-
Notifications
You must be signed in to change notification settings - Fork 3.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Enable MHSM Management via *-AzKeyVault #12575
Enable MHSM Management via *-AzKeyVault #12575
Conversation
Can one of the admins verify this patch? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Except for the inline comments, please also write examples for Get-, New- and Set-.
Thanks
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@BethanyZhou I'll just merge this PR. When recording the tests please also regenerate the help files. Thanks
@@ -211,6 +258,21 @@ Accept pipeline input: False | |||
Accept wildcard characters: False | |||
``` | |||
|
|||
### -Hsm | |||
Specifies the type of this vault as MHSM. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The help files needs to be regenerated
* Enable MHSM Management via *-AzKeyVault (#12575) * Support creating a MHSM pool. * Supporting querying MHSM objects * Support deleting MHSM * Support updating mhsm * Add test cases * Hide unavailable services * Add test cases * expose EnablePurgeProtection for MHSM * correct indent of ps1xml * upload localfeed * Hide enablePurgeProtection * Update ChangeLog.md and help.md * Modify codes according to comments * Update help.md * Update VaultCreationParameters.cs * Update get-azkeyvault.md * Update KeyVaultManagementTests.ps1 * Record scenario test for Managed Hsm (#12631) * Record scenario tests for managed hsm * add default parameter set for * Re-record scenario tests. * [KeyVault] Update to official SDK (#12767) * local 3.1.0 sdk * Use production key vault mgmt sdk * remove security domain from format xml * combine track 1&2 sdk (#13018) * combine track 1&2 sdk * update azure.core to 1.5.0 * add exception; revert addkeyvaultkey * add dll to psd1 * fix exception * Detach managed hsm from key vault command (#13187) * get managed hsm * new managed hsm * remove managed hsm * update help.md * update managed hsm * add online version for new help.md * Convert mhsm test to liveonly * add test record * Support data plane of managed HSM (#13216) * create managed hsm key * get managed hsm key * remove managed hsm key * update managed hsm key * undo managed hsm key removal * back up and restore managed hsm key * add help.md * import/download managed hsm RSA key * Update help.md * Update changelog.md * suppress signature issues * Update all help markdowns * add logger for track2sdk * add metadata for oct-HSM Co-authored-by: Yeming Liu <Yeming.Liu@microsoft.com> * Limit KeyType to be required only when create managed HSM key (#13242) * limit KeyType to be required only when create managed HSM key * add pester test * Security domain (#13226) * wip * wip * wip * wip * wip * wip * support securestring * wip * wip * wip * generate docs * docs & error handling * move crypto alg inside security domain * resource strings * remove extra code * write help markdown * resolve relative path to absolute path * suppress signature issues Co-authored-by: Yeming Liu <yeliu@microsoft.com> Co-authored-by: Beisi Zhou <zhoubeisi@gmail.com> Co-authored-by: Beisi Zhou <zazbs@qq.com> * remove pfx file * full backup restore + rbac (#13261) Co-authored-by: Yeming Liu <yeliu@microsoft.com> * small fixes changelog; azure.core; sdk version; online version; breaking change csv; shared assembly conflict; failed tests; * license of BouncyCastle.NetCore * remove local feed Co-authored-by: Yeming Liu <Yeming.Liu@microsoft.com> Co-authored-by: Yeming Liu <yeliu@microsoft.com>
* Enable MHSM Management via *-AzKeyVault (#12575) * Support creating a MHSM pool. * Supporting querying MHSM objects * Support deleting MHSM * Support updating mhsm * Add test cases * Hide unavailable services * Add test cases * expose EnablePurgeProtection for MHSM * correct indent of ps1xml * upload localfeed * Hide enablePurgeProtection * Update ChangeLog.md and help.md * Modify codes according to comments * Update help.md * Update VaultCreationParameters.cs * Update get-azkeyvault.md * Update KeyVaultManagementTests.ps1 * Record scenario test for Managed Hsm (#12631) * Record scenario tests for managed hsm * add default parameter set for * Re-record scenario tests. * [KeyVault] Update to official SDK (#12767) * local 3.1.0 sdk * Use production key vault mgmt sdk * remove security domain from format xml * combine track 1&2 sdk (#13018) * combine track 1&2 sdk * update azure.core to 1.5.0 * add exception; revert addkeyvaultkey * add dll to psd1 * fix exception * Detach managed hsm from key vault command (#13187) * get managed hsm * new managed hsm * remove managed hsm * update help.md * update managed hsm * add online version for new help.md * Convert mhsm test to liveonly * add test record * Support data plane of managed HSM (#13216) * create managed hsm key * get managed hsm key * remove managed hsm key * update managed hsm key * undo managed hsm key removal * back up and restore managed hsm key * add help.md * import/download managed hsm RSA key * Update help.md * Update changelog.md * suppress signature issues * Update all help markdowns * add logger for track2sdk * add metadata for oct-HSM Co-authored-by: Yeming Liu <Yeming.Liu@microsoft.com> * Limit KeyType to be required only when create managed HSM key (#13242) * limit KeyType to be required only when create managed HSM key * add pester test * Security domain (#13226) * wip * wip * wip * wip * wip * wip * support securestring * wip * wip * wip * generate docs * docs & error handling * move crypto alg inside security domain * resource strings * remove extra code * write help markdown * resolve relative path to absolute path * suppress signature issues Co-authored-by: Yeming Liu <yeliu@microsoft.com> Co-authored-by: Beisi Zhou <zhoubeisi@gmail.com> Co-authored-by: Beisi Zhou <zazbs@qq.com> * remove pfx file * full backup restore + rbac (#13261) Co-authored-by: Yeming Liu <yeliu@microsoft.com> * small fixes changelog; azure.core; sdk version; online version; breaking change csv; shared assembly conflict; failed tests; * license of BouncyCastle.NetCore * remove local feed Co-authored-by: Yeming Liu <Yeming.Liu@microsoft.com> Co-authored-by: Yeming Liu <yeliu@microsoft.com>
Force merge after CI passed * [KeyVault] Managed HSM (#13259) * Enable MHSM Management via *-AzKeyVault (#12575) * Support creating a MHSM pool. * Supporting querying MHSM objects * Support deleting MHSM * Support updating mhsm * Add test cases * Hide unavailable services * Add test cases * expose EnablePurgeProtection for MHSM * correct indent of ps1xml * upload localfeed * Hide enablePurgeProtection * Update ChangeLog.md and help.md * Modify codes according to comments * Update help.md * Update VaultCreationParameters.cs * Update get-azkeyvault.md * Update KeyVaultManagementTests.ps1 * Record scenario test for Managed Hsm (#12631) * Record scenario tests for managed hsm * add default parameter set for * Re-record scenario tests. * [KeyVault] Update to official SDK (#12767) * local 3.1.0 sdk * Use production key vault mgmt sdk * remove security domain from format xml * combine track 1&2 sdk (#13018) * combine track 1&2 sdk * update azure.core to 1.5.0 * add exception; revert addkeyvaultkey * add dll to psd1 * fix exception * Detach managed hsm from key vault command (#13187) * get managed hsm * new managed hsm * remove managed hsm * update help.md * update managed hsm * add online version for new help.md * Convert mhsm test to liveonly * add test record * Support data plane of managed HSM (#13216) * create managed hsm key * get managed hsm key * remove managed hsm key * update managed hsm key * undo managed hsm key removal * back up and restore managed hsm key * add help.md * import/download managed hsm RSA key * Update help.md * Update changelog.md * suppress signature issues * Update all help markdowns * add logger for track2sdk * add metadata for oct-HSM Co-authored-by: Yeming Liu <Yeming.Liu@microsoft.com> * Limit KeyType to be required only when create managed HSM key (#13242) * limit KeyType to be required only when create managed HSM key * add pester test * Security domain (#13226) * wip * wip * wip * wip * wip * wip * support securestring * wip * wip * wip * generate docs * docs & error handling * move crypto alg inside security domain * resource strings * remove extra code * write help markdown * resolve relative path to absolute path * suppress signature issues Co-authored-by: Yeming Liu <yeliu@microsoft.com> Co-authored-by: Beisi Zhou <zhoubeisi@gmail.com> Co-authored-by: Beisi Zhou <zazbs@qq.com> * remove pfx file * full backup restore + rbac (#13261) Co-authored-by: Yeming Liu <yeliu@microsoft.com> * small fixes changelog; azure.core; sdk version; online version; breaking change csv; shared assembly conflict; failed tests; * license of BouncyCastle.NetCore * remove local feed Co-authored-by: Yeming Liu <Yeming.Liu@microsoft.com> Co-authored-by: Yeming Liu <yeliu@microsoft.com> * use portable.bouncycastle * bug fix... ...replace bouncycastle lib; fix security domain issue on windows powershell * Add pester test for RBAC and full-backup managed HSM * fix dll list * support relative path when restoring SD * update license (bouncycastle.netcore -> portable) * remove dependency Microsoft.IdentityModel.Tokens Co-authored-by: Beisi Zhou <zhoubeisi@gmail.com> Co-authored-by: Yeming Liu <yeliu@microsoft.com> Co-authored-by: Beisi Zhou <zazbs@qq.com> Co-authored-by: Dingmeng Xue <dixue@microsoft.com>
Description
Design: https://github.com/Azure/azure-powershell-cmdlet-review-pr/issues/688
TODO: after spec PR Azure/azure-rest-api-specs#8996 is merged. Generate and publish new .NET SDK.
Checklist
CONTRIBUTING.md
ChangeLog.md
file(s) has been updated:ChangeLog.md
file can be found atsrc/{{SERVICE}}/{{SERVICE}}/ChangeLog.md
## Upcoming Release
header -- no new version header should be added