You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Note that policy behavior is against the latest version of a key.
New models
// @publicexportinterfaceKeyRotationLifetimeAction{action: KeyRotationPolicyAction;timeAfterCreate?: string;// see (2) belowtimeBeforeExpiry?: string;// see (2) below}// @publicexportinterfaceKeyRotationPolicyextendsKeyRotationPolicyProperties{readonlycreatedOn: Date;readonlyid: string;readonlyupdatedOn?: Date;}// @publicexporttypeKeyRotationPolicyAction="Rotate"|"Notify";// @publicexportinterfaceKeyRotationPolicyProperties{// see (3) belowexpiresIn?: string;// see (2) belowlifetimeActions?: KeyRotationLifetimeAction[];}
Swagger inconsistencies to be mindful of
The swagger defines the possible values for LifetimeActionsType as an enum consisting of rotate and notify but in reality it returns Rotate and Notify - the service accepts both casing, is case-insensitive, but in order to model the correct values here we went with the following swagger transformation:
Calling GET /keys/{name}/rotationpolicy will return an object with all properties set to null. We're discussing having that endpoint 404, but until then I am return undefined if the id doesn't exist
We're still discussing whether the swagger should model this as an ISO8601 duration. In JS, the architects prefer a string, but model this duration in whatever way is idiomatic (TimeSpan, etc). If the swagger changes, I'll update the feature crew
In order to properly model input / output values I separated out the KeyRotationPolicy and the KeyRotationPolicyProperties . The former extends the latter and adds the server-side attributes (timestamps and ID).
The text was updated successfully, but these errors were encountered:
To support KeyVault Key Rotation, implement the following changes (modeled from JS, but use whatever API is idiomatic for your language):
ARM Template changes
When creating a keyvault, add
rotate
to the keys' accessPolicies so that your test application has permissions to rotate and set the rotation policy.Key Client API
Note that policy behavior is against the latest version of a key.
New models
Swagger inconsistencies to be mindful of
The swagger defines the possible values for LifetimeActionsType as an enum consisting of
rotate
andnotify
but in reality it returnsRotate
andNotify
- the service accepts both casing, is case-insensitive, but in order to model the correct values here we went with the following swagger transformation:Notes
The text was updated successfully, but these errors were encountered: