[KeyVault] Added security domain properties into PSManagedHsm (#22540)

* Refresh track 1 SDK

* Added security domain properties into the output of New/Update/Get-AzKeyVaultManagedHsm (PSManagedHsm)

* Refresh example

src/KeyVault/KeyVault.Sdk/Generated/Models/ManagedHsmProperties.cs

@@ -35,20 +35,20 @@ public ManagedHsmProperties()
         /// </param>
 
         /// <param name="enableSoftDelete">Property to specify whether the &#39;soft delete&#39; functionality is enabled for
-        /// this managed HSM pool. If it&#39;s not set to any value(true or false) when
-        /// creating new managed HSM pool, it will be set to true by default. Once set
-        /// to true, it cannot be reverted to false.
+        /// this managed HSM pool. Soft delete is enabled by default for all managed
+        /// HSMs and is immutable.
         /// </param>
 
-        /// <param name="softDeleteRetentionInDays">softDelete data retention days. It accepts &gt;=7 and &lt;=90.
+        /// <param name="softDeleteRetentionInDays">Soft deleted data retention days. When you delete an HSM or a key, it will
+        /// remain recoverable for the configured retention period or for a default
+        /// period of 90 days. It accepts values between 7 and 90.
         /// </param>
 
         /// <param name="enablePurgeProtection">Property specifying whether protection against purge is enabled for this
         /// managed HSM pool. Setting this property to true activates protection
         /// against purge for this managed HSM pool and its content - only the Managed
-        /// HSM service may initiate a hard, irrecoverable deletion. The setting is
-        /// effective only if soft delete is also enabled. Enabling this functionality
-        /// is irreversible.
+        /// HSM service may initiate a hard, irrecoverable deletion. Enabling this
+        /// functionality is irreversible.
         /// </param>
 
         /// <param name="createMode">The create mode to indicate whether the resource is being created or is
@@ -69,13 +69,15 @@ public ManagedHsmProperties()
         /// <param name="privateEndpointConnections">List of private endpoint connections associated with the managed hsm pool.
         /// </param>
 
-        /// <param name="publicNetworkAccess">Control permission for data plane traffic coming from public networks while
-        /// private endpoint is enabled.
+        /// <param name="publicNetworkAccess">Control permission to the managed HSM from public networks.
         /// Possible values include: 'Enabled', 'Disabled'</param>
 
         /// <param name="scheduledPurgeDate">The scheduled purge date in UTC.
         /// </param>
-        public ManagedHsmProperties(System.Guid? tenantId = default(System.Guid?), System.Collections.Generic.IList<string> initialAdminObjectIds = default(System.Collections.Generic.IList<string>), string hsmUri = default(string), bool? enableSoftDelete = default(bool?), int? softDeleteRetentionInDays = default(int?), bool? enablePurgeProtection = default(bool?), CreateMode? createMode = default(CreateMode?), string statusMessage = default(string), string provisioningState = default(string), MhsmNetworkRuleSet networkAcls = default(MhsmNetworkRuleSet), System.Collections.Generic.IList<MhsmPrivateEndpointConnectionItem> privateEndpointConnections = default(System.Collections.Generic.IList<MhsmPrivateEndpointConnectionItem>), string publicNetworkAccess = default(string), System.DateTime? scheduledPurgeDate = default(System.DateTime?))
+
+        /// <param name="securityDomainProperties">Managed HSM security domain properties.
+        /// </param>
+        public ManagedHsmProperties(System.Guid? tenantId = default(System.Guid?), System.Collections.Generic.IList<string> initialAdminObjectIds = default(System.Collections.Generic.IList<string>), string hsmUri = default(string), bool? enableSoftDelete = default(bool?), int? softDeleteRetentionInDays = default(int?), bool? enablePurgeProtection = default(bool?), CreateMode? createMode = default(CreateMode?), string statusMessage = default(string), string provisioningState = default(string), MhsmNetworkRuleSet networkAcls = default(MhsmNetworkRuleSet), System.Collections.Generic.IList<MhsmPrivateEndpointConnectionItem> privateEndpointConnections = default(System.Collections.Generic.IList<MhsmPrivateEndpointConnectionItem>), string publicNetworkAccess = default(string), System.DateTime? scheduledPurgeDate = default(System.DateTime?), ManagedHSMSecurityDomainProperties securityDomainProperties = default(ManagedHSMSecurityDomainProperties))
 
         {
             this.TenantId = tenantId;
@@ -91,6 +93,7 @@ public ManagedHsmProperties()
             this.PrivateEndpointConnections = privateEndpointConnections;
             this.PublicNetworkAccess = publicNetworkAccess;
             this.ScheduledPurgeDate = scheduledPurgeDate;
+            this.SecurityDomainProperties = securityDomainProperties;
             CustomInit();
         }
 
@@ -122,15 +125,16 @@ public ManagedHsmProperties()
 
         /// <summary>
         /// Gets or sets property to specify whether the &#39;soft delete&#39; functionality is
-        /// enabled for this managed HSM pool. If it&#39;s not set to any value(true or
-        /// false) when creating new managed HSM pool, it will be set to true by
-        /// default. Once set to true, it cannot be reverted to false.
+        /// enabled for this managed HSM pool. Soft delete is enabled by default for
+        /// all managed HSMs and is immutable.
         /// </summary>
         [Newtonsoft.Json.JsonProperty(PropertyName = "enableSoftDelete")]
         public bool? EnableSoftDelete {get; set; }
 
         /// <summary>
-        /// Gets or sets softDelete data retention days. It accepts &gt;=7 and &lt;=90.
+        /// Gets or sets soft deleted data retention days. When you delete an HSM or a
+        /// key, it will remain recoverable for the configured retention period or for
+        /// a default period of 90 days. It accepts values between 7 and 90.
         /// </summary>
         [Newtonsoft.Json.JsonProperty(PropertyName = "softDeleteRetentionInDays")]
         public int? SoftDeleteRetentionInDays {get; set; }
@@ -139,9 +143,8 @@ public ManagedHsmProperties()
         /// Gets or sets property specifying whether protection against purge is
         /// enabled for this managed HSM pool. Setting this property to true activates
         /// protection against purge for this managed HSM pool and its content - only
-        /// the Managed HSM service may initiate a hard, irrecoverable deletion. The
-        /// setting is effective only if soft delete is also enabled. Enabling this
-        /// functionality is irreversible.
+        /// the Managed HSM service may initiate a hard, irrecoverable deletion.
+        /// Enabling this functionality is irreversible.
         /// </summary>
         [Newtonsoft.Json.JsonProperty(PropertyName = "enablePurgeProtection")]
         public bool? EnablePurgeProtection {get; set; }
@@ -180,8 +183,7 @@ public ManagedHsmProperties()
         public System.Collections.Generic.IList<MhsmPrivateEndpointConnectionItem> PrivateEndpointConnections {get; private set; }
 
         /// <summary>
-        /// Gets or sets control permission for data plane traffic coming from public
-        /// networks while private endpoint is enabled. Possible values include: &#39;Enabled&#39;, &#39;Disabled&#39;
+        /// Gets or sets control permission to the managed HSM from public networks. Possible values include: &#39;Enabled&#39;, &#39;Disabled&#39;
         /// </summary>
         [Newtonsoft.Json.JsonProperty(PropertyName = "publicNetworkAccess")]
         public string PublicNetworkAccess {get; set; }
@@ -191,5 +193,11 @@ public ManagedHsmProperties()
         /// </summary>
         [Newtonsoft.Json.JsonProperty(PropertyName = "scheduledPurgeDate")]
         public System.DateTime? ScheduledPurgeDate {get; private set; }
+
+        /// <summary>
+        /// Gets managed HSM security domain properties.
+        /// </summary>
+        [Newtonsoft.Json.JsonProperty(PropertyName = "securityDomainProperties")]
+        public ManagedHSMSecurityDomainProperties SecurityDomainProperties {get; private set; }
     }
 }

src/KeyVault/KeyVault.Sdk/Generated/Models/ManagedHsmSku.cs

@@ -25,7 +25,7 @@ public ManagedHsmSku()
         /// </summary>
 
         /// <param name="name">SKU of the managed HSM Pool
-        /// Possible values include: 'Standard_B1', 'Custom_B32'</param>
+        /// Possible values include: 'Standard_B1', 'Custom_B32', 'Custom_B6'</param>
         public ManagedHsmSku(ManagedHsmSkuName name)
 
         {
@@ -47,7 +47,7 @@ static ManagedHsmSku()
 
 
         /// <summary>
-        /// Gets or sets sKU of the managed HSM Pool Possible values include: &#39;Standard_B1&#39;, &#39;Custom_B32&#39;
+        /// Gets or sets sKU of the managed HSM Pool Possible values include: &#39;Standard_B1&#39;, &#39;Custom_B32&#39;, &#39;Custom_B6&#39;
         /// </summary>
         [Newtonsoft.Json.JsonProperty(PropertyName = "name")]
         public ManagedHsmSkuName Name {get; set; }

src/KeyVault/KeyVault.Sdk/Generated/Models/ManagedHsmSkuName.cs

@@ -17,7 +17,9 @@ public enum ManagedHsmSkuName
         [System.Runtime.Serialization.EnumMember(Value = "Standard_B1")]
         StandardB1,
         [System.Runtime.Serialization.EnumMember(Value = "Custom_B32")]
-        CustomB32
+        CustomB32,
+        [System.Runtime.Serialization.EnumMember(Value = "Custom_B6")]
+        CustomB6
     }
     internal static class ManagedHsmSkuNameEnumExtension
     {
@@ -33,6 +35,8 @@ internal static string ToSerializedValue(this ManagedHsmSkuName value)
                     return "Standard_B1";
                 case ManagedHsmSkuName.CustomB32:
                     return "Custom_B32";
+                case ManagedHsmSkuName.CustomB6:
+                    return "Custom_B6";
             }
             return null;
         }
@@ -44,6 +48,8 @@ internal static string ToSerializedValue(this ManagedHsmSkuName value)
                     return ManagedHsmSkuName.StandardB1;
                 case "Custom_B32":
                     return ManagedHsmSkuName.CustomB32;
+                case "Custom_B6":
+                    return ManagedHsmSkuName.CustomB6;
             }
             return null;
         }

src/KeyVault/KeyVault.Sdk/README.md

@@ -21,7 +21,7 @@ license-header: MICROSOFT_MIT_NO_VERSION
 
 ###
 ``` yaml
-commit: fead0dec636e7554fb8401370418085136d4f052
+commit: 33f06ff82a4c751bcbc842b7ed4da2e81b0717b6
 input-file:
   - https://github.com/Azure/azure-rest-api-specs/blob/$(commit)/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2022-07-01/common.json
   - https://github.com/Azure/azure-rest-api-specs/blob/$(commit)/specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2022-07-01/keyvault.json

src/KeyVault/KeyVault/ChangeLog.md

@@ -18,6 +18,7 @@
         - Additional information about change #1
 -->
 ## Upcoming Release
+* Added security domain properties into the output of `New/Update/Get-AzKeyVaultManagedHsm` (`PSManagedHsm`).
 * Supported Setting for Managed HSM: Added `Get-AzKeyVaultSetting` and `Update-AzKeyVaultSetting`.
 * Updated Azure.Core to 1.34.0.
 

src/KeyVault/KeyVault/KeyVault.format.ps1xml

@@ -578,6 +578,10 @@
             <Alignment>Left</Alignment>
             <Label>ProvisioningState</Label>
           </TableColumnHeader>
+          <TableColumnHeader>
+            <Alignment>Left</Alignment>
+            <Label>Security Domain ActivationStatus</Label>
+          </TableColumnHeader>
         </TableHeaders>
         <TableRowEntries>
           <TableRowEntry>
@@ -602,6 +606,15 @@
                 <Alignment>Left</Alignment>
                 <PropertyName>ProvisioningState</PropertyName>
               </TableColumnItem>
+              <TableColumnItem>
+                <Alignment>Left</Alignment>
+                <ScriptBlock>
+                  if ($_.SecurityDomain -ne $null)
+                  {
+                  $_.SecurityDomain.ActivationStatus;
+                  }
+                </ScriptBlock>
+              </TableColumnItem>
             </TableColumnItems>
           </TableRowEntry>
         </TableRowEntries>
@@ -721,6 +734,24 @@
                 <Label>Status Message</Label>
                 <PropertyName>StatusMessage</PropertyName>
               </ListItem>
+              <ListItem>
+                <Label>Security Domain ActivationStatus</Label>
+                <ScriptBlock>
+                  if ($_.SecurityDomain -ne $null)
+                  {
+                  $_.SecurityDomain.ActivationStatus;
+                  }
+                </ScriptBlock>
+              </ListItem>
+              <ListItem>
+                <Label>Security Domain ActivationStatusMessage</Label>
+                <ScriptBlock>
+                  if ($_.SecurityDomain -ne $null)
+                  {
+                  $_.SecurityDomain.ActivationStatusMessage;
+                  }
+                </ScriptBlock>
+              </ListItem>
               <ListItem>
                 <Label>Tags</Label>
                 <PropertyName>TagsTable</PropertyName>

src/KeyVault/KeyVault/Models/ManagedHsm/PSManagedHSMSecurityDomain.cs

@@ -0,0 +1,28 @@
+using Microsoft.Azure.Management.KeyVault.Models;
+
+using System;
+using System.Collections.Generic;
+using System.Text;
+
+namespace Microsoft.Azure.Commands.KeyVault.Models
+{
+    public class PSManagedHSMSecurityDomain
+    {
+        /// <summary>
+        /// Gets activation Status Possible values include: &#39;Active&#39;, &#39;NotActivated&#39;, &#39;Unknown&#39;, &#39;Failed&#39;
+        /// </summary>
+        public string ActivationStatus { get; private set; }
+
+        /// <summary>
+        /// Gets activation Status Message.
+        /// </summary>
+        public string ActivationStatusMessage { get; private set; }
+
+        public PSManagedHSMSecurityDomain(ManagedHSMSecurityDomainProperties managedHSMSecurityDomainProperties)
+        {
+            this.ActivationStatus = managedHSMSecurityDomainProperties?.ActivationStatus;
+            this.ActivationStatusMessage = managedHSMSecurityDomainProperties?.ActivationStatusMessage;
+        }
+
+    }
+}

src/KeyVault/KeyVault/Models/PSManagedHsm.cs → src/KeyVault/KeyVault/Models/ManagedHsm/PSManagedHsm.cs

@@ -49,13 +49,14 @@ public PSManagedHsm(ManagedHsm managedHsm, IMicrosoftGraphClient graphClient)
             SoftDeleteRetentionInDays = managedHsm.Properties.SoftDeleteRetentionInDays;
             StatusMessage = managedHsm.Properties.StatusMessage;
             ProvisioningState = managedHsm.Properties.ProvisioningState;
+            SecurityDomain = new PSManagedHSMSecurityDomain(managedHsm?.Properties?.SecurityDomainProperties);
             OriginalManagedHsm = managedHsm;
         }
 
-        public string Name 
-        { 
-            get { return VaultName; } 
-            internal set { VaultName = value; } 
+        public string Name
+        {
+            get { return VaultName; }
+            internal set { VaultName = value; }
         }
 
         public string PublicNetworkAccess { get; private set; }
@@ -70,6 +71,9 @@ public string Name
         public bool? EnablePurgeProtection { get; internal set; }
         public string StatusMessage { get; private set; }
         public string ProvisioningState { get; private set; }
+
+        public PSManagedHSMSecurityDomain SecurityDomain { get; private set; }
+
         public ManagedHsm OriginalManagedHsm { get; private set; }
 
     }

src/KeyVault/KeyVault/help/Get-AzKeyVaultManagedHsm.md

@@ -45,9 +45,9 @@ Get-AzKeyVaultManagedHsm
 ```
 
 ```output
-Name  Resource Group Name Location    SKU
-----  ------------------- --------    ---
-myhsm myrg1               eastus2euap StandardB1
+Name    Resource Group Name Location SKU        ProvisioningState Security Domain ActivationStatus
+----    ------------------- -------- ---        ----------------- --------------------------------
+myhsm   test-rg              eastus   StandardB1 Succeeded         Active
 ```
 
 This command gets all managed HSMs in your current subscription.
@@ -58,9 +58,9 @@ Get-AzKeyVaultManagedHsm -Name 'myhsm'
 ```
 
 ```output
-Name  Resource Group Name Location    SKU
-----  ------------------- --------    ---
-myhsm myrg1               eastus2euap StandardB1
+Name    Resource Group Name Location SKU        ProvisioningState Security Domain ActivationStatus
+----    ------------------- -------- ---        ----------------- --------------------------------
+myhsm   test-rg              eastus   StandardB1 Succeeded         Active
 ```
 
 This command gets the managed HSM named myhsm in your current subscription.
@@ -71,9 +71,9 @@ Get-AzKeyVaultManagedHsm -ResourceGroupName 'myrg1'
 ```
 
 ```output
-Name  Resource Group Name Location    SKU
-----  ------------------- --------    ---
-myhsm myrg1               eastus2euap StandardB1
+Name  Resource Group Name Location    SKU        ProvisioningState Security Domain ActivationStatus
+----  ------------------- --------    ---        ----------------- --------------------------------
+myhsm myrg1               eastus2euap StandardB1 Succeeded         Active
 ```
 
 This command gets all managed HSMs in the resource group named myrg1.
@@ -84,9 +84,9 @@ Get-AzKeyVaultManagedHsm -Name 'myhsm*'
 ```
 
 ```output
-Name  Resource Group Name Location    SKU
-----  ------------------- --------    ---
-myhsm myrg1               eastus2euap StandardB1
+Name  Resource Group Name Location    SKU        ProvisioningState Security Domain ActivationStatus
+----  ------------------- --------    ---        ----------------- --------------------------------
+myhsm myrg1               eastus2euap StandardB1 Succeeded         Active
 ```
 
 This command gets all managed HSMs in the subscription that start with "myhsm".