From f0c446a1ed5c96784532047f77290d423b72a533 Mon Sep 17 00:00:00 2001 From: Christopher Scott Date: Wed, 17 Jun 2020 22:18:12 -0500 Subject: [PATCH] Revert swagger workarounds after service fix (#12853) --- ...ssignmentCreateParameters.Serialization.cs | 23 +++ .../Models/RoleAssignmentCreateParameters.cs | 30 ++++ .../Generated/RoleAssignmentsRestClient.cs | 6 +- .../src/KeyVaultAccessControlClient.cs | 4 +- .../src/asdf.cs | 9 ++ .../src/swagger/rbac.json | 15 +- .../tests/AccessControlTestBase.cs | 4 +- .../CreateRoleAssignment.json | 133 +++++++++++------ .../CreateRoleAssignmentAsync.json | 133 +++++++++++------ .../DeleteRoleAssignment.json | 141 ++++++++++++------ .../DeleteRoleAssignmentAsync.json | 141 ++++++++++++------ .../GetRoleAssignment.json | 141 ++++++++++++------ .../GetRoleAssignmentAsync.json | 141 ++++++++++++------ .../GetRoleDefinitions.json | 117 ++++++++++----- .../GetRoleDefinitionsAsync.json | 117 ++++++++++----- 15 files changed, 808 insertions(+), 347 deletions(-) create mode 100644 sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/RoleAssignmentCreateParameters.Serialization.cs create mode 100644 sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/RoleAssignmentCreateParameters.cs create mode 100644 sdk/keyvault/Azure.Security.KeyVault.Administration/src/asdf.cs diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/RoleAssignmentCreateParameters.Serialization.cs b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/RoleAssignmentCreateParameters.Serialization.cs new file mode 100644 index 000000000000..b605492ea950 --- /dev/null +++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/RoleAssignmentCreateParameters.Serialization.cs @@ -0,0 +1,23 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using System.Text.Json; +using Azure.Core; + +namespace Azure.Security.KeyVault.Administration.Models +{ + internal partial class RoleAssignmentCreateParameters : IUtf8JsonSerializable + { + void IUtf8JsonSerializable.Write(Utf8JsonWriter writer) + { + writer.WriteStartObject(); + writer.WritePropertyName("properties"); + writer.WriteObjectValue(Properties); + writer.WriteEndObject(); + } + } +} diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/RoleAssignmentCreateParameters.cs b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/RoleAssignmentCreateParameters.cs new file mode 100644 index 000000000000..a2924b58918f --- /dev/null +++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/RoleAssignmentCreateParameters.cs @@ -0,0 +1,30 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using System; + +namespace Azure.Security.KeyVault.Administration.Models +{ + /// Role assignment create parameters. + internal partial class RoleAssignmentCreateParameters + { + /// Initializes a new instance of RoleAssignmentCreateParameters. + /// Role assignment properties. + public RoleAssignmentCreateParameters(RoleAssignmentProperties properties) + { + if (properties == null) + { + throw new ArgumentNullException(nameof(properties)); + } + + Properties = properties; + } + + /// Role assignment properties. + public RoleAssignmentProperties Properties { get; } + } +} diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/RoleAssignmentsRestClient.cs b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/RoleAssignmentsRestClient.cs index f23a849d6fb8..3fb14d14c8fc 100644 --- a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/RoleAssignmentsRestClient.cs +++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/RoleAssignmentsRestClient.cs @@ -141,7 +141,7 @@ public Response Delete(string vaultBaseUrl, string scope, string } } - internal HttpMessage CreateCreateRequest(string vaultBaseUrl, string scope, string roleAssignmentName, RoleAssignmentProperties parameters) + internal HttpMessage CreateCreateRequest(string vaultBaseUrl, string scope, string roleAssignmentName, RoleAssignmentCreateParameters parameters) { var message = _pipeline.CreateMessage(); var request = message.Request; @@ -167,7 +167,7 @@ internal HttpMessage CreateCreateRequest(string vaultBaseUrl, string scope, stri /// The name of the role assignment to create. It can be any valid GUID. /// Parameters for the role assignment. /// The cancellation token to use. - public async Task> CreateAsync(string vaultBaseUrl, string scope, string roleAssignmentName, RoleAssignmentProperties parameters, CancellationToken cancellationToken = default) + public async Task> CreateAsync(string vaultBaseUrl, string scope, string roleAssignmentName, RoleAssignmentCreateParameters parameters, CancellationToken cancellationToken = default) { if (vaultBaseUrl == null) { @@ -215,7 +215,7 @@ public async Task> CreateAsync(string vaultBaseUrl, str /// The name of the role assignment to create. It can be any valid GUID. /// Parameters for the role assignment. /// The cancellation token to use. - public Response Create(string vaultBaseUrl, string scope, string roleAssignmentName, RoleAssignmentProperties parameters, CancellationToken cancellationToken = default) + public Response Create(string vaultBaseUrl, string scope, string roleAssignmentName, RoleAssignmentCreateParameters parameters, CancellationToken cancellationToken = default) { if (vaultBaseUrl == null) { diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/KeyVaultAccessControlClient.cs b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/KeyVaultAccessControlClient.cs index 7c0dc383a423..6aa817e482b3 100644 --- a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/KeyVaultAccessControlClient.cs +++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/KeyVaultAccessControlClient.cs @@ -250,7 +250,7 @@ public virtual Response CreateRoleAssignment(RoleAssignmentScope try { var _name = name == default ? Guid.NewGuid().ToString() : name.ToString(); - return _assignmentsRestClient.Create(VaultUri.AbsoluteUri, roleScope.ToString(), _name, properties, cancellationToken); + return _assignmentsRestClient.Create(VaultUri.AbsoluteUri, roleScope.ToString(), _name, new RoleAssignmentCreateParameters(properties), cancellationToken); } catch (Exception ex) { @@ -275,7 +275,7 @@ public virtual async Task> CreateRoleAssignmentAsync(Ro try { var _name = name == default ? Guid.NewGuid().ToString() : name.ToString(); - return await _assignmentsRestClient.CreateAsync(VaultUri.AbsoluteUri, roleScope.ToString(), _name, properties, cancellationToken) + return await _assignmentsRestClient.CreateAsync(VaultUri.AbsoluteUri, roleScope.ToString(), _name, new RoleAssignmentCreateParameters(properties), cancellationToken) .ConfigureAwait(false); } catch (Exception ex) diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/asdf.cs b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/asdf.cs new file mode 100644 index 000000000000..7728867d23b3 --- /dev/null +++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/asdf.cs @@ -0,0 +1,9 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +namespace Azure.Security.KeyVault.Administration.Models +{ + /// + internal partial class RoleAssignmentCreateParameters + { } +} diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/swagger/rbac.json b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/swagger/rbac.json index 8b4e73deb39e..a15c7e1d7dfb 100644 --- a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/swagger/rbac.json +++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/swagger/rbac.json @@ -153,7 +153,7 @@ "in": "body", "required": true, "schema": { - "$ref": "#/definitions/RoleAssignmentProperties" + "$ref": "#/definitions/RoleAssignmentCreateParameters" }, "description": "Parameters for the role assignment." }, @@ -349,7 +349,6 @@ "description": "Role assignment list operation result." }, "RoleAssignmentProperties": { - "type":"object", "properties": { "roleDefinitionId": { "type": "string", @@ -366,6 +365,18 @@ ], "description": "Role assignment properties." }, + "RoleAssignmentCreateParameters": { + "properties": { + "properties": { + "$ref": "#/definitions/RoleAssignmentProperties", + "description": "Role assignment properties." + } + }, + "required": [ + "properties" + ], + "description": "Role assignment create parameters." + }, "RoleDefinitionFilter": { "properties": { "roleName": { diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/AccessControlTestBase.cs b/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/AccessControlTestBase.cs index 9baf6c42353e..351fb822311f 100644 --- a/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/AccessControlTestBase.cs +++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/AccessControlTestBase.cs @@ -39,12 +39,12 @@ internal KeyVaultAccessControlClient GetClient(TestRecording recording = null) [SetUp] public void ClearChallengeCacheforRecord() { + Client = GetClient(); + // in record mode we reset the challenge cache before each test so that the challenge call // is always made. This allows tests to be replayed independently and in any order if (Mode == RecordedTestMode.Record || Mode == RecordedTestMode.Playback) { - Client = GetClient(); - ChallengeBasedAuthenticationPolicy.AuthenticationChallenge.ClearCache(); } } diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/SessionRecords/AccessControlClientLiveTests/CreateRoleAssignment.json b/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/SessionRecords/AccessControlClientLiveTests/CreateRoleAssignment.json index 1731d81da373..c776c155ccdc 100644 --- a/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/SessionRecords/AccessControlClientLiveTests/CreateRoleAssignment.json +++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/SessionRecords/AccessControlClientLiveTests/CreateRoleAssignment.json @@ -5,8 +5,8 @@ "RequestMethod": "GET", "RequestHeaders": { "User-Agent": [ - "azsdk-net-Security.KeyVault.Administration/4.1.0-dev.20200608.1", - "(.NET Core 4.6.28801.04; Microsoft Windows 10.0.18363 )" + "azsdk-net-Security.KeyVault.Administration/4.1.0-dev.20200617.1", + "(.NET Core 4.6.28928.01; Microsoft Windows 10.0.18363 )" ], "x-ms-client-request-id": "5e8636028f65bb56594d809618e68b9c", "x-ms-return-client-request-id": "true" @@ -18,7 +18,7 @@ "Content-Type": "application/json", "WWW-Authenticate": "Bearer authorization=\u0022https://login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47\u0022, resource=\u0022https://managedhsm.azure.net\u0022", "X-Content-Type-Options": "nosniff", - "x-ms-request-id": "040cdf98-a06d-11ea-af9a-0242ac12000b" + "x-ms-request-id": "7a0bdfa8-b0eb-11ea-9d3b-0242ac12000a" }, "ResponseBody": "OK" }, @@ -28,8 +28,8 @@ "RequestHeaders": { "Authorization": "Sanitized", "User-Agent": [ - "azsdk-net-Security.KeyVault.Administration/4.1.0-dev.20200608.1", - "(.NET Core 4.6.28801.04; Microsoft Windows 10.0.18363 )" + "azsdk-net-Security.KeyVault.Administration/4.1.0-dev.20200617.1", + "(.NET Core 4.6.28928.01; Microsoft Windows 10.0.18363 )" ], "x-ms-client-request-id": "5e8636028f65bb56594d809618e68b9c", "x-ms-return-client-request-id": "true" @@ -37,12 +37,12 @@ "RequestBody": null, "StatusCode": 200, "ResponseHeaders": { - "Content-Length": "4256", + "Content-Length": "5517", "Content-Type": "application/json", "X-Content-Type-Options": "nosniff", "x-ms-keyvault-network-info": "addr=72.176.254.191", "x-ms-keyvault-region": "EASTUS", - "x-ms-request-id": "040cdf98-a06d-11ea-af9a-0242ac12000b" + "x-ms-request-id": "7a0bdfa8-b0eb-11ea-9d3b-0242ac12000a" }, "ResponseBody": { "value": [ @@ -56,19 +56,18 @@ "description": "", "permissions": [ { - "actions": [ - "Microsoft.KeyVault/managedHsm/keys/read", - "Microsoft.KeyVault/managedHsm/keys/write", - "Microsoft.KeyVault/managedHsm/keys/deletedKeys/read", + "actions": [], + "dataActions": [ + "Microsoft.KeyVault/managedHsm/keys/read/action", + "Microsoft.KeyVault/managedHsm/keys/write/action", + "Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action", "Microsoft.KeyVault/managedHsm/keys/deletedKeys/recover/action", "Microsoft.KeyVault/managedHsm/keys/backup/action", "Microsoft.KeyVault/managedHsm/keys/restore/action", - "Microsoft.KeyVault/managedHsm/roleAssignments/delete", - "Microsoft.KeyVault/managedHsm/roleAssignments/read", - "Microsoft.KeyVault/managedHsm/roleAssignments/write", - "Microsoft.KeyVault/managedHsm/roleDefinitions/read" - ], - "dataActions": [ + "Microsoft.KeyVault/managedHsm/roleAssignments/delete/action", + "Microsoft.KeyVault/managedHsm/roleAssignments/read/action", + "Microsoft.KeyVault/managedHsm/roleAssignments/write/action", + "Microsoft.KeyVault/managedHsm/roleDefinitions/read/action", "Microsoft.KeyVault/managedHsm/keys/encrypt/action", "Microsoft.KeyVault/managedHsm/keys/decrypt/action", "Microsoft.KeyVault/managedHsm/keys/wrap/action", @@ -100,15 +99,14 @@ "description": "", "permissions": [ { - "actions": [ - "Microsoft.KeyVault/managedHsm/keys/read", - "Microsoft.KeyVault/managedHsm/keys/write", - "Microsoft.KeyVault/managedHsm/keys/deletedKeys/read", + "actions": [], + "dataActions": [ + "Microsoft.KeyVault/managedHsm/keys/read/action", + "Microsoft.KeyVault/managedHsm/keys/write/action", + "Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action", "Microsoft.KeyVault/managedHsm/keys/deletedKeys/recover/action", "Microsoft.KeyVault/managedHsm/keys/backup/action", - "Microsoft.KeyVault/managedHsm/keys/restore/action" - ], - "dataActions": [ + "Microsoft.KeyVault/managedHsm/keys/restore/action", "Microsoft.KeyVault/managedHsm/keys/encrypt/action", "Microsoft.KeyVault/managedHsm/keys/decrypt/action", "Microsoft.KeyVault/managedHsm/keys/sign/action", @@ -140,12 +138,12 @@ "description": "", "permissions": [ { - "actions": [ - "Microsoft.KeyVault/managedHsm/keys/read", - "Microsoft.KeyVault/managedHsm/keys/write", - "Microsoft.KeyVault/managedHsm/keys/backup/action" - ], + "actions": [], "dataActions": [ + "Microsoft.KeyVault/managedHsm/keys/read/action", + "Microsoft.KeyVault/managedHsm/keys/write/action", + "Microsoft.KeyVault/managedHsm/keys/backup/action", + "Microsoft.KeyVault/managedHsm/keys/create", "Microsoft.KeyVault/managedHsm/keys/encrypt/action", "Microsoft.KeyVault/managedHsm/keys/decrypt/action", "Microsoft.KeyVault/managedHsm/keys/wrap/action", @@ -172,13 +170,13 @@ "description": "", "permissions": [ { - "actions": [ - "Microsoft.KeyVault/managedHsm/roleDefinitions/read", - "Microsoft.KeyVault/managedHsm/roleAssignments/read", - "Microsoft.KeyVault/managedHsm/roleAssignments/write", - "Microsoft.KeyVault/managedHsm/roleAssignments/delete" + "actions": [], + "dataActions": [ + "Microsoft.KeyVault/managedHsm/roleDefinitions/read/action", + "Microsoft.KeyVault/managedHsm/roleAssignments/read/action", + "Microsoft.KeyVault/managedHsm/roleAssignments/write/action", + "Microsoft.KeyVault/managedHsm/roleAssignments/delete/action" ], - "dataActions": [], "notActions": [], "notDataActions": [] } @@ -187,6 +185,55 @@ "type": "" }, "type": "Microsoft.Authorization/roleDefinitions" + }, + { + "id": "Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/2c18b078-7c48-4d3a-af88-5a3a1b3f82b3", + "name": "2c18b078-7c48-4d3a-af88-5a3a1b3f82b3", + "properties": { + "assignableScopes": [ + "/" + ], + "description": "", + "permissions": [ + { + "actions": [], + "dataActions": [ + "Microsoft.KeyVault/managedHsm/keys/read/action", + "Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action" + ], + "notActions": [], + "notDataActions": [] + } + ], + "roleName": "Azure Key Vault Managed HSM Crypto Auditor", + "type": "" + }, + "type": "Microsoft.Authorization/roleDefinitions" + }, + { + "id": "Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/33413926-3206-4cdd-b39a-83574fe37a17", + "name": "33413926-3206-4cdd-b39a-83574fe37a17", + "properties": { + "assignableScopes": [ + "/" + ], + "description": "", + "permissions": [ + { + "actions": [], + "dataActions": [ + "Microsoft.KeyVault/managedHsm/keys/read/action", + "Microsoft.KeyVault/managedHsm/keys/wrap/action", + "Microsoft.KeyVault/managedHsm/keys/unwrap/action" + ], + "notActions": [], + "notDataActions": [] + } + ], + "roleName": "Azure Key Vault Managed HSM Crypto Service Encryption", + "type": "" + }, + "type": "Microsoft.Authorization/roleDefinitions" } ] } @@ -196,19 +243,21 @@ "RequestMethod": "PUT", "RequestHeaders": { "Authorization": "Sanitized", - "Content-Length": "181", + "Content-Length": "196", "Content-Type": "application/json", - "Request-Id": "|3e6cb37e-4eecfa4a673ebe60.", + "traceparent": "00-795ecd5e80915a4391e8149b00f7c932-ebebbe61c4127749-00", "User-Agent": [ - "azsdk-net-Security.KeyVault.Administration/4.1.0-dev.20200608.1", - "(.NET Core 4.6.28801.04; Microsoft Windows 10.0.18363 )" + "azsdk-net-Security.KeyVault.Administration/4.1.0-dev.20200617.1", + "(.NET Core 4.6.28928.01; Microsoft Windows 10.0.18363 )" ], "x-ms-client-request-id": "16093e51ef8cfc750e2d28064b66eddd", "x-ms-return-client-request-id": "true" }, "RequestBody": { - "roleDefinitionId": "Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625b", - "principalId": "693a17da-7022-4cdd-9d4e-4e72e4ad449d" + "properties": { + "roleDefinitionId": "Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625b", + "principalId": "693a17da-7022-4cdd-9d4e-4e72e4ad449d" + } }, "StatusCode": 201, "ResponseHeaders": { @@ -217,7 +266,7 @@ "X-Content-Type-Options": "nosniff", "x-ms-keyvault-network-info": "addr=72.176.254.191", "x-ms-keyvault-region": "EASTUS", - "x-ms-request-id": "040cdf98-a06d-11ea-af9a-0242ac12000b" + "x-ms-request-id": "7a0bdfa8-b0eb-11ea-9d3b-0242ac12000a" }, "ResponseBody": { "id": "/providers/Microsoft.Authorization/roleAssignments/e7ae2aff-eb17-4c9d-84f0-d12f7f468f16", diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/SessionRecords/AccessControlClientLiveTests/CreateRoleAssignmentAsync.json b/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/SessionRecords/AccessControlClientLiveTests/CreateRoleAssignmentAsync.json index a0391450d177..3358d0e6e09f 100644 --- a/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/SessionRecords/AccessControlClientLiveTests/CreateRoleAssignmentAsync.json +++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/SessionRecords/AccessControlClientLiveTests/CreateRoleAssignmentAsync.json @@ -5,8 +5,8 @@ "RequestMethod": "GET", "RequestHeaders": { "User-Agent": [ - "azsdk-net-Security.KeyVault.Administration/4.1.0-dev.20200608.1", - "(.NET Core 4.6.28801.04; Microsoft Windows 10.0.18363 )" + "azsdk-net-Security.KeyVault.Administration/4.1.0-dev.20200617.1", + "(.NET Core 4.6.28928.01; Microsoft Windows 10.0.18363 )" ], "x-ms-client-request-id": "c23c658117723d55cd717f5f53da57f6", "x-ms-return-client-request-id": "true" @@ -18,7 +18,7 @@ "Content-Type": "application/json", "WWW-Authenticate": "Bearer authorization=\u0022https://login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47\u0022, resource=\u0022https://managedhsm.azure.net\u0022", "X-Content-Type-Options": "nosniff", - "x-ms-request-id": "040cdf98-a06d-11ea-af9a-0242ac12000b" + "x-ms-request-id": "7a0bdfa8-b0eb-11ea-9d3b-0242ac12000a" }, "ResponseBody": "OK" }, @@ -28,8 +28,8 @@ "RequestHeaders": { "Authorization": "Sanitized", "User-Agent": [ - "azsdk-net-Security.KeyVault.Administration/4.1.0-dev.20200608.1", - "(.NET Core 4.6.28801.04; Microsoft Windows 10.0.18363 )" + "azsdk-net-Security.KeyVault.Administration/4.1.0-dev.20200617.1", + "(.NET Core 4.6.28928.01; Microsoft Windows 10.0.18363 )" ], "x-ms-client-request-id": "c23c658117723d55cd717f5f53da57f6", "x-ms-return-client-request-id": "true" @@ -37,12 +37,12 @@ "RequestBody": null, "StatusCode": 200, "ResponseHeaders": { - "Content-Length": "4256", + "Content-Length": "5517", "Content-Type": "application/json", "X-Content-Type-Options": "nosniff", "x-ms-keyvault-network-info": "addr=72.176.254.191", "x-ms-keyvault-region": "EASTUS", - "x-ms-request-id": "040cdf98-a06d-11ea-af9a-0242ac12000b" + "x-ms-request-id": "7a0bdfa8-b0eb-11ea-9d3b-0242ac12000a" }, "ResponseBody": { "value": [ @@ -56,19 +56,18 @@ "description": "", "permissions": [ { - "actions": [ - "Microsoft.KeyVault/managedHsm/keys/read", - "Microsoft.KeyVault/managedHsm/keys/write", - "Microsoft.KeyVault/managedHsm/keys/deletedKeys/read", + "actions": [], + "dataActions": [ + "Microsoft.KeyVault/managedHsm/keys/read/action", + "Microsoft.KeyVault/managedHsm/keys/write/action", + "Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action", "Microsoft.KeyVault/managedHsm/keys/deletedKeys/recover/action", "Microsoft.KeyVault/managedHsm/keys/backup/action", "Microsoft.KeyVault/managedHsm/keys/restore/action", - "Microsoft.KeyVault/managedHsm/roleAssignments/delete", - "Microsoft.KeyVault/managedHsm/roleAssignments/read", - "Microsoft.KeyVault/managedHsm/roleAssignments/write", - "Microsoft.KeyVault/managedHsm/roleDefinitions/read" - ], - "dataActions": [ + "Microsoft.KeyVault/managedHsm/roleAssignments/delete/action", + "Microsoft.KeyVault/managedHsm/roleAssignments/read/action", + "Microsoft.KeyVault/managedHsm/roleAssignments/write/action", + "Microsoft.KeyVault/managedHsm/roleDefinitions/read/action", "Microsoft.KeyVault/managedHsm/keys/encrypt/action", "Microsoft.KeyVault/managedHsm/keys/decrypt/action", "Microsoft.KeyVault/managedHsm/keys/wrap/action", @@ -100,15 +99,14 @@ "description": "", "permissions": [ { - "actions": [ - "Microsoft.KeyVault/managedHsm/keys/read", - "Microsoft.KeyVault/managedHsm/keys/write", - "Microsoft.KeyVault/managedHsm/keys/deletedKeys/read", + "actions": [], + "dataActions": [ + "Microsoft.KeyVault/managedHsm/keys/read/action", + "Microsoft.KeyVault/managedHsm/keys/write/action", + "Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action", "Microsoft.KeyVault/managedHsm/keys/deletedKeys/recover/action", "Microsoft.KeyVault/managedHsm/keys/backup/action", - "Microsoft.KeyVault/managedHsm/keys/restore/action" - ], - "dataActions": [ + "Microsoft.KeyVault/managedHsm/keys/restore/action", "Microsoft.KeyVault/managedHsm/keys/encrypt/action", "Microsoft.KeyVault/managedHsm/keys/decrypt/action", "Microsoft.KeyVault/managedHsm/keys/sign/action", @@ -140,12 +138,12 @@ "description": "", "permissions": [ { - "actions": [ - "Microsoft.KeyVault/managedHsm/keys/read", - "Microsoft.KeyVault/managedHsm/keys/write", - "Microsoft.KeyVault/managedHsm/keys/backup/action" - ], + "actions": [], "dataActions": [ + "Microsoft.KeyVault/managedHsm/keys/read/action", + "Microsoft.KeyVault/managedHsm/keys/write/action", + "Microsoft.KeyVault/managedHsm/keys/backup/action", + "Microsoft.KeyVault/managedHsm/keys/create", "Microsoft.KeyVault/managedHsm/keys/encrypt/action", "Microsoft.KeyVault/managedHsm/keys/decrypt/action", "Microsoft.KeyVault/managedHsm/keys/wrap/action", @@ -172,13 +170,13 @@ "description": "", "permissions": [ { - "actions": [ - "Microsoft.KeyVault/managedHsm/roleDefinitions/read", - "Microsoft.KeyVault/managedHsm/roleAssignments/read", - "Microsoft.KeyVault/managedHsm/roleAssignments/write", - "Microsoft.KeyVault/managedHsm/roleAssignments/delete" + "actions": [], + "dataActions": [ + "Microsoft.KeyVault/managedHsm/roleDefinitions/read/action", + "Microsoft.KeyVault/managedHsm/roleAssignments/read/action", + "Microsoft.KeyVault/managedHsm/roleAssignments/write/action", + "Microsoft.KeyVault/managedHsm/roleAssignments/delete/action" ], - "dataActions": [], "notActions": [], "notDataActions": [] } @@ -187,6 +185,55 @@ "type": "" }, "type": "Microsoft.Authorization/roleDefinitions" + }, + { + "id": "Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/2c18b078-7c48-4d3a-af88-5a3a1b3f82b3", + "name": "2c18b078-7c48-4d3a-af88-5a3a1b3f82b3", + "properties": { + "assignableScopes": [ + "/" + ], + "description": "", + "permissions": [ + { + "actions": [], + "dataActions": [ + "Microsoft.KeyVault/managedHsm/keys/read/action", + "Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action" + ], + "notActions": [], + "notDataActions": [] + } + ], + "roleName": "Azure Key Vault Managed HSM Crypto Auditor", + "type": "" + }, + "type": "Microsoft.Authorization/roleDefinitions" + }, + { + "id": "Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/33413926-3206-4cdd-b39a-83574fe37a17", + "name": "33413926-3206-4cdd-b39a-83574fe37a17", + "properties": { + "assignableScopes": [ + "/" + ], + "description": "", + "permissions": [ + { + "actions": [], + "dataActions": [ + "Microsoft.KeyVault/managedHsm/keys/read/action", + "Microsoft.KeyVault/managedHsm/keys/wrap/action", + "Microsoft.KeyVault/managedHsm/keys/unwrap/action" + ], + "notActions": [], + "notDataActions": [] + } + ], + "roleName": "Azure Key Vault Managed HSM Crypto Service Encryption", + "type": "" + }, + "type": "Microsoft.Authorization/roleDefinitions" } ] } @@ -196,19 +243,21 @@ "RequestMethod": "PUT", "RequestHeaders": { "Authorization": "Sanitized", - "Content-Length": "181", + "Content-Length": "196", "Content-Type": "application/json", - "Request-Id": "|3e6cb385-4eecfa4a673ebe60.", + "traceparent": "00-45c603df1c416548b8c344586076bc5d-4b537456c46dfe42-00", "User-Agent": [ - "azsdk-net-Security.KeyVault.Administration/4.1.0-dev.20200608.1", - "(.NET Core 4.6.28801.04; Microsoft Windows 10.0.18363 )" + "azsdk-net-Security.KeyVault.Administration/4.1.0-dev.20200617.1", + "(.NET Core 4.6.28928.01; Microsoft Windows 10.0.18363 )" ], "x-ms-client-request-id": "8172d5e41db7e9e5c84ad8c05c75332c", "x-ms-return-client-request-id": "true" }, "RequestBody": { - "roleDefinitionId": "Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625b", - "principalId": "693a17da-7022-4cdd-9d4e-4e72e4ad449d" + "properties": { + "roleDefinitionId": "Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625b", + "principalId": "693a17da-7022-4cdd-9d4e-4e72e4ad449d" + } }, "StatusCode": 201, "ResponseHeaders": { @@ -217,7 +266,7 @@ "X-Content-Type-Options": "nosniff", "x-ms-keyvault-network-info": "addr=72.176.254.191", "x-ms-keyvault-region": "EASTUS", - "x-ms-request-id": "040cdf98-a06d-11ea-af9a-0242ac12000b" + "x-ms-request-id": "7a0bdfa8-b0eb-11ea-9d3b-0242ac12000a" }, "ResponseBody": { "id": "/providers/Microsoft.Authorization/roleAssignments/e7ae2aff-eb17-4c9d-84f0-d12f7f468f16", diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/SessionRecords/AccessControlClientLiveTests/DeleteRoleAssignment.json b/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/SessionRecords/AccessControlClientLiveTests/DeleteRoleAssignment.json index 70b68394cc29..0313e427f9f5 100644 --- a/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/SessionRecords/AccessControlClientLiveTests/DeleteRoleAssignment.json +++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/SessionRecords/AccessControlClientLiveTests/DeleteRoleAssignment.json @@ -5,8 +5,8 @@ "RequestMethod": "GET", "RequestHeaders": { "User-Agent": [ - "azsdk-net-Security.KeyVault.Administration/4.1.0-dev.20200608.1", - "(.NET Core 4.6.28801.04; Microsoft Windows 10.0.18363 )" + "azsdk-net-Security.KeyVault.Administration/4.1.0-dev.20200617.1", + "(.NET Core 4.6.28928.01; Microsoft Windows 10.0.18363 )" ], "x-ms-client-request-id": "5f9412fda0f0133d146f7775c4434755", "x-ms-return-client-request-id": "true" @@ -18,7 +18,7 @@ "Content-Type": "application/json", "WWW-Authenticate": "Bearer authorization=\u0022https://login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47\u0022, resource=\u0022https://managedhsm.azure.net\u0022", "X-Content-Type-Options": "nosniff", - "x-ms-request-id": "040cdf98-a06d-11ea-af9a-0242ac12000b" + "x-ms-request-id": "7a0bdfa8-b0eb-11ea-9d3b-0242ac12000a" }, "ResponseBody": "OK" }, @@ -28,8 +28,8 @@ "RequestHeaders": { "Authorization": "Sanitized", "User-Agent": [ - "azsdk-net-Security.KeyVault.Administration/4.1.0-dev.20200608.1", - "(.NET Core 4.6.28801.04; Microsoft Windows 10.0.18363 )" + "azsdk-net-Security.KeyVault.Administration/4.1.0-dev.20200617.1", + "(.NET Core 4.6.28928.01; Microsoft Windows 10.0.18363 )" ], "x-ms-client-request-id": "5f9412fda0f0133d146f7775c4434755", "x-ms-return-client-request-id": "true" @@ -37,12 +37,12 @@ "RequestBody": null, "StatusCode": 200, "ResponseHeaders": { - "Content-Length": "4256", + "Content-Length": "5517", "Content-Type": "application/json", "X-Content-Type-Options": "nosniff", "x-ms-keyvault-network-info": "addr=72.176.254.191", "x-ms-keyvault-region": "EASTUS", - "x-ms-request-id": "040cdf98-a06d-11ea-af9a-0242ac12000b" + "x-ms-request-id": "7a0bdfa8-b0eb-11ea-9d3b-0242ac12000a" }, "ResponseBody": { "value": [ @@ -56,19 +56,18 @@ "description": "", "permissions": [ { - "actions": [ - "Microsoft.KeyVault/managedHsm/keys/read", - "Microsoft.KeyVault/managedHsm/keys/write", - "Microsoft.KeyVault/managedHsm/keys/deletedKeys/read", + "actions": [], + "dataActions": [ + "Microsoft.KeyVault/managedHsm/keys/read/action", + "Microsoft.KeyVault/managedHsm/keys/write/action", + "Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action", "Microsoft.KeyVault/managedHsm/keys/deletedKeys/recover/action", "Microsoft.KeyVault/managedHsm/keys/backup/action", "Microsoft.KeyVault/managedHsm/keys/restore/action", - "Microsoft.KeyVault/managedHsm/roleAssignments/delete", - "Microsoft.KeyVault/managedHsm/roleAssignments/read", - "Microsoft.KeyVault/managedHsm/roleAssignments/write", - "Microsoft.KeyVault/managedHsm/roleDefinitions/read" - ], - "dataActions": [ + "Microsoft.KeyVault/managedHsm/roleAssignments/delete/action", + "Microsoft.KeyVault/managedHsm/roleAssignments/read/action", + "Microsoft.KeyVault/managedHsm/roleAssignments/write/action", + "Microsoft.KeyVault/managedHsm/roleDefinitions/read/action", "Microsoft.KeyVault/managedHsm/keys/encrypt/action", "Microsoft.KeyVault/managedHsm/keys/decrypt/action", "Microsoft.KeyVault/managedHsm/keys/wrap/action", @@ -100,15 +99,14 @@ "description": "", "permissions": [ { - "actions": [ - "Microsoft.KeyVault/managedHsm/keys/read", - "Microsoft.KeyVault/managedHsm/keys/write", - "Microsoft.KeyVault/managedHsm/keys/deletedKeys/read", + "actions": [], + "dataActions": [ + "Microsoft.KeyVault/managedHsm/keys/read/action", + "Microsoft.KeyVault/managedHsm/keys/write/action", + "Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action", "Microsoft.KeyVault/managedHsm/keys/deletedKeys/recover/action", "Microsoft.KeyVault/managedHsm/keys/backup/action", - "Microsoft.KeyVault/managedHsm/keys/restore/action" - ], - "dataActions": [ + "Microsoft.KeyVault/managedHsm/keys/restore/action", "Microsoft.KeyVault/managedHsm/keys/encrypt/action", "Microsoft.KeyVault/managedHsm/keys/decrypt/action", "Microsoft.KeyVault/managedHsm/keys/sign/action", @@ -140,12 +138,12 @@ "description": "", "permissions": [ { - "actions": [ - "Microsoft.KeyVault/managedHsm/keys/read", - "Microsoft.KeyVault/managedHsm/keys/write", - "Microsoft.KeyVault/managedHsm/keys/backup/action" - ], + "actions": [], "dataActions": [ + "Microsoft.KeyVault/managedHsm/keys/read/action", + "Microsoft.KeyVault/managedHsm/keys/write/action", + "Microsoft.KeyVault/managedHsm/keys/backup/action", + "Microsoft.KeyVault/managedHsm/keys/create", "Microsoft.KeyVault/managedHsm/keys/encrypt/action", "Microsoft.KeyVault/managedHsm/keys/decrypt/action", "Microsoft.KeyVault/managedHsm/keys/wrap/action", @@ -172,13 +170,13 @@ "description": "", "permissions": [ { - "actions": [ - "Microsoft.KeyVault/managedHsm/roleDefinitions/read", - "Microsoft.KeyVault/managedHsm/roleAssignments/read", - "Microsoft.KeyVault/managedHsm/roleAssignments/write", - "Microsoft.KeyVault/managedHsm/roleAssignments/delete" + "actions": [], + "dataActions": [ + "Microsoft.KeyVault/managedHsm/roleDefinitions/read/action", + "Microsoft.KeyVault/managedHsm/roleAssignments/read/action", + "Microsoft.KeyVault/managedHsm/roleAssignments/write/action", + "Microsoft.KeyVault/managedHsm/roleAssignments/delete/action" ], - "dataActions": [], "notActions": [], "notDataActions": [] } @@ -187,6 +185,55 @@ "type": "" }, "type": "Microsoft.Authorization/roleDefinitions" + }, + { + "id": "Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/2c18b078-7c48-4d3a-af88-5a3a1b3f82b3", + "name": "2c18b078-7c48-4d3a-af88-5a3a1b3f82b3", + "properties": { + "assignableScopes": [ + "/" + ], + "description": "", + "permissions": [ + { + "actions": [], + "dataActions": [ + "Microsoft.KeyVault/managedHsm/keys/read/action", + "Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action" + ], + "notActions": [], + "notDataActions": [] + } + ], + "roleName": "Azure Key Vault Managed HSM Crypto Auditor", + "type": "" + }, + "type": "Microsoft.Authorization/roleDefinitions" + }, + { + "id": "Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/33413926-3206-4cdd-b39a-83574fe37a17", + "name": "33413926-3206-4cdd-b39a-83574fe37a17", + "properties": { + "assignableScopes": [ + "/" + ], + "description": "", + "permissions": [ + { + "actions": [], + "dataActions": [ + "Microsoft.KeyVault/managedHsm/keys/read/action", + "Microsoft.KeyVault/managedHsm/keys/wrap/action", + "Microsoft.KeyVault/managedHsm/keys/unwrap/action" + ], + "notActions": [], + "notDataActions": [] + } + ], + "roleName": "Azure Key Vault Managed HSM Crypto Service Encryption", + "type": "" + }, + "type": "Microsoft.Authorization/roleDefinitions" } ] } @@ -196,19 +243,21 @@ "RequestMethod": "PUT", "RequestHeaders": { "Authorization": "Sanitized", - "Content-Length": "181", + "Content-Length": "196", "Content-Type": "application/json", - "Request-Id": "|3e6cb380-4eecfa4a673ebe60.", + "traceparent": "00-aebc54bd7fc99e4f891f346fea033cdd-2f6e8b19d3247a43-00", "User-Agent": [ - "azsdk-net-Security.KeyVault.Administration/4.1.0-dev.20200608.1", - "(.NET Core 4.6.28801.04; Microsoft Windows 10.0.18363 )" + "azsdk-net-Security.KeyVault.Administration/4.1.0-dev.20200617.1", + "(.NET Core 4.6.28928.01; Microsoft Windows 10.0.18363 )" ], "x-ms-client-request-id": "a62283a033ccd643d3ca47462f9e8cc5", "x-ms-return-client-request-id": "true" }, "RequestBody": { - "roleDefinitionId": "Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625b", - "principalId": "693a17da-7022-4cdd-9d4e-4e72e4ad449d" + "properties": { + "roleDefinitionId": "Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625b", + "principalId": "693a17da-7022-4cdd-9d4e-4e72e4ad449d" + } }, "StatusCode": 201, "ResponseHeaders": { @@ -217,7 +266,7 @@ "X-Content-Type-Options": "nosniff", "x-ms-keyvault-network-info": "addr=72.176.254.191", "x-ms-keyvault-region": "EASTUS", - "x-ms-request-id": "040cdf98-a06d-11ea-af9a-0242ac12000b" + "x-ms-request-id": "7a0bdfa8-b0eb-11ea-9d3b-0242ac12000a" }, "ResponseBody": { "id": "/providers/Microsoft.Authorization/roleAssignments/e7ae2aff-eb17-4c9d-84f0-d12f7f468f16", @@ -235,10 +284,10 @@ "RequestMethod": "DELETE", "RequestHeaders": { "Authorization": "Sanitized", - "Request-Id": "|3e6cb381-4eecfa4a673ebe60.", + "traceparent": "00-2ada8a3a8e46e24a96dc4e1e61048704-7c9081ed35ed7a44-00", "User-Agent": [ - "azsdk-net-Security.KeyVault.Administration/4.1.0-dev.20200608.1", - "(.NET Core 4.6.28801.04; Microsoft Windows 10.0.18363 )" + "azsdk-net-Security.KeyVault.Administration/4.1.0-dev.20200617.1", + "(.NET Core 4.6.28928.01; Microsoft Windows 10.0.18363 )" ], "x-ms-client-request-id": "f213e6c0e20b3b9ee285854e4f62a8b4", "x-ms-return-client-request-id": "true" @@ -251,7 +300,7 @@ "X-Content-Type-Options": "nosniff", "x-ms-keyvault-network-info": "addr=72.176.254.191", "x-ms-keyvault-region": "EASTUS", - "x-ms-request-id": "040cdf98-a06d-11ea-af9a-0242ac12000b" + "x-ms-request-id": "7a0bdfa8-b0eb-11ea-9d3b-0242ac12000a" }, "ResponseBody": { "id": "/providers/Microsoft.Authorization/roleAssignments/e7ae2aff-eb17-4c9d-84f0-d12f7f468f16", diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/SessionRecords/AccessControlClientLiveTests/DeleteRoleAssignmentAsync.json b/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/SessionRecords/AccessControlClientLiveTests/DeleteRoleAssignmentAsync.json index cb8521a63bd3..c8f4b235b239 100644 --- a/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/SessionRecords/AccessControlClientLiveTests/DeleteRoleAssignmentAsync.json +++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/SessionRecords/AccessControlClientLiveTests/DeleteRoleAssignmentAsync.json @@ -5,8 +5,8 @@ "RequestMethod": "GET", "RequestHeaders": { "User-Agent": [ - "azsdk-net-Security.KeyVault.Administration/4.1.0-dev.20200608.1", - "(.NET Core 4.6.28801.04; Microsoft Windows 10.0.18363 )" + "azsdk-net-Security.KeyVault.Administration/4.1.0-dev.20200617.1", + "(.NET Core 4.6.28928.01; Microsoft Windows 10.0.18363 )" ], "x-ms-client-request-id": "90089dd99809a512d432fd1a0d8f4b26", "x-ms-return-client-request-id": "true" @@ -18,7 +18,7 @@ "Content-Type": "application/json", "WWW-Authenticate": "Bearer authorization=\u0022https://login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47\u0022, resource=\u0022https://managedhsm.azure.net\u0022", "X-Content-Type-Options": "nosniff", - "x-ms-request-id": "040cdf98-a06d-11ea-af9a-0242ac12000b" + "x-ms-request-id": "7a0bdfa8-b0eb-11ea-9d3b-0242ac12000a" }, "ResponseBody": "OK" }, @@ -28,8 +28,8 @@ "RequestHeaders": { "Authorization": "Sanitized", "User-Agent": [ - "azsdk-net-Security.KeyVault.Administration/4.1.0-dev.20200608.1", - "(.NET Core 4.6.28801.04; Microsoft Windows 10.0.18363 )" + "azsdk-net-Security.KeyVault.Administration/4.1.0-dev.20200617.1", + "(.NET Core 4.6.28928.01; Microsoft Windows 10.0.18363 )" ], "x-ms-client-request-id": "90089dd99809a512d432fd1a0d8f4b26", "x-ms-return-client-request-id": "true" @@ -37,12 +37,12 @@ "RequestBody": null, "StatusCode": 200, "ResponseHeaders": { - "Content-Length": "4256", + "Content-Length": "5517", "Content-Type": "application/json", "X-Content-Type-Options": "nosniff", "x-ms-keyvault-network-info": "addr=72.176.254.191", "x-ms-keyvault-region": "EASTUS", - "x-ms-request-id": "040cdf98-a06d-11ea-af9a-0242ac12000b" + "x-ms-request-id": "7a0bdfa8-b0eb-11ea-9d3b-0242ac12000a" }, "ResponseBody": { "value": [ @@ -56,19 +56,18 @@ "description": "", "permissions": [ { - "actions": [ - "Microsoft.KeyVault/managedHsm/keys/read", - "Microsoft.KeyVault/managedHsm/keys/write", - "Microsoft.KeyVault/managedHsm/keys/deletedKeys/read", + "actions": [], + "dataActions": [ + "Microsoft.KeyVault/managedHsm/keys/read/action", + "Microsoft.KeyVault/managedHsm/keys/write/action", + "Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action", "Microsoft.KeyVault/managedHsm/keys/deletedKeys/recover/action", "Microsoft.KeyVault/managedHsm/keys/backup/action", "Microsoft.KeyVault/managedHsm/keys/restore/action", - "Microsoft.KeyVault/managedHsm/roleAssignments/delete", - "Microsoft.KeyVault/managedHsm/roleAssignments/read", - "Microsoft.KeyVault/managedHsm/roleAssignments/write", - "Microsoft.KeyVault/managedHsm/roleDefinitions/read" - ], - "dataActions": [ + "Microsoft.KeyVault/managedHsm/roleAssignments/delete/action", + "Microsoft.KeyVault/managedHsm/roleAssignments/read/action", + "Microsoft.KeyVault/managedHsm/roleAssignments/write/action", + "Microsoft.KeyVault/managedHsm/roleDefinitions/read/action", "Microsoft.KeyVault/managedHsm/keys/encrypt/action", "Microsoft.KeyVault/managedHsm/keys/decrypt/action", "Microsoft.KeyVault/managedHsm/keys/wrap/action", @@ -100,15 +99,14 @@ "description": "", "permissions": [ { - "actions": [ - "Microsoft.KeyVault/managedHsm/keys/read", - "Microsoft.KeyVault/managedHsm/keys/write", - "Microsoft.KeyVault/managedHsm/keys/deletedKeys/read", + "actions": [], + "dataActions": [ + "Microsoft.KeyVault/managedHsm/keys/read/action", + "Microsoft.KeyVault/managedHsm/keys/write/action", + "Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action", "Microsoft.KeyVault/managedHsm/keys/deletedKeys/recover/action", "Microsoft.KeyVault/managedHsm/keys/backup/action", - "Microsoft.KeyVault/managedHsm/keys/restore/action" - ], - "dataActions": [ + "Microsoft.KeyVault/managedHsm/keys/restore/action", "Microsoft.KeyVault/managedHsm/keys/encrypt/action", "Microsoft.KeyVault/managedHsm/keys/decrypt/action", "Microsoft.KeyVault/managedHsm/keys/sign/action", @@ -140,12 +138,12 @@ "description": "", "permissions": [ { - "actions": [ - "Microsoft.KeyVault/managedHsm/keys/read", - "Microsoft.KeyVault/managedHsm/keys/write", - "Microsoft.KeyVault/managedHsm/keys/backup/action" - ], + "actions": [], "dataActions": [ + "Microsoft.KeyVault/managedHsm/keys/read/action", + "Microsoft.KeyVault/managedHsm/keys/write/action", + "Microsoft.KeyVault/managedHsm/keys/backup/action", + "Microsoft.KeyVault/managedHsm/keys/create", "Microsoft.KeyVault/managedHsm/keys/encrypt/action", "Microsoft.KeyVault/managedHsm/keys/decrypt/action", "Microsoft.KeyVault/managedHsm/keys/wrap/action", @@ -172,13 +170,13 @@ "description": "", "permissions": [ { - "actions": [ - "Microsoft.KeyVault/managedHsm/roleDefinitions/read", - "Microsoft.KeyVault/managedHsm/roleAssignments/read", - "Microsoft.KeyVault/managedHsm/roleAssignments/write", - "Microsoft.KeyVault/managedHsm/roleAssignments/delete" + "actions": [], + "dataActions": [ + "Microsoft.KeyVault/managedHsm/roleDefinitions/read/action", + "Microsoft.KeyVault/managedHsm/roleAssignments/read/action", + "Microsoft.KeyVault/managedHsm/roleAssignments/write/action", + "Microsoft.KeyVault/managedHsm/roleAssignments/delete/action" ], - "dataActions": [], "notActions": [], "notDataActions": [] } @@ -187,6 +185,55 @@ "type": "" }, "type": "Microsoft.Authorization/roleDefinitions" + }, + { + "id": "Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/2c18b078-7c48-4d3a-af88-5a3a1b3f82b3", + "name": "2c18b078-7c48-4d3a-af88-5a3a1b3f82b3", + "properties": { + "assignableScopes": [ + "/" + ], + "description": "", + "permissions": [ + { + "actions": [], + "dataActions": [ + "Microsoft.KeyVault/managedHsm/keys/read/action", + "Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action" + ], + "notActions": [], + "notDataActions": [] + } + ], + "roleName": "Azure Key Vault Managed HSM Crypto Auditor", + "type": "" + }, + "type": "Microsoft.Authorization/roleDefinitions" + }, + { + "id": "Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/33413926-3206-4cdd-b39a-83574fe37a17", + "name": "33413926-3206-4cdd-b39a-83574fe37a17", + "properties": { + "assignableScopes": [ + "/" + ], + "description": "", + "permissions": [ + { + "actions": [], + "dataActions": [ + "Microsoft.KeyVault/managedHsm/keys/read/action", + "Microsoft.KeyVault/managedHsm/keys/wrap/action", + "Microsoft.KeyVault/managedHsm/keys/unwrap/action" + ], + "notActions": [], + "notDataActions": [] + } + ], + "roleName": "Azure Key Vault Managed HSM Crypto Service Encryption", + "type": "" + }, + "type": "Microsoft.Authorization/roleDefinitions" } ] } @@ -196,19 +243,21 @@ "RequestMethod": "PUT", "RequestHeaders": { "Authorization": "Sanitized", - "Content-Length": "181", + "Content-Length": "196", "Content-Type": "application/json", - "Request-Id": "|3e6cb387-4eecfa4a673ebe60.", + "traceparent": "00-7427b92b69836743a1dbdf959a9368e5-4d40873686202a48-00", "User-Agent": [ - "azsdk-net-Security.KeyVault.Administration/4.1.0-dev.20200608.1", - "(.NET Core 4.6.28801.04; Microsoft Windows 10.0.18363 )" + "azsdk-net-Security.KeyVault.Administration/4.1.0-dev.20200617.1", + "(.NET Core 4.6.28928.01; Microsoft Windows 10.0.18363 )" ], "x-ms-client-request-id": "ffce91e513374f917bd26e76b166002d", "x-ms-return-client-request-id": "true" }, "RequestBody": { - "roleDefinitionId": "Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625b", - "principalId": "693a17da-7022-4cdd-9d4e-4e72e4ad449d" + "properties": { + "roleDefinitionId": "Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625b", + "principalId": "693a17da-7022-4cdd-9d4e-4e72e4ad449d" + } }, "StatusCode": 201, "ResponseHeaders": { @@ -217,7 +266,7 @@ "X-Content-Type-Options": "nosniff", "x-ms-keyvault-network-info": "addr=72.176.254.191", "x-ms-keyvault-region": "EASTUS", - "x-ms-request-id": "040cdf98-a06d-11ea-af9a-0242ac12000b" + "x-ms-request-id": "7a0bdfa8-b0eb-11ea-9d3b-0242ac12000a" }, "ResponseBody": { "id": "/providers/Microsoft.Authorization/roleAssignments/e7ae2aff-eb17-4c9d-84f0-d12f7f468f16", @@ -235,10 +284,10 @@ "RequestMethod": "DELETE", "RequestHeaders": { "Authorization": "Sanitized", - "Request-Id": "|3e6cb388-4eecfa4a673ebe60.", + "traceparent": "00-5fb6c9f270d86749b5b5b5843ae1331b-5c5826b3211c1d42-00", "User-Agent": [ - "azsdk-net-Security.KeyVault.Administration/4.1.0-dev.20200608.1", - "(.NET Core 4.6.28801.04; Microsoft Windows 10.0.18363 )" + "azsdk-net-Security.KeyVault.Administration/4.1.0-dev.20200617.1", + "(.NET Core 4.6.28928.01; Microsoft Windows 10.0.18363 )" ], "x-ms-client-request-id": "3d63015b5be35d7e1461862d46efbe59", "x-ms-return-client-request-id": "true" @@ -251,7 +300,7 @@ "X-Content-Type-Options": "nosniff", "x-ms-keyvault-network-info": "addr=72.176.254.191", "x-ms-keyvault-region": "EASTUS", - "x-ms-request-id": "040cdf98-a06d-11ea-af9a-0242ac12000b" + "x-ms-request-id": "7a0bdfa8-b0eb-11ea-9d3b-0242ac12000a" }, "ResponseBody": { "id": "/providers/Microsoft.Authorization/roleAssignments/e7ae2aff-eb17-4c9d-84f0-d12f7f468f16", diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/SessionRecords/AccessControlClientLiveTests/GetRoleAssignment.json b/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/SessionRecords/AccessControlClientLiveTests/GetRoleAssignment.json index 2531a6904840..50bffc2428b0 100644 --- a/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/SessionRecords/AccessControlClientLiveTests/GetRoleAssignment.json +++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/SessionRecords/AccessControlClientLiveTests/GetRoleAssignment.json @@ -5,8 +5,8 @@ "RequestMethod": "GET", "RequestHeaders": { "User-Agent": [ - "azsdk-net-Security.KeyVault.Administration/4.1.0-dev.20200608.1", - "(.NET Core 4.6.28801.04; Microsoft Windows 10.0.18363 )" + "azsdk-net-Security.KeyVault.Administration/4.1.0-dev.20200617.1", + "(.NET Core 4.6.28928.01; Microsoft Windows 10.0.18363 )" ], "x-ms-client-request-id": "495eaeb69be85f6afeff2958f3da8d60", "x-ms-return-client-request-id": "true" @@ -18,7 +18,7 @@ "Content-Type": "application/json", "WWW-Authenticate": "Bearer authorization=\u0022https://login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47\u0022, resource=\u0022https://managedhsm.azure.net\u0022", "X-Content-Type-Options": "nosniff", - "x-ms-request-id": "040cdf98-a06d-11ea-af9a-0242ac12000b" + "x-ms-request-id": "7a0bdfa8-b0eb-11ea-9d3b-0242ac12000a" }, "ResponseBody": "OK" }, @@ -28,8 +28,8 @@ "RequestHeaders": { "Authorization": "Sanitized", "User-Agent": [ - "azsdk-net-Security.KeyVault.Administration/4.1.0-dev.20200608.1", - "(.NET Core 4.6.28801.04; Microsoft Windows 10.0.18363 )" + "azsdk-net-Security.KeyVault.Administration/4.1.0-dev.20200617.1", + "(.NET Core 4.6.28928.01; Microsoft Windows 10.0.18363 )" ], "x-ms-client-request-id": "495eaeb69be85f6afeff2958f3da8d60", "x-ms-return-client-request-id": "true" @@ -37,12 +37,12 @@ "RequestBody": null, "StatusCode": 200, "ResponseHeaders": { - "Content-Length": "4256", + "Content-Length": "5517", "Content-Type": "application/json", "X-Content-Type-Options": "nosniff", "x-ms-keyvault-network-info": "addr=72.176.254.191", "x-ms-keyvault-region": "EASTUS", - "x-ms-request-id": "040cdf98-a06d-11ea-af9a-0242ac12000b" + "x-ms-request-id": "7a0bdfa8-b0eb-11ea-9d3b-0242ac12000a" }, "ResponseBody": { "value": [ @@ -56,19 +56,18 @@ "description": "", "permissions": [ { - "actions": [ - "Microsoft.KeyVault/managedHsm/keys/read", - "Microsoft.KeyVault/managedHsm/keys/write", - "Microsoft.KeyVault/managedHsm/keys/deletedKeys/read", + "actions": [], + "dataActions": [ + "Microsoft.KeyVault/managedHsm/keys/read/action", + "Microsoft.KeyVault/managedHsm/keys/write/action", + "Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action", "Microsoft.KeyVault/managedHsm/keys/deletedKeys/recover/action", "Microsoft.KeyVault/managedHsm/keys/backup/action", "Microsoft.KeyVault/managedHsm/keys/restore/action", - "Microsoft.KeyVault/managedHsm/roleAssignments/delete", - "Microsoft.KeyVault/managedHsm/roleAssignments/read", - "Microsoft.KeyVault/managedHsm/roleAssignments/write", - "Microsoft.KeyVault/managedHsm/roleDefinitions/read" - ], - "dataActions": [ + "Microsoft.KeyVault/managedHsm/roleAssignments/delete/action", + "Microsoft.KeyVault/managedHsm/roleAssignments/read/action", + "Microsoft.KeyVault/managedHsm/roleAssignments/write/action", + "Microsoft.KeyVault/managedHsm/roleDefinitions/read/action", "Microsoft.KeyVault/managedHsm/keys/encrypt/action", "Microsoft.KeyVault/managedHsm/keys/decrypt/action", "Microsoft.KeyVault/managedHsm/keys/wrap/action", @@ -100,15 +99,14 @@ "description": "", "permissions": [ { - "actions": [ - "Microsoft.KeyVault/managedHsm/keys/read", - "Microsoft.KeyVault/managedHsm/keys/write", - "Microsoft.KeyVault/managedHsm/keys/deletedKeys/read", + "actions": [], + "dataActions": [ + "Microsoft.KeyVault/managedHsm/keys/read/action", + "Microsoft.KeyVault/managedHsm/keys/write/action", + "Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action", "Microsoft.KeyVault/managedHsm/keys/deletedKeys/recover/action", "Microsoft.KeyVault/managedHsm/keys/backup/action", - "Microsoft.KeyVault/managedHsm/keys/restore/action" - ], - "dataActions": [ + "Microsoft.KeyVault/managedHsm/keys/restore/action", "Microsoft.KeyVault/managedHsm/keys/encrypt/action", "Microsoft.KeyVault/managedHsm/keys/decrypt/action", "Microsoft.KeyVault/managedHsm/keys/sign/action", @@ -140,12 +138,12 @@ "description": "", "permissions": [ { - "actions": [ - "Microsoft.KeyVault/managedHsm/keys/read", - "Microsoft.KeyVault/managedHsm/keys/write", - "Microsoft.KeyVault/managedHsm/keys/backup/action" - ], + "actions": [], "dataActions": [ + "Microsoft.KeyVault/managedHsm/keys/read/action", + "Microsoft.KeyVault/managedHsm/keys/write/action", + "Microsoft.KeyVault/managedHsm/keys/backup/action", + "Microsoft.KeyVault/managedHsm/keys/create", "Microsoft.KeyVault/managedHsm/keys/encrypt/action", "Microsoft.KeyVault/managedHsm/keys/decrypt/action", "Microsoft.KeyVault/managedHsm/keys/wrap/action", @@ -172,13 +170,13 @@ "description": "", "permissions": [ { - "actions": [ - "Microsoft.KeyVault/managedHsm/roleDefinitions/read", - "Microsoft.KeyVault/managedHsm/roleAssignments/read", - "Microsoft.KeyVault/managedHsm/roleAssignments/write", - "Microsoft.KeyVault/managedHsm/roleAssignments/delete" + "actions": [], + "dataActions": [ + "Microsoft.KeyVault/managedHsm/roleDefinitions/read/action", + "Microsoft.KeyVault/managedHsm/roleAssignments/read/action", + "Microsoft.KeyVault/managedHsm/roleAssignments/write/action", + "Microsoft.KeyVault/managedHsm/roleAssignments/delete/action" ], - "dataActions": [], "notActions": [], "notDataActions": [] } @@ -187,6 +185,55 @@ "type": "" }, "type": "Microsoft.Authorization/roleDefinitions" + }, + { + "id": "Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/2c18b078-7c48-4d3a-af88-5a3a1b3f82b3", + "name": "2c18b078-7c48-4d3a-af88-5a3a1b3f82b3", + "properties": { + "assignableScopes": [ + "/" + ], + "description": "", + "permissions": [ + { + "actions": [], + "dataActions": [ + "Microsoft.KeyVault/managedHsm/keys/read/action", + "Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action" + ], + "notActions": [], + "notDataActions": [] + } + ], + "roleName": "Azure Key Vault Managed HSM Crypto Auditor", + "type": "" + }, + "type": "Microsoft.Authorization/roleDefinitions" + }, + { + "id": "Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/33413926-3206-4cdd-b39a-83574fe37a17", + "name": "33413926-3206-4cdd-b39a-83574fe37a17", + "properties": { + "assignableScopes": [ + "/" + ], + "description": "", + "permissions": [ + { + "actions": [], + "dataActions": [ + "Microsoft.KeyVault/managedHsm/keys/read/action", + "Microsoft.KeyVault/managedHsm/keys/wrap/action", + "Microsoft.KeyVault/managedHsm/keys/unwrap/action" + ], + "notActions": [], + "notDataActions": [] + } + ], + "roleName": "Azure Key Vault Managed HSM Crypto Service Encryption", + "type": "" + }, + "type": "Microsoft.Authorization/roleDefinitions" } ] } @@ -196,19 +243,21 @@ "RequestMethod": "PUT", "RequestHeaders": { "Authorization": "Sanitized", - "Content-Length": "181", + "Content-Length": "196", "Content-Type": "application/json", - "Request-Id": "|3e6cb382-4eecfa4a673ebe60.", + "traceparent": "00-d2af868f1159df4988cb1cd064be61ef-86ea7b92d28ed84b-00", "User-Agent": [ - "azsdk-net-Security.KeyVault.Administration/4.1.0-dev.20200608.1", - "(.NET Core 4.6.28801.04; Microsoft Windows 10.0.18363 )" + "azsdk-net-Security.KeyVault.Administration/4.1.0-dev.20200617.1", + "(.NET Core 4.6.28928.01; Microsoft Windows 10.0.18363 )" ], "x-ms-client-request-id": "d499b987535015555758ba33a25b0a64", "x-ms-return-client-request-id": "true" }, "RequestBody": { - "roleDefinitionId": "Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625b", - "principalId": "693a17da-7022-4cdd-9d4e-4e72e4ad449d" + "properties": { + "roleDefinitionId": "Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625b", + "principalId": "693a17da-7022-4cdd-9d4e-4e72e4ad449d" + } }, "StatusCode": 201, "ResponseHeaders": { @@ -217,7 +266,7 @@ "X-Content-Type-Options": "nosniff", "x-ms-keyvault-network-info": "addr=72.176.254.191", "x-ms-keyvault-region": "EASTUS", - "x-ms-request-id": "040cdf98-a06d-11ea-af9a-0242ac12000b" + "x-ms-request-id": "7a0bdfa8-b0eb-11ea-9d3b-0242ac12000a" }, "ResponseBody": { "id": "/providers/Microsoft.Authorization/roleAssignments/e7ae2aff-eb17-4c9d-84f0-d12f7f468f16", @@ -235,10 +284,10 @@ "RequestMethod": "GET", "RequestHeaders": { "Authorization": "Sanitized", - "Request-Id": "|3e6cb383-4eecfa4a673ebe60.", + "traceparent": "00-6af0dd670df83746a523a8e34b57a428-6793d98bec069c4b-00", "User-Agent": [ - "azsdk-net-Security.KeyVault.Administration/4.1.0-dev.20200608.1", - "(.NET Core 4.6.28801.04; Microsoft Windows 10.0.18363 )" + "azsdk-net-Security.KeyVault.Administration/4.1.0-dev.20200617.1", + "(.NET Core 4.6.28928.01; Microsoft Windows 10.0.18363 )" ], "x-ms-client-request-id": "599096f85657ea8ac7b19ce201831758", "x-ms-return-client-request-id": "true" @@ -251,7 +300,7 @@ "X-Content-Type-Options": "nosniff", "x-ms-keyvault-network-info": "addr=72.176.254.191", "x-ms-keyvault-region": "EASTUS", - "x-ms-request-id": "040cdf98-a06d-11ea-af9a-0242ac12000b" + "x-ms-request-id": "7a0bdfa8-b0eb-11ea-9d3b-0242ac12000a" }, "ResponseBody": { "id": "/providers/Microsoft.Authorization/roleAssignments/e7ae2aff-eb17-4c9d-84f0-d12f7f468f16", diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/SessionRecords/AccessControlClientLiveTests/GetRoleAssignmentAsync.json b/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/SessionRecords/AccessControlClientLiveTests/GetRoleAssignmentAsync.json index 12c3e3506ff8..90969d34b981 100644 --- a/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/SessionRecords/AccessControlClientLiveTests/GetRoleAssignmentAsync.json +++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/SessionRecords/AccessControlClientLiveTests/GetRoleAssignmentAsync.json @@ -5,8 +5,8 @@ "RequestMethod": "GET", "RequestHeaders": { "User-Agent": [ - "azsdk-net-Security.KeyVault.Administration/4.1.0-dev.20200608.1", - "(.NET Core 4.6.28801.04; Microsoft Windows 10.0.18363 )" + "azsdk-net-Security.KeyVault.Administration/4.1.0-dev.20200617.1", + "(.NET Core 4.6.28928.01; Microsoft Windows 10.0.18363 )" ], "x-ms-client-request-id": "b1527bf3417a79628d90dd6275e693c2", "x-ms-return-client-request-id": "true" @@ -18,7 +18,7 @@ "Content-Type": "application/json", "WWW-Authenticate": "Bearer authorization=\u0022https://login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47\u0022, resource=\u0022https://managedhsm.azure.net\u0022", "X-Content-Type-Options": "nosniff", - "x-ms-request-id": "040cdf98-a06d-11ea-af9a-0242ac12000b" + "x-ms-request-id": "7a0bdfa8-b0eb-11ea-9d3b-0242ac12000a" }, "ResponseBody": "OK" }, @@ -28,8 +28,8 @@ "RequestHeaders": { "Authorization": "Sanitized", "User-Agent": [ - "azsdk-net-Security.KeyVault.Administration/4.1.0-dev.20200608.1", - "(.NET Core 4.6.28801.04; Microsoft Windows 10.0.18363 )" + "azsdk-net-Security.KeyVault.Administration/4.1.0-dev.20200617.1", + "(.NET Core 4.6.28928.01; Microsoft Windows 10.0.18363 )" ], "x-ms-client-request-id": "b1527bf3417a79628d90dd6275e693c2", "x-ms-return-client-request-id": "true" @@ -37,12 +37,12 @@ "RequestBody": null, "StatusCode": 200, "ResponseHeaders": { - "Content-Length": "4256", + "Content-Length": "5517", "Content-Type": "application/json", "X-Content-Type-Options": "nosniff", "x-ms-keyvault-network-info": "addr=72.176.254.191", "x-ms-keyvault-region": "EASTUS", - "x-ms-request-id": "040cdf98-a06d-11ea-af9a-0242ac12000b" + "x-ms-request-id": "7a0bdfa8-b0eb-11ea-9d3b-0242ac12000a" }, "ResponseBody": { "value": [ @@ -56,19 +56,18 @@ "description": "", "permissions": [ { - "actions": [ - "Microsoft.KeyVault/managedHsm/keys/read", - "Microsoft.KeyVault/managedHsm/keys/write", - "Microsoft.KeyVault/managedHsm/keys/deletedKeys/read", + "actions": [], + "dataActions": [ + "Microsoft.KeyVault/managedHsm/keys/read/action", + "Microsoft.KeyVault/managedHsm/keys/write/action", + "Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action", "Microsoft.KeyVault/managedHsm/keys/deletedKeys/recover/action", "Microsoft.KeyVault/managedHsm/keys/backup/action", "Microsoft.KeyVault/managedHsm/keys/restore/action", - "Microsoft.KeyVault/managedHsm/roleAssignments/delete", - "Microsoft.KeyVault/managedHsm/roleAssignments/read", - "Microsoft.KeyVault/managedHsm/roleAssignments/write", - "Microsoft.KeyVault/managedHsm/roleDefinitions/read" - ], - "dataActions": [ + "Microsoft.KeyVault/managedHsm/roleAssignments/delete/action", + "Microsoft.KeyVault/managedHsm/roleAssignments/read/action", + "Microsoft.KeyVault/managedHsm/roleAssignments/write/action", + "Microsoft.KeyVault/managedHsm/roleDefinitions/read/action", "Microsoft.KeyVault/managedHsm/keys/encrypt/action", "Microsoft.KeyVault/managedHsm/keys/decrypt/action", "Microsoft.KeyVault/managedHsm/keys/wrap/action", @@ -100,15 +99,14 @@ "description": "", "permissions": [ { - "actions": [ - "Microsoft.KeyVault/managedHsm/keys/read", - "Microsoft.KeyVault/managedHsm/keys/write", - "Microsoft.KeyVault/managedHsm/keys/deletedKeys/read", + "actions": [], + "dataActions": [ + "Microsoft.KeyVault/managedHsm/keys/read/action", + "Microsoft.KeyVault/managedHsm/keys/write/action", + "Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action", "Microsoft.KeyVault/managedHsm/keys/deletedKeys/recover/action", "Microsoft.KeyVault/managedHsm/keys/backup/action", - "Microsoft.KeyVault/managedHsm/keys/restore/action" - ], - "dataActions": [ + "Microsoft.KeyVault/managedHsm/keys/restore/action", "Microsoft.KeyVault/managedHsm/keys/encrypt/action", "Microsoft.KeyVault/managedHsm/keys/decrypt/action", "Microsoft.KeyVault/managedHsm/keys/sign/action", @@ -140,12 +138,12 @@ "description": "", "permissions": [ { - "actions": [ - "Microsoft.KeyVault/managedHsm/keys/read", - "Microsoft.KeyVault/managedHsm/keys/write", - "Microsoft.KeyVault/managedHsm/keys/backup/action" - ], + "actions": [], "dataActions": [ + "Microsoft.KeyVault/managedHsm/keys/read/action", + "Microsoft.KeyVault/managedHsm/keys/write/action", + "Microsoft.KeyVault/managedHsm/keys/backup/action", + "Microsoft.KeyVault/managedHsm/keys/create", "Microsoft.KeyVault/managedHsm/keys/encrypt/action", "Microsoft.KeyVault/managedHsm/keys/decrypt/action", "Microsoft.KeyVault/managedHsm/keys/wrap/action", @@ -172,13 +170,13 @@ "description": "", "permissions": [ { - "actions": [ - "Microsoft.KeyVault/managedHsm/roleDefinitions/read", - "Microsoft.KeyVault/managedHsm/roleAssignments/read", - "Microsoft.KeyVault/managedHsm/roleAssignments/write", - "Microsoft.KeyVault/managedHsm/roleAssignments/delete" + "actions": [], + "dataActions": [ + "Microsoft.KeyVault/managedHsm/roleDefinitions/read/action", + "Microsoft.KeyVault/managedHsm/roleAssignments/read/action", + "Microsoft.KeyVault/managedHsm/roleAssignments/write/action", + "Microsoft.KeyVault/managedHsm/roleAssignments/delete/action" ], - "dataActions": [], "notActions": [], "notDataActions": [] } @@ -187,6 +185,55 @@ "type": "" }, "type": "Microsoft.Authorization/roleDefinitions" + }, + { + "id": "Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/2c18b078-7c48-4d3a-af88-5a3a1b3f82b3", + "name": "2c18b078-7c48-4d3a-af88-5a3a1b3f82b3", + "properties": { + "assignableScopes": [ + "/" + ], + "description": "", + "permissions": [ + { + "actions": [], + "dataActions": [ + "Microsoft.KeyVault/managedHsm/keys/read/action", + "Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action" + ], + "notActions": [], + "notDataActions": [] + } + ], + "roleName": "Azure Key Vault Managed HSM Crypto Auditor", + "type": "" + }, + "type": "Microsoft.Authorization/roleDefinitions" + }, + { + "id": "Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/33413926-3206-4cdd-b39a-83574fe37a17", + "name": "33413926-3206-4cdd-b39a-83574fe37a17", + "properties": { + "assignableScopes": [ + "/" + ], + "description": "", + "permissions": [ + { + "actions": [], + "dataActions": [ + "Microsoft.KeyVault/managedHsm/keys/read/action", + "Microsoft.KeyVault/managedHsm/keys/wrap/action", + "Microsoft.KeyVault/managedHsm/keys/unwrap/action" + ], + "notActions": [], + "notDataActions": [] + } + ], + "roleName": "Azure Key Vault Managed HSM Crypto Service Encryption", + "type": "" + }, + "type": "Microsoft.Authorization/roleDefinitions" } ] } @@ -196,19 +243,21 @@ "RequestMethod": "PUT", "RequestHeaders": { "Authorization": "Sanitized", - "Content-Length": "181", + "Content-Length": "196", "Content-Type": "application/json", - "Request-Id": "|3e6cb389-4eecfa4a673ebe60.", + "traceparent": "00-379c4e72dce7e241926f9b839757f7ce-1f11d260e94a3b4a-00", "User-Agent": [ - "azsdk-net-Security.KeyVault.Administration/4.1.0-dev.20200608.1", - "(.NET Core 4.6.28801.04; Microsoft Windows 10.0.18363 )" + "azsdk-net-Security.KeyVault.Administration/4.1.0-dev.20200617.1", + "(.NET Core 4.6.28928.01; Microsoft Windows 10.0.18363 )" ], "x-ms-client-request-id": "97ca12c57d1eafa690e4cfbfaa6b1783", "x-ms-return-client-request-id": "true" }, "RequestBody": { - "roleDefinitionId": "Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625b", - "principalId": "693a17da-7022-4cdd-9d4e-4e72e4ad449d" + "properties": { + "roleDefinitionId": "Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/21dbd100-6940-42c2-9190-5d6cb909625b", + "principalId": "693a17da-7022-4cdd-9d4e-4e72e4ad449d" + } }, "StatusCode": 201, "ResponseHeaders": { @@ -217,7 +266,7 @@ "X-Content-Type-Options": "nosniff", "x-ms-keyvault-network-info": "addr=72.176.254.191", "x-ms-keyvault-region": "EASTUS", - "x-ms-request-id": "040cdf98-a06d-11ea-af9a-0242ac12000b" + "x-ms-request-id": "7a0bdfa8-b0eb-11ea-9d3b-0242ac12000a" }, "ResponseBody": { "id": "/providers/Microsoft.Authorization/roleAssignments/e7ae2aff-eb17-4c9d-84f0-d12f7f468f16", @@ -235,10 +284,10 @@ "RequestMethod": "GET", "RequestHeaders": { "Authorization": "Sanitized", - "Request-Id": "|3e6cb38a-4eecfa4a673ebe60.", + "traceparent": "00-c6005ad9233cf6459c6ddbf2857b04d6-56bcc6265f7f0749-00", "User-Agent": [ - "azsdk-net-Security.KeyVault.Administration/4.1.0-dev.20200608.1", - "(.NET Core 4.6.28801.04; Microsoft Windows 10.0.18363 )" + "azsdk-net-Security.KeyVault.Administration/4.1.0-dev.20200617.1", + "(.NET Core 4.6.28928.01; Microsoft Windows 10.0.18363 )" ], "x-ms-client-request-id": "e8814a7bcc82cbf1a39bc7d83ee0eb34", "x-ms-return-client-request-id": "true" @@ -251,7 +300,7 @@ "X-Content-Type-Options": "nosniff", "x-ms-keyvault-network-info": "addr=72.176.254.191", "x-ms-keyvault-region": "EASTUS", - "x-ms-request-id": "040cdf98-a06d-11ea-af9a-0242ac12000b" + "x-ms-request-id": "7a0bdfa8-b0eb-11ea-9d3b-0242ac12000a" }, "ResponseBody": { "id": "/providers/Microsoft.Authorization/roleAssignments/e7ae2aff-eb17-4c9d-84f0-d12f7f468f16", diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/SessionRecords/AccessControlClientLiveTests/GetRoleDefinitions.json b/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/SessionRecords/AccessControlClientLiveTests/GetRoleDefinitions.json index 384b3b6cb434..162d9a5d8d0c 100644 --- a/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/SessionRecords/AccessControlClientLiveTests/GetRoleDefinitions.json +++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/SessionRecords/AccessControlClientLiveTests/GetRoleDefinitions.json @@ -5,8 +5,8 @@ "RequestMethod": "GET", "RequestHeaders": { "User-Agent": [ - "azsdk-net-Security.KeyVault.Administration/4.1.0-dev.20200608.1", - "(.NET Core 4.6.28801.04; Microsoft Windows 10.0.18363 )" + "azsdk-net-Security.KeyVault.Administration/4.1.0-dev.20200617.1", + "(.NET Core 4.6.28928.01; Microsoft Windows 10.0.18363 )" ], "x-ms-client-request-id": "ceef6d0ab68b4b8d6235ca38ce984db2", "x-ms-return-client-request-id": "true" @@ -18,7 +18,7 @@ "Content-Type": "application/json", "WWW-Authenticate": "Bearer authorization=\u0022https://login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47\u0022, resource=\u0022https://managedhsm.azure.net\u0022", "X-Content-Type-Options": "nosniff", - "x-ms-request-id": "03c34d72-a07e-11ea-b186-0242ac12000a" + "x-ms-request-id": "7a0bdfa8-b0eb-11ea-9d3b-0242ac12000a" }, "ResponseBody": "OK" }, @@ -28,8 +28,8 @@ "RequestHeaders": { "Authorization": "Sanitized", "User-Agent": [ - "azsdk-net-Security.KeyVault.Administration/4.1.0-dev.20200608.1", - "(.NET Core 4.6.28801.04; Microsoft Windows 10.0.18363 )" + "azsdk-net-Security.KeyVault.Administration/4.1.0-dev.20200617.1", + "(.NET Core 4.6.28928.01; Microsoft Windows 10.0.18363 )" ], "x-ms-client-request-id": "ceef6d0ab68b4b8d6235ca38ce984db2", "x-ms-return-client-request-id": "true" @@ -37,12 +37,12 @@ "RequestBody": null, "StatusCode": 200, "ResponseHeaders": { - "Content-Length": "4256", + "Content-Length": "5517", "Content-Type": "application/json", "X-Content-Type-Options": "nosniff", "x-ms-keyvault-network-info": "addr=72.176.254.191", "x-ms-keyvault-region": "EASTUS", - "x-ms-request-id": "03c34d72-a07e-11ea-b186-0242ac12000a" + "x-ms-request-id": "7a0bdfa8-b0eb-11ea-9d3b-0242ac12000a" }, "ResponseBody": { "value": [ @@ -56,19 +56,18 @@ "description": "", "permissions": [ { - "actions": [ - "Microsoft.KeyVault/managedHsm/keys/read", - "Microsoft.KeyVault/managedHsm/keys/write", - "Microsoft.KeyVault/managedHsm/keys/deletedKeys/read", + "actions": [], + "dataActions": [ + "Microsoft.KeyVault/managedHsm/keys/read/action", + "Microsoft.KeyVault/managedHsm/keys/write/action", + "Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action", "Microsoft.KeyVault/managedHsm/keys/deletedKeys/recover/action", "Microsoft.KeyVault/managedHsm/keys/backup/action", "Microsoft.KeyVault/managedHsm/keys/restore/action", - "Microsoft.KeyVault/managedHsm/roleAssignments/delete", - "Microsoft.KeyVault/managedHsm/roleAssignments/read", - "Microsoft.KeyVault/managedHsm/roleAssignments/write", - "Microsoft.KeyVault/managedHsm/roleDefinitions/read" - ], - "dataActions": [ + "Microsoft.KeyVault/managedHsm/roleAssignments/delete/action", + "Microsoft.KeyVault/managedHsm/roleAssignments/read/action", + "Microsoft.KeyVault/managedHsm/roleAssignments/write/action", + "Microsoft.KeyVault/managedHsm/roleDefinitions/read/action", "Microsoft.KeyVault/managedHsm/keys/encrypt/action", "Microsoft.KeyVault/managedHsm/keys/decrypt/action", "Microsoft.KeyVault/managedHsm/keys/wrap/action", @@ -100,15 +99,14 @@ "description": "", "permissions": [ { - "actions": [ - "Microsoft.KeyVault/managedHsm/keys/read", - "Microsoft.KeyVault/managedHsm/keys/write", - "Microsoft.KeyVault/managedHsm/keys/deletedKeys/read", + "actions": [], + "dataActions": [ + "Microsoft.KeyVault/managedHsm/keys/read/action", + "Microsoft.KeyVault/managedHsm/keys/write/action", + "Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action", "Microsoft.KeyVault/managedHsm/keys/deletedKeys/recover/action", "Microsoft.KeyVault/managedHsm/keys/backup/action", - "Microsoft.KeyVault/managedHsm/keys/restore/action" - ], - "dataActions": [ + "Microsoft.KeyVault/managedHsm/keys/restore/action", "Microsoft.KeyVault/managedHsm/keys/encrypt/action", "Microsoft.KeyVault/managedHsm/keys/decrypt/action", "Microsoft.KeyVault/managedHsm/keys/sign/action", @@ -140,12 +138,12 @@ "description": "", "permissions": [ { - "actions": [ - "Microsoft.KeyVault/managedHsm/keys/read", - "Microsoft.KeyVault/managedHsm/keys/write", - "Microsoft.KeyVault/managedHsm/keys/backup/action" - ], + "actions": [], "dataActions": [ + "Microsoft.KeyVault/managedHsm/keys/read/action", + "Microsoft.KeyVault/managedHsm/keys/write/action", + "Microsoft.KeyVault/managedHsm/keys/backup/action", + "Microsoft.KeyVault/managedHsm/keys/create", "Microsoft.KeyVault/managedHsm/keys/encrypt/action", "Microsoft.KeyVault/managedHsm/keys/decrypt/action", "Microsoft.KeyVault/managedHsm/keys/wrap/action", @@ -172,13 +170,13 @@ "description": "", "permissions": [ { - "actions": [ - "Microsoft.KeyVault/managedHsm/roleDefinitions/read", - "Microsoft.KeyVault/managedHsm/roleAssignments/read", - "Microsoft.KeyVault/managedHsm/roleAssignments/write", - "Microsoft.KeyVault/managedHsm/roleAssignments/delete" + "actions": [], + "dataActions": [ + "Microsoft.KeyVault/managedHsm/roleDefinitions/read/action", + "Microsoft.KeyVault/managedHsm/roleAssignments/read/action", + "Microsoft.KeyVault/managedHsm/roleAssignments/write/action", + "Microsoft.KeyVault/managedHsm/roleAssignments/delete/action" ], - "dataActions": [], "notActions": [], "notDataActions": [] } @@ -187,6 +185,55 @@ "type": "" }, "type": "Microsoft.Authorization/roleDefinitions" + }, + { + "id": "Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/2c18b078-7c48-4d3a-af88-5a3a1b3f82b3", + "name": "2c18b078-7c48-4d3a-af88-5a3a1b3f82b3", + "properties": { + "assignableScopes": [ + "/" + ], + "description": "", + "permissions": [ + { + "actions": [], + "dataActions": [ + "Microsoft.KeyVault/managedHsm/keys/read/action", + "Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action" + ], + "notActions": [], + "notDataActions": [] + } + ], + "roleName": "Azure Key Vault Managed HSM Crypto Auditor", + "type": "" + }, + "type": "Microsoft.Authorization/roleDefinitions" + }, + { + "id": "Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/33413926-3206-4cdd-b39a-83574fe37a17", + "name": "33413926-3206-4cdd-b39a-83574fe37a17", + "properties": { + "assignableScopes": [ + "/" + ], + "description": "", + "permissions": [ + { + "actions": [], + "dataActions": [ + "Microsoft.KeyVault/managedHsm/keys/read/action", + "Microsoft.KeyVault/managedHsm/keys/wrap/action", + "Microsoft.KeyVault/managedHsm/keys/unwrap/action" + ], + "notActions": [], + "notDataActions": [] + } + ], + "roleName": "Azure Key Vault Managed HSM Crypto Service Encryption", + "type": "" + }, + "type": "Microsoft.Authorization/roleDefinitions" } ] } diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/SessionRecords/AccessControlClientLiveTests/GetRoleDefinitionsAsync.json b/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/SessionRecords/AccessControlClientLiveTests/GetRoleDefinitionsAsync.json index aec2dc60b73c..3ed767c231aa 100644 --- a/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/SessionRecords/AccessControlClientLiveTests/GetRoleDefinitionsAsync.json +++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/tests/SessionRecords/AccessControlClientLiveTests/GetRoleDefinitionsAsync.json @@ -5,8 +5,8 @@ "RequestMethod": "GET", "RequestHeaders": { "User-Agent": [ - "azsdk-net-Security.KeyVault.Administration/4.1.0-dev.20200608.1", - "(.NET Core 4.6.28801.04; Microsoft Windows 10.0.18363 )" + "azsdk-net-Security.KeyVault.Administration/4.1.0-dev.20200617.1", + "(.NET Core 4.6.28928.01; Microsoft Windows 10.0.18363 )" ], "x-ms-client-request-id": "e053ba5483ab0ec55202f62324301f5e", "x-ms-return-client-request-id": "true" @@ -18,7 +18,7 @@ "Content-Type": "application/json", "WWW-Authenticate": "Bearer authorization=\u0022https://login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47\u0022, resource=\u0022https://managedhsm.azure.net\u0022", "X-Content-Type-Options": "nosniff", - "x-ms-request-id": "03c34d72-a07e-11ea-b186-0242ac12000a" + "x-ms-request-id": "7a0bdfa8-b0eb-11ea-9d3b-0242ac12000a" }, "ResponseBody": "OK" }, @@ -28,8 +28,8 @@ "RequestHeaders": { "Authorization": "Sanitized", "User-Agent": [ - "azsdk-net-Security.KeyVault.Administration/4.1.0-dev.20200608.1", - "(.NET Core 4.6.28801.04; Microsoft Windows 10.0.18363 )" + "azsdk-net-Security.KeyVault.Administration/4.1.0-dev.20200617.1", + "(.NET Core 4.6.28928.01; Microsoft Windows 10.0.18363 )" ], "x-ms-client-request-id": "e053ba5483ab0ec55202f62324301f5e", "x-ms-return-client-request-id": "true" @@ -37,12 +37,12 @@ "RequestBody": null, "StatusCode": 200, "ResponseHeaders": { - "Content-Length": "4256", + "Content-Length": "5517", "Content-Type": "application/json", "X-Content-Type-Options": "nosniff", "x-ms-keyvault-network-info": "addr=72.176.254.191", "x-ms-keyvault-region": "EASTUS", - "x-ms-request-id": "03c34d72-a07e-11ea-b186-0242ac12000a" + "x-ms-request-id": "7a0bdfa8-b0eb-11ea-9d3b-0242ac12000a" }, "ResponseBody": { "value": [ @@ -56,19 +56,18 @@ "description": "", "permissions": [ { - "actions": [ - "Microsoft.KeyVault/managedHsm/keys/read", - "Microsoft.KeyVault/managedHsm/keys/write", - "Microsoft.KeyVault/managedHsm/keys/deletedKeys/read", + "actions": [], + "dataActions": [ + "Microsoft.KeyVault/managedHsm/keys/read/action", + "Microsoft.KeyVault/managedHsm/keys/write/action", + "Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action", "Microsoft.KeyVault/managedHsm/keys/deletedKeys/recover/action", "Microsoft.KeyVault/managedHsm/keys/backup/action", "Microsoft.KeyVault/managedHsm/keys/restore/action", - "Microsoft.KeyVault/managedHsm/roleAssignments/delete", - "Microsoft.KeyVault/managedHsm/roleAssignments/read", - "Microsoft.KeyVault/managedHsm/roleAssignments/write", - "Microsoft.KeyVault/managedHsm/roleDefinitions/read" - ], - "dataActions": [ + "Microsoft.KeyVault/managedHsm/roleAssignments/delete/action", + "Microsoft.KeyVault/managedHsm/roleAssignments/read/action", + "Microsoft.KeyVault/managedHsm/roleAssignments/write/action", + "Microsoft.KeyVault/managedHsm/roleDefinitions/read/action", "Microsoft.KeyVault/managedHsm/keys/encrypt/action", "Microsoft.KeyVault/managedHsm/keys/decrypt/action", "Microsoft.KeyVault/managedHsm/keys/wrap/action", @@ -100,15 +99,14 @@ "description": "", "permissions": [ { - "actions": [ - "Microsoft.KeyVault/managedHsm/keys/read", - "Microsoft.KeyVault/managedHsm/keys/write", - "Microsoft.KeyVault/managedHsm/keys/deletedKeys/read", + "actions": [], + "dataActions": [ + "Microsoft.KeyVault/managedHsm/keys/read/action", + "Microsoft.KeyVault/managedHsm/keys/write/action", + "Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action", "Microsoft.KeyVault/managedHsm/keys/deletedKeys/recover/action", "Microsoft.KeyVault/managedHsm/keys/backup/action", - "Microsoft.KeyVault/managedHsm/keys/restore/action" - ], - "dataActions": [ + "Microsoft.KeyVault/managedHsm/keys/restore/action", "Microsoft.KeyVault/managedHsm/keys/encrypt/action", "Microsoft.KeyVault/managedHsm/keys/decrypt/action", "Microsoft.KeyVault/managedHsm/keys/sign/action", @@ -140,12 +138,12 @@ "description": "", "permissions": [ { - "actions": [ - "Microsoft.KeyVault/managedHsm/keys/read", - "Microsoft.KeyVault/managedHsm/keys/write", - "Microsoft.KeyVault/managedHsm/keys/backup/action" - ], + "actions": [], "dataActions": [ + "Microsoft.KeyVault/managedHsm/keys/read/action", + "Microsoft.KeyVault/managedHsm/keys/write/action", + "Microsoft.KeyVault/managedHsm/keys/backup/action", + "Microsoft.KeyVault/managedHsm/keys/create", "Microsoft.KeyVault/managedHsm/keys/encrypt/action", "Microsoft.KeyVault/managedHsm/keys/decrypt/action", "Microsoft.KeyVault/managedHsm/keys/wrap/action", @@ -172,13 +170,13 @@ "description": "", "permissions": [ { - "actions": [ - "Microsoft.KeyVault/managedHsm/roleDefinitions/read", - "Microsoft.KeyVault/managedHsm/roleAssignments/read", - "Microsoft.KeyVault/managedHsm/roleAssignments/write", - "Microsoft.KeyVault/managedHsm/roleAssignments/delete" + "actions": [], + "dataActions": [ + "Microsoft.KeyVault/managedHsm/roleDefinitions/read/action", + "Microsoft.KeyVault/managedHsm/roleAssignments/read/action", + "Microsoft.KeyVault/managedHsm/roleAssignments/write/action", + "Microsoft.KeyVault/managedHsm/roleAssignments/delete/action" ], - "dataActions": [], "notActions": [], "notDataActions": [] } @@ -187,6 +185,55 @@ "type": "" }, "type": "Microsoft.Authorization/roleDefinitions" + }, + { + "id": "Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/2c18b078-7c48-4d3a-af88-5a3a1b3f82b3", + "name": "2c18b078-7c48-4d3a-af88-5a3a1b3f82b3", + "properties": { + "assignableScopes": [ + "/" + ], + "description": "", + "permissions": [ + { + "actions": [], + "dataActions": [ + "Microsoft.KeyVault/managedHsm/keys/read/action", + "Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action" + ], + "notActions": [], + "notDataActions": [] + } + ], + "roleName": "Azure Key Vault Managed HSM Crypto Auditor", + "type": "" + }, + "type": "Microsoft.Authorization/roleDefinitions" + }, + { + "id": "Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/33413926-3206-4cdd-b39a-83574fe37a17", + "name": "33413926-3206-4cdd-b39a-83574fe37a17", + "properties": { + "assignableScopes": [ + "/" + ], + "description": "", + "permissions": [ + { + "actions": [], + "dataActions": [ + "Microsoft.KeyVault/managedHsm/keys/read/action", + "Microsoft.KeyVault/managedHsm/keys/wrap/action", + "Microsoft.KeyVault/managedHsm/keys/unwrap/action" + ], + "notActions": [], + "notDataActions": [] + } + ], + "roleName": "Azure Key Vault Managed HSM Crypto Service Encryption", + "type": "" + }, + "type": "Microsoft.Authorization/roleDefinitions" } ] }