258d4bd", + "x-ms-client-request-id": "1a9badbabe555105c3f4c470034c855c", "x-ms-return-client-request-id": "true" }, "RequestBody": null, @@ -343,15 +367,15 @@ "Strict-Transport-Security": "max-age=31536000; includeSubDomains", "X-Content-Type-Options": "nosniff", "X-Frame-Options": "SAMEORIGIN", - "x-ms-build-version": "1.0.20210329-1-34f5870f-develop", + "x-ms-build-version": "1.0.20210520-1-d6634624-develop", "x-ms-keyvault-network-info": "conn_type=Ipv4;addr=67.171.12.239;act_addr_fam=Ipv4;", "x-ms-keyvault-region": "southcentralus", - "x-ms-request-id": "2e095308-9c7f-11eb-afa9-000d3af54d67", - "x-ms-server-latency": "0" + "x-ms-request-id": "03d3e1e4-c8ac-11eb-bdae-000d3aedb9e5", + "x-ms-server-latency": "1" }, "ResponseBody": { - "id": "/providers/Microsoft.Authorization/roleAssignments/e7ae2aff-eb17-4c9d-84f0-d12f7f468f16", - "name": "e7ae2aff-eb17-4c9d-84f0-d12f7f468f16", + "id": "/providers/Microsoft.Authorization/roleAssignments/9f98a703-f069-a344-e404-498c3486c6bd", + "name": "9f98a703-f069-a344-e404-498c3486c6bd", "properties": { "principalId": "0aa95430-9a7f-4c8e-8cf6-579278e68947", "roleDefinitionId": "Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8", @@ -361,16 +385,16 @@ } }, { - "RequestUri": "https://heathskv1hsm.managedhsm.azure.net/providers/Microsoft.Authorization/roleAssignments/e7ae2aff-eb17-4c9d-84f0-d12f7f468f16?api-version=7.2", + "RequestUri": "https://heathstst2hsm.managedhsm.azure.net/providers/Microsoft.Authorization/roleAssignments/9f98a703-f069-a344-e404-498c3486c6bd?api-version=7.2", "RequestMethod": "DELETE", "RequestHeaders": { "Accept": "application/json", "Authorization": "Sanitized", "User-Agent": [ - "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210413.1", - "(.NET 5.0.4; Microsoft Windows 10.0.19042)" + "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210608.1", + "(.NET Core 4.6.30015.01; Microsoft Windows 10.0.19043 )" ], - "x-ms-client-request-id": "1a9badbabe555105c3f4c470034c855c", + "x-ms-client-request-id": "cd677c70d661bb9853b4270cea1b508b", "x-ms-return-client-request-id": "true" }, "RequestBody": null, @@ -385,12 +409,12 @@ "X-Frame-Options": "SAMEORIGIN", "x-ms-keyvault-network-info": "conn_type=Ipv4;addr=67.171.12.239;act_addr_fam=Ipv4;", "x-ms-keyvault-region": "southcentralus", - "x-ms-request-id": "2e148fd4-9c7f-11eb-afa9-000d3af54d67", - "x-ms-server-latency": "46" + "x-ms-request-id": "03fd0024-c8ac-11eb-bdae-000d3aedb9e5", + "x-ms-server-latency": "50" }, "ResponseBody": { - "id": "/providers/Microsoft.Authorization/roleAssignments/e7ae2aff-eb17-4c9d-84f0-d12f7f468f16", - "name": "e7ae2aff-eb17-4c9d-84f0-d12f7f468f16", + "id": "/providers/Microsoft.Authorization/roleAssignments/9f98a703-f069-a344-e404-498c3486c6bd", + "name": "9f98a703-f069-a344-e404-498c3486c6bd", "properties": { "principalId": "0aa95430-9a7f-4c8e-8cf6-579278e68947", "roleDefinitionId": "Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8", @@ -401,7 +425,7 @@ } ], "Variables": { - "AZURE_MANAGEDHSM_URL": "https://heathskv1hsm.managedhsm.azure.net/", + "AZURE_MANAGEDHSM_URL": "https://heathstst2hsm.managedhsm.azure.net/", "CLIENT_OBJECTID": "0aa95430-9a7f-4c8e-8cf6-579278e68947", "RandomSeed": "1044942597" } diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/SessionRecords/RbacHelloWorld/CreateRoleAssignment.json b/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/SessionRecords/RbacHelloWorld/CreateRoleAssignment.json index e15a8da4704cb..e95c7a6a422f0 100644 --- a/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/SessionRecords/RbacHelloWorld/CreateRoleAssignment.json +++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/SessionRecords/RbacHelloWorld/CreateRoleAssignment.json @@ -1,13 +1,13 @@ { "Entries": [ { - "RequestUri": "https://heathskv1hsm.managedhsm.azure.net/providers/Microsoft.Authorization/roleDefinitions?api-version=7.2", + "RequestUri": "https://heathstst2hsm.managedhsm.azure.net/providers/Microsoft.Authorization/roleDefinitions?api-version=7.2", "RequestMethod": "GET", "RequestHeaders": { "Accept": "application/json", "User-Agent": [ - "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210413.1", - "(.NET 5.0.4; Microsoft Windows 10.0.19042)" + "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210608.1", + "(.NET Core 4.6.30015.01; Microsoft Windows 10.0.19043 )" ], "x-ms-client-request-id": "d9fdd9205609333967f0f6501670e9b1", "x-ms-return-client-request-id": "true" @@ -23,21 +23,21 @@ "WWW-Authenticate": "Bearer authorization=\u0022https://login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47\u0022, resource=\u0022https://managedhsm.azure.net\u0022", "X-Content-Type-Options": "nosniff", "X-Frame-Options": "SAMEORIGIN", - "x-ms-build-version": "1.0.20210329-1-34f5870f-develop", - "x-ms-request-id": "5ad2039e-9c7f-11eb-a208-000d3aee698b", + "x-ms-build-version": "1.0.20210520-1-d6634624-develop", + "x-ms-request-id": "043d2014-c8ac-11eb-bdae-000d3aedb9e5", "x-ms-server-latency": "0" }, "ResponseBody": "OK" }, { - "RequestUri": "https://heathskv1hsm.managedhsm.azure.net/providers/Microsoft.Authorization/roleDefinitions?api-version=7.2", + "RequestUri": "https://heathstst2hsm.managedhsm.azure.net/providers/Microsoft.Authorization/roleDefinitions?api-version=7.2", "RequestMethod": "GET", "RequestHeaders": { "Accept": "application/json", "Authorization": "Sanitized", "User-Agent": [ - "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210413.1", - "(.NET 5.0.4; Microsoft Windows 10.0.19042)" + "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210608.1", + "(.NET Core 4.6.30015.01; Microsoft Windows 10.0.19043 )" ], "x-ms-client-request-id": "d9fdd9205609333967f0f6501670e9b1", "x-ms-return-client-request-id": "true" @@ -46,17 +46,17 @@ "StatusCode": 200, "ResponseHeaders": { "Cache-Control": "no-cache", - "Content-Length": "6116", + "Content-Length": "6648", "Content-Security-Policy": "default-src \u0027self\u0027", "Content-Type": "application/json; charset=utf-8", "Strict-Transport-Security": "max-age=31536000; includeSubDomains", "X-Content-Type-Options": "nosniff", "X-Frame-Options": "SAMEORIGIN", - "x-ms-build-version": "1.0.20210329-1-34f5870f-develop", + "x-ms-build-version": "1.0.20210520-1-d6634624-develop", "x-ms-keyvault-network-info": "conn_type=Ipv4;addr=67.171.12.239;act_addr_fam=Ipv4;", "x-ms-keyvault-region": "southcentralus", - "x-ms-request-id": "5b7cafd8-9c7f-11eb-a208-000d3aee698b", - "x-ms-server-latency": "0" + "x-ms-request-id": "045719ba-c8ac-11eb-bdae-000d3aedb9e5", + "x-ms-server-latency": "1" }, "ResponseBody": { "value": [ @@ -80,7 +80,7 @@ "notDataActions": [] } ], - "roleName": "Managed HSM Backup", + "roleName": "Managed HSM Backup User", "type": "AKVBuiltInRole" }, "type": "Microsoft.Authorization/roleDefinitions" @@ -105,7 +105,30 @@ "notDataActions": [] } ], - "roleName": "Managed HSM Crypto Service Encryption", + "roleName": "Managed HSM Crypto Service Encryption User", + "type": "AKVBuiltInRole" + }, + "type": "Microsoft.Authorization/roleDefinitions" + }, + { + "id": "Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625c", + "name": "21dbd100-6940-42c2-9190-5d6cb909625c", + "properties": { + "assignableScopes": [ + "/" + ], + "description": "", + "permissions": [ + { + "actions": [], + "dataActions": [ + "Microsoft.KeyVault/managedHsm/keys/release/action" + ], + "notActions": [], + "notDataActions": [] + } + ], + "roleName": "Managed HSM Crypto Service Release User", "type": "AKVBuiltInRole" }, "type": "Microsoft.Authorization/roleDefinitions" @@ -191,7 +214,8 @@ "Microsoft.KeyVault/managedHsm/keys/wrap/action", "Microsoft.KeyVault/managedHsm/keys/unwrap/action", "Microsoft.KeyVault/managedHsm/keys/sign/action", - "Microsoft.KeyVault/managedHsm/keys/verify/action" + "Microsoft.KeyVault/managedHsm/keys/verify/action", + "Microsoft.KeyVault/managedHsm/rng/action" ], "notActions": [], "notDataActions": [] @@ -275,7 +299,7 @@ } }, { - "RequestUri": "https://heathskv1hsm.managedhsm.azure.net/providers/Microsoft.Authorization/roleAssignments/e7ae2aff-eb17-4c9d-84f0-d12f7f468f16?api-version=7.2", + "RequestUri": "https://heathstst2hsm.managedhsm.azure.net/providers/Microsoft.Authorization/roleAssignments/e81f3a85-f94d-b58d-de6c-641c8ea7273d?api-version=7.2", "RequestMethod": "PUT", "RequestHeaders": { "Accept": "application/json", @@ -283,10 +307,10 @@ "Content-Length": "196", "Content-Type": "application/json", "User-Agent": [ - "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210413.1", - "(.NET 5.0.4; Microsoft Windows 10.0.19042)" + "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210608.1", + "(.NET Core 4.6.30015.01; Microsoft Windows 10.0.19043 )" ], - "x-ms-client-request-id": "e81f3a85f94db58dde6c641c8ea7273d", + "x-ms-client-request-id": "af559c4c92cd0a64f14d8d01ba26a28e", "x-ms-return-client-request-id": "true" }, "RequestBody": { @@ -306,12 +330,12 @@ "X-Frame-Options": "SAMEORIGIN", "x-ms-keyvault-network-info": "conn_type=Ipv4;addr=67.171.12.239;act_addr_fam=Ipv4;", "x-ms-keyvault-region": "southcentralus", - "x-ms-request-id": "5b873dfe-9c7f-11eb-a208-000d3aee698b", - "x-ms-server-latency": "50" + "x-ms-request-id": "0479618c-c8ac-11eb-bdae-000d3aedb9e5", + "x-ms-server-latency": "67" }, "ResponseBody": { - "id": "/providers/Microsoft.Authorization/roleAssignments/e7ae2aff-eb17-4c9d-84f0-d12f7f468f16", - "name": "e7ae2aff-eb17-4c9d-84f0-d12f7f468f16", + "id": "/providers/Microsoft.Authorization/roleAssignments/e81f3a85-f94d-b58d-de6c-641c8ea7273d", + "name": "e81f3a85-f94d-b58d-de6c-641c8ea7273d", "properties": { "principalId": "0aa95430-9a7f-4c8e-8cf6-579278e68947", "roleDefinitionId": "Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8", @@ -321,16 +345,16 @@ } }, { - "RequestUri": "https://heathskv1hsm.managedhsm.azure.net/providers/Microsoft.Authorization/roleAssignments/e7ae2aff-eb17-4c9d-84f0-d12f7f468f16?api-version=7.2", + "RequestUri": "https://heathstst2hsm.managedhsm.azure.net/providers/Microsoft.Authorization/roleAssignments/e81f3a85-f94d-b58d-de6c-641c8ea7273d?api-version=7.2", "RequestMethod": "GET", "RequestHeaders": { "Accept": "application/json", "Authorization": "Sanitized", "User-Agent": [ - "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210413.1", - "(.NET 5.0.4; Microsoft Windows 10.0.19042)" + "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210608.1", + "(.NET Core 4.6.30015.01; Microsoft Windows 10.0.19043 )" ], - "x-ms-client-request-id": "af559c4c92cd0a64f14d8d01ba26a28e", + "x-ms-client-request-id": "f3b961055aa0274f4b47fb9cf21ca4bf", "x-ms-return-client-request-id": "true" }, "RequestBody": null, @@ -343,15 +367,15 @@ "Strict-Transport-Security": "max-age=31536000; includeSubDomains", "X-Content-Type-Options": "nosniff", "X-Frame-Options": "SAMEORIGIN", - "x-ms-build-version": "1.0.20210329-1-34f5870f-develop", + "x-ms-build-version": "1.0.20210520-1-d6634624-develop", "x-ms-keyvault-network-info": "conn_type=Ipv4;addr=67.171.12.239;act_addr_fam=Ipv4;", "x-ms-keyvault-region": "southcentralus", - "x-ms-request-id": "5b9d2b28-9c7f-11eb-a208-000d3aee698b", - "x-ms-server-latency": "1" + "x-ms-request-id": "04a6e170-c8ac-11eb-bdae-000d3aedb9e5", + "x-ms-server-latency": "0" }, "ResponseBody": { - "id": "/providers/Microsoft.Authorization/roleAssignments/e7ae2aff-eb17-4c9d-84f0-d12f7f468f16", - "name": "e7ae2aff-eb17-4c9d-84f0-d12f7f468f16", + "id": "/providers/Microsoft.Authorization/roleAssignments/e81f3a85-f94d-b58d-de6c-641c8ea7273d", + "name": "e81f3a85-f94d-b58d-de6c-641c8ea7273d", "properties": { "principalId": "0aa95430-9a7f-4c8e-8cf6-579278e68947", "roleDefinitionId": "Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8", @@ -361,16 +385,16 @@ } }, { - "RequestUri": "https://heathskv1hsm.managedhsm.azure.net/providers/Microsoft.Authorization/roleAssignments/e7ae2aff-eb17-4c9d-84f0-d12f7f468f16?api-version=7.2", + "RequestUri": "https://heathstst2hsm.managedhsm.azure.net/providers/Microsoft.Authorization/roleAssignments/e81f3a85-f94d-b58d-de6c-641c8ea7273d?api-version=7.2", "RequestMethod": "DELETE", "RequestHeaders": { "Accept": "application/json", "Authorization": "Sanitized", "User-Agent": [ - "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210413.1", - "(.NET 5.0.4; Microsoft Windows 10.0.19042)" + "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210608.1", + "(.NET Core 4.6.30015.01; Microsoft Windows 10.0.19043 )" ], - "x-ms-client-request-id": "f3b961055aa0274f4b47fb9cf21ca4bf", + "x-ms-client-request-id": "7904b9c8391bf3e4d615f7ff6b8bfbb7", "x-ms-return-client-request-id": "true" }, "RequestBody": null, @@ -385,12 +409,12 @@ "X-Frame-Options": "SAMEORIGIN", "x-ms-keyvault-network-info": "conn_type=Ipv4;addr=67.171.12.239;act_addr_fam=Ipv4;", "x-ms-keyvault-region": "southcentralus", - "x-ms-request-id": "5ba8a55c-9c7f-11eb-a208-000d3aee698b", - "x-ms-server-latency": "52" + "x-ms-request-id": "04d09038-c8ac-11eb-bdae-000d3aedb9e5", + "x-ms-server-latency": "59" }, "ResponseBody": { - "id": "/providers/Microsoft.Authorization/roleAssignments/e7ae2aff-eb17-4c9d-84f0-d12f7f468f16", - "name": "e7ae2aff-eb17-4c9d-84f0-d12f7f468f16", + "id": "/providers/Microsoft.Authorization/roleAssignments/e81f3a85-f94d-b58d-de6c-641c8ea7273d", + "name": "e81f3a85-f94d-b58d-de6c-641c8ea7273d", "properties": { "principalId": "0aa95430-9a7f-4c8e-8cf6-579278e68947", "roleDefinitionId": "Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8", @@ -401,7 +425,7 @@ } ], "Variables": { - "AZURE_MANAGEDHSM_URL": "https://heathskv1hsm.managedhsm.azure.net/", + "AZURE_MANAGEDHSM_URL": "https://heathstst2hsm.managedhsm.azure.net/", "CLIENT_OBJECTID": "0aa95430-9a7f-4c8e-8cf6-579278e68947", "RandomSeed": "1288883537" } diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/SessionRecords/RbacHelloWorld/CreateRoleAssignmentAsyncAsync.json b/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/SessionRecords/RbacHelloWorld/CreateRoleAssignmentAsyncAsync.json index 5bdaec7ad0bbb..a3480f3adcd8b 100644 --- a/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/SessionRecords/RbacHelloWorld/CreateRoleAssignmentAsyncAsync.json +++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/SessionRecords/RbacHelloWorld/CreateRoleAssignmentAsyncAsync.json @@ -1,14 +1,14 @@ { "Entries": [ { - "RequestUri": "https://heathskv1hsm.managedhsm.azure.net/providers/Microsoft.Authorization/roleDefinitions?api-version=7.2", + "RequestUri": "https://heathstst2hsm.managedhsm.azure.net/providers/Microsoft.Authorization/roleDefinitions?api-version=7.2", "RequestMethod": "GET", "RequestHeaders": { "Accept": "application/json", - "traceparent": "00-179806e9ff5f2d4a8ab9f17c641746d0-8be6ea46cf15c24e-00", + "traceparent": "00-4a85f3eba16e3f459c4f6b9b6d7e8ddb-355e0ac3aca0f344-00", "User-Agent": [ - "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210413.1", - "(.NET 5.0.4; Microsoft Windows 10.0.19042)" + "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210608.1", + "(.NET Core 4.6.30015.01; Microsoft Windows 10.0.19043 )" ], "x-ms-client-request-id": "8e35e518c3599a4353f0f97d21d8a1c4", "x-ms-return-client-request-id": "true" @@ -24,22 +24,22 @@ "WWW-Authenticate": "Bearer authorization=\u0022https://login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47\u0022, resource=\u0022https://managedhsm.azure.net\u0022", "X-Content-Type-Options": "nosniff", "X-Frame-Options": "SAMEORIGIN", - "x-ms-build-version": "1.0.20210329-1-34f5870f-develop", - "x-ms-request-id": "5be502ea-9c7f-11eb-a208-000d3aee698b", + "x-ms-build-version": "1.0.20210520-1-d6634624-develop", + "x-ms-request-id": "04f40af4-c8ac-11eb-bdae-000d3aedb9e5", "x-ms-server-latency": "0" }, "ResponseBody": "OK" }, { - "RequestUri": "https://heathskv1hsm.managedhsm.azure.net/providers/Microsoft.Authorization/roleDefinitions?api-version=7.2", + "RequestUri": "https://heathstst2hsm.managedhsm.azure.net/providers/Microsoft.Authorization/roleDefinitions?api-version=7.2", "RequestMethod": "GET", "RequestHeaders": { "Accept": "application/json", "Authorization": "Sanitized", - "traceparent": "00-179806e9ff5f2d4a8ab9f17c641746d0-8be6ea46cf15c24e-00", + "traceparent": "00-4a85f3eba16e3f459c4f6b9b6d7e8ddb-355e0ac3aca0f344-00", "User-Agent": [ - "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210413.1", - "(.NET 5.0.4; Microsoft Windows 10.0.19042)" + "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210608.1", + "(.NET Core 4.6.30015.01; Microsoft Windows 10.0.19043 )" ], "x-ms-client-request-id": "8e35e518c3599a4353f0f97d21d8a1c4", "x-ms-return-client-request-id": "true" @@ -48,17 +48,17 @@ "StatusCode": 200, "ResponseHeaders": { "Cache-Control": "no-cache", - "Content-Length": "6116", + "Content-Length": "6648", "Content-Security-Policy": "default-src \u0027self\u0027", "Content-Type": "application/json; charset=utf-8", "Strict-Transport-Security": "max-age=31536000; includeSubDomains", "X-Content-Type-Options": "nosniff", "X-Frame-Options": "SAMEORIGIN", - "x-ms-build-version": "1.0.20210329-1-34f5870f-develop", + "x-ms-build-version": "1.0.20210520-1-d6634624-develop", "x-ms-keyvault-network-info": "conn_type=Ipv4;addr=67.171.12.239;act_addr_fam=Ipv4;", "x-ms-keyvault-region": "southcentralus", - "x-ms-request-id": "5c1df49c-9c7f-11eb-a208-000d3aee698b", - "x-ms-server-latency": "1" + "x-ms-request-id": "0537bb6e-c8ac-11eb-bdae-000d3aedb9e5", + "x-ms-server-latency": "0" }, "ResponseBody": { "value": [ @@ -82,7 +82,7 @@ "notDataActions": [] } ], - "roleName": "Managed HSM Backup", + "roleName": "Managed HSM Backup User", "type": "AKVBuiltInRole" }, "type": "Microsoft.Authorization/roleDefinitions" @@ -107,7 +107,30 @@ "notDataActions": [] } ], - "roleName": "Managed HSM Crypto Service Encryption", + "roleName": "Managed HSM Crypto Service Encryption User", + "type": "AKVBuiltInRole" + }, + "type": "Microsoft.Authorization/roleDefinitions" + }, + { + "id": "Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625c", + "name": "21dbd100-6940-42c2-9190-5d6cb909625c", + "properties": { + "assignableScopes": [ + "/" + ], + "description": "", + "permissions": [ + { + "actions": [], + "dataActions": [ + "Microsoft.KeyVault/managedHsm/keys/release/action" + ], + "notActions": [], + "notDataActions": [] + } + ], + "roleName": "Managed HSM Crypto Service Release User", "type": "AKVBuiltInRole" }, "type": "Microsoft.Authorization/roleDefinitions" @@ -193,7 +216,8 @@ "Microsoft.KeyVault/managedHsm/keys/wrap/action", "Microsoft.KeyVault/managedHsm/keys/unwrap/action", "Microsoft.KeyVault/managedHsm/keys/sign/action", - "Microsoft.KeyVault/managedHsm/keys/verify/action" + "Microsoft.KeyVault/managedHsm/keys/verify/action", + "Microsoft.KeyVault/managedHsm/rng/action" ], "notActions": [], "notDataActions": [] @@ -277,19 +301,19 @@ } }, { - "RequestUri": "https://heathskv1hsm.managedhsm.azure.net/providers/Microsoft.Authorization/roleAssignments/e7ae2aff-eb17-4c9d-84f0-d12f7f468f16?api-version=7.2", + "RequestUri": "https://heathstst2hsm.managedhsm.azure.net/providers/Microsoft.Authorization/roleAssignments/6e4fda9e-c81a-6349-5a9a-0fc713b47115?api-version=7.2", "RequestMethod": "PUT", "RequestHeaders": { "Accept": "application/json", "Authorization": "Sanitized", "Content-Length": "196", "Content-Type": "application/json", - "traceparent": "00-a7aa5a928708334e9d4c4016394fdc5b-38e17cde16b5484a-00", + "traceparent": "00-55c5024680f1c845a8d762f64c64a59e-aa43607399814948-00", "User-Agent": [ - "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210413.1", - "(.NET 5.0.4; Microsoft Windows 10.0.19042)" + "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210608.1", + "(.NET Core 4.6.30015.01; Microsoft Windows 10.0.19043 )" ], - "x-ms-client-request-id": "6e4fda9ec81a63495a9a0fc713b47115", + "x-ms-client-request-id": "1907f0453149d1671ec2f0f13d2fff2e", "x-ms-return-client-request-id": "true" }, "RequestBody": { @@ -309,12 +333,12 @@ "X-Frame-Options": "SAMEORIGIN", "x-ms-keyvault-network-info": "conn_type=Ipv4;addr=67.171.12.239;act_addr_fam=Ipv4;", "x-ms-keyvault-region": "southcentralus", - "x-ms-request-id": "5c28cd22-9c7f-11eb-a208-000d3aee698b", - "x-ms-server-latency": "81" + "x-ms-request-id": "055029d8-c8ac-11eb-bdae-000d3aedb9e5", + "x-ms-server-latency": "44" }, "ResponseBody": { - "id": "/providers/Microsoft.Authorization/roleAssignments/e7ae2aff-eb17-4c9d-84f0-d12f7f468f16", - "name": "e7ae2aff-eb17-4c9d-84f0-d12f7f468f16", + "id": "/providers/Microsoft.Authorization/roleAssignments/6e4fda9e-c81a-6349-5a9a-0fc713b47115", + "name": "6e4fda9e-c81a-6349-5a9a-0fc713b47115", "properties": { "principalId": "0aa95430-9a7f-4c8e-8cf6-579278e68947", "roleDefinitionId": "Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8", @@ -324,17 +348,17 @@ } }, { - "RequestUri": "https://heathskv1hsm.managedhsm.azure.net/providers/Microsoft.Authorization/roleAssignments/e7ae2aff-eb17-4c9d-84f0-d12f7f468f16?api-version=7.2", + "RequestUri": "https://heathstst2hsm.managedhsm.azure.net/providers/Microsoft.Authorization/roleAssignments/6e4fda9e-c81a-6349-5a9a-0fc713b47115?api-version=7.2", "RequestMethod": "GET", "RequestHeaders": { "Accept": "application/json", "Authorization": "Sanitized", - "traceparent": "00-d304d89b02ae1b4c909359e267aa6452-c2cb45fc62447f49-00", + "traceparent": "00-f299a7cd27ba98429d9a0720e00e42af-56aa0265b7b0cd44-00", "User-Agent": [ - "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210413.1", - "(.NET 5.0.4; Microsoft Windows 10.0.19042)" + "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210608.1", + "(.NET Core 4.6.30015.01; Microsoft Windows 10.0.19043 )" ], - "x-ms-client-request-id": "1907f0453149d1671ec2f0f13d2fff2e", + "x-ms-client-request-id": "2d9ba953643d4fbc9bd134bfb47c869f", "x-ms-return-client-request-id": "true" }, "RequestBody": null, @@ -347,15 +371,15 @@ "Strict-Transport-Security": "max-age=31536000; includeSubDomains", "X-Content-Type-Options": "nosniff", "X-Frame-Options": "SAMEORIGIN", - "x-ms-build-version": "1.0.20210329-1-34f5870f-develop", + "x-ms-build-version": "1.0.20210520-1-d6634624-develop", "x-ms-keyvault-network-info": "conn_type=Ipv4;addr=67.171.12.239;act_addr_fam=Ipv4;", "x-ms-keyvault-region": "southcentralus", - "x-ms-request-id": "5c411e4a-9c7f-11eb-a208-000d3aee698b", - "x-ms-server-latency": "0" + "x-ms-request-id": "05746c44-c8ac-11eb-bdae-000d3aedb9e5", + "x-ms-server-latency": "1" }, "ResponseBody": { - "id": "/providers/Microsoft.Authorization/roleAssignments/e7ae2aff-eb17-4c9d-84f0-d12f7f468f16", - "name": "e7ae2aff-eb17-4c9d-84f0-d12f7f468f16", + "id": "/providers/Microsoft.Authorization/roleAssignments/6e4fda9e-c81a-6349-5a9a-0fc713b47115", + "name": "6e4fda9e-c81a-6349-5a9a-0fc713b47115", "properties": { "principalId": "0aa95430-9a7f-4c8e-8cf6-579278e68947", "roleDefinitionId": "Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8", @@ -365,17 +389,17 @@ } }, { - "RequestUri": "https://heathskv1hsm.managedhsm.azure.net/providers/Microsoft.Authorization/roleAssignments/e7ae2aff-eb17-4c9d-84f0-d12f7f468f16?api-version=7.2", + "RequestUri": "https://heathstst2hsm.managedhsm.azure.net/providers/Microsoft.Authorization/roleAssignments/6e4fda9e-c81a-6349-5a9a-0fc713b47115?api-version=7.2", "RequestMethod": "DELETE", "RequestHeaders": { "Accept": "application/json", "Authorization": "Sanitized", - "traceparent": "00-97e7b64b3a980b43846c093ca95ffb9c-c8bf63dcc911eb41-00", + "traceparent": "00-a88571b971ca3645afdd4c6161166d1d-cadf3c6931c9764a-00", "User-Agent": [ - "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210413.1", - "(.NET 5.0.4; Microsoft Windows 10.0.19042)" + "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210608.1", + "(.NET Core 4.6.30015.01; Microsoft Windows 10.0.19043 )" ], - "x-ms-client-request-id": "2d9ba953643d4fbc9bd134bfb47c869f", + "x-ms-client-request-id": "3037e37f87d06c7a727e4f58d857262b", "x-ms-return-client-request-id": "true" }, "RequestBody": null, @@ -390,12 +414,12 @@ "X-Frame-Options": "SAMEORIGIN", "x-ms-keyvault-network-info": "conn_type=Ipv4;addr=67.171.12.239;act_addr_fam=Ipv4;", "x-ms-keyvault-region": "southcentralus", - "x-ms-request-id": "5c4bc7f0-9c7f-11eb-a208-000d3aee698b", - "x-ms-server-latency": "44" + "x-ms-request-id": "05a1adf8-c8ac-11eb-bdae-000d3aedb9e5", + "x-ms-server-latency": "54" }, "ResponseBody": { - "id": "/providers/Microsoft.Authorization/roleAssignments/e7ae2aff-eb17-4c9d-84f0-d12f7f468f16", - "name": "e7ae2aff-eb17-4c9d-84f0-d12f7f468f16", + "id": "/providers/Microsoft.Authorization/roleAssignments/6e4fda9e-c81a-6349-5a9a-0fc713b47115", + "name": "6e4fda9e-c81a-6349-5a9a-0fc713b47115", "properties": { "principalId": "0aa95430-9a7f-4c8e-8cf6-579278e68947", "roleDefinitionId": "Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8", @@ -406,7 +430,7 @@ } ], "Variables": { - "AZURE_MANAGEDHSM_URL": "https://heathskv1hsm.managedhsm.azure.net/", + "AZURE_MANAGEDHSM_URL": "https://heathstst2hsm.managedhsm.azure.net/", "CLIENT_OBJECTID": "0aa95430-9a7f-4c8e-8cf6-579278e68947", "RandomSeed": "943677510" } diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/SessionRecords/RbacScopeAssignment/CreateRoleAssignmentAsync.json b/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/SessionRecords/RbacScopeAssignment/CreateRoleAssignmentAsync.json index fc41dc66dba7c..5fa820178e910 100644 --- a/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/SessionRecords/RbacScopeAssignment/CreateRoleAssignmentAsync.json +++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/SessionRecords/RbacScopeAssignment/CreateRoleAssignmentAsync.json @@ -1,12 +1,15 @@ { "Entries": [ { - "RequestUri": "https://heathskv1hsm.managedhsm.azure.net/providers/Microsoft.Authorization/roleDefinitions?api-version=7.2", + "RequestUri": "https://heathstst2hsm.managedhsm.azure.net/providers/Microsoft.Authorization/roleDefinitions?api-version=7.2", "RequestMethod": "GET", "RequestHeaders": { "Accept": "application/json", - "traceparent": "00-2e3899beeb6dcc42a6bbd90219737998-23ba460273fa5140-00", - "User-Agent": "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210413.1 (.NET Framework 4.8.4300.0; Microsoft Windows 10.0.19042 )", + "traceparent": "00-edbc3e6978182b418cf1b79c6846c280-912cfea3d0715e4a-00", + "User-Agent": [ + "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210608.1", + "(.NET Core 4.6.30015.01; Microsoft Windows 10.0.19043 )" + ], "x-ms-client-request-id": "08665a931011dc0761a6b5960748e519", "x-ms-return-client-request-id": "true" }, @@ -15,26 +18,29 @@ "ResponseHeaders": { "Cache-Control": "no-cache", "Content-Length": "2", - "content-security-policy": "default-src \u0027self\u0027", + "Content-Security-Policy": "default-src \u0027self\u0027", "Content-Type": "application/json; charset=utf-8", - "strict-transport-security": "max-age=31536000; includeSubDomains", + "Strict-Transport-Security": "max-age=31536000; includeSubDomains", "WWW-Authenticate": "Bearer authorization=\u0022https://login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47\u0022, resource=\u0022https://managedhsm.azure.net\u0022", - "x-content-type-options": "nosniff", - "x-frame-options": "SAMEORIGIN", - "x-ms-build-version": "1.0.20210329-1-34f5870f-develop", - "x-ms-request-id": "c9a13d44-9c7f-11eb-afa9-000d3af54d67", - "x-ms-server-latency": "1" + "X-Content-Type-Options": "nosniff", + "X-Frame-Options": "SAMEORIGIN", + "x-ms-build-version": "1.0.20210520-1-d6634624-develop", + "x-ms-request-id": "05d9102c-c8ac-11eb-bdae-000d3aedb9e5", + "x-ms-server-latency": "0" }, "ResponseBody": "OK" }, { - "RequestUri": "https://heathskv1hsm.managedhsm.azure.net/providers/Microsoft.Authorization/roleDefinitions?api-version=7.2", + "RequestUri": "https://heathstst2hsm.managedhsm.azure.net/providers/Microsoft.Authorization/roleDefinitions?api-version=7.2", "RequestMethod": "GET", "RequestHeaders": { "Accept": "application/json", "Authorization": "Sanitized", - "traceparent": "00-2e3899beeb6dcc42a6bbd90219737998-23ba460273fa5140-00", - "User-Agent": "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210413.1 (.NET Framework 4.8.4300.0; Microsoft Windows 10.0.19042 )", + "traceparent": "00-edbc3e6978182b418cf1b79c6846c280-912cfea3d0715e4a-00", + "User-Agent": [ + "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210608.1", + "(.NET Core 4.6.30015.01; Microsoft Windows 10.0.19043 )" + ], "x-ms-client-request-id": "08665a931011dc0761a6b5960748e519", "x-ms-return-client-request-id": "true" }, @@ -42,17 +48,17 @@ "StatusCode": 200, "ResponseHeaders": { "Cache-Control": "no-cache", - "Content-Length": "6116", - "content-security-policy": "default-src \u0027self\u0027", + "Content-Length": "6648", + "Content-Security-Policy": "default-src \u0027self\u0027", "Content-Type": "application/json; charset=utf-8", - "strict-transport-security": "max-age=31536000; includeSubDomains", - "x-content-type-options": "nosniff", - "x-frame-options": "SAMEORIGIN", - "x-ms-build-version": "1.0.20210329-1-34f5870f-develop", + "Strict-Transport-Security": "max-age=31536000; includeSubDomains", + "X-Content-Type-Options": "nosniff", + "X-Frame-Options": "SAMEORIGIN", + "x-ms-build-version": "1.0.20210520-1-d6634624-develop", "x-ms-keyvault-network-info": "conn_type=Ipv4;addr=67.171.12.239;act_addr_fam=Ipv4;", "x-ms-keyvault-region": "southcentralus", - "x-ms-request-id": "cab2a4f2-9c7f-11eb-afa9-000d3af54d67", - "x-ms-server-latency": "1" + "x-ms-request-id": "062e8002-c8ac-11eb-bdae-000d3aedb9e5", + "x-ms-server-latency": "0" }, "ResponseBody": { "value": [ @@ -76,7 +82,7 @@ "notDataActions": [] } ], - "roleName": "Managed HSM Backup", + "roleName": "Managed HSM Backup User", "type": "AKVBuiltInRole" }, "type": "Microsoft.Authorization/roleDefinitions" @@ -101,7 +107,30 @@ "notDataActions": [] } ], - "roleName": "Managed HSM Crypto Service Encryption", + "roleName": "Managed HSM Crypto Service Encryption User", + "type": "AKVBuiltInRole" + }, + "type": "Microsoft.Authorization/roleDefinitions" + }, + { + "id": "Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625c", + "name": "21dbd100-6940-42c2-9190-5d6cb909625c", + "properties": { + "assignableScopes": [ + "/" + ], + "description": "", + "permissions": [ + { + "actions": [], + "dataActions": [ + "Microsoft.KeyVault/managedHsm/keys/release/action" + ], + "notActions": [], + "notDataActions": [] + } + ], + "roleName": "Managed HSM Crypto Service Release User", "type": "AKVBuiltInRole" }, "type": "Microsoft.Authorization/roleDefinitions" @@ -187,7 +216,8 @@ "Microsoft.KeyVault/managedHsm/keys/wrap/action", "Microsoft.KeyVault/managedHsm/keys/unwrap/action", "Microsoft.KeyVault/managedHsm/keys/sign/action", - "Microsoft.KeyVault/managedHsm/keys/verify/action" + "Microsoft.KeyVault/managedHsm/keys/verify/action", + "Microsoft.KeyVault/managedHsm/rng/action" ], "notActions": [], "notDataActions": [] @@ -271,16 +301,19 @@ } }, { - "RequestUri": "https://heathskv1hsm.managedhsm.azure.net/keys/providers/Microsoft.Authorization/roleAssignments/e7ae2aff-eb17-4c9d-84f0-d12f7f468f16?api-version=7.2", + "RequestUri": "https://heathstst2hsm.managedhsm.azure.net/keys/providers/Microsoft.Authorization/roleAssignments/e5e3e86e-3240-d4cb-1aae-210c06a286b3?api-version=7.2", "RequestMethod": "PUT", "RequestHeaders": { "Accept": "application/json", "Authorization": "Sanitized", "Content-Length": "196", "Content-Type": "application/json", - "traceparent": "00-3375505e8adbbb44946dc50982ba563c-2bd48787bbe2f544-00", - "User-Agent": "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210413.1 (.NET Framework 4.8.4300.0; Microsoft Windows 10.0.19042 )", - "x-ms-client-request-id": "e5e3e86e3240d4cb1aae210c06a286b3", + "traceparent": "00-349ea805e67b5b449b5d116d1b8a3396-786c733e682caf4c-00", + "User-Agent": [ + "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210608.1", + "(.NET Core 4.6.30015.01; Microsoft Windows 10.0.19043 )" + ], + "x-ms-client-request-id": "1ea9c044ad27be226002b1e118f10cee", "x-ms-return-client-request-id": "true" }, "RequestBody": { @@ -293,19 +326,19 @@ "ResponseHeaders": { "Cache-Control": "no-cache", "Content-Length": "402", - "content-security-policy": "default-src \u0027self\u0027", + "Content-Security-Policy": "default-src \u0027self\u0027", "Content-Type": "application/json; charset=utf-8", - "strict-transport-security": "max-age=31536000; includeSubDomains", - "x-content-type-options": "nosniff", - "x-frame-options": "SAMEORIGIN", + "Strict-Transport-Security": "max-age=31536000; includeSubDomains", + "X-Content-Type-Options": "nosniff", + "X-Frame-Options": "SAMEORIGIN", "x-ms-keyvault-network-info": "conn_type=Ipv4;addr=67.171.12.239;act_addr_fam=Ipv4;", "x-ms-keyvault-region": "southcentralus", - "x-ms-request-id": "cac85c84-9c7f-11eb-afa9-000d3af54d67", - "x-ms-server-latency": "51" + "x-ms-request-id": "0650f088-c8ac-11eb-bdae-000d3aedb9e5", + "x-ms-server-latency": "52" }, "ResponseBody": { - "id": "/providers/Microsoft.Authorization/roleAssignments/e7ae2aff-eb17-4c9d-84f0-d12f7f468f16", - "name": "e7ae2aff-eb17-4c9d-84f0-d12f7f468f16", + "id": "/providers/Microsoft.Authorization/roleAssignments/e5e3e86e-3240-d4cb-1aae-210c06a286b3", + "name": "e5e3e86e-3240-d4cb-1aae-210c06a286b3", "properties": { "principalId": "0aa95430-9a7f-4c8e-8cf6-579278e68947", "roleDefinitionId": "Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8", @@ -315,14 +348,17 @@ } }, { - "RequestUri": "https://heathskv1hsm.managedhsm.azure.net/keys/161146436/create?api-version=7.2", + "RequestUri": "https://heathstst2hsm.managedhsm.azure.net/keys/2063578893/create?api-version=7.2", "RequestMethod": "POST", "RequestHeaders": { "Accept": "application/json", "Content-Type": "application/json", - "traceparent": "00-36cee7165e0ac347a3e5fd7cb411bdd2-1bfe72113caa7b4f-00", - "User-Agent": "azsdk-net-Security.KeyVault.Keys/4.2.0-alpha.20210413.1 (.NET Framework 4.8.4300.0; Microsoft Windows 10.0.19042 )", - "x-ms-client-request-id": "271ea9c022ad60be02b1e118f10cee0d", + "traceparent": "00-eb3eb0540460c5449d985a4d59ba352a-0724ff6ee0f8d440-00", + "User-Agent": [ + "azsdk-net-Security.KeyVault.Keys/4.2.0-alpha.20210608.1", + "(.NET Core 4.6.30015.01; Microsoft Windows 10.0.19043 )" + ], + "x-ms-client-request-id": "91c95c899c088f6192ee62eefbd6be1f", "x-ms-return-client-request-id": "true" }, "RequestBody": null, @@ -330,28 +366,31 @@ "ResponseHeaders": { "Cache-Control": "no-cache", "Content-Length": "0", - "content-security-policy": "default-src \u0027self\u0027", + "Content-Security-Policy": "default-src \u0027self\u0027", "Content-Type": "application/json; charset=utf-8", - "strict-transport-security": "max-age=31536000; includeSubDomains", + "Strict-Transport-Security": "max-age=31536000; includeSubDomains", "WWW-Authenticate": "Bearer authorization=\u0022https://login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47\u0022, resource=\u0022https://managedhsm.azure.net\u0022", - "x-content-type-options": "nosniff", - "x-frame-options": "SAMEORIGIN", - "x-ms-request-id": "cae45736-9c7f-11eb-afa9-000d3af54d67", + "X-Content-Type-Options": "nosniff", + "X-Frame-Options": "SAMEORIGIN", + "x-ms-request-id": "066832d4-c8ac-11eb-bdae-000d3aedb9e5", "x-ms-server-latency": "0" }, "ResponseBody": [] }, { - "RequestUri": "https://heathskv1hsm.managedhsm.azure.net/keys/161146436/create?api-version=7.2", + "RequestUri": "https://heathstst2hsm.managedhsm.azure.net/keys/2063578893/create?api-version=7.2", "RequestMethod": "POST", "RequestHeaders": { "Accept": "application/json", "Authorization": "Sanitized", "Content-Length": "13", "Content-Type": "application/json", - "traceparent": "00-36cee7165e0ac347a3e5fd7cb411bdd2-1bfe72113caa7b4f-00", - "User-Agent": "azsdk-net-Security.KeyVault.Keys/4.2.0-alpha.20210413.1 (.NET Framework 4.8.4300.0; Microsoft Windows 10.0.19042 )", - "x-ms-client-request-id": "271ea9c022ad60be02b1e118f10cee0d", + "traceparent": "00-eb3eb0540460c5449d985a4d59ba352a-0724ff6ee0f8d440-00", + "User-Agent": [ + "azsdk-net-Security.KeyVault.Keys/4.2.0-alpha.20210608.1", + "(.NET Core 4.6.30015.01; Microsoft Windows 10.0.19043 )" + ], + "x-ms-client-request-id": "91c95c899c088f6192ee62eefbd6be1f", "x-ms-return-client-request-id": "true" }, "RequestBody": { @@ -360,25 +399,25 @@ "StatusCode": 200, "ResponseHeaders": { "Cache-Control": "no-cache", - "Content-Length": "329", - "content-security-policy": "default-src \u0027self\u0027", + "Content-Length": "331", + "Content-Security-Policy": "default-src \u0027self\u0027", "Content-Type": "application/json; charset=utf-8", - "strict-transport-security": "max-age=31536000; includeSubDomains", - "x-content-type-options": "nosniff", - "x-frame-options": "SAMEORIGIN", + "Strict-Transport-Security": "max-age=31536000; includeSubDomains", + "X-Content-Type-Options": "nosniff", + "X-Frame-Options": "SAMEORIGIN", "x-ms-keyvault-network-info": "conn_type=Ipv4;addr=67.171.12.239;act_addr_fam=Ipv4;", "x-ms-keyvault-region": "southcentralus", - "x-ms-request-id": "cb029caa-9c7f-11eb-afa9-000d3af54d67", - "x-ms-server-latency": "180" + "x-ms-request-id": "06957500-c8ac-11eb-bdae-000d3aedb9e5", + "x-ms-server-latency": "171" }, "ResponseBody": { "attributes": { - "created": 1618335824, + "created": 1623192673, "enabled": true, "exportable": false, "recoverableDays": 90, "recoveryLevel": "Recoverable\u002BPurgeable", - "updated": 1618335824 + "updated": 1623192673 }, "key": { "key_ops": [ @@ -387,47 +426,50 @@ "decrypt", "encrypt" ], - "kid": "https://heathskv1hsm.managedhsm.azure.net/keys/161146436/bdda65acac3542471edcc6c3529d6feb", + "kid": "https://heathstst2hsm.managedhsm.azure.net/keys/2063578893/913429ae6ece44b201073b4edffbf777", "kty": "oct-HSM" } } }, { - "RequestUri": "https://heathskv1hsm.managedhsm.azure.net/keys/161146436/?api-version=7.2", + "RequestUri": "https://heathstst2hsm.managedhsm.azure.net/keys/2063578893/?api-version=7.2", "RequestMethod": "GET", "RequestHeaders": { "Accept": "application/json", "Authorization": "Sanitized", "Content-Type": "application/json", - "traceparent": "00-95d6042a0dff7d46996fdd3cabe9b3cf-66e4509c8fd26e41-00", - "User-Agent": "azsdk-net-Security.KeyVault.Keys/4.2.0-alpha.20210413.1 (.NET Framework 4.8.4300.0; Microsoft Windows 10.0.19042 )", - "x-ms-client-request-id": "91c95c899c088f6192ee62eefbd6be1f", + "traceparent": "00-e40ad4bbbf30ee4683a933714bba6f56-d2d61c10f67a3649-00", + "User-Agent": [ + "azsdk-net-Security.KeyVault.Keys/4.2.0-alpha.20210608.1", + "(.NET Core 4.6.30015.01; Microsoft Windows 10.0.19043 )" + ], + "x-ms-client-request-id": "9f475201f2c6c6c024853e80eabc28a1", "x-ms-return-client-request-id": "true" }, "RequestBody": null, "StatusCode": 200, "ResponseHeaders": { "Cache-Control": "no-cache", - "Content-Length": "329", - "content-security-policy": "default-src \u0027self\u0027", + "Content-Length": "331", + "Content-Security-Policy": "default-src \u0027self\u0027", "Content-Type": "application/json; charset=utf-8", - "strict-transport-security": "max-age=31536000; includeSubDomains", - "x-content-type-options": "nosniff", - "x-frame-options": "SAMEORIGIN", - "x-ms-build-version": "1.0.20210329-1-34f5870f-develop", + "Strict-Transport-Security": "max-age=31536000; includeSubDomains", + "X-Content-Type-Options": "nosniff", + "X-Frame-Options": "SAMEORIGIN", + "x-ms-build-version": "1.0.20210520-1-d6634624-develop", "x-ms-keyvault-network-info": "conn_type=Ipv4;addr=67.171.12.239;act_addr_fam=Ipv4;", "x-ms-keyvault-region": "southcentralus", - "x-ms-request-id": "cb2bd638-9c7f-11eb-afa9-000d3af54d67", - "x-ms-server-latency": "42" + "x-ms-request-id": "06e1dc9c-c8ac-11eb-bdae-000d3aedb9e5", + "x-ms-server-latency": "56" }, "ResponseBody": { "attributes": { - "created": 1618335824, + "created": 1623192673, "enabled": true, "exportable": false, "recoverableDays": 90, "recoveryLevel": "Recoverable\u002BPurgeable", - "updated": 1618335824 + "updated": 1623192673 }, "key": { "key_ops": [ @@ -436,22 +478,25 @@ "wrapKey", "unwrapKey" ], - "kid": "https://heathskv1hsm.managedhsm.azure.net/keys/161146436/bdda65acac3542471edcc6c3529d6feb", + "kid": "https://heathstst2hsm.managedhsm.azure.net/keys/2063578893/913429ae6ece44b201073b4edffbf777", "kty": "oct-HSM" } } }, { - "RequestUri": "https://heathskv1hsm.managedhsm.azure.net/keys/161146436/providers/Microsoft.Authorization/roleAssignments/e7ae2aff-eb17-4c9d-84f0-d12f7f468f16?api-version=7.2", + "RequestUri": "https://heathstst2hsm.managedhsm.azure.net/keys/2063578893/providers/Microsoft.Authorization/roleAssignments/e5e3e86e-3240-d4cb-1aae-210c06a286b3?api-version=7.2", "RequestMethod": "PUT", "RequestHeaders": { "Accept": "application/json", "Authorization": "Sanitized", "Content-Length": "196", "Content-Type": "application/json", - "traceparent": "00-e1d5ac71b5702b4fb1263a868f0564b5-67de046729cfdf4c-00", - "User-Agent": "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210413.1 (.NET Framework 4.8.4300.0; Microsoft Windows 10.0.19042 )", - "x-ms-client-request-id": "9f475201f2c6c6c024853e80eabc28a1", + "traceparent": "00-9f33db86defa874582b94de549ff43bb-baa380c6f5fdd04f-00", + "User-Agent": [ + "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210608.1", + "(.NET Core 4.6.30015.01; Microsoft Windows 10.0.19043 )" + ], + "x-ms-client-request-id": "457cfe3322bd233b488f94bec0cf642c", "x-ms-return-client-request-id": "true" }, "RequestBody": { @@ -463,31 +508,31 @@ "StatusCode": 201, "ResponseHeaders": { "Cache-Control": "no-cache", - "Content-Length": "412", - "content-security-policy": "default-src \u0027self\u0027", + "Content-Length": "413", + "Content-Security-Policy": "default-src \u0027self\u0027", "Content-Type": "application/json; charset=utf-8", - "strict-transport-security": "max-age=31536000; includeSubDomains", - "x-content-type-options": "nosniff", - "x-frame-options": "SAMEORIGIN", + "Strict-Transport-Security": "max-age=31536000; includeSubDomains", + "X-Content-Type-Options": "nosniff", + "X-Frame-Options": "SAMEORIGIN", "x-ms-keyvault-network-info": "conn_type=Ipv4;addr=67.171.12.239;act_addr_fam=Ipv4;", "x-ms-keyvault-region": "southcentralus", - "x-ms-request-id": "cb46ac10-9c7f-11eb-afa9-000d3af54d67", - "x-ms-server-latency": "79" + "x-ms-request-id": "0705fde8-c8ac-11eb-bdae-000d3aedb9e5", + "x-ms-server-latency": "99" }, "ResponseBody": { - "id": "/providers/Microsoft.Authorization/roleAssignments/e7ae2aff-eb17-4c9d-84f0-d12f7f468f16", - "name": "e7ae2aff-eb17-4c9d-84f0-d12f7f468f16", + "id": "/providers/Microsoft.Authorization/roleAssignments/e5e3e86e-3240-d4cb-1aae-210c06a286b3", + "name": "e5e3e86e-3240-d4cb-1aae-210c06a286b3", "properties": { "principalId": "0aa95430-9a7f-4c8e-8cf6-579278e68947", "roleDefinitionId": "Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8", - "scope": "/keys/161146436" + "scope": "/keys/2063578893" }, "type": "Microsoft.Authorization/roleAssignments" } } ], "Variables": { - "AZURE_MANAGEDHSM_URL": "https://heathskv1hsm.managedhsm.azure.net/", + "AZURE_MANAGEDHSM_URL": "https://heathstst2hsm.managedhsm.azure.net/", "CLIENT_OBJECTID": "0aa95430-9a7f-4c8e-8cf6-579278e68947", "RandomSeed": "291087922" } diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/SessionRecords/RbacScopeAssignment/CreateRoleAssignmentAsyncAsync.json b/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/SessionRecords/RbacScopeAssignment/CreateRoleAssignmentAsyncAsync.json index a8c4279d5edff..59a9e6c130c93 100644 --- a/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/SessionRecords/RbacScopeAssignment/CreateRoleAssignmentAsyncAsync.json +++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/SessionRecords/RbacScopeAssignment/CreateRoleAssignmentAsyncAsync.json @@ -1,12 +1,15 @@ { "Entries": [ { - "RequestUri": "https://heathskv1hsm.managedhsm.azure.net/providers/Microsoft.Authorization/roleDefinitions?api-version=7.2", + "RequestUri": "https://heathstst2hsm.managedhsm.azure.net/providers/Microsoft.Authorization/roleDefinitions?api-version=7.2", "RequestMethod": "GET", "RequestHeaders": { "Accept": "application/json", - "traceparent": "00-59655fc81543844ea3f4531599edb2ed-e375af70100f1347-00", - "User-Agent": "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210413.1 (.NET Framework 4.8.4300.0; Microsoft Windows 10.0.19042 )", + "traceparent": "00-6d492673484fa543a078fc296fbc278d-9eb9eca0a2e8d44a-00", + "User-Agent": [ + "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210608.1", + "(.NET Core 4.6.30015.01; Microsoft Windows 10.0.19043 )" + ], "x-ms-client-request-id": "f1c23ebdec89e40b6f68bf4f08f90195", "x-ms-return-client-request-id": "true" }, @@ -15,26 +18,29 @@ "ResponseHeaders": { "Cache-Control": "no-cache", "Content-Length": "2", - "content-security-policy": "default-src \u0027self\u0027", + "Content-Security-Policy": "default-src \u0027self\u0027", "Content-Type": "application/json; charset=utf-8", - "strict-transport-security": "max-age=31536000; includeSubDomains", + "Strict-Transport-Security": "max-age=31536000; includeSubDomains", "WWW-Authenticate": "Bearer authorization=\u0022https://login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47\u0022, resource=\u0022https://managedhsm.azure.net\u0022", - "x-content-type-options": "nosniff", - "x-frame-options": "SAMEORIGIN", - "x-ms-build-version": "1.0.20210329-1-34f5870f-develop", - "x-ms-request-id": "cbc51c30-9c7f-11eb-afa9-000d3af54d67", + "X-Content-Type-Options": "nosniff", + "X-Frame-Options": "SAMEORIGIN", + "x-ms-build-version": "1.0.20210520-1-d6634624-develop", + "x-ms-request-id": "08051daa-c8ac-11eb-bdae-000d3aedb9e5", "x-ms-server-latency": "0" }, "ResponseBody": "OK" }, { - "RequestUri": "https://heathskv1hsm.managedhsm.azure.net/providers/Microsoft.Authorization/roleDefinitions?api-version=7.2", + "RequestUri": "https://heathstst2hsm.managedhsm.azure.net/providers/Microsoft.Authorization/roleDefinitions?api-version=7.2", "RequestMethod": "GET", "RequestHeaders": { "Accept": "application/json", "Authorization": "Sanitized", - "traceparent": "00-59655fc81543844ea3f4531599edb2ed-e375af70100f1347-00", - "User-Agent": "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210413.1 (.NET Framework 4.8.4300.0; Microsoft Windows 10.0.19042 )", + "traceparent": "00-6d492673484fa543a078fc296fbc278d-9eb9eca0a2e8d44a-00", + "User-Agent": [ + "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210608.1", + "(.NET Core 4.6.30015.01; Microsoft Windows 10.0.19043 )" + ], "x-ms-client-request-id": "f1c23ebdec89e40b6f68bf4f08f90195", "x-ms-return-client-request-id": "true" }, @@ -42,16 +48,16 @@ "StatusCode": 200, "ResponseHeaders": { "Cache-Control": "no-cache", - "Content-Length": "6116", - "content-security-policy": "default-src \u0027self\u0027", + "Content-Length": "6648", + "Content-Security-Policy": "default-src \u0027self\u0027", "Content-Type": "application/json; charset=utf-8", - "strict-transport-security": "max-age=31536000; includeSubDomains", - "x-content-type-options": "nosniff", - "x-frame-options": "SAMEORIGIN", - "x-ms-build-version": "1.0.20210329-1-34f5870f-develop", + "Strict-Transport-Security": "max-age=31536000; includeSubDomains", + "X-Content-Type-Options": "nosniff", + "X-Frame-Options": "SAMEORIGIN", + "x-ms-build-version": "1.0.20210520-1-d6634624-develop", "x-ms-keyvault-network-info": "conn_type=Ipv4;addr=67.171.12.239;act_addr_fam=Ipv4;", "x-ms-keyvault-region": "southcentralus", - "x-ms-request-id": "cc29b9ec-9c7f-11eb-afa9-000d3af54d67", + "x-ms-request-id": "0860fd3c-c8ac-11eb-bdae-000d3aedb9e5", "x-ms-server-latency": "1" }, "ResponseBody": { @@ -76,7 +82,7 @@ "notDataActions": [] } ], - "roleName": "Managed HSM Backup", + "roleName": "Managed HSM Backup User", "type": "AKVBuiltInRole" }, "type": "Microsoft.Authorization/roleDefinitions" @@ -101,7 +107,30 @@ "notDataActions": [] } ], - "roleName": "Managed HSM Crypto Service Encryption", + "roleName": "Managed HSM Crypto Service Encryption User", + "type": "AKVBuiltInRole" + }, + "type": "Microsoft.Authorization/roleDefinitions" + }, + { + "id": "Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625c", + "name": "21dbd100-6940-42c2-9190-5d6cb909625c", + "properties": { + "assignableScopes": [ + "/" + ], + "description": "", + "permissions": [ + { + "actions": [], + "dataActions": [ + "Microsoft.KeyVault/managedHsm/keys/release/action" + ], + "notActions": [], + "notDataActions": [] + } + ], + "roleName": "Managed HSM Crypto Service Release User", "type": "AKVBuiltInRole" }, "type": "Microsoft.Authorization/roleDefinitions" @@ -187,7 +216,8 @@ "Microsoft.KeyVault/managedHsm/keys/wrap/action", "Microsoft.KeyVault/managedHsm/keys/unwrap/action", "Microsoft.KeyVault/managedHsm/keys/sign/action", - "Microsoft.KeyVault/managedHsm/keys/verify/action" + "Microsoft.KeyVault/managedHsm/keys/verify/action", + "Microsoft.KeyVault/managedHsm/rng/action" ], "notActions": [], "notDataActions": [] @@ -271,16 +301,19 @@ } }, { - "RequestUri": "https://heathskv1hsm.managedhsm.azure.net/keys/providers/Microsoft.Authorization/roleAssignments/e7ae2aff-eb17-4c9d-84f0-d12f7f468f16?api-version=7.2", + "RequestUri": "https://heathstst2hsm.managedhsm.azure.net/keys/providers/Microsoft.Authorization/roleAssignments/1a648030-59ec-cde0-5376-084e51d096ba?api-version=7.2", "RequestMethod": "PUT", "RequestHeaders": { "Accept": "application/json", "Authorization": "Sanitized", "Content-Length": "196", "Content-Type": "application/json", - "traceparent": "00-3959cb69efee5644ae510a5b749e96ce-8c68918667ba5645-00", - "User-Agent": "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210413.1 (.NET Framework 4.8.4300.0; Microsoft Windows 10.0.19042 )", - "x-ms-client-request-id": "1a64803059eccde05376084e51d096ba", + "traceparent": "00-4fd162c71cd61f4485d686d3a9db4542-77b864b094a2ba45-00", + "User-Agent": [ + "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210608.1", + "(.NET Core 4.6.30015.01; Microsoft Windows 10.0.19043 )" + ], + "x-ms-client-request-id": "2ca588a11f25550cbd1dc7e38af25108", "x-ms-return-client-request-id": "true" }, "RequestBody": { @@ -293,19 +326,19 @@ "ResponseHeaders": { "Cache-Control": "no-cache", "Content-Length": "402", - "content-security-policy": "default-src \u0027self\u0027", + "Content-Security-Policy": "default-src \u0027self\u0027", "Content-Type": "application/json; charset=utf-8", - "strict-transport-security": "max-age=31536000; includeSubDomains", - "x-content-type-options": "nosniff", - "x-frame-options": "SAMEORIGIN", + "Strict-Transport-Security": "max-age=31536000; includeSubDomains", + "X-Content-Type-Options": "nosniff", + "X-Frame-Options": "SAMEORIGIN", "x-ms-keyvault-network-info": "conn_type=Ipv4;addr=67.171.12.239;act_addr_fam=Ipv4;", "x-ms-keyvault-region": "southcentralus", - "x-ms-request-id": "cc41fd0e-9c7f-11eb-afa9-000d3af54d67", - "x-ms-server-latency": "51" + "x-ms-request-id": "08903f70-c8ac-11eb-bdae-000d3aedb9e5", + "x-ms-server-latency": "61" }, "ResponseBody": { - "id": "/providers/Microsoft.Authorization/roleAssignments/e7ae2aff-eb17-4c9d-84f0-d12f7f468f16", - "name": "e7ae2aff-eb17-4c9d-84f0-d12f7f468f16", + "id": "/providers/Microsoft.Authorization/roleAssignments/1a648030-59ec-cde0-5376-084e51d096ba", + "name": "1a648030-59ec-cde0-5376-084e51d096ba", "properties": { "principalId": "0aa95430-9a7f-4c8e-8cf6-579278e68947", "roleDefinitionId": "Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8", @@ -315,16 +348,19 @@ } }, { - "RequestUri": "https://heathskv1hsm.managedhsm.azure.net/keys/1709782177/create?api-version=7.2", + "RequestUri": "https://heathstst2hsm.managedhsm.azure.net/keys/956967056/create?api-version=7.2", "RequestMethod": "POST", "RequestHeaders": { "Accept": "application/json", "Authorization": "Sanitized", "Content-Length": "13", "Content-Type": "application/json", - "traceparent": "00-72dc4b373f969b4fa68248cae2a70cdb-6d92d82e62e42240-00", - "User-Agent": "azsdk-net-Security.KeyVault.Keys/4.2.0-alpha.20210413.1 (.NET Framework 4.8.4300.0; Microsoft Windows 10.0.19042 )", - "x-ms-client-request-id": "252ca5880c1fbd551dc7e38af2510890", + "traceparent": "00-93943daf3aea764d8db15eebf64c9803-80196d4d03f4ef47-00", + "User-Agent": [ + "azsdk-net-Security.KeyVault.Keys/4.2.0-alpha.20210608.1", + "(.NET Core 4.6.30015.01; Microsoft Windows 10.0.19043 )" + ], + "x-ms-client-request-id": "25bb64f11cde5e63f59e12e3bd929fd1", "x-ms-return-client-request-id": "true" }, "RequestBody": { @@ -334,24 +370,24 @@ "ResponseHeaders": { "Cache-Control": "no-cache", "Content-Length": "330", - "content-security-policy": "default-src \u0027self\u0027", + "Content-Security-Policy": "default-src \u0027self\u0027", "Content-Type": "application/json; charset=utf-8", - "strict-transport-security": "max-age=31536000; includeSubDomains", - "x-content-type-options": "nosniff", - "x-frame-options": "SAMEORIGIN", + "Strict-Transport-Security": "max-age=31536000; includeSubDomains", + "X-Content-Type-Options": "nosniff", + "X-Frame-Options": "SAMEORIGIN", "x-ms-keyvault-network-info": "conn_type=Ipv4;addr=67.171.12.239;act_addr_fam=Ipv4;", "x-ms-keyvault-region": "southcentralus", - "x-ms-request-id": "cc619060-9c7f-11eb-afa9-000d3af54d67", - "x-ms-server-latency": "174" + "x-ms-request-id": "08c23e94-c8ac-11eb-bdae-000d3aedb9e5", + "x-ms-server-latency": "172" }, "ResponseBody": { "attributes": { - "created": 1618335826, + "created": 1623192677, "enabled": true, "exportable": false, "recoverableDays": 90, "recoveryLevel": "Recoverable\u002BPurgeable", - "updated": 1618335826 + "updated": 1623192677 }, "key": { "key_ops": [ @@ -360,21 +396,24 @@ "decrypt", "encrypt" ], - "kid": "https://heathskv1hsm.managedhsm.azure.net/keys/1709782177/57b7bc6d6d4c02e490c9f4c26c4f0897", + "kid": "https://heathstst2hsm.managedhsm.azure.net/keys/956967056/509cc4b27a6641819f918b48b4d1813c", "kty": "oct-HSM" } } }, { - "RequestUri": "https://heathskv1hsm.managedhsm.azure.net/keys/1709782177/?api-version=7.2", + "RequestUri": "https://heathstst2hsm.managedhsm.azure.net/keys/956967056/?api-version=7.2", "RequestMethod": "GET", "RequestHeaders": { "Accept": "application/json", "Authorization": "Sanitized", "Content-Type": "application/json", - "traceparent": "00-9e48d88738679e49b9f284556e610422-04eaf3409c463045-00", - "User-Agent": "azsdk-net-Security.KeyVault.Keys/4.2.0-alpha.20210413.1 (.NET Framework 4.8.4300.0; Microsoft Windows 10.0.19042 )", - "x-ms-client-request-id": "25bb64f11cde5e63f59e12e3bd929fd1", + "traceparent": "00-3f9405d88c7e58408a10afad3437c86a-01f1ae277aa7e04c-00", + "User-Agent": [ + "azsdk-net-Security.KeyVault.Keys/4.2.0-alpha.20210608.1", + "(.NET Core 4.6.30015.01; Microsoft Windows 10.0.19043 )" + ], + "x-ms-client-request-id": "5480ad0570d474110f5dce91fc436024", "x-ms-return-client-request-id": "true" }, "RequestBody": null, @@ -382,25 +421,25 @@ "ResponseHeaders": { "Cache-Control": "no-cache", "Content-Length": "330", - "content-security-policy": "default-src \u0027self\u0027", + "Content-Security-Policy": "default-src \u0027self\u0027", "Content-Type": "application/json; charset=utf-8", - "strict-transport-security": "max-age=31536000; includeSubDomains", - "x-content-type-options": "nosniff", - "x-frame-options": "SAMEORIGIN", - "x-ms-build-version": "1.0.20210329-1-34f5870f-develop", + "Strict-Transport-Security": "max-age=31536000; includeSubDomains", + "X-Content-Type-Options": "nosniff", + "X-Frame-Options": "SAMEORIGIN", + "x-ms-build-version": "1.0.20210520-1-d6634624-develop", "x-ms-keyvault-network-info": "conn_type=Ipv4;addr=67.171.12.239;act_addr_fam=Ipv4;", "x-ms-keyvault-region": "southcentralus", - "x-ms-request-id": "cc8929f4-9c7f-11eb-afa9-000d3af54d67", - "x-ms-server-latency": "45" + "x-ms-request-id": "08ef19e6-c8ac-11eb-bdae-000d3aedb9e5", + "x-ms-server-latency": "47" }, "ResponseBody": { "attributes": { - "created": 1618335826, + "created": 1623192677, "enabled": true, "exportable": false, "recoverableDays": 90, "recoveryLevel": "Recoverable\u002BPurgeable", - "updated": 1618335826 + "updated": 1623192677 }, "key": { "key_ops": [ @@ -409,22 +448,25 @@ "wrapKey", "unwrapKey" ], - "kid": "https://heathskv1hsm.managedhsm.azure.net/keys/1709782177/57b7bc6d6d4c02e490c9f4c26c4f0897", + "kid": "https://heathstst2hsm.managedhsm.azure.net/keys/956967056/509cc4b27a6641819f918b48b4d1813c", "kty": "oct-HSM" } } }, { - "RequestUri": "https://heathskv1hsm.managedhsm.azure.net/keys/1709782177/providers/Microsoft.Authorization/roleAssignments/e7ae2aff-eb17-4c9d-84f0-d12f7f468f16?api-version=7.2", + "RequestUri": "https://heathstst2hsm.managedhsm.azure.net/keys/956967056/providers/Microsoft.Authorization/roleAssignments/1a648030-59ec-cde0-5376-084e51d096ba?api-version=7.2", "RequestMethod": "PUT", "RequestHeaders": { "Accept": "application/json", "Authorization": "Sanitized", "Content-Length": "196", "Content-Type": "application/json", - "traceparent": "00-4e52ed4bab924c4dac04c6f01e51e5e1-c04c4fd1d6e86647-00", - "User-Agent": "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210413.1 (.NET Framework 4.8.4300.0; Microsoft Windows 10.0.19042 )", - "x-ms-client-request-id": "5480ad0570d474110f5dce91fc436024", + "traceparent": "00-ec300b63242d9c47ad9b368a2e65cd4c-d11aa101631cb34d-00", + "User-Agent": [ + "azsdk-net-Security.KeyVault.Administration/4.0.0-alpha.20210608.1", + "(.NET Core 4.6.30015.01; Microsoft Windows 10.0.19043 )" + ], + "x-ms-client-request-id": "6b5fbe0094db6bc341ce2f80fa72008a", "x-ms-return-client-request-id": "true" }, "RequestBody": { @@ -436,31 +478,31 @@ "StatusCode": 201, "ResponseHeaders": { "Cache-Control": "no-cache", - "Content-Length": "413", - "content-security-policy": "default-src \u0027self\u0027", + "Content-Length": "412", + "Content-Security-Policy": "default-src \u0027self\u0027", "Content-Type": "application/json; charset=utf-8", - "strict-transport-security": "max-age=31536000; includeSubDomains", - "x-content-type-options": "nosniff", - "x-frame-options": "SAMEORIGIN", + "Strict-Transport-Security": "max-age=31536000; includeSubDomains", + "X-Content-Type-Options": "nosniff", + "X-Frame-Options": "SAMEORIGIN", "x-ms-keyvault-network-info": "conn_type=Ipv4;addr=67.171.12.239;act_addr_fam=Ipv4;", "x-ms-keyvault-region": "southcentralus", - "x-ms-request-id": "ccabf7cc-9c7f-11eb-afa9-000d3af54d67", - "x-ms-server-latency": "78" + "x-ms-request-id": "090071aa-c8ac-11eb-bdae-000d3aedb9e5", + "x-ms-server-latency": "83" }, "ResponseBody": { - "id": "/providers/Microsoft.Authorization/roleAssignments/e7ae2aff-eb17-4c9d-84f0-d12f7f468f16", - "name": "e7ae2aff-eb17-4c9d-84f0-d12f7f468f16", + "id": "/providers/Microsoft.Authorization/roleAssignments/1a648030-59ec-cde0-5376-084e51d096ba", + "name": "1a648030-59ec-cde0-5376-084e51d096ba", "properties": { "principalId": "0aa95430-9a7f-4c8e-8cf6-579278e68947", "roleDefinitionId": "Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/7b127d3c-77bd-4e3e-bbe0-dbb8971fa7f8", - "scope": "/keys/1709782177" + "scope": "/keys/956967056" }, "type": "Microsoft.Authorization/roleAssignments" } } ], "Variables": { - "AZURE_MANAGEDHSM_URL": "https://heathskv1hsm.managedhsm.azure.net/", + "AZURE_MANAGEDHSM_URL": "https://heathstst2hsm.managedhsm.azure.net/", "CLIENT_OBJECTID": "0aa95430-9a7f-4c8e-8cf6-579278e68947", "RandomSeed": "1588834660" } diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/samples/AccessControlSampleSnippets.cs b/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/samples/AccessControlSampleSnippets.cs index df687a9704ebf..45e5af31cab03 100644 --- a/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/samples/AccessControlSampleSnippets.cs +++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/samples/AccessControlSampleSnippets.cs @@ -74,7 +74,7 @@ public void CreateRoleAssignment() { client = Client; Pageable allDefinitions = client.GetRoleDefinitions(KeyVaultRoleScope.Global); - _roleDefinitionId = allDefinitions.FirstOrDefault(d => d.RoleName == RoleName).Id; + _roleDefinitionId = allDefinitions.First(d => d.RoleName == RoleName).Id; // Replace roleDefinitionId with a role definition Id from the definitions returned from the List the role definitions section above string definitionIdToAssign = _roleDefinitionId; @@ -90,9 +90,10 @@ public void CreateRoleAssignment() // Replace with the service principal object id from the Create/Get credentials section above string servicePrincipalObjectId = ""; - RoleAssignment createdAssignment = client.CreateRoleAssignment(RoleAssignmentScope.Global, properties); + KeyVaultRoleAssignment createdAssignment = client.CreateRoleAssignment(KeyVaultRoleScope.Global, definitionIdToAssign, servicePrincipalObjectId); #else - KeyVaultRoleAssignment createdAssignment = client.CreateRoleAssignment(KeyVaultRoleScope.Global, definitionIdToAssign, servicePrincipalObjectId, _roleAssignmentId); + Guid roleDefinitionName = Recording.Random.NewGuid(); + KeyVaultRoleAssignment createdAssignment = client.CreateRoleAssignment(KeyVaultRoleScope.Global, definitionIdToAssign, servicePrincipalObjectId, roleDefinitionName); #endif Console.WriteLine(createdAssignment.Name); diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/samples/Sample1_RbacHelloWorld.cs b/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/samples/Sample1_RbacHelloWorld.cs index 7810343c7f699..2639e59b169f6 100644 --- a/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/samples/Sample1_RbacHelloWorld.cs +++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/samples/Sample1_RbacHelloWorld.cs @@ -94,7 +94,7 @@ public void CreateRoleAssignment() client = Client; List definitions = client.GetRoleDefinitions(KeyVaultRoleScope.Global).ToList(); - _roleDefinitionId = definitions.FirstOrDefault(d => d.RoleName == RoleName).Id; + _roleDefinitionId = definitions.First(d => d.RoleName == RoleName).Id; // Replace roleDefinitionId with a role definition Id from the definitions returned from GetRoleAssignments. string definitionIdToAssign = _roleDefinitionId; @@ -107,9 +107,10 @@ public void CreateRoleAssignment() string definitionIdToAssign = ""; string servicePrincipalObjectId = ""; - KeyVaultRoleAssignment createdAssignment = client.CreateRoleAssignment(RoleAssignmentScope.Global, definitionIdToAssign, servicePrincipalObjectI); + KeyVaultRoleAssignment createdAssignment = client.CreateRoleAssignment(KeyVaultRoleScope.Global, definitionIdToAssign, servicePrincipalObjectId); #else - KeyVaultRoleAssignment createdAssignment = client.CreateRoleAssignment(KeyVaultRoleScope.Global, definitionIdToAssign, servicePrincipalObjectId, _roleAssignmentId); + Guid roleAssignmentName = Recording.Random.NewGuid(); + KeyVaultRoleAssignment createdAssignment = client.CreateRoleAssignment(KeyVaultRoleScope.Global, definitionIdToAssign, servicePrincipalObjectId, roleAssignmentName); #endif #endregion @@ -130,7 +131,7 @@ public async Task CreateRoleAssignmentAsync() client = Client; List definitions = await client.GetRoleDefinitionsAsync(KeyVaultRoleScope.Global).ToEnumerableAsync().ConfigureAwait(false); - _roleDefinitionId = definitions.FirstOrDefault(d => d.RoleName == RoleName).Id; + _roleDefinitionId = definitions.First(d => d.RoleName == RoleName).Id; // Replace roleDefinitionId with a role definition Id from the definitions returned from GetRoleDefinitionsAsync. string definitionIdToAssign = _roleDefinitionId; @@ -143,9 +144,10 @@ public async Task CreateRoleAssignmentAsync() string definitionIdToAssign = ""; string servicePrincipalObjectId = ""; - KeyVaultRoleAssignment createdAssignment = await client.CreateRoleAssignmentAsync(RoleAssignmentScope.Global, definitionIdToAssign, servicePrincipalObjectId); + KeyVaultRoleAssignment createdAssignment = await client.CreateRoleAssignmentAsync(KeyVaultRoleScope.Global, definitionIdToAssign, servicePrincipalObjectId); #else - KeyVaultRoleAssignment createdAssignment = await client.CreateRoleAssignmentAsync(KeyVaultRoleScope.Global, definitionIdToAssign, servicePrincipalObjectId, _roleAssignmentId).ConfigureAwait(false); + Guid roleAssignmentName = Recording.Random.NewGuid(); + KeyVaultRoleAssignment createdAssignment = await client.CreateRoleAssignmentAsync(KeyVaultRoleScope.Global, definitionIdToAssign, servicePrincipalObjectId, roleAssignmentName).ConfigureAwait(false); #endif #endregion diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/samples/Sample2_RbacScopeAssignment.cs b/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/samples/Sample2_RbacScopeAssignment.cs index dde6763d0022e..381b48ba97f11 100644 --- a/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/samples/Sample2_RbacScopeAssignment.cs +++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/samples/Sample2_RbacScopeAssignment.cs @@ -1,11 +1,11 @@ // Copyright (c) Microsoft Corporation. All rights reserved. // Licensed under the MIT License. +using System; using System.Collections.Generic; using System.Linq; using System.Threading.Tasks; using Azure.Core.TestFramework; -using Azure.Security.KeyVault.Administration.Models; using Azure.Security.KeyVault.Administration.Tests; using Azure.Security.KeyVault.Keys; using NUnit.Framework; @@ -34,7 +34,7 @@ public async Task CreateRoleAssignmentAsync() client = Client; List definitions = await client.GetRoleDefinitionsAsync(KeyVaultRoleScope.Global).ToEnumerableAsync().ConfigureAwait(false); - _roleDefinitionId = definitions.FirstOrDefault(d => d.RoleName == RoleName).Id; + _roleDefinitionId = definitions.First(d => d.RoleName == RoleName).Id; // Replace roleDefinitionId with a role definition Id from the definitions returned from GetRoleDefinitionsAsync. string definitionIdToAssign = _roleDefinitionId; @@ -47,9 +47,10 @@ public async Task CreateRoleAssignmentAsync() string definitionIdToAssign = ""; string servicePrincipalObjectId = ""; - RoleAssignment keysScopedAssignment = await client.CreateRoleAssignmentAsync(RoleAssignmentScope.Global, definitionIdToAssign, servicePrincipalObjectId); + KeyVaultRoleAssignment keysScopedAssignment = await client.CreateRoleAssignmentAsync(KeyVaultRoleScope.Global, definitionIdToAssign, servicePrincipalObjectId); #else - KeyVaultRoleAssignment keysScopedAssignment = await client.CreateRoleAssignmentAsync(KeyVaultRoleScope.Keys, definitionIdToAssign, servicePrincipalObjectId , _roleAssignmentId).ConfigureAwait(false); + Guid roleAssignmentName = Recording.Random.NewGuid(); + KeyVaultRoleAssignment keysScopedAssignment = await client.CreateRoleAssignmentAsync(KeyVaultRoleScope.Keys, definitionIdToAssign, servicePrincipalObjectId , roleAssignmentName).ConfigureAwait(false); #endif #endregion @@ -69,9 +70,9 @@ public async Task CreateRoleAssignmentAsync() KeyVaultKey key = await keyClient.GetKeyAsync(keyName); #if SNIPPET - RoleAssignment keyScopedAssignment = await client.CreateRoleAssignmentAsync(new RoleAssignmentScope(key.Id), definitionIdToAssign, servicePrincipalObjectId); + KeyVaultRoleAssignment keyScopedAssignment = await client.CreateRoleAssignmentAsync(new KeyVaultRoleScope(key.Id), definitionIdToAssign, servicePrincipalObjectId); #else - KeyVaultRoleAssignment keyScopedAssignment = await client.CreateRoleAssignmentAsync(new KeyVaultRoleScope(key.Id), definitionIdToAssign, servicePrincipalObjectId, _roleAssignmentId).ConfigureAwait(false); + KeyVaultRoleAssignment keyScopedAssignment = await client.CreateRoleAssignmentAsync(new KeyVaultRoleScope(key.Id), definitionIdToAssign, servicePrincipalObjectId, roleAssignmentName).ConfigureAwait(false); #endif #endregion