Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Managed HSM #13287

Merged
merged 12 commits into from
Oct 22, 2020
Merged

Managed HSM #13287

merged 12 commits into from
Oct 22, 2020

Conversation

isra-fel
Copy link
Member

@isra-fel isra-fel commented Oct 21, 2020
edited
Loading

Description

This cmdlet cherry-picked 746145d on master, and added fixes for:

  • BouncyCastle assembly is not strong name signed
  • Security domain features are not avaiable on Windows powershell

Checklist

  • I have read the Submitting Changes section of CONTRIBUTING.md
  • The title of the PR is clear and informative
  • The appropriate ChangeLog.md file(s) has been updated:
    • For any service, the ChangeLog.md file can be found at src/{{SERVICE}}/{{SERVICE}}/ChangeLog.md
    • A snippet outlining the change(s) made in the PR should be written under the ## Upcoming Release header -- no new version header should be added
  • The PR does not introduce breaking changes
  • If applicable, the changes made in the PR have proper test coverage
  • For public API changes to cmdlets:
    • a cmdlet design review was approved for the changes in this repository (Microsoft internal only)
    • the markdown help files have been regenerated using the commands listed here

BethanyZhou and others added 4 commits October 21, 2020 14:54
@BethanyZhou @isra-fel
[KeyVault] Managed HSM (#13259)
746145d 
* Enable MHSM Management via *-AzKeyVault (#12575)

* Support creating a MHSM pool.

* Supporting querying MHSM objects

* Support deleting MHSM

* Support updating mhsm

* Add test cases

* Hide unavailable services

* Add test cases

* expose EnablePurgeProtection for MHSM

* correct indent of ps1xml

* upload localfeed

* Hide enablePurgeProtection

* Update ChangeLog.md and help.md

* Modify codes according to comments

* Update help.md

* Update VaultCreationParameters.cs

* Update get-azkeyvault.md

* Update KeyVaultManagementTests.ps1

* Record scenario test for Managed Hsm (#12631)

* Record scenario tests for managed hsm

* add default parameter set for

* Re-record scenario tests.

* [KeyVault] Update to official SDK (#12767)

* local 3.1.0 sdk

* Use production key vault mgmt sdk

* remove security domain from format xml

* combine track 1&2 sdk (#13018)

* combine track 1&2 sdk

* update azure.core to 1.5.0

* add exception; revert addkeyvaultkey

* add dll to psd1

* fix exception

* Detach managed hsm from key vault command (#13187)

* get managed hsm

* new managed hsm

* remove managed hsm

* update help.md

* update managed hsm

* add online version for new help.md

* Convert mhsm test to liveonly

* add test record

* Support data plane of managed HSM (#13216)

* create managed hsm key

* get managed hsm key

* remove managed hsm key

* update managed hsm key

* undo managed hsm key removal

* back up and restore managed hsm key

* add help.md

* import/download managed hsm RSA key

* Update help.md

* Update changelog.md

* suppress signature issues

* Update all help markdowns

* add logger for track2sdk

* add metadata for oct-HSM

Co-authored-by: Yeming Liu <Yeming.Liu@microsoft.com>

* Limit KeyType to be required only when create managed HSM key (#13242)

* limit KeyType to be required only when create managed HSM key

* add pester test

* Security domain (#13226)

* wip

* wip

* wip

* wip

* wip

* wip

* support securestring

* wip

* wip

* wip

* generate docs

* docs & error handling

* move crypto alg inside security domain

* resource strings

* remove extra code

* write help markdown

* resolve relative path to absolute path

* suppress signature issues

Co-authored-by: Yeming Liu <yeliu@microsoft.com>
Co-authored-by: Beisi Zhou <zhoubeisi@gmail.com>
Co-authored-by: Beisi Zhou <zazbs@qq.com>

* remove pfx file

* full backup restore + rbac (#13261)

Co-authored-by: Yeming Liu <yeliu@microsoft.com>

* small fixes

changelog; azure.core; sdk version; online version; breaking change csv;
shared assembly conflict; failed tests;

* license of BouncyCastle.NetCore

* remove local feed

Co-authored-by: Yeming Liu <Yeming.Liu@microsoft.com>
Co-authored-by: Yeming Liu <yeliu@microsoft.com>
@isra-fel
use portable.bouncycastle
bb0ca35
@isra-fel
bug fix...
5208f48 
...replace bouncycastle lib;
fix security domain issue on windows powershell
@BethanyZhou @isra-fel
Add pester test for RBAC and full-backup managed HSM
b6377aa
@isra-fel isra-fel mentioned this pull request Oct 21, 2020
Closed
8 tasks
dingmeng-xue
dingmeng-xue reviewed Oct 21, 2020
View reviewed changes
LICENSE.txt Outdated

The software includes BouncyCastle.NetCore. The MIT License set out below is provided for informational purposes only. It is not the license that governs any part of the software.

BouncyCastle.NetCore
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It should be updated.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good catch! Fixed

@isra-fel
Copy link
Member Author

I'm trying to figure out what went wrong