1# coding=utf-8 2# -------------------------------------------------------------------------- 3# Copyright (c) Microsoft Corporation. All rights reserved. 4# Licensed under the MIT License. See License.txt in the project root for 5# license information. 6# 7# Code generated by Microsoft (R) AutoRest Code Generator. 8# Changes may cause incorrect behavior and will be lost if the code is 9# regenerated. 10# -------------------------------------------------------------------------- 11 12from msrest.service_client import SDKClient 13from msrest import Serializer, Deserializer 14from msrestazure import AzureConfiguration 15from .version import VERSION 16from msrest.pipeline import ClientRawResponse 17import uuid 18from . import models 19 20 21class KeyVaultClientConfiguration(AzureConfiguration): 22 """Configuration for KeyVaultClient 23 Note that all parameters used to create this instance are saved as instance 24 attributes. 25 26 :param credentials: Credentials needed for the client to connect to Azure. 27 :type credentials: :mod:`A msrestazure Credentials 28 object<msrestazure.azure_active_directory>` 29 """ 30 31 def __init__( 32 self, credentials): 33 34 if credentials is None: 35 raise ValueError("Parameter 'credentials' must not be None.") 36 base_url = '{vaultBaseUrl}' 37 38 super(KeyVaultClientConfiguration, self).__init__(base_url) 39 40 self.add_user_agent('azure-keyvault/{}'.format(VERSION)) 41 self.add_user_agent('Azure-SDK-For-Python') 42 43 self.credentials = credentials 44 45 46class KeyVaultClient(SDKClient): 47 """The key vault client performs cryptographic key operations and vault operations against the Key Vault service. 48 49 :ivar config: Configuration for client. 50 :vartype config: KeyVaultClientConfiguration 51 52 :param credentials: Credentials needed for the client to connect to Azure. 53 :type credentials: :mod:`A msrestazure Credentials 54 object<msrestazure.azure_active_directory>` 55 """ 56 57 def __init__( 58 self, credentials): 59 60 self.config = KeyVaultClientConfiguration(credentials) 61 super(KeyVaultClient, self).__init__(self.config.credentials, self.config) 62 63 client_models = {k: v for k, v in models.__dict__.items() if isinstance(v, type)} 64 self.api_version = '7.0' 65 self._serialize = Serializer(client_models) 66 self._deserialize = Deserializer(client_models) 67 68 69 def create_key( 70 self, vault_base_url, key_name, kty, key_size=None, key_ops=None, key_attributes=None, tags=None, curve=None, custom_headers=None, raw=False, **operation_config): 71 """Creates a new key, stores it, then returns key parameters and 72 attributes to the client. 73 74 The create key operation can be used to create any key type in Azure 75 Key Vault. If the named key already exists, Azure Key Vault creates a 76 new version of the key. It requires the keys/create permission. 77 78 :param vault_base_url: The vault name, for example 79 https://myvault.vault.azure.net. 80 :type vault_base_url: str 81 :param key_name: The name for the new key. The system will generate 82 the version name for the new key. 83 :type key_name: str 84 :param kty: The type of key to create. For valid values, see 85 JsonWebKeyType. Possible values include: 'EC', 'EC-HSM', 'RSA', 86 'RSA-HSM', 'oct' 87 :type kty: str or ~azure.keyvault.v7_0.models.JsonWebKeyType 88 :param key_size: The key size in bits. For example: 2048, 3072, or 89 4096 for RSA. 90 :type key_size: int 91 :param key_ops: 92 :type key_ops: list[str or 93 ~azure.keyvault.v7_0.models.JsonWebKeyOperation] 94 :param key_attributes: 95 :type key_attributes: ~azure.keyvault.v7_0.models.KeyAttributes 96 :param tags: Application specific metadata in the form of key-value 97 pairs. 98 :type tags: dict[str, str] 99 :param curve: Elliptic curve name. For valid values, see 100 JsonWebKeyCurveName. Possible values include: 'P-256', 'P-384', 101 'P-521', 'P-256K' 102 :type curve: str or ~azure.keyvault.v7_0.models.JsonWebKeyCurveName 103 :param dict custom_headers: headers that will be added to the request 104 :param bool raw: returns the direct response alongside the 105 deserialized response 106 :param operation_config: :ref:`Operation configuration 107 overrides<msrest:optionsforoperations>`. 108 :return: KeyBundle or ClientRawResponse if raw=true 109 :rtype: ~azure.keyvault.v7_0.models.KeyBundle or 110 ~msrest.pipeline.ClientRawResponse 111 :raises: 112 :class:`KeyVaultErrorException<azure.keyvault.v7_0.models.KeyVaultErrorException>` 113 """ 114 parameters = models.KeyCreateParameters(kty=kty, key_size=key_size, key_ops=key_ops, key_attributes=key_attributes, tags=tags, curve=curve) 115 116 # Construct URL 117 url = self.create_key.metadata['url'] 118 path_format_arguments = { 119 'vaultBaseUrl': self._serialize.url("vault_base_url", vault_base_url, 'str', skip_quote=True), 120 'key-name': self._serialize.url("key_name", key_name, 'str', pattern=r'^[0-9a-zA-Z-]+$') 121 } 122 url = self._client.format_url(url, **path_format_arguments) 123 124 # Construct parameters 125 query_parameters = {} 126 query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') 127 128 # Construct headers 129 header_parameters = {} 130 header_parameters['Content-Type'] = 'application/json; charset=utf-8' 131 if self.config.generate_client_request_id: 132 header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) 133 if custom_headers: 134 header_parameters.update(custom_headers) 135 if self.config.accept_language is not None: 136 header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') 137 138 # Construct body 139 body_content = self._serialize.body(parameters, 'KeyCreateParameters') 140 141 # Construct and send request 142 request = self._client.post(url, query_parameters) 143 response = self._client.send( 144 request, header_parameters, body_content, stream=False, **operation_config) 145 146 if response.status_code not in [200]: 147 raise models.KeyVaultErrorException(self._deserialize, response) 148 149 deserialized = None 150 151 if response.status_code == 200: 152 deserialized = self._deserialize('KeyBundle', response) 153 154 if raw: 155 client_raw_response = ClientRawResponse(deserialized, response) 156 return client_raw_response 157 158 return deserialized 159 create_key.metadata = {'url': '/keys/{key-name}/create'} 160 161 def import_key( 162 self, vault_base_url, key_name, key, hsm=None, key_attributes=None, tags=None, custom_headers=None, raw=False, **operation_config): 163 """Imports an externally created key, stores it, and returns key 164 parameters and attributes to the client. 165 166 The import key operation may be used to import any key type into an 167 Azure Key Vault. If the named key already exists, Azure Key Vault 168 creates a new version of the key. This operation requires the 169 keys/import permission. 170 171 :param vault_base_url: The vault name, for example 172 https://myvault.vault.azure.net. 173 :type vault_base_url: str 174 :param key_name: Name for the imported key. 175 :type key_name: str 176 :param key: The Json web key 177 :type key: ~azure.keyvault.v7_0.models.JsonWebKey 178 :param hsm: Whether to import as a hardware key (HSM) or software key. 179 :type hsm: bool 180 :param key_attributes: The key management attributes. 181 :type key_attributes: ~azure.keyvault.v7_0.models.KeyAttributes 182 :param tags: Application specific metadata in the form of key-value 183 pairs. 184 :type tags: dict[str, str] 185 :param dict custom_headers: headers that will be added to the request 186 :param bool raw: returns the direct response alongside the 187 deserialized response 188 :param operation_config: :ref:`Operation configuration 189 overrides<msrest:optionsforoperations>`. 190 :return: KeyBundle or ClientRawResponse if raw=true 191 :rtype: ~azure.keyvault.v7_0.models.KeyBundle or 192 ~msrest.pipeline.ClientRawResponse 193 :raises: 194 :class:`KeyVaultErrorException<azure.keyvault.v7_0.models.KeyVaultErrorException>` 195 """ 196 parameters = models.KeyImportParameters(hsm=hsm, key=key, key_attributes=key_attributes, tags=tags) 197 198 # Construct URL 199 url = self.import_key.metadata['url'] 200 path_format_arguments = { 201 'vaultBaseUrl': self._serialize.url("vault_base_url", vault_base_url, 'str', skip_quote=True), 202 'key-name': self._serialize.url("key_name", key_name, 'str', pattern=r'^[0-9a-zA-Z-]+$') 203 } 204 url = self._client.format_url(url, **path_format_arguments) 205 206 # Construct parameters 207 query_parameters = {} 208 query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') 209 210 # Construct headers 211 header_parameters = {} 212 header_parameters['Content-Type'] = 'application/json; charset=utf-8' 213 if self.config.generate_client_request_id: 214 header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) 215 if custom_headers: 216 header_parameters.update(custom_headers) 217 if self.config.accept_language is not None: 218 header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') 219 220 # Construct body 221 body_content = self._serialize.body(parameters, 'KeyImportParameters') 222 223 # Construct and send request 224 request = self._client.put(url, query_parameters) 225 response = self._client.send( 226 request, header_parameters, body_content, stream=False, **operation_config) 227 228 if response.status_code not in [200]: 229 raise models.KeyVaultErrorException(self._deserialize, response) 230 231 deserialized = None 232 233 if response.status_code == 200: 234 deserialized = self._deserialize('KeyBundle', response) 235 236 if raw: 237 client_raw_response = ClientRawResponse(deserialized, response) 238 return client_raw_response 239 240 return deserialized 241 import_key.metadata = {'url': '/keys/{key-name}'} 242 243 def delete_key( 244 self, vault_base_url, key_name, custom_headers=None, raw=False, **operation_config): 245 """Deletes a key of any type from storage in Azure Key Vault. 246 247 The delete key operation cannot be used to remove individual versions 248 of a key. This operation removes the cryptographic material associated 249 with the key, which means the key is not usable for Sign/Verify, 250 Wrap/Unwrap or Encrypt/Decrypt operations. This operation requires the 251 keys/delete permission. 252 253 :param vault_base_url: The vault name, for example 254 https://myvault.vault.azure.net. 255 :type vault_base_url: str 256 :param key_name: The name of the key to delete. 257 :type key_name: str 258 :param dict custom_headers: headers that will be added to the request 259 :param bool raw: returns the direct response alongside the 260 deserialized response 261 :param operation_config: :ref:`Operation configuration 262 overrides<msrest:optionsforoperations>`. 263 :return: DeletedKeyBundle or ClientRawResponse if raw=true 264 :rtype: ~azure.keyvault.v7_0.models.DeletedKeyBundle or 265 ~msrest.pipeline.ClientRawResponse 266 :raises: 267 :class:`KeyVaultErrorException<azure.keyvault.v7_0.models.KeyVaultErrorException>` 268 """ 269 # Construct URL 270 url = self.delete_key.metadata['url'] 271 path_format_arguments = { 272 'vaultBaseUrl': self._serialize.url("vault_base_url", vault_base_url, 'str', skip_quote=True), 273 'key-name': self._serialize.url("key_name", key_name, 'str') 274 } 275 url = self._client.format_url(url, **path_format_arguments) 276 277 # Construct parameters 278 query_parameters = {} 279 query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') 280 281 # Construct headers 282 header_parameters = {} 283 header_parameters['Content-Type'] = 'application/json; charset=utf-8' 284 if self.config.generate_client_request_id: 285 header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) 286 if custom_headers: 287 header_parameters.update(custom_headers) 288 if self.config.accept_language is not None: 289 header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') 290 291 # Construct and send request 292 request = self._client.delete(url, query_parameters) 293 response = self._client.send(request, header_parameters, stream=False, **operation_config) 294 295 if response.status_code not in [200]: 296 raise models.KeyVaultErrorException(self._deserialize, response) 297 298 deserialized = None 299 300 if response.status_code == 200: 301 deserialized = self._deserialize('DeletedKeyBundle', response) 302 303 if raw: 304 client_raw_response = ClientRawResponse(deserialized, response) 305 return client_raw_response 306 307 return deserialized 308 delete_key.metadata = {'url': '/keys/{key-name}'} 309 310 def update_key( 311 self, vault_base_url, key_name, key_version, key_ops=None, key_attributes=None, tags=None, custom_headers=None, raw=False, **operation_config): 312 """The update key operation changes specified attributes of a stored key 313 and can be applied to any key type and key version stored in Azure Key 314 Vault. 315 316 In order to perform this operation, the key must already exist in the 317 Key Vault. Note: The cryptographic material of a key itself cannot be 318 changed. This operation requires the keys/update permission. 319 320 :param vault_base_url: The vault name, for example 321 https://myvault.vault.azure.net. 322 :type vault_base_url: str 323 :param key_name: The name of key to update. 324 :type key_name: str 325 :param key_version: The version of the key to update. 326 :type key_version: str 327 :param key_ops: Json web key operations. For more information on 328 possible key operations, see JsonWebKeyOperation. 329 :type key_ops: list[str or 330 ~azure.keyvault.v7_0.models.JsonWebKeyOperation] 331 :param key_attributes: 332 :type key_attributes: ~azure.keyvault.v7_0.models.KeyAttributes 333 :param tags: Application specific metadata in the form of key-value 334 pairs. 335 :type tags: dict[str, str] 336 :param dict custom_headers: headers that will be added to the request 337 :param bool raw: returns the direct response alongside the 338 deserialized response 339 :param operation_config: :ref:`Operation configuration 340 overrides<msrest:optionsforoperations>`. 341 :return: KeyBundle or ClientRawResponse if raw=true 342 :rtype: ~azure.keyvault.v7_0.models.KeyBundle or 343 ~msrest.pipeline.ClientRawResponse 344 :raises: 345 :class:`KeyVaultErrorException<azure.keyvault.v7_0.models.KeyVaultErrorException>` 346 """ 347 parameters = models.KeyUpdateParameters(key_ops=key_ops, key_attributes=key_attributes, tags=tags) 348 349 # Construct URL 350 url = self.update_key.metadata['url'] 351 path_format_arguments = { 352 'vaultBaseUrl': self._serialize.url("vault_base_url", vault_base_url, 'str', skip_quote=True), 353 'key-name': self._serialize.url("key_name", key_name, 'str'), 354 'key-version': self._serialize.url("key_version", key_version, 'str') 355 } 356 url = self._client.format_url(url, **path_format_arguments) 357 358 # Construct parameters 359 query_parameters = {} 360 query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') 361 362 # Construct headers 363 header_parameters = {} 364 header_parameters['Content-Type'] = 'application/json; charset=utf-8' 365 if self.config.generate_client_request_id: 366 header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) 367 if custom_headers: 368 header_parameters.update(custom_headers) 369 if self.config.accept_language is not None: 370 header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') 371 372 # Construct body 373 body_content = self._serialize.body(parameters, 'KeyUpdateParameters') 374 375 # Construct and send request 376 request = self._client.patch(url, query_parameters) 377 response = self._client.send( 378 request, header_parameters, body_content, stream=False, **operation_config) 379 380 if response.status_code not in [200]: 381 raise models.KeyVaultErrorException(self._deserialize, response) 382 383 deserialized = None 384 385 if response.status_code == 200: 386 deserialized = self._deserialize('KeyBundle', response) 387 388 if raw: 389 client_raw_response = ClientRawResponse(deserialized, response) 390 return client_raw_response 391 392 return deserialized 393 update_key.metadata = {'url': '/keys/{key-name}/{key-version}'} 394 395 def get_key( 396 self, vault_base_url, key_name, key_version, custom_headers=None, raw=False, **operation_config): 397 """Gets the public part of a stored key. 398 399 The get key operation is applicable to all key types. If the requested 400 key is symmetric, then no key material is released in the response. 401 This operation requires the keys/get permission. 402 403 :param vault_base_url: The vault name, for example 404 https://myvault.vault.azure.net. 405 :type vault_base_url: str 406 :param key_name: The name of the key to get. 407 :type key_name: str 408 :param key_version: Adding the version parameter retrieves a specific 409 version of a key. 410 :type key_version: str 411 :param dict custom_headers: headers that will be added to the request 412 :param bool raw: returns the direct response alongside the 413 deserialized response 414 :param operation_config: :ref:`Operation configuration 415 overrides<msrest:optionsforoperations>`. 416 :return: KeyBundle or ClientRawResponse if raw=true 417 :rtype: ~azure.keyvault.v7_0.models.KeyBundle or 418 ~msrest.pipeline.ClientRawResponse 419 :raises: 420 :class:`KeyVaultErrorException<azure.keyvault.v7_0.models.KeyVaultErrorException>` 421 """ 422 # Construct URL 423 url = self.get_key.metadata['url'] 424 path_format_arguments = { 425 'vaultBaseUrl': self._serialize.url("vault_base_url", vault_base_url, 'str', skip_quote=True), 426 'key-name': self._serialize.url("key_name", key_name, 'str'), 427 'key-version': self._serialize.url("key_version", key_version, 'str') 428 } 429 url = self._client.format_url(url, **path_format_arguments) 430 431 # Construct parameters 432 query_parameters = {} 433 query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') 434 435 # Construct headers 436 header_parameters = {} 437 header_parameters['Content-Type'] = 'application/json; charset=utf-8' 438 if self.config.generate_client_request_id: 439 header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) 440 if custom_headers: 441 header_parameters.update(custom_headers) 442 if self.config.accept_language is not None: 443 header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') 444 445 # Construct and send request 446 request = self._client.get(url, query_parameters) 447 response = self._client.send(request, header_parameters, stream=False, **operation_config) 448 449 if response.status_code not in [200]: 450 raise models.KeyVaultErrorException(self._deserialize, response) 451 452 deserialized = None 453 454 if response.status_code == 200: 455 deserialized = self._deserialize('KeyBundle', response) 456 457 if raw: 458 client_raw_response = ClientRawResponse(deserialized, response) 459 return client_raw_response 460 461 return deserialized 462 get_key.metadata = {'url': '/keys/{key-name}/{key-version}'} 463 464 def get_key_versions( 465 self, vault_base_url, key_name, maxresults=None, custom_headers=None, raw=False, **operation_config): 466 """Retrieves a list of individual key versions with the same key name. 467 468 The full key identifier, attributes, and tags are provided in the 469 response. This operation requires the keys/list permission. 470 471 :param vault_base_url: The vault name, for example 472 https://myvault.vault.azure.net. 473 :type vault_base_url: str 474 :param key_name: The name of the key. 475 :type key_name: str 476 :param maxresults: Maximum number of results to return in a page. If 477 not specified the service will return up to 25 results. 478 :type maxresults: int 479 :param dict custom_headers: headers that will be added to the request 480 :param bool raw: returns the direct response alongside the 481 deserialized response 482 :param operation_config: :ref:`Operation configuration 483 overrides<msrest:optionsforoperations>`. 484 :return: An iterator like instance of KeyItem 485 :rtype: 486 ~azure.keyvault.v7_0.models.KeyItemPaged[~azure.keyvault.v7_0.models.KeyItem] 487 :raises: 488 :class:`KeyVaultErrorException<azure.keyvault.v7_0.models.KeyVaultErrorException>` 489 """ 490 def internal_paging(next_link=None, raw=False): 491 492 if not next_link: 493 # Construct URL 494 url = self.get_key_versions.metadata['url'] 495 path_format_arguments = { 496 'vaultBaseUrl': self._serialize.url("vault_base_url", vault_base_url, 'str', skip_quote=True), 497 'key-name': self._serialize.url("key_name", key_name, 'str') 498 } 499 url = self._client.format_url(url, **path_format_arguments) 500 501 # Construct parameters 502 query_parameters = {} 503 if maxresults is not None: 504 query_parameters['maxresults'] = self._serialize.query("maxresults", maxresults, 'int', maximum=25, minimum=1) 505 query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') 506 507 else: 508 url = next_link 509 query_parameters = {} 510 511 # Construct headers 512 header_parameters = {} 513 header_parameters['Content-Type'] = 'application/json; charset=utf-8' 514 if self.config.generate_client_request_id: 515 header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) 516 if custom_headers: 517 header_parameters.update(custom_headers) 518 if self.config.accept_language is not None: 519 header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') 520 521 # Construct and send request 522 request = self._client.get(url, query_parameters) 523 response = self._client.send( 524 request, header_parameters, stream=False, **operation_config) 525 526 if response.status_code not in [200]: 527 raise models.KeyVaultErrorException(self._deserialize, response) 528 529 return response 530 531 # Deserialize response 532 deserialized = models.KeyItemPaged(internal_paging, self._deserialize.dependencies) 533 534 if raw: 535 header_dict = {} 536 client_raw_response = models.KeyItemPaged(internal_paging, self._deserialize.dependencies, header_dict) 537 return client_raw_response 538 539 return deserialized 540 get_key_versions.metadata = {'url': '/keys/{key-name}/versions'} 541 542 def get_keys( 543 self, vault_base_url, maxresults=None, custom_headers=None, raw=False, **operation_config): 544 """List keys in the specified vault. 545 546 Retrieves a list of the keys in the Key Vault as JSON Web Key 547 structures that contain the public part of a stored key. The LIST 548 operation is applicable to all key types, however only the base key 549 identifier, attributes, and tags are provided in the response. 550 Individual versions of a key are not listed in the response. This 551 operation requires the keys/list permission. 552 553 :param vault_base_url: The vault name, for example 554 https://myvault.vault.azure.net. 555 :type vault_base_url: str 556 :param maxresults: Maximum number of results to return in a page. If 557 not specified the service will return up to 25 results. 558 :type maxresults: int 559 :param dict custom_headers: headers that will be added to the request 560 :param bool raw: returns the direct response alongside the 561 deserialized response 562 :param operation_config: :ref:`Operation configuration 563 overrides<msrest:optionsforoperations>`. 564 :return: An iterator like instance of KeyItem 565 :rtype: 566 ~azure.keyvault.v7_0.models.KeyItemPaged[~azure.keyvault.v7_0.models.KeyItem] 567 :raises: 568 :class:`KeyVaultErrorException<azure.keyvault.v7_0.models.KeyVaultErrorException>` 569 """ 570 def internal_paging(next_link=None, raw=False): 571 572 if not next_link: 573 # Construct URL 574 url = self.get_keys.metadata['url'] 575 path_format_arguments = { 576 'vaultBaseUrl': self._serialize.url("vault_base_url", vault_base_url, 'str', skip_quote=True) 577 } 578 url = self._client.format_url(url, **path_format_arguments) 579 580 # Construct parameters 581 query_parameters = {} 582 if maxresults is not None: 583 query_parameters['maxresults'] = self._serialize.query("maxresults", maxresults, 'int', maximum=25, minimum=1) 584 query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') 585 586 else: 587 url = next_link 588 query_parameters = {} 589 590 # Construct headers 591 header_parameters = {} 592 header_parameters['Content-Type'] = 'application/json; charset=utf-8' 593 if self.config.generate_client_request_id: 594 header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) 595 if custom_headers: 596 header_parameters.update(custom_headers) 597 if self.config.accept_language is not None: 598 header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') 599 600 # Construct and send request 601 request = self._client.get(url, query_parameters) 602 response = self._client.send( 603 request, header_parameters, stream=False, **operation_config) 604 605 if response.status_code not in [200]: 606 raise models.KeyVaultErrorException(self._deserialize, response) 607 608 return response 609 610 # Deserialize response 611 deserialized = models.KeyItemPaged(internal_paging, self._deserialize.dependencies) 612 613 if raw: 614 header_dict = {} 615 client_raw_response = models.KeyItemPaged(internal_paging, self._deserialize.dependencies, header_dict) 616 return client_raw_response 617 618 return deserialized 619 get_keys.metadata = {'url': '/keys'} 620 621 def backup_key( 622 self, vault_base_url, key_name, custom_headers=None, raw=False, **operation_config): 623 """Requests that a backup of the specified key be downloaded to the 624 client. 625 626 The Key Backup operation exports a key from Azure Key Vault in a 627 protected form. Note that this operation does NOT return key material 628 in a form that can be used outside the Azure Key Vault system, the 629 returned key material is either protected to a Azure Key Vault HSM or 630 to Azure Key Vault itself. The intent of this operation is to allow a 631 client to GENERATE a key in one Azure Key Vault instance, BACKUP the 632 key, and then RESTORE it into another Azure Key Vault instance. The 633 BACKUP operation may be used to export, in protected form, any key type 634 from Azure Key Vault. Individual versions of a key cannot be backed up. 635 BACKUP / RESTORE can be performed within geographical boundaries only; 636 meaning that a BACKUP from one geographical area cannot be restored to 637 another geographical area. For example, a backup from the US 638 geographical area cannot be restored in an EU geographical area. This 639 operation requires the key/backup permission. 640 641 :param vault_base_url: The vault name, for example 642 https://myvault.vault.azure.net. 643 :type vault_base_url: str 644 :param key_name: The name of the key. 645 :type key_name: str 646 :param dict custom_headers: headers that will be added to the request 647 :param bool raw: returns the direct response alongside the 648 deserialized response 649 :param operation_config: :ref:`Operation configuration 650 overrides<msrest:optionsforoperations>`. 651 :return: BackupKeyResult or ClientRawResponse if raw=true 652 :rtype: ~azure.keyvault.v7_0.models.BackupKeyResult or 653 ~msrest.pipeline.ClientRawResponse 654 :raises: 655 :class:`KeyVaultErrorException<azure.keyvault.v7_0.models.KeyVaultErrorException>` 656 """ 657 # Construct URL 658 url = self.backup_key.metadata['url'] 659 path_format_arguments = { 660 'vaultBaseUrl': self._serialize.url("vault_base_url", vault_base_url, 'str', skip_quote=True), 661 'key-name': self._serialize.url("key_name", key_name, 'str') 662 } 663 url = self._client.format_url(url, **path_format_arguments) 664 665 # Construct parameters 666 query_parameters = {} 667 query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') 668 669 # Construct headers 670 header_parameters = {} 671 header_parameters['Content-Type'] = 'application/json; charset=utf-8' 672 if self.config.generate_client_request_id: 673 header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) 674 if custom_headers: 675 header_parameters.update(custom_headers) 676 if self.config.accept_language is not None: 677 header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') 678 679 # Construct and send request 680 request = self._client.post(url, query_parameters) 681 response = self._client.send(request, header_parameters, stream=False, **operation_config) 682 683 if response.status_code not in [200]: 684 raise models.KeyVaultErrorException(self._deserialize, response) 685 686 deserialized = None 687 688 if response.status_code == 200: 689 deserialized = self._deserialize('BackupKeyResult', response) 690 691 if raw: 692 client_raw_response = ClientRawResponse(deserialized, response) 693 return client_raw_response 694 695 return deserialized 696 backup_key.metadata = {'url': '/keys/{key-name}/backup'} 697 698 def restore_key( 699 self, vault_base_url, key_bundle_backup, custom_headers=None, raw=False, **operation_config): 700 """Restores a backed up key to a vault. 701 702 Imports a previously backed up key into Azure Key Vault, restoring the 703 key, its key identifier, attributes and access control policies. The 704 RESTORE operation may be used to import a previously backed up key. 705 Individual versions of a key cannot be restored. The key is restored in 706 its entirety with the same key name as it had when it was backed up. If 707 the key name is not available in the target Key Vault, the RESTORE 708 operation will be rejected. While the key name is retained during 709 restore, the final key identifier will change if the key is restored to 710 a different vault. Restore will restore all versions and preserve 711 version identifiers. The RESTORE operation is subject to security 712 constraints: The target Key Vault must be owned by the same Microsoft 713 Azure Subscription as the source Key Vault The user must have RESTORE 714 permission in the target Key Vault. This operation requires the 715 keys/restore permission. 716 717 :param vault_base_url: The vault name, for example 718 https://myvault.vault.azure.net. 719 :type vault_base_url: str 720 :param key_bundle_backup: The backup blob associated with a key 721 bundle. 722 :type key_bundle_backup: bytes 723 :param dict custom_headers: headers that will be added to the request 724 :param bool raw: returns the direct response alongside the 725 deserialized response 726 :param operation_config: :ref:`Operation configuration 727 overrides<msrest:optionsforoperations>`. 728 :return: KeyBundle or ClientRawResponse if raw=true 729 :rtype: ~azure.keyvault.v7_0.models.KeyBundle or 730 ~msrest.pipeline.ClientRawResponse 731 :raises: 732 :class:`KeyVaultErrorException<azure.keyvault.v7_0.models.KeyVaultErrorException>` 733 """ 734 parameters = models.KeyRestoreParameters(key_bundle_backup=key_bundle_backup) 735 736 # Construct URL 737 url = self.restore_key.metadata['url'] 738 path_format_arguments = { 739 'vaultBaseUrl': self._serialize.url("vault_base_url", vault_base_url, 'str', skip_quote=True) 740 } 741 url = self._client.format_url(url, **path_format_arguments) 742 743 # Construct parameters 744 query_parameters = {} 745 query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') 746 747 # Construct headers 748 header_parameters = {} 749 header_parameters['Content-Type'] = 'application/json; charset=utf-8' 750 if self.config.generate_client_request_id: 751 header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) 752 if custom_headers: 753 header_parameters.update(custom_headers) 754 if self.config.accept_language is not None: 755 header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') 756 757 # Construct body 758 body_content = self._serialize.body(parameters, 'KeyRestoreParameters') 759 760 # Construct and send request 761 request = self._client.post(url, query_parameters) 762 response = self._client.send( 763 request, header_parameters, body_content, stream=False, **operation_config) 764 765 if response.status_code not in [200]: 766 raise models.KeyVaultErrorException(self._deserialize, response) 767 768 deserialized = None 769 770 if response.status_code == 200: 771 deserialized = self._deserialize('KeyBundle', response) 772 773 if raw: 774 client_raw_response = ClientRawResponse(deserialized, response) 775 return client_raw_response 776 777 return deserialized 778 restore_key.metadata = {'url': '/keys/restore'} 779 780 def encrypt( 781 self, vault_base_url, key_name, key_version, algorithm, value, custom_headers=None, raw=False, **operation_config): 782 """Encrypts an arbitrary sequence of bytes using an encryption key that is 783 stored in a key vault. 784 785 The ENCRYPT operation encrypts an arbitrary sequence of bytes using an 786 encryption key that is stored in Azure Key Vault. Note that the ENCRYPT 787 operation only supports a single block of data, the size of which is 788 dependent on the target key and the encryption algorithm to be used. 789 The ENCRYPT operation is only strictly necessary for symmetric keys 790 stored in Azure Key Vault since protection with an asymmetric key can 791 be performed using public portion of the key. This operation is 792 supported for asymmetric keys as a convenience for callers that have a 793 key-reference but do not have access to the public key material. This 794 operation requires the keys/encypt permission. 795 796 :param vault_base_url: The vault name, for example 797 https://myvault.vault.azure.net. 798 :type vault_base_url: str 799 :param key_name: The name of the key. 800 :type key_name: str 801 :param key_version: The version of the key. 802 :type key_version: str 803 :param algorithm: algorithm identifier. Possible values include: 804 'RSA-OAEP', 'RSA-OAEP-256', 'RSA1_5' 805 :type algorithm: str or 806 ~azure.keyvault.v7_0.models.JsonWebKeyEncryptionAlgorithm 807 :param value: 808 :type value: bytes 809 :param dict custom_headers: headers that will be added to the request 810 :param bool raw: returns the direct response alongside the 811 deserialized response 812 :param operation_config: :ref:`Operation configuration 813 overrides<msrest:optionsforoperations>`. 814 :return: KeyOperationResult or ClientRawResponse if raw=true 815 :rtype: ~azure.keyvault.v7_0.models.KeyOperationResult or 816 ~msrest.pipeline.ClientRawResponse 817 :raises: 818 :class:`KeyVaultErrorException<azure.keyvault.v7_0.models.KeyVaultErrorException>` 819 """ 820 parameters = models.KeyOperationsParameters(algorithm=algorithm, value=value) 821 822 # Construct URL 823 url = self.encrypt.metadata['url'] 824 path_format_arguments = { 825 'vaultBaseUrl': self._serialize.url("vault_base_url", vault_base_url, 'str', skip_quote=True), 826 'key-name': self._serialize.url("key_name", key_name, 'str'), 827 'key-version': self._serialize.url("key_version", key_version, 'str') 828 } 829 url = self._client.format_url(url, **path_format_arguments) 830 831 # Construct parameters 832 query_parameters = {} 833 query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') 834 835 # Construct headers 836 header_parameters = {} 837 header_parameters['Content-Type'] = 'application/json; charset=utf-8' 838 if self.config.generate_client_request_id: 839 header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) 840 if custom_headers: 841 header_parameters.update(custom_headers) 842 if self.config.accept_language is not None: 843 header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') 844 845 # Construct body 846 body_content = self._serialize.body(parameters, 'KeyOperationsParameters') 847 848 # Construct and send request 849 request = self._client.post(url, query_parameters) 850 response = self._client.send( 851 request, header_parameters, body_content, stream=False, **operation_config) 852 853 if response.status_code not in [200]: 854 raise models.KeyVaultErrorException(self._deserialize, response) 855 856 deserialized = None 857 858 if response.status_code == 200: 859 deserialized = self._deserialize('KeyOperationResult', response) 860 861 if raw: 862 client_raw_response = ClientRawResponse(deserialized, response) 863 return client_raw_response 864 865 return deserialized 866 encrypt.metadata = {'url': '/keys/{key-name}/{key-version}/encrypt'} 867 868 def decrypt( 869 self, vault_base_url, key_name, key_version, algorithm, value, custom_headers=None, raw=False, **operation_config): 870 """Decrypts a single block of encrypted data. 871 872 The DECRYPT operation decrypts a well-formed block of ciphertext using 873 the target encryption key and specified algorithm. This operation is 874 the reverse of the ENCRYPT operation; only a single block of data may 875 be decrypted, the size of this block is dependent on the target key and 876 the algorithm to be used. The DECRYPT operation applies to asymmetric 877 and symmetric keys stored in Azure Key Vault since it uses the private 878 portion of the key. This operation requires the keys/decrypt 879 permission. 880 881 :param vault_base_url: The vault name, for example 882 https://myvault.vault.azure.net. 883 :type vault_base_url: str 884 :param key_name: The name of the key. 885 :type key_name: str 886 :param key_version: The version of the key. 887 :type key_version: str 888 :param algorithm: algorithm identifier. Possible values include: 889 'RSA-OAEP', 'RSA-OAEP-256', 'RSA1_5' 890 :type algorithm: str or 891 ~azure.keyvault.v7_0.models.JsonWebKeyEncryptionAlgorithm 892 :param value: 893 :type value: bytes 894 :param dict custom_headers: headers that will be added to the request 895 :param bool raw: returns the direct response alongside the 896 deserialized response 897 :param operation_config: :ref:`Operation configuration 898 overrides<msrest:optionsforoperations>`. 899 :return: KeyOperationResult or ClientRawResponse if raw=true 900 :rtype: ~azure.keyvault.v7_0.models.KeyOperationResult or 901 ~msrest.pipeline.ClientRawResponse 902 :raises: 903 :class:`KeyVaultErrorException<azure.keyvault.v7_0.models.KeyVaultErrorException>` 904 """ 905 parameters = models.KeyOperationsParameters(algorithm=algorithm, value=value) 906 907 # Construct URL 908 url = self.decrypt.metadata['url'] 909 path_format_arguments = { 910 'vaultBaseUrl': self._serialize.url("vault_base_url", vault_base_url, 'str', skip_quote=True), 911 'key-name': self._serialize.url("key_name", key_name, 'str'), 912 'key-version': self._serialize.url("key_version", key_version, 'str') 913 } 914 url = self._client.format_url(url, **path_format_arguments) 915 916 # Construct parameters 917 query_parameters = {} 918 query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') 919 920 # Construct headers 921 header_parameters = {} 922 header_parameters['Content-Type'] = 'application/json; charset=utf-8' 923 if self.config.generate_client_request_id: 924 header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) 925 if custom_headers: 926 header_parameters.update(custom_headers) 927 if self.config.accept_language is not None: 928 header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') 929 930 # Construct body 931 body_content = self._serialize.body(parameters, 'KeyOperationsParameters') 932 933 # Construct and send request 934 request = self._client.post(url, query_parameters) 935 response = self._client.send( 936 request, header_parameters, body_content, stream=False, **operation_config) 937 938 if response.status_code not in [200]: 939 raise models.KeyVaultErrorException(self._deserialize, response) 940 941 deserialized = None 942 943 if response.status_code == 200: 944 deserialized = self._deserialize('KeyOperationResult', response) 945 946 if raw: 947 client_raw_response = ClientRawResponse(deserialized, response) 948 return client_raw_response 949 950 return deserialized 951 decrypt.metadata = {'url': '/keys/{key-name}/{key-version}/decrypt'} 952 953 def sign( 954 self, vault_base_url, key_name, key_version, algorithm, value, custom_headers=None, raw=False, **operation_config): 955 """Creates a signature from a digest using the specified key. 956 957 The SIGN operation is applicable to asymmetric and symmetric keys 958 stored in Azure Key Vault since this operation uses the private portion 959 of the key. This operation requires the keys/sign permission. 960 961 :param vault_base_url: The vault name, for example 962 https://myvault.vault.azure.net. 963 :type vault_base_url: str 964 :param key_name: The name of the key. 965 :type key_name: str 966 :param key_version: The version of the key. 967 :type key_version: str 968 :param algorithm: The signing/verification algorithm identifier. For 969 more information on possible algorithm types, see 970 JsonWebKeySignatureAlgorithm. Possible values include: 'PS256', 971 'PS384', 'PS512', 'RS256', 'RS384', 'RS512', 'RSNULL', 'ES256', 972 'ES384', 'ES512', 'ES256K' 973 :type algorithm: str or 974 ~azure.keyvault.v7_0.models.JsonWebKeySignatureAlgorithm 975 :param value: 976 :type value: bytes 977 :param dict custom_headers: headers that will be added to the request 978 :param bool raw: returns the direct response alongside the 979 deserialized response 980 :param operation_config: :ref:`Operation configuration 981 overrides<msrest:optionsforoperations>`. 982 :return: KeyOperationResult or ClientRawResponse if raw=true 983 :rtype: ~azure.keyvault.v7_0.models.KeyOperationResult or 984 ~msrest.pipeline.ClientRawResponse 985 :raises: 986 :class:`KeyVaultErrorException<azure.keyvault.v7_0.models.KeyVaultErrorException>` 987 """ 988 parameters = models.KeySignParameters(algorithm=algorithm, value=value) 989 990 # Construct URL 991 url = self.sign.metadata['url'] 992 path_format_arguments = { 993 'vaultBaseUrl': self._serialize.url("vault_base_url", vault_base_url, 'str', skip_quote=True), 994 'key-name': self._serialize.url("key_name", key_name, 'str'), 995 'key-version': self._serialize.url("key_version", key_version, 'str') 996 } 997 url = self._client.format_url(url, **path_format_arguments) 998 999 # Construct parameters 1000 query_parameters = {} 1001 query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') 1002 1003 # Construct headers 1004 header_parameters = {} 1005 header_parameters['Content-Type'] = 'application/json; charset=utf-8' 1006 if self.config.generate_client_request_id: 1007 header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) 1008 if custom_headers: 1009 header_parameters.update(custom_headers) 1010 if self.config.accept_language is not None: 1011 header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') 1012 1013 # Construct body 1014 body_content = self._serialize.body(parameters, 'KeySignParameters') 1015 1016 # Construct and send request 1017 request = self._client.post(url, query_parameters) 1018 response = self._client.send( 1019 request, header_parameters, body_content, stream=False, **operation_config) 1020 1021 if response.status_code not in [200]: 1022 raise models.KeyVaultErrorException(self._deserialize, response) 1023 1024 deserialized = None 1025 1026 if response.status_code == 200: 1027 deserialized = self._deserialize('KeyOperationResult', response) 1028 1029 if raw: 1030 client_raw_response = ClientRawResponse(deserialized, response) 1031 return client_raw_response 1032 1033 return deserialized 1034 sign.metadata = {'url': '/keys/{key-name}/{key-version}/sign'} 1035 1036 def verify( 1037 self, vault_base_url, key_name, key_version, algorithm, digest, signature, custom_headers=None, raw=False, **operation_config): 1038 """Verifies a signature using a specified key. 1039 1040 The VERIFY operation is applicable to symmetric keys stored in Azure 1041 Key Vault. VERIFY is not strictly necessary for asymmetric keys stored 1042 in Azure Key Vault since signature verification can be performed using 1043 the public portion of the key but this operation is supported as a 1044 convenience for callers that only have a key-reference and not the 1045 public portion of the key. This operation requires the keys/verify 1046 permission. 1047 1048 :param vault_base_url: The vault name, for example 1049 https://myvault.vault.azure.net. 1050 :type vault_base_url: str 1051 :param key_name: The name of the key. 1052 :type key_name: str 1053 :param key_version: The version of the key. 1054 :type key_version: str 1055 :param algorithm: The signing/verification algorithm. For more 1056 information on possible algorithm types, see 1057 JsonWebKeySignatureAlgorithm. Possible values include: 'PS256', 1058 'PS384', 'PS512', 'RS256', 'RS384', 'RS512', 'RSNULL', 'ES256', 1059 'ES384', 'ES512', 'ES256K' 1060 :type algorithm: str or 1061 ~azure.keyvault.v7_0.models.JsonWebKeySignatureAlgorithm 1062 :param digest: The digest used for signing. 1063 :type digest: bytes 1064 :param signature: The signature to be verified. 1065 :type signature: bytes 1066 :param dict custom_headers: headers that will be added to the request 1067 :param bool raw: returns the direct response alongside the 1068 deserialized response 1069 :param operation_config: :ref:`Operation configuration 1070 overrides<msrest:optionsforoperations>`. 1071 :return: KeyVerifyResult or ClientRawResponse if raw=true 1072 :rtype: ~azure.keyvault.v7_0.models.KeyVerifyResult or 1073 ~msrest.pipeline.ClientRawResponse 1074 :raises: 1075 :class:`KeyVaultErrorException<azure.keyvault.v7_0.models.KeyVaultErrorException>` 1076 """ 1077 parameters = models.KeyVerifyParameters(algorithm=algorithm, digest=digest, signature=signature) 1078 1079 # Construct URL 1080 url = self.verify.metadata['url'] 1081 path_format_arguments = { 1082 'vaultBaseUrl': self._serialize.url("vault_base_url", vault_base_url, 'str', skip_quote=True), 1083 'key-name': self._serialize.url("key_name", key_name, 'str'), 1084 'key-version': self._serialize.url("key_version", key_version, 'str') 1085 } 1086 url = self._client.format_url(url, **path_format_arguments) 1087 1088 # Construct parameters 1089 query_parameters = {} 1090 query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') 1091 1092 # Construct headers 1093 header_parameters = {} 1094 header_parameters['Content-Type'] = 'application/json; charset=utf-8' 1095 if self.config.generate_client_request_id: 1096 header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) 1097 if custom_headers: 1098 header_parameters.update(custom_headers) 1099 if self.config.accept_language is not None: 1100 header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') 1101 1102 # Construct body 1103 body_content = self._serialize.body(parameters, 'KeyVerifyParameters') 1104 1105 # Construct and send request 1106 request = self._client.post(url, query_parameters) 1107 response = self._client.send( 1108 request, header_parameters, body_content, stream=False, **operation_config) 1109 1110 if response.status_code not in [200]: 1111 raise models.KeyVaultErrorException(self._deserialize, response) 1112 1113 deserialized = None 1114 1115 if response.status_code == 200: 1116 deserialized = self._deserialize('KeyVerifyResult', response) 1117 1118 if raw: 1119 client_raw_response = ClientRawResponse(deserialized, response) 1120 return client_raw_response 1121 1122 return deserialized 1123 verify.metadata = {'url': '/keys/{key-name}/{key-version}/verify'} 1124 1125 def wrap_key( 1126 self, vault_base_url, key_name, key_version, algorithm, value, custom_headers=None, raw=False, **operation_config): 1127 """Wraps a symmetric key using a specified key. 1128 1129 The WRAP operation supports encryption of a symmetric key using a key 1130 encryption key that has previously been stored in an Azure Key Vault. 1131 The WRAP operation is only strictly necessary for symmetric keys stored 1132 in Azure Key Vault since protection with an asymmetric key can be 1133 performed using the public portion of the key. This operation is 1134 supported for asymmetric keys as a convenience for callers that have a 1135 key-reference but do not have access to the public key material. This 1136 operation requires the keys/wrapKey permission. 1137 1138 :param vault_base_url: The vault name, for example 1139 https://myvault.vault.azure.net. 1140 :type vault_base_url: str 1141 :param key_name: The name of the key. 1142 :type key_name: str 1143 :param key_version: The version of the key. 1144 :type key_version: str 1145 :param algorithm: algorithm identifier. Possible values include: 1146 'RSA-OAEP', 'RSA-OAEP-256', 'RSA1_5' 1147 :type algorithm: str or 1148 ~azure.keyvault.v7_0.models.JsonWebKeyEncryptionAlgorithm 1149 :param value: 1150 :type value: bytes 1151 :param dict custom_headers: headers that will be added to the request 1152 :param bool raw: returns the direct response alongside the 1153 deserialized response 1154 :param operation_config: :ref:`Operation configuration 1155 overrides<msrest:optionsforoperations>`. 1156 :return: KeyOperationResult or ClientRawResponse if raw=true 1157 :rtype: ~azure.keyvault.v7_0.models.KeyOperationResult or 1158 ~msrest.pipeline.ClientRawResponse 1159 :raises: 1160 :class:`KeyVaultErrorException<azure.keyvault.v7_0.models.KeyVaultErrorException>` 1161 """ 1162 parameters = models.KeyOperationsParameters(algorithm=algorithm, value=value) 1163 1164 # Construct URL 1165 url = self.wrap_key.metadata['url'] 1166 path_format_arguments = { 1167 'vaultBaseUrl': self._serialize.url("vault_base_url", vault_base_url, 'str', skip_quote=True), 1168 'key-name': self._serialize.url("key_name", key_name, 'str'), 1169 'key-version': self._serialize.url("key_version", key_version, 'str') 1170 } 1171 url = self._client.format_url(url, **path_format_arguments) 1172 1173 # Construct parameters 1174 query_parameters = {} 1175 query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') 1176 1177 # Construct headers 1178 header_parameters = {} 1179 header_parameters['Content-Type'] = 'application/json; charset=utf-8' 1180 if self.config.generate_client_request_id: 1181 header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) 1182 if custom_headers: 1183 header_parameters.update(custom_headers) 1184 if self.config.accept_language is not None: 1185 header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') 1186 1187 # Construct body 1188 body_content = self._serialize.body(parameters, 'KeyOperationsParameters') 1189 1190 # Construct and send request 1191 request = self._client.post(url, query_parameters) 1192 response = self._client.send( 1193 request, header_parameters, body_content, stream=False, **operation_config) 1194 1195 if response.status_code not in [200]: 1196 raise models.KeyVaultErrorException(self._deserialize, response) 1197 1198 deserialized = None 1199 1200 if response.status_code == 200: 1201 deserialized = self._deserialize('KeyOperationResult', response) 1202 1203 if raw: 1204 client_raw_response = ClientRawResponse(deserialized, response) 1205 return client_raw_response 1206 1207 return deserialized 1208 wrap_key.metadata = {'url': '/keys/{key-name}/{key-version}/wrapkey'} 1209 1210 def unwrap_key( 1211 self, vault_base_url, key_name, key_version, algorithm, value, custom_headers=None, raw=False, **operation_config): 1212 """Unwraps a symmetric key using the specified key that was initially used 1213 for wrapping that key. 1214 1215 The UNWRAP operation supports decryption of a symmetric key using the 1216 target key encryption key. This operation is the reverse of the WRAP 1217 operation. The UNWRAP operation applies to asymmetric and symmetric 1218 keys stored in Azure Key Vault since it uses the private portion of the 1219 key. This operation requires the keys/unwrapKey permission. 1220 1221 :param vault_base_url: The vault name, for example 1222 https://myvault.vault.azure.net. 1223 :type vault_base_url: str 1224 :param key_name: The name of the key. 1225 :type key_name: str 1226 :param key_version: The version of the key. 1227 :type key_version: str 1228 :param algorithm: algorithm identifier. Possible values include: 1229 'RSA-OAEP', 'RSA-OAEP-256', 'RSA1_5' 1230 :type algorithm: str or 1231 ~azure.keyvault.v7_0.models.JsonWebKeyEncryptionAlgorithm 1232 :param value: 1233 :type value: bytes 1234 :param dict custom_headers: headers that will be added to the request 1235 :param bool raw: returns the direct response alongside the 1236 deserialized response 1237 :param operation_config: :ref:`Operation configuration 1238 overrides<msrest:optionsforoperations>`. 1239 :return: KeyOperationResult or ClientRawResponse if raw=true 1240 :rtype: ~azure.keyvault.v7_0.models.KeyOperationResult or 1241 ~msrest.pipeline.ClientRawResponse 1242 :raises: 1243 :class:`KeyVaultErrorException<azure.keyvault.v7_0.models.KeyVaultErrorException>` 1244 """ 1245 parameters = models.KeyOperationsParameters(algorithm=algorithm, value=value) 1246 1247 # Construct URL 1248 url = self.unwrap_key.metadata['url'] 1249 path_format_arguments = { 1250 'vaultBaseUrl': self._serialize.url("vault_base_url", vault_base_url, 'str', skip_quote=True), 1251 'key-name': self._serialize.url("key_name", key_name, 'str'), 1252 'key-version': self._serialize.url("key_version", key_version, 'str') 1253 } 1254 url = self._client.format_url(url, **path_format_arguments) 1255 1256 # Construct parameters 1257 query_parameters = {} 1258 query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') 1259 1260 # Construct headers 1261 header_parameters = {} 1262 header_parameters['Content-Type'] = 'application/json; charset=utf-8' 1263 if self.config.generate_client_request_id: 1264 header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) 1265 if custom_headers: 1266 header_parameters.update(custom_headers) 1267 if self.config.accept_language is not None: 1268 header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') 1269 1270 # Construct body 1271 body_content = self._serialize.body(parameters, 'KeyOperationsParameters') 1272 1273 # Construct and send request 1274 request = self._client.post(url, query_parameters) 1275 response = self._client.send( 1276 request, header_parameters, body_content, stream=False, **operation_config) 1277 1278 if response.status_code not in [200]: 1279 raise models.KeyVaultErrorException(self._deserialize, response) 1280 1281 deserialized = None 1282 1283 if response.status_code == 200: 1284 deserialized = self._deserialize('KeyOperationResult', response) 1285 1286 if raw: 1287 client_raw_response = ClientRawResponse(deserialized, response) 1288 return client_raw_response 1289 1290 return deserialized 1291 unwrap_key.metadata = {'url': '/keys/{key-name}/{key-version}/unwrapkey'} 1292 1293 def get_deleted_keys( 1294 self, vault_base_url, maxresults=None, custom_headers=None, raw=False, **operation_config): 1295 """Lists the deleted keys in the specified vault. 1296 1297 Retrieves a list of the keys in the Key Vault as JSON Web Key 1298 structures that contain the public part of a deleted key. This 1299 operation includes deletion-specific information. The Get Deleted Keys 1300 operation is applicable for vaults enabled for soft-delete. While the 1301 operation can be invoked on any vault, it will return an error if 1302 invoked on a non soft-delete enabled vault. This operation requires the 1303 keys/list permission. 1304 1305 :param vault_base_url: The vault name, for example 1306 https://myvault.vault.azure.net. 1307 :type vault_base_url: str 1308 :param maxresults: Maximum number of results to return in a page. If 1309 not specified the service will return up to 25 results. 1310 :type maxresults: int 1311 :param dict custom_headers: headers that will be added to the request 1312 :param bool raw: returns the direct response alongside the 1313 deserialized response 1314 :param operation_config: :ref:`Operation configuration 1315 overrides<msrest:optionsforoperations>`. 1316 :return: An iterator like instance of DeletedKeyItem 1317 :rtype: 1318 ~azure.keyvault.v7_0.models.DeletedKeyItemPaged[~azure.keyvault.v7_0.models.DeletedKeyItem] 1319 :raises: 1320 :class:`KeyVaultErrorException<azure.keyvault.v7_0.models.KeyVaultErrorException>` 1321 """ 1322 def internal_paging(next_link=None, raw=False): 1323 1324 if not next_link: 1325 # Construct URL 1326 url = self.get_deleted_keys.metadata['url'] 1327 path_format_arguments = { 1328 'vaultBaseUrl': self._serialize.url("vault_base_url", vault_base_url, 'str', skip_quote=True) 1329 } 1330 url = self._client.format_url(url, **path_format_arguments) 1331 1332 # Construct parameters 1333 query_parameters = {} 1334 if maxresults is not None: 1335 query_parameters['maxresults'] = self._serialize.query("maxresults", maxresults, 'int', maximum=25, minimum=1) 1336 query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') 1337 1338 else: 1339 url = next_link 1340 query_parameters = {} 1341 1342 # Construct headers 1343 header_parameters = {} 1344 header_parameters['Content-Type'] = 'application/json; charset=utf-8' 1345 if self.config.generate_client_request_id: 1346 header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) 1347 if custom_headers: 1348 header_parameters.update(custom_headers) 1349 if self.config.accept_language is not None: 1350 header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') 1351 1352 # Construct and send request 1353 request = self._client.get(url, query_parameters) 1354 response = self._client.send( 1355 request, header_parameters, stream=False, **operation_config) 1356 1357 if response.status_code not in [200]: 1358 raise models.KeyVaultErrorException(self._deserialize, response) 1359 1360 return response 1361 1362 # Deserialize response 1363 deserialized = models.DeletedKeyItemPaged(internal_paging, self._deserialize.dependencies) 1364 1365 if raw: 1366 header_dict = {} 1367 client_raw_response = models.DeletedKeyItemPaged(internal_paging, self._deserialize.dependencies, header_dict) 1368 return client_raw_response 1369 1370 return deserialized 1371 get_deleted_keys.metadata = {'url': '/deletedkeys'} 1372 1373 def get_deleted_key( 1374 self, vault_base_url, key_name, custom_headers=None, raw=False, **operation_config): 1375 """Gets the public part of a deleted key. 1376 1377 The Get Deleted Key operation is applicable for soft-delete enabled 1378 vaults. While the operation can be invoked on any vault, it will return 1379 an error if invoked on a non soft-delete enabled vault. This operation 1380 requires the keys/get permission. . 1381 1382 :param vault_base_url: The vault name, for example 1383 https://myvault.vault.azure.net. 1384 :type vault_base_url: str 1385 :param key_name: The name of the key. 1386 :type key_name: str 1387 :param dict custom_headers: headers that will be added to the request 1388 :param bool raw: returns the direct response alongside the 1389 deserialized response 1390 :param operation_config: :ref:`Operation configuration 1391 overrides<msrest:optionsforoperations>`. 1392 :return: DeletedKeyBundle or ClientRawResponse if raw=true 1393 :rtype: ~azure.keyvault.v7_0.models.DeletedKeyBundle or 1394 ~msrest.pipeline.ClientRawResponse 1395 :raises: 1396 :class:`KeyVaultErrorException<azure.keyvault.v7_0.models.KeyVaultErrorException>` 1397 """ 1398 # Construct URL 1399 url = self.get_deleted_key.metadata['url'] 1400 path_format_arguments = { 1401 'vaultBaseUrl': self._serialize.url("vault_base_url", vault_base_url, 'str', skip_quote=True), 1402 'key-name': self._serialize.url("key_name", key_name, 'str') 1403 } 1404 url = self._client.format_url(url, **path_format_arguments) 1405 1406 # Construct parameters 1407 query_parameters = {} 1408 query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') 1409 1410 # Construct headers 1411 header_parameters = {} 1412 header_parameters['Content-Type'] = 'application/json; charset=utf-8' 1413 if self.config.generate_client_request_id: 1414 header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) 1415 if custom_headers: 1416 header_parameters.update(custom_headers) 1417 if self.config.accept_language is not None: 1418 header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') 1419 1420 # Construct and send request 1421 request = self._client.get(url, query_parameters) 1422 response = self._client.send(request, header_parameters, stream=False, **operation_config) 1423 1424 if response.status_code not in [200]: 1425 raise models.KeyVaultErrorException(self._deserialize, response) 1426 1427 deserialized = None 1428 1429 if response.status_code == 200: 1430 deserialized = self._deserialize('DeletedKeyBundle', response) 1431 1432 if raw: 1433 client_raw_response = ClientRawResponse(deserialized, response) 1434 return client_raw_response 1435 1436 return deserialized 1437 get_deleted_key.metadata = {'url': '/deletedkeys/{key-name}'} 1438 1439 def purge_deleted_key( 1440 self, vault_base_url, key_name, custom_headers=None, raw=False, **operation_config): 1441 """Permanently deletes the specified key. 1442 1443 The Purge Deleted Key operation is applicable for soft-delete enabled 1444 vaults. While the operation can be invoked on any vault, it will return 1445 an error if invoked on a non soft-delete enabled vault. This operation 1446 requires the keys/purge permission. 1447 1448 :param vault_base_url: The vault name, for example 1449 https://myvault.vault.azure.net. 1450 :type vault_base_url: str 1451 :param key_name: The name of the key 1452 :type key_name: str 1453 :param dict custom_headers: headers that will be added to the request 1454 :param bool raw: returns the direct response alongside the 1455 deserialized response 1456 :param operation_config: :ref:`Operation configuration 1457 overrides<msrest:optionsforoperations>`. 1458 :return: None or ClientRawResponse if raw=true 1459 :rtype: None or ~msrest.pipeline.ClientRawResponse 1460 :raises: 1461 :class:`KeyVaultErrorException<azure.keyvault.v7_0.models.KeyVaultErrorException>` 1462 """ 1463 # Construct URL 1464 url = self.purge_deleted_key.metadata['url'] 1465 path_format_arguments = { 1466 'vaultBaseUrl': self._serialize.url("vault_base_url", vault_base_url, 'str', skip_quote=True), 1467 'key-name': self._serialize.url("key_name", key_name, 'str') 1468 } 1469 url = self._client.format_url(url, **path_format_arguments) 1470 1471 # Construct parameters 1472 query_parameters = {} 1473 query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') 1474 1475 # Construct headers 1476 header_parameters = {} 1477 header_parameters['Content-Type'] = 'application/json; charset=utf-8' 1478 if self.config.generate_client_request_id: 1479 header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) 1480 if custom_headers: 1481 header_parameters.update(custom_headers) 1482 if self.config.accept_language is not None: 1483 header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') 1484 1485 # Construct and send request 1486 request = self._client.delete(url, query_parameters) 1487 response = self._client.send(request, header_parameters, stream=False, **operation_config) 1488 1489 if response.status_code not in [204]: 1490 raise models.KeyVaultErrorException(self._deserialize, response) 1491 1492 if raw: 1493 client_raw_response = ClientRawResponse(None, response) 1494 return client_raw_response 1495 purge_deleted_key.metadata = {'url': '/deletedkeys/{key-name}'} 1496 1497 def recover_deleted_key( 1498 self, vault_base_url, key_name, custom_headers=None, raw=False, **operation_config): 1499 """Recovers the deleted key to its latest version. 1500 1501 The Recover Deleted Key operation is applicable for deleted keys in 1502 soft-delete enabled vaults. It recovers the deleted key back to its 1503 latest version under /keys. An attempt to recover an non-deleted key 1504 will return an error. Consider this the inverse of the delete operation 1505 on soft-delete enabled vaults. This operation requires the keys/recover 1506 permission. 1507 1508 :param vault_base_url: The vault name, for example 1509 https://myvault.vault.azure.net. 1510 :type vault_base_url: str 1511 :param key_name: The name of the deleted key. 1512 :type key_name: str 1513 :param dict custom_headers: headers that will be added to the request 1514 :param bool raw: returns the direct response alongside the 1515 deserialized response 1516 :param operation_config: :ref:`Operation configuration 1517 overrides<msrest:optionsforoperations>`. 1518 :return: KeyBundle or ClientRawResponse if raw=true 1519 :rtype: ~azure.keyvault.v7_0.models.KeyBundle or 1520 ~msrest.pipeline.ClientRawResponse 1521 :raises: 1522 :class:`KeyVaultErrorException<azure.keyvault.v7_0.models.KeyVaultErrorException>` 1523 """ 1524 # Construct URL 1525 url = self.recover_deleted_key.metadata['url'] 1526 path_format_arguments = { 1527 'vaultBaseUrl': self._serialize.url("vault_base_url", vault_base_url, 'str', skip_quote=True), 1528 'key-name': self._serialize.url("key_name", key_name, 'str') 1529 } 1530 url = self._client.format_url(url, **path_format_arguments) 1531 1532 # Construct parameters 1533 query_parameters = {} 1534 query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') 1535 1536 # Construct headers 1537 header_parameters = {} 1538 header_parameters['Content-Type'] = 'application/json; charset=utf-8' 1539 if self.config.generate_client_request_id: 1540 header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) 1541 if custom_headers: 1542 header_parameters.update(custom_headers) 1543 if self.config.accept_language is not None: 1544 header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') 1545 1546 # Construct and send request 1547 request = self._client.post(url, query_parameters) 1548 response = self._client.send(request, header_parameters, stream=False, **operation_config) 1549 1550 if response.status_code not in [200]: 1551 raise models.KeyVaultErrorException(self._deserialize, response) 1552 1553 deserialized = None 1554 1555 if response.status_code == 200: 1556 deserialized = self._deserialize('KeyBundle', response) 1557 1558 if raw: 1559 client_raw_response = ClientRawResponse(deserialized, response) 1560 return client_raw_response 1561 1562 return deserialized 1563 recover_deleted_key.metadata = {'url': '/deletedkeys/{key-name}/recover'} 1564 1565 def set_secret( 1566 self, vault_base_url, secret_name, value, tags=None, content_type=None, secret_attributes=None, custom_headers=None, raw=False, **operation_config): 1567 """Sets a secret in a specified key vault. 1568 1569 The SET operation adds a secret to the Azure Key Vault. If the named 1570 secret already exists, Azure Key Vault creates a new version of that 1571 secret. This operation requires the secrets/set permission. 1572 1573 :param vault_base_url: The vault name, for example 1574 https://myvault.vault.azure.net. 1575 :type vault_base_url: str 1576 :param secret_name: The name of the secret. 1577 :type secret_name: str 1578 :param value: The value of the secret. 1579 :type value: str 1580 :param tags: Application specific metadata in the form of key-value 1581 pairs. 1582 :type tags: dict[str, str] 1583 :param content_type: Type of the secret value such as a password. 1584 :type content_type: str 1585 :param secret_attributes: The secret management attributes. 1586 :type secret_attributes: ~azure.keyvault.v7_0.models.SecretAttributes 1587 :param dict custom_headers: headers that will be added to the request 1588 :param bool raw: returns the direct response alongside the 1589 deserialized response 1590 :param operation_config: :ref:`Operation configuration 1591 overrides<msrest:optionsforoperations>`. 1592 :return: SecretBundle or ClientRawResponse if raw=true 1593 :rtype: ~azure.keyvault.v7_0.models.SecretBundle or 1594 ~msrest.pipeline.ClientRawResponse 1595 :raises: 1596 :class:`KeyVaultErrorException<azure.keyvault.v7_0.models.KeyVaultErrorException>` 1597 """ 1598 parameters = models.SecretSetParameters(value=value, tags=tags, content_type=content_type, secret_attributes=secret_attributes) 1599 1600 # Construct URL 1601 url = self.set_secret.metadata['url'] 1602 path_format_arguments = { 1603 'vaultBaseUrl': self._serialize.url("vault_base_url", vault_base_url, 'str', skip_quote=True), 1604 'secret-name': self._serialize.url("secret_name", secret_name, 'str', pattern=r'^[0-9a-zA-Z-]+$') 1605 } 1606 url = self._client.format_url(url, **path_format_arguments) 1607 1608 # Construct parameters 1609 query_parameters = {} 1610 query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') 1611 1612 # Construct headers 1613 header_parameters = {} 1614 header_parameters['Content-Type'] = 'application/json; charset=utf-8' 1615 if self.config.generate_client_request_id: 1616 header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) 1617 if custom_headers: 1618 header_parameters.update(custom_headers) 1619 if self.config.accept_language is not None: 1620 header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') 1621 1622 # Construct body 1623 body_content = self._serialize.body(parameters, 'SecretSetParameters') 1624 1625 # Construct and send request 1626 request = self._client.put(url, query_parameters) 1627 response = self._client.send( 1628 request, header_parameters, body_content, stream=False, **operation_config) 1629 1630 if response.status_code not in [200]: 1631 raise models.KeyVaultErrorException(self._deserialize, response) 1632 1633 deserialized = None 1634 1635 if response.status_code == 200: 1636 deserialized = self._deserialize('SecretBundle', response) 1637 1638 if raw: 1639 client_raw_response = ClientRawResponse(deserialized, response) 1640 return client_raw_response 1641 1642 return deserialized 1643 set_secret.metadata = {'url': '/secrets/{secret-name}'} 1644 1645 def delete_secret( 1646 self, vault_base_url, secret_name, custom_headers=None, raw=False, **operation_config): 1647 """Deletes a secret from a specified key vault. 1648 1649 The DELETE operation applies to any secret stored in Azure Key Vault. 1650 DELETE cannot be applied to an individual version of a secret. This 1651 operation requires the secrets/delete permission. 1652 1653 :param vault_base_url: The vault name, for example 1654 https://myvault.vault.azure.net. 1655 :type vault_base_url: str 1656 :param secret_name: The name of the secret. 1657 :type secret_name: str 1658 :param dict custom_headers: headers that will be added to the request 1659 :param bool raw: returns the direct response alongside the 1660 deserialized response 1661 :param operation_config: :ref:`Operation configuration 1662 overrides<msrest:optionsforoperations>`. 1663 :return: DeletedSecretBundle or ClientRawResponse if raw=true 1664 :rtype: ~azure.keyvault.v7_0.models.DeletedSecretBundle or 1665 ~msrest.pipeline.ClientRawResponse 1666 :raises: 1667 :class:`KeyVaultErrorException<azure.keyvault.v7_0.models.KeyVaultErrorException>` 1668 """ 1669 # Construct URL 1670 url = self.delete_secret.metadata['url'] 1671 path_format_arguments = { 1672 'vaultBaseUrl': self._serialize.url("vault_base_url", vault_base_url, 'str', skip_quote=True), 1673 'secret-name': self._serialize.url("secret_name", secret_name, 'str') 1674 } 1675 url = self._client.format_url(url, **path_format_arguments) 1676 1677 # Construct parameters 1678 query_parameters = {} 1679 query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') 1680 1681 # Construct headers 1682 header_parameters = {} 1683 header_parameters['Content-Type'] = 'application/json; charset=utf-8' 1684 if self.config.generate_client_request_id: 1685 header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) 1686 if custom_headers: 1687 header_parameters.update(custom_headers) 1688 if self.config.accept_language is not None: 1689 header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') 1690 1691 # Construct and send request 1692 request = self._client.delete(url, query_parameters) 1693 response = self._client.send(request, header_parameters, stream=False, **operation_config) 1694 1695 if response.status_code not in [200]: 1696 raise models.KeyVaultErrorException(self._deserialize, response) 1697 1698 deserialized = None 1699 1700 if response.status_code == 200: 1701 deserialized = self._deserialize('DeletedSecretBundle', response) 1702 1703 if raw: 1704 client_raw_response = ClientRawResponse(deserialized, response) 1705 return client_raw_response 1706 1707 return deserialized 1708 delete_secret.metadata = {'url': '/secrets/{secret-name}'} 1709 1710 def update_secret( 1711 self, vault_base_url, secret_name, secret_version, content_type=None, secret_attributes=None, tags=None, custom_headers=None, raw=False, **operation_config): 1712 """Updates the attributes associated with a specified secret in a given 1713 key vault. 1714 1715 The UPDATE operation changes specified attributes of an existing stored 1716 secret. Attributes that are not specified in the request are left 1717 unchanged. The value of a secret itself cannot be changed. This 1718 operation requires the secrets/set permission. 1719 1720 :param vault_base_url: The vault name, for example 1721 https://myvault.vault.azure.net. 1722 :type vault_base_url: str 1723 :param secret_name: The name of the secret. 1724 :type secret_name: str 1725 :param secret_version: The version of the secret. 1726 :type secret_version: str 1727 :param content_type: Type of the secret value such as a password. 1728 :type content_type: str 1729 :param secret_attributes: The secret management attributes. 1730 :type secret_attributes: ~azure.keyvault.v7_0.models.SecretAttributes 1731 :param tags: Application specific metadata in the form of key-value 1732 pairs. 1733 :type tags: dict[str, str] 1734 :param dict custom_headers: headers that will be added to the request 1735 :param bool raw: returns the direct response alongside the 1736 deserialized response 1737 :param operation_config: :ref:`Operation configuration 1738 overrides<msrest:optionsforoperations>`. 1739 :return: SecretBundle or ClientRawResponse if raw=true 1740 :rtype: ~azure.keyvault.v7_0.models.SecretBundle or 1741 ~msrest.pipeline.ClientRawResponse 1742 :raises: 1743 :class:`KeyVaultErrorException<azure.keyvault.v7_0.models.KeyVaultErrorException>` 1744 """ 1745 parameters = models.SecretUpdateParameters(content_type=content_type, secret_attributes=secret_attributes, tags=tags) 1746 1747 # Construct URL 1748 url = self.update_secret.metadata['url'] 1749 path_format_arguments = { 1750 'vaultBaseUrl': self._serialize.url("vault_base_url", vault_base_url, 'str', skip_quote=True), 1751 'secret-name': self._serialize.url("secret_name", secret_name, 'str'), 1752 'secret-version': self._serialize.url("secret_version", secret_version, 'str') 1753 } 1754 url = self._client.format_url(url, **path_format_arguments) 1755 1756 # Construct parameters 1757 query_parameters = {} 1758 query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') 1759 1760 # Construct headers 1761 header_parameters = {} 1762 header_parameters['Content-Type'] = 'application/json; charset=utf-8' 1763 if self.config.generate_client_request_id: 1764 header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) 1765 if custom_headers: 1766 header_parameters.update(custom_headers) 1767 if self.config.accept_language is not None: 1768 header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') 1769 1770 # Construct body 1771 body_content = self._serialize.body(parameters, 'SecretUpdateParameters') 1772 1773 # Construct and send request 1774 request = self._client.patch(url, query_parameters) 1775 response = self._client.send( 1776 request, header_parameters, body_content, stream=False, **operation_config) 1777 1778 if response.status_code not in [200]: 1779 raise models.KeyVaultErrorException(self._deserialize, response) 1780 1781 deserialized = None 1782 1783 if response.status_code == 200: 1784 deserialized = self._deserialize('SecretBundle', response) 1785 1786 if raw: 1787 client_raw_response = ClientRawResponse(deserialized, response) 1788 return client_raw_response 1789 1790 return deserialized 1791 update_secret.metadata = {'url': '/secrets/{secret-name}/{secret-version}'} 1792 1793 def get_secret( 1794 self, vault_base_url, secret_name, secret_version, custom_headers=None, raw=False, **operation_config): 1795 """Get a specified secret from a given key vault. 1796 1797 The GET operation is applicable to any secret stored in Azure Key 1798 Vault. This operation requires the secrets/get permission. 1799 1800 :param vault_base_url: The vault name, for example 1801 https://myvault.vault.azure.net. 1802 :type vault_base_url: str 1803 :param secret_name: The name of the secret. 1804 :type secret_name: str 1805 :param secret_version: The version of the secret. 1806 :type secret_version: str 1807 :param dict custom_headers: headers that will be added to the request 1808 :param bool raw: returns the direct response alongside the 1809 deserialized response 1810 :param operation_config: :ref:`Operation configuration 1811 overrides<msrest:optionsforoperations>`. 1812 :return: SecretBundle or ClientRawResponse if raw=true 1813 :rtype: ~azure.keyvault.v7_0.models.SecretBundle or 1814 ~msrest.pipeline.ClientRawResponse 1815 :raises: 1816 :class:`KeyVaultErrorException<azure.keyvault.v7_0.models.KeyVaultErrorException>` 1817 """ 1818 # Construct URL 1819 url = self.get_secret.metadata['url'] 1820 path_format_arguments = { 1821 'vaultBaseUrl': self._serialize.url("vault_base_url", vault_base_url, 'str', skip_quote=True), 1822 'secret-name': self._serialize.url("secret_name", secret_name, 'str'), 1823 'secret-version': self._serialize.url("secret_version", secret_version, 'str') 1824 } 1825 url = self._client.format_url(url, **path_format_arguments) 1826 1827 # Construct parameters 1828 query_parameters = {} 1829 query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') 1830 1831 # Construct headers 1832 header_parameters = {} 1833 header_parameters['Content-Type'] = 'application/json; charset=utf-8' 1834 if self.config.generate_client_request_id: 1835 header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) 1836 if custom_headers: 1837 header_parameters.update(custom_headers) 1838 if self.config.accept_language is not None: 1839 header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') 1840 1841 # Construct and send request 1842 request = self._client.get(url, query_parameters) 1843 response = self._client.send(request, header_parameters, stream=False, **operation_config) 1844 1845 if response.status_code not in [200]: 1846 raise models.KeyVaultErrorException(self._deserialize, response) 1847 1848 deserialized = None 1849 1850 if response.status_code == 200: 1851 deserialized = self._deserialize('SecretBundle', response) 1852 1853 if raw: 1854 client_raw_response = ClientRawResponse(deserialized, response) 1855 return client_raw_response 1856 1857 return deserialized 1858 get_secret.metadata = {'url': '/secrets/{secret-name}/{secret-version}'} 1859 1860 def get_secrets( 1861 self, vault_base_url, maxresults=None, custom_headers=None, raw=False, **operation_config): 1862 """List secrets in a specified key vault. 1863 1864 The Get Secrets operation is applicable to the entire vault. However, 1865 only the base secret identifier and its attributes are provided in the 1866 response. Individual secret versions are not listed in the response. 1867 This operation requires the secrets/list permission. 1868 1869 :param vault_base_url: The vault name, for example 1870 https://myvault.vault.azure.net. 1871 :type vault_base_url: str 1872 :param maxresults: Maximum number of results to return in a page. If 1873 not specified, the service will return up to 25 results. 1874 :type maxresults: int 1875 :param dict custom_headers: headers that will be added to the request 1876 :param bool raw: returns the direct response alongside the 1877 deserialized response 1878 :param operation_config: :ref:`Operation configuration 1879 overrides<msrest:optionsforoperations>`. 1880 :return: An iterator like instance of SecretItem 1881 :rtype: 1882 ~azure.keyvault.v7_0.models.SecretItemPaged[~azure.keyvault.v7_0.models.SecretItem] 1883 :raises: 1884 :class:`KeyVaultErrorException<azure.keyvault.v7_0.models.KeyVaultErrorException>` 1885 """ 1886 def internal_paging(next_link=None, raw=False): 1887 1888 if not next_link: 1889 # Construct URL 1890 url = self.get_secrets.metadata['url'] 1891 path_format_arguments = { 1892 'vaultBaseUrl': self._serialize.url("vault_base_url", vault_base_url, 'str', skip_quote=True) 1893 } 1894 url = self._client.format_url(url, **path_format_arguments) 1895 1896 # Construct parameters 1897 query_parameters = {} 1898 if maxresults is not None: 1899 query_parameters['maxresults'] = self._serialize.query("maxresults", maxresults, 'int', maximum=25, minimum=1) 1900 query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') 1901 1902 else: 1903 url = next_link 1904 query_parameters = {} 1905 1906 # Construct headers 1907 header_parameters = {} 1908 header_parameters['Content-Type'] = 'application/json; charset=utf-8' 1909 if self.config.generate_client_request_id: 1910 header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) 1911 if custom_headers: 1912 header_parameters.update(custom_headers) 1913 if self.config.accept_language is not None: 1914 header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') 1915 1916 # Construct and send request 1917 request = self._client.get(url, query_parameters) 1918 response = self._client.send( 1919 request, header_parameters, stream=False, **operation_config) 1920 1921 if response.status_code not in [200]: 1922 raise models.KeyVaultErrorException(self._deserialize, response) 1923 1924 return response 1925 1926 # Deserialize response 1927 deserialized = models.SecretItemPaged(internal_paging, self._deserialize.dependencies) 1928 1929 if raw: 1930 header_dict = {} 1931 client_raw_response = models.SecretItemPaged(internal_paging, self._deserialize.dependencies, header_dict) 1932 return client_raw_response 1933 1934 return deserialized 1935 get_secrets.metadata = {'url': '/secrets'} 1936 1937 def get_secret_versions( 1938 self, vault_base_url, secret_name, maxresults=None, custom_headers=None, raw=False, **operation_config): 1939 """List all versions of the specified secret. 1940 1941 The full secret identifier and attributes are provided in the response. 1942 No values are returned for the secrets. This operations requires the 1943 secrets/list permission. 1944 1945 :param vault_base_url: The vault name, for example 1946 https://myvault.vault.azure.net. 1947 :type vault_base_url: str 1948 :param secret_name: The name of the secret. 1949 :type secret_name: str 1950 :param maxresults: Maximum number of results to return in a page. If 1951 not specified, the service will return up to 25 results. 1952 :type maxresults: int 1953 :param dict custom_headers: headers that will be added to the request 1954 :param bool raw: returns the direct response alongside the 1955 deserialized response 1956 :param operation_config: :ref:`Operation configuration 1957 overrides<msrest:optionsforoperations>`. 1958 :return: An iterator like instance of SecretItem 1959 :rtype: 1960 ~azure.keyvault.v7_0.models.SecretItemPaged[~azure.keyvault.v7_0.models.SecretItem] 1961 :raises: 1962 :class:`KeyVaultErrorException<azure.keyvault.v7_0.models.KeyVaultErrorException>` 1963 """ 1964 def internal_paging(next_link=None, raw=False): 1965 1966 if not next_link: 1967 # Construct URL 1968 url = self.get_secret_versions.metadata['url'] 1969 path_format_arguments = { 1970 'vaultBaseUrl': self._serialize.url("vault_base_url", vault_base_url, 'str', skip_quote=True), 1971 'secret-name': self._serialize.url("secret_name", secret_name, 'str') 1972 } 1973 url = self._client.format_url(url, **path_format_arguments) 1974 1975 # Construct parameters 1976 query_parameters = {} 1977 if maxresults is not None: 1978 query_parameters['maxresults'] = self._serialize.query("maxresults", maxresults, 'int', maximum=25, minimum=1) 1979 query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') 1980 1981 else: 1982 url = next_link 1983 query_parameters = {} 1984 1985 # Construct headers 1986 header_parameters = {} 1987 header_parameters['Content-Type'] = 'application/json; charset=utf-8' 1988 if self.config.generate_client_request_id: 1989 header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) 1990 if custom_headers: 1991 header_parameters.update(custom_headers) 1992 if self.config.accept_language is not None: 1993 header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') 1994 1995 # Construct and send request 1996 request = self._client.get(url, query_parameters) 1997 response = self._client.send( 1998 request, header_parameters, stream=False, **operation_config) 1999 2000 if response.status_code not in [200]: 2001 raise models.KeyVaultErrorException(self._deserialize, response) 2002 2003 return response 2004 2005 # Deserialize response 2006 deserialized = models.SecretItemPaged(internal_paging, self._deserialize.dependencies) 2007 2008 if raw: 2009 header_dict = {} 2010 client_raw_response = models.SecretItemPaged(internal_paging, self._deserialize.dependencies, header_dict) 2011 return client_raw_response 2012 2013 return deserialized 2014 get_secret_versions.metadata = {'url': '/secrets/{secret-name}/versions'} 2015 2016 def get_deleted_secrets( 2017 self, vault_base_url, maxresults=None, custom_headers=None, raw=False, **operation_config): 2018 """Lists deleted secrets for the specified vault. 2019 2020 The Get Deleted Secrets operation returns the secrets that have been 2021 deleted for a vault enabled for soft-delete. This operation requires 2022 the secrets/list permission. 2023 2024 :param vault_base_url: The vault name, for example 2025 https://myvault.vault.azure.net. 2026 :type vault_base_url: str 2027 :param maxresults: Maximum number of results to return in a page. If 2028 not specified the service will return up to 25 results. 2029 :type maxresults: int 2030 :param dict custom_headers: headers that will be added to the request 2031 :param bool raw: returns the direct response alongside the 2032 deserialized response 2033 :param operation_config: :ref:`Operation configuration 2034 overrides<msrest:optionsforoperations>`. 2035 :return: An iterator like instance of DeletedSecretItem 2036 :rtype: 2037 ~azure.keyvault.v7_0.models.DeletedSecretItemPaged[~azure.keyvault.v7_0.models.DeletedSecretItem] 2038 :raises: 2039 :class:`KeyVaultErrorException<azure.keyvault.v7_0.models.KeyVaultErrorException>` 2040 """ 2041 def internal_paging(next_link=None, raw=False): 2042 2043 if not next_link: 2044 # Construct URL 2045 url = self.get_deleted_secrets.metadata['url'] 2046 path_format_arguments = { 2047 'vaultBaseUrl': self._serialize.url("vault_base_url", vault_base_url, 'str', skip_quote=True) 2048 } 2049 url = self._client.format_url(url, **path_format_arguments) 2050 2051 # Construct parameters 2052 query_parameters = {} 2053 if maxresults is not None: 2054 query_parameters['maxresults'] = self._serialize.query("maxresults", maxresults, 'int', maximum=25, minimum=1) 2055 query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') 2056 2057 else: 2058 url = next_link 2059 query_parameters = {} 2060 2061 # Construct headers 2062 header_parameters = {} 2063 header_parameters['Content-Type'] = 'application/json; charset=utf-8' 2064 if self.config.generate_client_request_id: 2065 header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) 2066 if custom_headers: 2067 header_parameters.update(custom_headers) 2068 if self.config.accept_language is not None: 2069 header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') 2070 2071 # Construct and send request 2072 request = self._client.get(url, query_parameters) 2073 response = self._client.send( 2074 request, header_parameters, stream=False, **operation_config) 2075 2076 if response.status_code not in [200]: 2077 raise models.KeyVaultErrorException(self._deserialize, response) 2078 2079 return response 2080 2081 # Deserialize response 2082 deserialized = models.DeletedSecretItemPaged(internal_paging, self._deserialize.dependencies) 2083 2084 if raw: 2085 header_dict = {} 2086 client_raw_response = models.DeletedSecretItemPaged(internal_paging, self._deserialize.dependencies, header_dict) 2087 return client_raw_response 2088 2089 return deserialized 2090 get_deleted_secrets.metadata = {'url': '/deletedsecrets'} 2091 2092 def get_deleted_secret( 2093 self, vault_base_url, secret_name, custom_headers=None, raw=False, **operation_config): 2094 """Gets the specified deleted secret. 2095 2096 The Get Deleted Secret operation returns the specified deleted secret 2097 along with its attributes. This operation requires the secrets/get 2098 permission. 2099 2100 :param vault_base_url: The vault name, for example 2101 https://myvault.vault.azure.net. 2102 :type vault_base_url: str 2103 :param secret_name: The name of the secret. 2104 :type secret_name: str 2105 :param dict custom_headers: headers that will be added to the request 2106 :param bool raw: returns the direct response alongside the 2107 deserialized response 2108 :param operation_config: :ref:`Operation configuration 2109 overrides<msrest:optionsforoperations>`. 2110 :return: DeletedSecretBundle or ClientRawResponse if raw=true 2111 :rtype: ~azure.keyvault.v7_0.models.DeletedSecretBundle or 2112 ~msrest.pipeline.ClientRawResponse 2113 :raises: 2114 :class:`KeyVaultErrorException<azure.keyvault.v7_0.models.KeyVaultErrorException>` 2115 """ 2116 # Construct URL 2117 url = self.get_deleted_secret.metadata['url'] 2118 path_format_arguments = { 2119 'vaultBaseUrl': self._serialize.url("vault_base_url", vault_base_url, 'str', skip_quote=True), 2120 'secret-name': self._serialize.url("secret_name", secret_name, 'str') 2121 } 2122 url = self._client.format_url(url, **path_format_arguments) 2123 2124 # Construct parameters 2125 query_parameters = {} 2126 query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') 2127 2128 # Construct headers 2129 header_parameters = {} 2130 header_parameters['Content-Type'] = 'application/json; charset=utf-8' 2131 if self.config.generate_client_request_id: 2132 header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) 2133 if custom_headers: 2134 header_parameters.update(custom_headers) 2135 if self.config.accept_language is not None: 2136 header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') 2137 2138 # Construct and send request 2139 request = self._client.get(url, query_parameters) 2140 response = self._client.send(request, header_parameters, stream=False, **operation_config) 2141 2142 if response.status_code not in [200]: 2143 raise models.KeyVaultErrorException(self._deserialize, response) 2144 2145 deserialized = None 2146 2147 if response.status_code == 200: 2148 deserialized = self._deserialize('DeletedSecretBundle', response) 2149 2150 if raw: 2151 client_raw_response = ClientRawResponse(deserialized, response) 2152 return client_raw_response 2153 2154 return deserialized 2155 get_deleted_secret.metadata = {'url': '/deletedsecrets/{secret-name}'} 2156 2157 def purge_deleted_secret( 2158 self, vault_base_url, secret_name, custom_headers=None, raw=False, **operation_config): 2159 """Permanently deletes the specified secret. 2160 2161 The purge deleted secret operation removes the secret permanently, 2162 without the possibility of recovery. This operation can only be enabled 2163 on a soft-delete enabled vault. This operation requires the 2164 secrets/purge permission. 2165 2166 :param vault_base_url: The vault name, for example 2167 https://myvault.vault.azure.net. 2168 :type vault_base_url: str 2169 :param secret_name: The name of the secret. 2170 :type secret_name: str 2171 :param dict custom_headers: headers that will be added to the request 2172 :param bool raw: returns the direct response alongside the 2173 deserialized response 2174 :param operation_config: :ref:`Operation configuration 2175 overrides<msrest:optionsforoperations>`. 2176 :return: None or ClientRawResponse if raw=true 2177 :rtype: None or ~msrest.pipeline.ClientRawResponse 2178 :raises: 2179 :class:`KeyVaultErrorException<azure.keyvault.v7_0.models.KeyVaultErrorException>` 2180 """ 2181 # Construct URL 2182 url = self.purge_deleted_secret.metadata['url'] 2183 path_format_arguments = { 2184 'vaultBaseUrl': self._serialize.url("vault_base_url", vault_base_url, 'str', skip_quote=True), 2185 'secret-name': self._serialize.url("secret_name", secret_name, 'str') 2186 } 2187 url = self._client.format_url(url, **path_format_arguments) 2188 2189 # Construct parameters 2190 query_parameters = {} 2191 query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') 2192 2193 # Construct headers 2194 header_parameters = {} 2195 header_parameters['Content-Type'] = 'application/json; charset=utf-8' 2196 if self.config.generate_client_request_id: 2197 header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) 2198 if custom_headers: 2199 header_parameters.update(custom_headers) 2200 if self.config.accept_language is not None: 2201 header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') 2202 2203 # Construct and send request 2204 request = self._client.delete(url, query_parameters) 2205 response = self._client.send(request, header_parameters, stream=False, **operation_config) 2206 2207 if response.status_code not in [204]: 2208 raise models.KeyVaultErrorException(self._deserialize, response) 2209 2210 if raw: 2211 client_raw_response = ClientRawResponse(None, response) 2212 return client_raw_response 2213 purge_deleted_secret.metadata = {'url': '/deletedsecrets/{secret-name}'} 2214 2215 def recover_deleted_secret( 2216 self, vault_base_url, secret_name, custom_headers=None, raw=False, **operation_config): 2217 """Recovers the deleted secret to the latest version. 2218 2219 Recovers the deleted secret in the specified vault. This operation can 2220 only be performed on a soft-delete enabled vault. This operation 2221 requires the secrets/recover permission. 2222 2223 :param vault_base_url: The vault name, for example 2224 https://myvault.vault.azure.net. 2225 :type vault_base_url: str 2226 :param secret_name: The name of the deleted secret. 2227 :type secret_name: str 2228 :param dict custom_headers: headers that will be added to the request 2229 :param bool raw: returns the direct response alongside the 2230 deserialized response 2231 :param operation_config: :ref:`Operation configuration 2232 overrides<msrest:optionsforoperations>`. 2233 :return: SecretBundle or ClientRawResponse if raw=true 2234 :rtype: ~azure.keyvault.v7_0.models.SecretBundle or 2235 ~msrest.pipeline.ClientRawResponse 2236 :raises: 2237 :class:`KeyVaultErrorException<azure.keyvault.v7_0.models.KeyVaultErrorException>` 2238 """ 2239 # Construct URL 2240 url = self.recover_deleted_secret.metadata['url'] 2241 path_format_arguments = { 2242 'vaultBaseUrl': self._serialize.url("vault_base_url", vault_base_url, 'str', skip_quote=True), 2243 'secret-name': self._serialize.url("secret_name", secret_name, 'str') 2244 } 2245 url = self._client.format_url(url, **path_format_arguments) 2246 2247 # Construct parameters 2248 query_parameters = {} 2249 query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') 2250 2251 # Construct headers 2252 header_parameters = {} 2253 header_parameters['Content-Type'] = 'application/json; charset=utf-8' 2254 if self.config.generate_client_request_id: 2255 header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) 2256 if custom_headers: 2257 header_parameters.update(custom_headers) 2258 if self.config.accept_language is not None: 2259 header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') 2260 2261 # Construct and send request 2262 request = self._client.post(url, query_parameters) 2263 response = self._client.send(request, header_parameters, stream=False, **operation_config) 2264 2265 if response.status_code not in [200]: 2266 raise models.KeyVaultErrorException(self._deserialize, response) 2267 2268 deserialized = None 2269 2270 if response.status_code == 200: 2271 deserialized = self._deserialize('SecretBundle', response) 2272 2273 if raw: 2274 client_raw_response = ClientRawResponse(deserialized, response) 2275 return client_raw_response 2276 2277 return deserialized 2278 recover_deleted_secret.metadata = {'url': '/deletedsecrets/{secret-name}/recover'} 2279 2280 def backup_secret( 2281 self, vault_base_url, secret_name, custom_headers=None, raw=False, **operation_config): 2282 """Backs up the specified secret. 2283 2284 Requests that a backup of the specified secret be downloaded to the 2285 client. All versions of the secret will be downloaded. This operation 2286 requires the secrets/backup permission. 2287 2288 :param vault_base_url: The vault name, for example 2289 https://myvault.vault.azure.net. 2290 :type vault_base_url: str 2291 :param secret_name: The name of the secret. 2292 :type secret_name: str 2293 :param dict custom_headers: headers that will be added to the request 2294 :param bool raw: returns the direct response alongside the 2295 deserialized response 2296 :param operation_config: :ref:`Operation configuration 2297 overrides<msrest:optionsforoperations>`. 2298 :return: BackupSecretResult or ClientRawResponse if raw=true 2299 :rtype: ~azure.keyvault.v7_0.models.BackupSecretResult or 2300 ~msrest.pipeline.ClientRawResponse 2301 :raises: 2302 :class:`KeyVaultErrorException<azure.keyvault.v7_0.models.KeyVaultErrorException>` 2303 """ 2304 # Construct URL 2305 url = self.backup_secret.metadata['url'] 2306 path_format_arguments = { 2307 'vaultBaseUrl': self._serialize.url("vault_base_url", vault_base_url, 'str', skip_quote=True), 2308 'secret-name': self._serialize.url("secret_name", secret_name, 'str') 2309 } 2310 url = self._client.format_url(url, **path_format_arguments) 2311 2312 # Construct parameters 2313 query_parameters = {} 2314 query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') 2315 2316 # Construct headers 2317 header_parameters = {} 2318 header_parameters['Content-Type'] = 'application/json; charset=utf-8' 2319 if self.config.generate_client_request_id: 2320 header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) 2321 if custom_headers: 2322 header_parameters.update(custom_headers) 2323 if self.config.accept_language is not None: 2324 header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') 2325 2326 # Construct and send request 2327 request = self._client.post(url, query_parameters) 2328 response = self._client.send(request, header_parameters, stream=False, **operation_config) 2329 2330 if response.status_code not in [200]: 2331 raise models.KeyVaultErrorException(self._deserialize, response) 2332 2333 deserialized = None 2334 2335 if response.status_code == 200: 2336 deserialized = self._deserialize('BackupSecretResult', response) 2337 2338 if raw: 2339 client_raw_response = ClientRawResponse(deserialized, response) 2340 return client_raw_response 2341 2342 return deserialized 2343 backup_secret.metadata = {'url': '/secrets/{secret-name}/backup'} 2344 2345 def restore_secret( 2346 self, vault_base_url, secret_bundle_backup, custom_headers=None, raw=False, **operation_config): 2347 """Restores a backed up secret to a vault. 2348 2349 Restores a backed up secret, and all its versions, to a vault. This 2350 operation requires the secrets/restore permission. 2351 2352 :param vault_base_url: The vault name, for example 2353 https://myvault.vault.azure.net. 2354 :type vault_base_url: str 2355 :param secret_bundle_backup: The backup blob associated with a secret 2356 bundle. 2357 :type secret_bundle_backup: bytes 2358 :param dict custom_headers: headers that will be added to the request 2359 :param bool raw: returns the direct response alongside the 2360 deserialized response 2361 :param operation_config: :ref:`Operation configuration 2362 overrides<msrest:optionsforoperations>`. 2363 :return: SecretBundle or ClientRawResponse if raw=true 2364 :rtype: ~azure.keyvault.v7_0.models.SecretBundle or 2365 ~msrest.pipeline.ClientRawResponse 2366 :raises: 2367 :class:`KeyVaultErrorException<azure.keyvault.v7_0.models.KeyVaultErrorException>` 2368 """ 2369 parameters = models.SecretRestoreParameters(secret_bundle_backup=secret_bundle_backup) 2370 2371 # Construct URL 2372 url = self.restore_secret.metadata['url'] 2373 path_format_arguments = { 2374 'vaultBaseUrl': self._serialize.url("vault_base_url", vault_base_url, 'str', skip_quote=True) 2375 } 2376 url = self._client.format_url(url, **path_format_arguments) 2377 2378 # Construct parameters 2379 query_parameters = {} 2380 query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') 2381 2382 # Construct headers 2383 header_parameters = {} 2384 header_parameters['Content-Type'] = 'application/json; charset=utf-8' 2385 if self.config.generate_client_request_id: 2386 header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) 2387 if custom_headers: 2388 header_parameters.update(custom_headers) 2389 if self.config.accept_language is not None: 2390 header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') 2391 2392 # Construct body 2393 body_content = self._serialize.body(parameters, 'SecretRestoreParameters') 2394 2395 # Construct and send request 2396 request = self._client.post(url, query_parameters) 2397 response = self._client.send( 2398 request, header_parameters, body_content, stream=False, **operation_config) 2399 2400 if response.status_code not in [200]: 2401 raise models.KeyVaultErrorException(self._deserialize, response) 2402 2403 deserialized = None 2404 2405 if response.status_code == 200: 2406 deserialized = self._deserialize('SecretBundle', response) 2407 2408 if raw: 2409 client_raw_response = ClientRawResponse(deserialized, response) 2410 return client_raw_response 2411 2412 return deserialized 2413 restore_secret.metadata = {'url': '/secrets/restore'} 2414 2415 def get_certificates( 2416 self, vault_base_url, maxresults=None, include_pending=None, custom_headers=None, raw=False, **operation_config): 2417 """List certificates in a specified key vault. 2418 2419 The GetCertificates operation returns the set of certificates resources 2420 in the specified key vault. This operation requires the 2421 certificates/list permission. 2422 2423 :param vault_base_url: The vault name, for example 2424 https://myvault.vault.azure.net. 2425 :type vault_base_url: str 2426 :param maxresults: Maximum number of results to return in a page. If 2427 not specified the service will return up to 25 results. 2428 :type maxresults: int 2429 :param include_pending: Specifies whether to include certificates 2430 which are not completely provisioned. 2431 :type include_pending: bool 2432 :param dict custom_headers: headers that will be added to the request 2433 :param bool raw: returns the direct response alongside the 2434 deserialized response 2435 :param operation_config: :ref:`Operation configuration 2436 overrides<msrest:optionsforoperations>`. 2437 :return: An iterator like instance of CertificateItem 2438 :rtype: 2439 ~azure.keyvault.v7_0.models.CertificateItemPaged[~azure.keyvault.v7_0.models.CertificateItem] 2440 :raises: 2441 :class:`KeyVaultErrorException<azure.keyvault.v7_0.models.KeyVaultErrorException>` 2442 """ 2443 def internal_paging(next_link=None, raw=False): 2444 2445 if not next_link: 2446 # Construct URL 2447 url = self.get_certificates.metadata['url'] 2448 path_format_arguments = { 2449 'vaultBaseUrl': self._serialize.url("vault_base_url", vault_base_url, 'str', skip_quote=True) 2450 } 2451 url = self._client.format_url(url, **path_format_arguments) 2452 2453 # Construct parameters 2454 query_parameters = {} 2455 if maxresults is not None: 2456 query_parameters['maxresults'] = self._serialize.query("maxresults", maxresults, 'int', maximum=25, minimum=1) 2457 if include_pending is not None: 2458 query_parameters['includePending'] = self._serialize.query("include_pending", include_pending, 'bool') 2459 query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') 2460 2461 else: 2462 url = next_link 2463 query_parameters = {} 2464 2465 # Construct headers 2466 header_parameters = {} 2467 header_parameters['Content-Type'] = 'application/json; charset=utf-8' 2468 if self.config.generate_client_request_id: 2469 header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) 2470 if custom_headers: 2471 header_parameters.update(custom_headers) 2472 if self.config.accept_language is not None: 2473 header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') 2474 2475 # Construct and send request 2476 request = self._client.get(url, query_parameters) 2477 response = self._client.send( 2478 request, header_parameters, stream=False, **operation_config) 2479 2480 if response.status_code not in [200]: 2481 raise models.KeyVaultErrorException(self._deserialize, response) 2482 2483 return response 2484 2485 # Deserialize response 2486 deserialized = models.CertificateItemPaged(internal_paging, self._deserialize.dependencies) 2487 2488 if raw: 2489 header_dict = {} 2490 client_raw_response = models.CertificateItemPaged(internal_paging, self._deserialize.dependencies, header_dict) 2491 return client_raw_response 2492 2493 return deserialized 2494 get_certificates.metadata = {'url': '/certificates'} 2495 2496 def delete_certificate( 2497 self, vault_base_url, certificate_name, custom_headers=None, raw=False, **operation_config): 2498 """Deletes a certificate from a specified key vault. 2499 2500 Deletes all versions of a certificate object along with its associated 2501 policy. Delete certificate cannot be used to remove individual versions 2502 of a certificate object. This operation requires the 2503 certificates/delete permission. 2504 2505 :param vault_base_url: The vault name, for example 2506 https://myvault.vault.azure.net. 2507 :type vault_base_url: str 2508 :param certificate_name: The name of the certificate. 2509 :type certificate_name: str 2510 :param dict custom_headers: headers that will be added to the request 2511 :param bool raw: returns the direct response alongside the 2512 deserialized response 2513 :param operation_config: :ref:`Operation configuration 2514 overrides<msrest:optionsforoperations>`. 2515 :return: DeletedCertificateBundle or ClientRawResponse if raw=true 2516 :rtype: ~azure.keyvault.v7_0.models.DeletedCertificateBundle or 2517 ~msrest.pipeline.ClientRawResponse 2518 :raises: 2519 :class:`KeyVaultErrorException<azure.keyvault.v7_0.models.KeyVaultErrorException>` 2520 """ 2521 # Construct URL 2522 url = self.delete_certificate.metadata['url'] 2523 path_format_arguments = { 2524 'vaultBaseUrl': self._serialize.url("vault_base_url", vault_base_url, 'str', skip_quote=True), 2525 'certificate-name': self._serialize.url("certificate_name", certificate_name, 'str') 2526 } 2527 url = self._client.format_url(url, **path_format_arguments) 2528 2529 # Construct parameters 2530 query_parameters = {} 2531 query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') 2532 2533 # Construct headers 2534 header_parameters = {} 2535 header_parameters['Content-Type'] = 'application/json; charset=utf-8' 2536 if self.config.generate_client_request_id: 2537 header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) 2538 if custom_headers: 2539 header_parameters.update(custom_headers) 2540 if self.config.accept_language is not None: 2541 header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') 2542 2543 # Construct and send request 2544 request = self._client.delete(url, query_parameters) 2545 response = self._client.send(request, header_parameters, stream=False, **operation_config) 2546 2547 if response.status_code not in [200]: 2548 raise models.KeyVaultErrorException(self._deserialize, response) 2549 2550 deserialized = None 2551 2552 if response.status_code == 200: 2553 deserialized = self._deserialize('DeletedCertificateBundle', response) 2554 2555 if raw: 2556 client_raw_response = ClientRawResponse(deserialized, response) 2557 return client_raw_response 2558 2559 return deserialized 2560 delete_certificate.metadata = {'url': '/certificates/{certificate-name}'} 2561 2562 def set_certificate_contacts( 2563 self, vault_base_url, contact_list=None, custom_headers=None, raw=False, **operation_config): 2564 """Sets the certificate contacts for the specified key vault. 2565 2566 Sets the certificate contacts for the specified key vault. This 2567 operation requires the certificates/managecontacts permission. 2568 2569 :param vault_base_url: The vault name, for example 2570 https://myvault.vault.azure.net. 2571 :type vault_base_url: str 2572 :param contact_list: The contact list for the vault certificates. 2573 :type contact_list: list[~azure.keyvault.v7_0.models.Contact] 2574 :param dict custom_headers: headers that will be added to the request 2575 :param bool raw: returns the direct response alongside the 2576 deserialized response 2577 :param operation_config: :ref:`Operation configuration 2578 overrides<msrest:optionsforoperations>`. 2579 :return: Contacts or ClientRawResponse if raw=true 2580 :rtype: ~azure.keyvault.v7_0.models.Contacts or 2581 ~msrest.pipeline.ClientRawResponse 2582 :raises: 2583 :class:`KeyVaultErrorException<azure.keyvault.v7_0.models.KeyVaultErrorException>` 2584 """ 2585 contacts = models.Contacts(contact_list=contact_list) 2586 2587 # Construct URL 2588 url = self.set_certificate_contacts.metadata['url'] 2589 path_format_arguments = { 2590 'vaultBaseUrl': self._serialize.url("vault_base_url", vault_base_url, 'str', skip_quote=True) 2591 } 2592 url = self._client.format_url(url, **path_format_arguments) 2593 2594 # Construct parameters 2595 query_parameters = {} 2596 query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') 2597 2598 # Construct headers 2599 header_parameters = {} 2600 header_parameters['Content-Type'] = 'application/json; charset=utf-8' 2601 if self.config.generate_client_request_id: 2602 header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) 2603 if custom_headers: 2604 header_parameters.update(custom_headers) 2605 if self.config.accept_language is not None: 2606 header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') 2607 2608 # Construct body 2609 body_content = self._serialize.body(contacts, 'Contacts') 2610 2611 # Construct and send request 2612 request = self._client.put(url, query_parameters) 2613 response = self._client.send( 2614 request, header_parameters, body_content, stream=False, **operation_config) 2615 2616 if response.status_code not in [200]: 2617 raise models.KeyVaultErrorException(self._deserialize, response) 2618 2619 deserialized = None 2620 2621 if response.status_code == 200: 2622 deserialized = self._deserialize('Contacts', response) 2623 2624 if raw: 2625 client_raw_response = ClientRawResponse(deserialized, response) 2626 return client_raw_response 2627 2628 return deserialized 2629 set_certificate_contacts.metadata = {'url': '/certificates/contacts'} 2630 2631 def get_certificate_contacts( 2632 self, vault_base_url, custom_headers=None, raw=False, **operation_config): 2633 """Lists the certificate contacts for a specified key vault. 2634 2635 The GetCertificateContacts operation returns the set of certificate 2636 contact resources in the specified key vault. This operation requires 2637 the certificates/managecontacts permission. 2638 2639 :param vault_base_url: The vault name, for example 2640 https://myvault.vault.azure.net. 2641 :type vault_base_url: str 2642 :param dict custom_headers: headers that will be added to the request 2643 :param bool raw: returns the direct response alongside the 2644 deserialized response 2645 :param operation_config: :ref:`Operation configuration 2646 overrides<msrest:optionsforoperations>`. 2647 :return: Contacts or ClientRawResponse if raw=true 2648 :rtype: ~azure.keyvault.v7_0.models.Contacts or 2649 ~msrest.pipeline.ClientRawResponse 2650 :raises: 2651 :class:`KeyVaultErrorException<azure.keyvault.v7_0.models.KeyVaultErrorException>` 2652 """ 2653 # Construct URL 2654 url = self.get_certificate_contacts.metadata['url'] 2655 path_format_arguments = { 2656 'vaultBaseUrl': self._serialize.url("vault_base_url", vault_base_url, 'str', skip_quote=True) 2657 } 2658 url = self._client.format_url(url, **path_format_arguments) 2659 2660 # Construct parameters 2661 query_parameters = {} 2662 query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') 2663 2664 # Construct headers 2665 header_parameters = {} 2666 header_parameters['Content-Type'] = 'application/json; charset=utf-8' 2667 if self.config.generate_client_request_id: 2668 header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) 2669 if custom_headers: 2670 header_parameters.update(custom_headers) 2671 if self.config.accept_language is not None: 2672 header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') 2673 2674 # Construct and send request 2675 request = self._client.get(url, query_parameters) 2676 response = self._client.send(request, header_parameters, stream=False, **operation_config) 2677 2678 if response.status_code not in [200]: 2679 raise models.KeyVaultErrorException(self._deserialize, response) 2680 2681 deserialized = None 2682 2683 if response.status_code == 200: 2684 deserialized = self._deserialize('Contacts', response) 2685 2686 if raw: 2687 client_raw_response = ClientRawResponse(deserialized, response) 2688 return client_raw_response 2689 2690 return deserialized 2691 get_certificate_contacts.metadata = {'url': '/certificates/contacts'} 2692 2693 def delete_certificate_contacts( 2694 self, vault_base_url, custom_headers=None, raw=False, **operation_config): 2695 """Deletes the certificate contacts for a specified key vault. 2696 2697 Deletes the certificate contacts for a specified key vault certificate. 2698 This operation requires the certificates/managecontacts permission. 2699 2700 :param vault_base_url: The vault name, for example 2701 https://myvault.vault.azure.net. 2702 :type vault_base_url: str 2703 :param dict custom_headers: headers that will be added to the request 2704 :param bool raw: returns the direct response alongside the 2705 deserialized response 2706 :param operation_config: :ref:`Operation configuration 2707 overrides<msrest:optionsforoperations>`. 2708 :return: Contacts or ClientRawResponse if raw=true 2709 :rtype: ~azure.keyvault.v7_0.models.Contacts or 2710 ~msrest.pipeline.ClientRawResponse 2711 :raises: 2712 :class:`KeyVaultErrorException<azure.keyvault.v7_0.models.KeyVaultErrorException>` 2713 """ 2714 # Construct URL 2715 url = self.delete_certificate_contacts.metadata['url'] 2716 path_format_arguments = { 2717 'vaultBaseUrl': self._serialize.url("vault_base_url", vault_base_url, 'str', skip_quote=True) 2718 } 2719 url = self._client.format_url(url, **path_format_arguments) 2720 2721 # Construct parameters 2722 query_parameters = {} 2723 query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') 2724 2725 # Construct headers 2726 header_parameters = {} 2727 header_parameters['Content-Type'] = 'application/json; charset=utf-8' 2728 if self.config.generate_client_request_id: 2729 header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) 2730 if custom_headers: 2731 header_parameters.update(custom_headers) 2732 if self.config.accept_language is not None: 2733 header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') 2734 2735 # Construct and send request 2736 request = self._client.delete(url, query_parameters) 2737 response = self._client.send(request, header_parameters, stream=False, **operation_config) 2738 2739 if response.status_code not in [200]: 2740 raise models.KeyVaultErrorException(self._deserialize, response) 2741 2742 deserialized = None 2743 2744 if response.status_code == 200: 2745 deserialized = self._deserialize('Contacts', response) 2746 2747 if raw: 2748 client_raw_response = ClientRawResponse(deserialized, response) 2749 return client_raw_response 2750 2751 return deserialized 2752 delete_certificate_contacts.metadata = {'url': '/certificates/contacts'} 2753 2754 def get_certificate_issuers( 2755 self, vault_base_url, maxresults=None, custom_headers=None, raw=False, **operation_config): 2756 """List certificate issuers for a specified key vault. 2757 2758 The GetCertificateIssuers operation returns the set of certificate 2759 issuer resources in the specified key vault. This operation requires 2760 the certificates/manageissuers/getissuers permission. 2761 2762 :param vault_base_url: The vault name, for example 2763 https://myvault.vault.azure.net. 2764 :type vault_base_url: str 2765 :param maxresults: Maximum number of results to return in a page. If 2766 not specified the service will return up to 25 results. 2767 :type maxresults: int 2768 :param dict custom_headers: headers that will be added to the request 2769 :param bool raw: returns the direct response alongside the 2770 deserialized response 2771 :param operation_config: :ref:`Operation configuration 2772 overrides<msrest:optionsforoperations>`. 2773 :return: An iterator like instance of CertificateIssuerItem 2774 :rtype: 2775 ~azure.keyvault.v7_0.models.CertificateIssuerItemPaged[~azure.keyvault.v7_0.models.CertificateIssuerItem] 2776 :raises: 2777 :class:`KeyVaultErrorException<azure.keyvault.v7_0.models.KeyVaultErrorException>` 2778 """ 2779 def internal_paging(next_link=None, raw=False): 2780 2781 if not next_link: 2782 # Construct URL 2783 url = self.get_certificate_issuers.metadata['url'] 2784 path_format_arguments = { 2785 'vaultBaseUrl': self._serialize.url("vault_base_url", vault_base_url, 'str', skip_quote=True) 2786 } 2787 url = self._client.format_url(url, **path_format_arguments) 2788 2789 # Construct parameters 2790 query_parameters = {} 2791 if maxresults is not None: 2792 query_parameters['maxresults'] = self._serialize.query("maxresults", maxresults, 'int', maximum=25, minimum=1) 2793 query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') 2794 2795 else: 2796 url = next_link 2797 query_parameters = {} 2798 2799 # Construct headers 2800 header_parameters = {} 2801 header_parameters['Content-Type'] = 'application/json; charset=utf-8' 2802 if self.config.generate_client_request_id: 2803 header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) 2804 if custom_headers: 2805 header_parameters.update(custom_headers) 2806 if self.config.accept_language is not None: 2807 header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') 2808 2809 # Construct and send request 2810 request = self._client.get(url, query_parameters) 2811 response = self._client.send( 2812 request, header_parameters, stream=False, **operation_config) 2813 2814 if response.status_code not in [200]: 2815 raise models.KeyVaultErrorException(self._deserialize, response) 2816 2817 return response 2818 2819 # Deserialize response 2820 deserialized = models.CertificateIssuerItemPaged(internal_paging, self._deserialize.dependencies) 2821 2822 if raw: 2823 header_dict = {} 2824 client_raw_response = models.CertificateIssuerItemPaged(internal_paging, self._deserialize.dependencies, header_dict) 2825 return client_raw_response 2826 2827 return deserialized 2828 get_certificate_issuers.metadata = {'url': '/certificates/issuers'} 2829 2830 def set_certificate_issuer( 2831 self, vault_base_url, issuer_name, provider, credentials=None, organization_details=None, attributes=None, custom_headers=None, raw=False, **operation_config): 2832 """Sets the specified certificate issuer. 2833 2834 The SetCertificateIssuer operation adds or updates the specified 2835 certificate issuer. This operation requires the certificates/setissuers 2836 permission. 2837 2838 :param vault_base_url: The vault name, for example 2839 https://myvault.vault.azure.net. 2840 :type vault_base_url: str 2841 :param issuer_name: The name of the issuer. 2842 :type issuer_name: str 2843 :param provider: The issuer provider. 2844 :type provider: str 2845 :param credentials: The credentials to be used for the issuer. 2846 :type credentials: ~azure.keyvault.v7_0.models.IssuerCredentials 2847 :param organization_details: Details of the organization as provided 2848 to the issuer. 2849 :type organization_details: 2850 ~azure.keyvault.v7_0.models.OrganizationDetails 2851 :param attributes: Attributes of the issuer object. 2852 :type attributes: ~azure.keyvault.v7_0.models.IssuerAttributes 2853 :param dict custom_headers: headers that will be added to the request 2854 :param bool raw: returns the direct response alongside the 2855 deserialized response 2856 :param operation_config: :ref:`Operation configuration 2857 overrides<msrest:optionsforoperations>`. 2858 :return: IssuerBundle or ClientRawResponse if raw=true 2859 :rtype: ~azure.keyvault.v7_0.models.IssuerBundle or 2860 ~msrest.pipeline.ClientRawResponse 2861 :raises: 2862 :class:`KeyVaultErrorException<azure.keyvault.v7_0.models.KeyVaultErrorException>` 2863 """ 2864 parameter = models.CertificateIssuerSetParameters(provider=provider, credentials=credentials, organization_details=organization_details, attributes=attributes) 2865 2866 # Construct URL 2867 url = self.set_certificate_issuer.metadata['url'] 2868 path_format_arguments = { 2869 'vaultBaseUrl': self._serialize.url("vault_base_url", vault_base_url, 'str', skip_quote=True), 2870 'issuer-name': self._serialize.url("issuer_name", issuer_name, 'str') 2871 } 2872 url = self._client.format_url(url, **path_format_arguments) 2873 2874 # Construct parameters 2875 query_parameters = {} 2876 query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') 2877 2878 # Construct headers 2879 header_parameters = {} 2880 header_parameters['Content-Type'] = 'application/json; charset=utf-8' 2881 if self.config.generate_client_request_id: 2882 header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) 2883 if custom_headers: 2884 header_parameters.update(custom_headers) 2885 if self.config.accept_language is not None: 2886 header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') 2887 2888 # Construct body 2889 body_content = self._serialize.body(parameter, 'CertificateIssuerSetParameters') 2890 2891 # Construct and send request 2892 request = self._client.put(url, query_parameters) 2893 response = self._client.send( 2894 request, header_parameters, body_content, stream=False, **operation_config) 2895 2896 if response.status_code not in [200]: 2897 raise models.KeyVaultErrorException(self._deserialize, response) 2898 2899 deserialized = None 2900 2901 if response.status_code == 200: 2902 deserialized = self._deserialize('IssuerBundle', response) 2903 2904 if raw: 2905 client_raw_response = ClientRawResponse(deserialized, response) 2906 return client_raw_response 2907 2908 return deserialized 2909 set_certificate_issuer.metadata = {'url': '/certificates/issuers/{issuer-name}'} 2910 2911 def update_certificate_issuer( 2912 self, vault_base_url, issuer_name, provider=None, credentials=None, organization_details=None, attributes=None, custom_headers=None, raw=False, **operation_config): 2913 """Updates the specified certificate issuer. 2914 2915 The UpdateCertificateIssuer operation performs an update on the 2916 specified certificate issuer entity. This operation requires the 2917 certificates/setissuers permission. 2918 2919 :param vault_base_url: The vault name, for example 2920 https://myvault.vault.azure.net. 2921 :type vault_base_url: str 2922 :param issuer_name: The name of the issuer. 2923 :type issuer_name: str 2924 :param provider: The issuer provider. 2925 :type provider: str 2926 :param credentials: The credentials to be used for the issuer. 2927 :type credentials: ~azure.keyvault.v7_0.models.IssuerCredentials 2928 :param organization_details: Details of the organization as provided 2929 to the issuer. 2930 :type organization_details: 2931 ~azure.keyvault.v7_0.models.OrganizationDetails 2932 :param attributes: Attributes of the issuer object. 2933 :type attributes: ~azure.keyvault.v7_0.models.IssuerAttributes 2934 :param dict custom_headers: headers that will be added to the request 2935 :param bool raw: returns the direct response alongside the 2936 deserialized response 2937 :param operation_config: :ref:`Operation configuration 2938 overrides<msrest:optionsforoperations>`. 2939 :return: IssuerBundle or ClientRawResponse if raw=true 2940 :rtype: ~azure.keyvault.v7_0.models.IssuerBundle or 2941 ~msrest.pipeline.ClientRawResponse 2942 :raises: 2943 :class:`KeyVaultErrorException<azure.keyvault.v7_0.models.KeyVaultErrorException>` 2944 """ 2945 parameter = models.CertificateIssuerUpdateParameters(provider=provider, credentials=credentials, organization_details=organization_details, attributes=attributes) 2946 2947 # Construct URL 2948 url = self.update_certificate_issuer.metadata['url'] 2949 path_format_arguments = { 2950 'vaultBaseUrl': self._serialize.url("vault_base_url", vault_base_url, 'str', skip_quote=True), 2951 'issuer-name': self._serialize.url("issuer_name", issuer_name, 'str') 2952 } 2953 url = self._client.format_url(url, **path_format_arguments) 2954 2955 # Construct parameters 2956 query_parameters = {} 2957 query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') 2958 2959 # Construct headers 2960 header_parameters = {} 2961 header_parameters['Content-Type'] = 'application/json; charset=utf-8' 2962 if self.config.generate_client_request_id: 2963 header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) 2964 if custom_headers: 2965 header_parameters.update(custom_headers) 2966 if self.config.accept_language is not None: 2967 header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') 2968 2969 # Construct body 2970 body_content = self._serialize.body(parameter, 'CertificateIssuerUpdateParameters') 2971 2972 # Construct and send request 2973 request = self._client.patch(url, query_parameters) 2974 response = self._client.send( 2975 request, header_parameters, body_content, stream=False, **operation_config) 2976 2977 if response.status_code not in [200]: 2978 raise models.KeyVaultErrorException(self._deserialize, response) 2979 2980 deserialized = None 2981 2982 if response.status_code == 200: 2983 deserialized = self._deserialize('IssuerBundle', response) 2984 2985 if raw: 2986 client_raw_response = ClientRawResponse(deserialized, response) 2987 return client_raw_response 2988 2989 return deserialized 2990 update_certificate_issuer.metadata = {'url': '/certificates/issuers/{issuer-name}'} 2991 2992 def get_certificate_issuer( 2993 self, vault_base_url, issuer_name, custom_headers=None, raw=False, **operation_config): 2994 """Lists the specified certificate issuer. 2995 2996 The GetCertificateIssuer operation returns the specified certificate 2997 issuer resources in the specified key vault. This operation requires 2998 the certificates/manageissuers/getissuers permission. 2999 3000 :param vault_base_url: The vault name, for example 3001 https://myvault.vault.azure.net. 3002 :type vault_base_url: str 3003 :param issuer_name: The name of the issuer. 3004 :type issuer_name: str 3005 :param dict custom_headers: headers that will be added to the request 3006 :param bool raw: returns the direct response alongside the 3007 deserialized response 3008 :param operation_config: :ref:`Operation configuration 3009 overrides<msrest:optionsforoperations>`. 3010 :return: IssuerBundle or ClientRawResponse if raw=true 3011 :rtype: ~azure.keyvault.v7_0.models.IssuerBundle or 3012 ~msrest.pipeline.ClientRawResponse 3013 :raises: 3014 :class:`KeyVaultErrorException<azure.keyvault.v7_0.models.KeyVaultErrorException>` 3015 """ 3016 # Construct URL 3017 url = self.get_certificate_issuer.metadata['url'] 3018 path_format_arguments = { 3019 'vaultBaseUrl': self._serialize.url("vault_base_url", vault_base_url, 'str', skip_quote=True), 3020 'issuer-name': self._serialize.url("issuer_name", issuer_name, 'str') 3021 } 3022 url = self._client.format_url(url, **path_format_arguments) 3023 3024 # Construct parameters 3025 query_parameters = {} 3026 query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') 3027 3028 # Construct headers 3029 header_parameters = {} 3030 header_parameters['Content-Type'] = 'application/json; charset=utf-8' 3031 if self.config.generate_client_request_id: 3032 header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) 3033 if custom_headers: 3034 header_parameters.update(custom_headers) 3035 if self.config.accept_language is not None: 3036 header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') 3037 3038 # Construct and send request 3039 request = self._client.get(url, query_parameters) 3040 response = self._client.send(request, header_parameters, stream=False, **operation_config) 3041 3042 if response.status_code not in [200]: 3043 raise models.KeyVaultErrorException(self._deserialize, response) 3044 3045 deserialized = None 3046 3047 if response.status_code == 200: 3048 deserialized = self._deserialize('IssuerBundle', response) 3049 3050 if raw: 3051 client_raw_response = ClientRawResponse(deserialized, response) 3052 return client_raw_response 3053 3054 return deserialized 3055 get_certificate_issuer.metadata = {'url': '/certificates/issuers/{issuer-name}'} 3056 3057 def delete_certificate_issuer( 3058 self, vault_base_url, issuer_name, custom_headers=None, raw=False, **operation_config): 3059 """Deletes the specified certificate issuer. 3060 3061 The DeleteCertificateIssuer operation permanently removes the specified 3062 certificate issuer from the vault. This operation requires the 3063 certificates/manageissuers/deleteissuers permission. 3064 3065 :param vault_base_url: The vault name, for example 3066 https://myvault.vault.azure.net. 3067 :type vault_base_url: str 3068 :param issuer_name: The name of the issuer. 3069 :type issuer_name: str 3070 :param dict custom_headers: headers that will be added to the request 3071 :param bool raw: returns the direct response alongside the 3072 deserialized response 3073 :param operation_config: :ref:`Operation configuration 3074 overrides<msrest:optionsforoperations>`. 3075 :return: IssuerBundle or ClientRawResponse if raw=true 3076 :rtype: ~azure.keyvault.v7_0.models.IssuerBundle or 3077 ~msrest.pipeline.ClientRawResponse 3078 :raises: 3079 :class:`KeyVaultErrorException<azure.keyvault.v7_0.models.KeyVaultErrorException>` 3080 """ 3081 # Construct URL 3082 url = self.delete_certificate_issuer.metadata['url'] 3083 path_format_arguments = { 3084 'vaultBaseUrl': self._serialize.url("vault_base_url", vault_base_url, 'str', skip_quote=True), 3085 'issuer-name': self._serialize.url("issuer_name", issuer_name, 'str') 3086 } 3087 url = self._client.format_url(url, **path_format_arguments) 3088 3089 # Construct parameters 3090 query_parameters = {} 3091 query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') 3092 3093 # Construct headers 3094 header_parameters = {} 3095 header_parameters['Content-Type'] = 'application/json; charset=utf-8' 3096 if self.config.generate_client_request_id: 3097 header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) 3098 if custom_headers: 3099 header_parameters.update(custom_headers) 3100 if self.config.accept_language is not None: 3101 header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') 3102 3103 # Construct and send request 3104 request = self._client.delete(url, query_parameters) 3105 response = self._client.send(request, header_parameters, stream=False, **operation_config) 3106 3107 if response.status_code not in [200]: 3108 raise models.KeyVaultErrorException(self._deserialize, response) 3109 3110 deserialized = None 3111 3112 if response.status_code == 200: 3113 deserialized = self._deserialize('IssuerBundle', response) 3114 3115 if raw: 3116 client_raw_response = ClientRawResponse(deserialized, response) 3117 return client_raw_response 3118 3119 return deserialized 3120 delete_certificate_issuer.metadata = {'url': '/certificates/issuers/{issuer-name}'} 3121 3122 def create_certificate( 3123 self, vault_base_url, certificate_name, certificate_policy=None, certificate_attributes=None, tags=None, custom_headers=None, raw=False, **operation_config): 3124 """Creates a new certificate. 3125 3126 If this is the first version, the certificate resource is created. This 3127 operation requires the certificates/create permission. 3128 3129 :param vault_base_url: The vault name, for example 3130 https://myvault.vault.azure.net. 3131 :type vault_base_url: str 3132 :param certificate_name: The name of the certificate. 3133 :type certificate_name: str 3134 :param certificate_policy: The management policy for the certificate. 3135 :type certificate_policy: 3136 ~azure.keyvault.v7_0.models.CertificatePolicy 3137 :param certificate_attributes: The attributes of the certificate 3138 (optional). 3139 :type certificate_attributes: 3140 ~azure.keyvault.v7_0.models.CertificateAttributes 3141 :param tags: Application specific metadata in the form of key-value 3142 pairs. 3143 :type tags: dict[str, str] 3144 :param dict custom_headers: headers that will be added to the request 3145 :param bool raw: returns the direct response alongside the 3146 deserialized response 3147 :param operation_config: :ref:`Operation configuration 3148 overrides<msrest:optionsforoperations>`. 3149 :return: CertificateOperation or ClientRawResponse if raw=true 3150 :rtype: ~azure.keyvault.v7_0.models.CertificateOperation or 3151 ~msrest.pipeline.ClientRawResponse 3152 :raises: 3153 :class:`KeyVaultErrorException<azure.keyvault.v7_0.models.KeyVaultErrorException>` 3154 """ 3155 parameters = models.CertificateCreateParameters(certificate_policy=certificate_policy, certificate_attributes=certificate_attributes, tags=tags) 3156 3157 # Construct URL 3158 url = self.create_certificate.metadata['url'] 3159 path_format_arguments = { 3160 'vaultBaseUrl': self._serialize.url("vault_base_url", vault_base_url, 'str', skip_quote=True), 3161 'certificate-name': self._serialize.url("certificate_name", certificate_name, 'str', pattern=r'^[0-9a-zA-Z-]+$') 3162 } 3163 url = self._client.format_url(url, **path_format_arguments) 3164 3165 # Construct parameters 3166 query_parameters = {} 3167 query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') 3168 3169 # Construct headers 3170 header_parameters = {} 3171 header_parameters['Content-Type'] = 'application/json; charset=utf-8' 3172 if self.config.generate_client_request_id: 3173 header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) 3174 if custom_headers: 3175 header_parameters.update(custom_headers) 3176 if self.config.accept_language is not None: 3177 header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') 3178 3179 # Construct body 3180 body_content = self._serialize.body(parameters, 'CertificateCreateParameters') 3181 3182 # Construct and send request 3183 request = self._client.post(url, query_parameters) 3184 response = self._client.send( 3185 request, header_parameters, body_content, stream=False, **operation_config) 3186 3187 if response.status_code not in [202]: 3188 raise models.KeyVaultErrorException(self._deserialize, response) 3189 3190 deserialized = None 3191 3192 if response.status_code == 202: 3193 deserialized = self._deserialize('CertificateOperation', response) 3194 3195 if raw: 3196 client_raw_response = ClientRawResponse(deserialized, response) 3197 return client_raw_response 3198 3199 return deserialized 3200 create_certificate.metadata = {'url': '/certificates/{certificate-name}/create'} 3201 3202 def import_certificate( 3203 self, vault_base_url, certificate_name, base64_encoded_certificate, password=None, certificate_policy=None, certificate_attributes=None, tags=None, custom_headers=None, raw=False, **operation_config): 3204 """Imports a certificate into a specified key vault. 3205 3206 Imports an existing valid certificate, containing a private key, into 3207 Azure Key Vault. The certificate to be imported can be in either PFX or 3208 PEM format. If the certificate is in PEM format the PEM file must 3209 contain the key as well as x509 certificates. This operation requires 3210 the certificates/import permission. 3211 3212 :param vault_base_url: The vault name, for example 3213 https://myvault.vault.azure.net. 3214 :type vault_base_url: str 3215 :param certificate_name: The name of the certificate. 3216 :type certificate_name: str 3217 :param base64_encoded_certificate: Base64 encoded representation of 3218 the certificate object to import. This certificate needs to contain 3219 the private key. 3220 :type base64_encoded_certificate: str 3221 :param password: If the private key in base64EncodedCertificate is 3222 encrypted, the password used for encryption. 3223 :type password: str 3224 :param certificate_policy: The management policy for the certificate. 3225 :type certificate_policy: 3226 ~azure.keyvault.v7_0.models.CertificatePolicy 3227 :param certificate_attributes: The attributes of the certificate 3228 (optional). 3229 :type certificate_attributes: 3230 ~azure.keyvault.v7_0.models.CertificateAttributes 3231 :param tags: Application specific metadata in the form of key-value 3232 pairs. 3233 :type tags: dict[str, str] 3234 :param dict custom_headers: headers that will be added to the request 3235 :param bool raw: returns the direct response alongside the 3236 deserialized response 3237 :param operation_config: :ref:`Operation configuration 3238 overrides<msrest:optionsforoperations>`. 3239 :return: CertificateBundle or ClientRawResponse if raw=true 3240 :rtype: ~azure.keyvault.v7_0.models.CertificateBundle or 3241 ~msrest.pipeline.ClientRawResponse 3242 :raises: 3243 :class:`KeyVaultErrorException<azure.keyvault.v7_0.models.KeyVaultErrorException>` 3244 """ 3245 parameters = models.CertificateImportParameters(base64_encoded_certificate=base64_encoded_certificate, password=password, certificate_policy=certificate_policy, certificate_attributes=certificate_attributes, tags=tags) 3246 3247 # Construct URL 3248 url = self.import_certificate.metadata['url'] 3249 path_format_arguments = { 3250 'vaultBaseUrl': self._serialize.url("vault_base_url", vault_base_url, 'str', skip_quote=True), 3251 'certificate-name': self._serialize.url("certificate_name", certificate_name, 'str', pattern=r'^[0-9a-zA-Z-]+$') 3252 } 3253 url = self._client.format_url(url, **path_format_arguments) 3254 3255 # Construct parameters 3256 query_parameters = {} 3257 query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') 3258 3259 # Construct headers 3260 header_parameters = {} 3261 header_parameters['Content-Type'] = 'application/json; charset=utf-8' 3262 if self.config.generate_client_request_id: 3263 header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) 3264 if custom_headers: 3265 header_parameters.update(custom_headers) 3266 if self.config.accept_language is not None: 3267 header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') 3268 3269 # Construct body 3270 body_content = self._serialize.body(parameters, 'CertificateImportParameters') 3271 3272 # Construct and send request 3273 request = self._client.post(url, query_parameters) 3274 response = self._client.send( 3275 request, header_parameters, body_content, stream=False, **operation_config) 3276 3277 if response.status_code not in [200]: 3278 raise models.KeyVaultErrorException(self._deserialize, response) 3279 3280 deserialized = None 3281 3282 if response.status_code == 200: 3283 deserialized = self._deserialize('CertificateBundle', response) 3284 3285 if raw: 3286 client_raw_response = ClientRawResponse(deserialized, response) 3287 return client_raw_response 3288 3289 return deserialized 3290 import_certificate.metadata = {'url': '/certificates/{certificate-name}/import'} 3291 3292 def get_certificate_versions( 3293 self, vault_base_url, certificate_name, maxresults=None, custom_headers=None, raw=False, **operation_config): 3294 """List the versions of a certificate. 3295 3296 The GetCertificateVersions operation returns the versions of a 3297 certificate in the specified key vault. This operation requires the 3298 certificates/list permission. 3299 3300 :param vault_base_url: The vault name, for example 3301 https://myvault.vault.azure.net. 3302 :type vault_base_url: str 3303 :param certificate_name: The name of the certificate. 3304 :type certificate_name: str 3305 :param maxresults: Maximum number of results to return in a page. If 3306 not specified the service will return up to 25 results. 3307 :type maxresults: int 3308 :param dict custom_headers: headers that will be added to the request 3309 :param bool raw: returns the direct response alongside the 3310 deserialized response 3311 :param operation_config: :ref:`Operation configuration 3312 overrides<msrest:optionsforoperations>`. 3313 :return: An iterator like instance of CertificateItem 3314 :rtype: 3315 ~azure.keyvault.v7_0.models.CertificateItemPaged[~azure.keyvault.v7_0.models.CertificateItem] 3316 :raises: 3317 :class:`KeyVaultErrorException<azure.keyvault.v7_0.models.KeyVaultErrorException>` 3318 """ 3319 def internal_paging(next_link=None, raw=False): 3320 3321 if not next_link: 3322 # Construct URL 3323 url = self.get_certificate_versions.metadata['url'] 3324 path_format_arguments = { 3325 'vaultBaseUrl': self._serialize.url("vault_base_url", vault_base_url, 'str', skip_quote=True), 3326 'certificate-name': self._serialize.url("certificate_name", certificate_name, 'str') 3327 } 3328 url = self._client.format_url(url, **path_format_arguments) 3329 3330 # Construct parameters 3331 query_parameters = {} 3332 if maxresults is not None: 3333 query_parameters['maxresults'] = self._serialize.query("maxresults", maxresults, 'int', maximum=25, minimum=1) 3334 query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') 3335 3336 else: 3337 url = next_link 3338 query_parameters = {} 3339 3340 # Construct headers 3341 header_parameters = {} 3342 header_parameters['Content-Type'] = 'application/json; charset=utf-8' 3343 if self.config.generate_client_request_id: 3344 header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) 3345 if custom_headers: 3346 header_parameters.update(custom_headers) 3347 if self.config.accept_language is not None: 3348 header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') 3349 3350 # Construct and send request 3351 request = self._client.get(url, query_parameters) 3352 response = self._client.send( 3353 request, header_parameters, stream=False, **operation_config) 3354 3355 if response.status_code not in [200]: 3356 raise models.KeyVaultErrorException(self._deserialize, response) 3357 3358 return response 3359 3360 # Deserialize response 3361 deserialized = models.CertificateItemPaged(internal_paging, self._deserialize.dependencies) 3362 3363 if raw: 3364 header_dict = {} 3365 client_raw_response = models.CertificateItemPaged(internal_paging, self._deserialize.dependencies, header_dict) 3366 return client_raw_response 3367 3368 return deserialized 3369 get_certificate_versions.metadata = {'url': '/certificates/{certificate-name}/versions'} 3370 3371 def get_certificate_policy( 3372 self, vault_base_url, certificate_name, custom_headers=None, raw=False, **operation_config): 3373 """Lists the policy for a certificate. 3374 3375 The GetCertificatePolicy operation returns the specified certificate 3376 policy resources in the specified key vault. This operation requires 3377 the certificates/get permission. 3378 3379 :param vault_base_url: The vault name, for example 3380 https://myvault.vault.azure.net. 3381 :type vault_base_url: str 3382 :param certificate_name: The name of the certificate in a given key 3383 vault. 3384 :type certificate_name: str 3385 :param dict custom_headers: headers that will be added to the request 3386 :param bool raw: returns the direct response alongside the 3387 deserialized response 3388 :param operation_config: :ref:`Operation configuration 3389 overrides<msrest:optionsforoperations>`. 3390 :return: CertificatePolicy or ClientRawResponse if raw=true 3391 :rtype: ~azure.keyvault.v7_0.models.CertificatePolicy or 3392 ~msrest.pipeline.ClientRawResponse 3393 :raises: 3394 :class:`KeyVaultErrorException<azure.keyvault.v7_0.models.KeyVaultErrorException>` 3395 """ 3396 # Construct URL 3397 url = self.get_certificate_policy.metadata['url'] 3398 path_format_arguments = { 3399 'vaultBaseUrl': self._serialize.url("vault_base_url", vault_base_url, 'str', skip_quote=True), 3400 'certificate-name': self._serialize.url("certificate_name", certificate_name, 'str') 3401 } 3402 url = self._client.format_url(url, **path_format_arguments) 3403 3404 # Construct parameters 3405 query_parameters = {} 3406 query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') 3407 3408 # Construct headers 3409 header_parameters = {} 3410 header_parameters['Content-Type'] = 'application/json; charset=utf-8' 3411 if self.config.generate_client_request_id: 3412 header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) 3413 if custom_headers: 3414 header_parameters.update(custom_headers) 3415 if self.config.accept_language is not None: 3416 header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') 3417 3418 # Construct and send request 3419 request = self._client.get(url, query_parameters) 3420 response = self._client.send(request, header_parameters, stream=False, **operation_config) 3421 3422 if response.status_code not in [200]: 3423 raise models.KeyVaultErrorException(self._deserialize, response) 3424 3425 deserialized = None 3426 3427 if response.status_code == 200: 3428 deserialized = self._deserialize('CertificatePolicy', response) 3429 3430 if raw: 3431 client_raw_response = ClientRawResponse(deserialized, response) 3432 return client_raw_response 3433 3434 return deserialized 3435 get_certificate_policy.metadata = {'url': '/certificates/{certificate-name}/policy'} 3436 3437 def update_certificate_policy( 3438 self, vault_base_url, certificate_name, certificate_policy, custom_headers=None, raw=False, **operation_config): 3439 """Updates the policy for a certificate. 3440 3441 Set specified members in the certificate policy. Leave others as null. 3442 This operation requires the certificates/update permission. 3443 3444 :param vault_base_url: The vault name, for example 3445 https://myvault.vault.azure.net. 3446 :type vault_base_url: str 3447 :param certificate_name: The name of the certificate in the given 3448 vault. 3449 :type certificate_name: str 3450 :param certificate_policy: The policy for the certificate. 3451 :type certificate_policy: 3452 ~azure.keyvault.v7_0.models.CertificatePolicy 3453 :param dict custom_headers: headers that will be added to the request 3454 :param bool raw: returns the direct response alongside the 3455 deserialized response 3456 :param operation_config: :ref:`Operation configuration 3457 overrides<msrest:optionsforoperations>`. 3458 :return: CertificatePolicy or ClientRawResponse if raw=true 3459 :rtype: ~azure.keyvault.v7_0.models.CertificatePolicy or 3460 ~msrest.pipeline.ClientRawResponse 3461 :raises: 3462 :class:`KeyVaultErrorException<azure.keyvault.v7_0.models.KeyVaultErrorException>` 3463 """ 3464 # Construct URL 3465 url = self.update_certificate_policy.metadata['url'] 3466 path_format_arguments = { 3467 'vaultBaseUrl': self._serialize.url("vault_base_url", vault_base_url, 'str', skip_quote=True), 3468 'certificate-name': self._serialize.url("certificate_name", certificate_name, 'str') 3469 } 3470 url = self._client.format_url(url, **path_format_arguments) 3471 3472 # Construct parameters 3473 query_parameters = {} 3474 query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') 3475 3476 # Construct headers 3477 header_parameters = {} 3478 header_parameters['Content-Type'] = 'application/json; charset=utf-8' 3479 if self.config.generate_client_request_id: 3480 header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) 3481 if custom_headers: 3482 header_parameters.update(custom_headers) 3483 if self.config.accept_language is not None: 3484 header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') 3485 3486 # Construct body 3487 body_content = self._serialize.body(certificate_policy, 'CertificatePolicy') 3488 3489 # Construct and send request 3490 request = self._client.patch(url, query_parameters) 3491 response = self._client.send( 3492 request, header_parameters, body_content, stream=False, **operation_config) 3493 3494 if response.status_code not in [200]: 3495 raise models.KeyVaultErrorException(self._deserialize, response) 3496 3497 deserialized = None 3498 3499 if response.status_code == 200: 3500 deserialized = self._deserialize('CertificatePolicy', response) 3501 3502 if raw: 3503 client_raw_response = ClientRawResponse(deserialized, response) 3504 return client_raw_response 3505 3506 return deserialized 3507 update_certificate_policy.metadata = {'url': '/certificates/{certificate-name}/policy'} 3508 3509 def update_certificate( 3510 self, vault_base_url, certificate_name, certificate_version, certificate_policy=None, certificate_attributes=None, tags=None, custom_headers=None, raw=False, **operation_config): 3511 """Updates the specified attributes associated with the given certificate. 3512 3513 The UpdateCertificate operation applies the specified update on the 3514 given certificate; the only elements updated are the certificate's 3515 attributes. This operation requires the certificates/update permission. 3516 3517 :param vault_base_url: The vault name, for example 3518 https://myvault.vault.azure.net. 3519 :type vault_base_url: str 3520 :param certificate_name: The name of the certificate in the given key 3521 vault. 3522 :type certificate_name: str 3523 :param certificate_version: The version of the certificate. 3524 :type certificate_version: str 3525 :param certificate_policy: The management policy for the certificate. 3526 :type certificate_policy: 3527 ~azure.keyvault.v7_0.models.CertificatePolicy 3528 :param certificate_attributes: The attributes of the certificate 3529 (optional). 3530 :type certificate_attributes: 3531 ~azure.keyvault.v7_0.models.CertificateAttributes 3532 :param tags: Application specific metadata in the form of key-value 3533 pairs. 3534 :type tags: dict[str, str] 3535 :param dict custom_headers: headers that will be added to the request 3536 :param bool raw: returns the direct response alongside the 3537 deserialized response 3538 :param operation_config: :ref:`Operation configuration 3539 overrides<msrest:optionsforoperations>`. 3540 :return: CertificateBundle or ClientRawResponse if raw=true 3541 :rtype: ~azure.keyvault.v7_0.models.CertificateBundle or 3542 ~msrest.pipeline.ClientRawResponse 3543 :raises: 3544 :class:`KeyVaultErrorException<azure.keyvault.v7_0.models.KeyVaultErrorException>` 3545 """ 3546 parameters = models.CertificateUpdateParameters(certificate_policy=certificate_policy, certificate_attributes=certificate_attributes, tags=tags) 3547 3548 # Construct URL 3549 url = self.update_certificate.metadata['url'] 3550 path_format_arguments = { 3551 'vaultBaseUrl': self._serialize.url("vault_base_url", vault_base_url, 'str', skip_quote=True), 3552 'certificate-name': self._serialize.url("certificate_name", certificate_name, 'str'), 3553 'certificate-version': self._serialize.url("certificate_version", certificate_version, 'str') 3554 } 3555 url = self._client.format_url(url, **path_format_arguments) 3556 3557 # Construct parameters 3558 query_parameters = {} 3559 query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') 3560 3561 # Construct headers 3562 header_parameters = {} 3563 header_parameters['Content-Type'] = 'application/json; charset=utf-8' 3564 if self.config.generate_client_request_id: 3565 header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) 3566 if custom_headers: 3567 header_parameters.update(custom_headers) 3568 if self.config.accept_language is not None: 3569 header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') 3570 3571 # Construct body 3572 body_content = self._serialize.body(parameters, 'CertificateUpdateParameters') 3573 3574 # Construct and send request 3575 request = self._client.patch(url, query_parameters) 3576 response = self._client.send( 3577 request, header_parameters, body_content, stream=False, **operation_config) 3578 3579 if response.status_code not in [200]: 3580 raise models.KeyVaultErrorException(self._deserialize, response) 3581 3582 deserialized = None 3583 3584 if response.status_code == 200: 3585 deserialized = self._deserialize('CertificateBundle', response) 3586 3587 if raw: 3588 client_raw_response = ClientRawResponse(deserialized, response) 3589 return client_raw_response 3590 3591 return deserialized 3592 update_certificate.metadata = {'url': '/certificates/{certificate-name}/{certificate-version}'} 3593 3594 def get_certificate( 3595 self, vault_base_url, certificate_name, certificate_version, custom_headers=None, raw=False, **operation_config): 3596 """Gets information about a certificate. 3597 3598 Gets information about a specific certificate. This operation requires 3599 the certificates/get permission. 3600 3601 :param vault_base_url: The vault name, for example 3602 https://myvault.vault.azure.net. 3603 :type vault_base_url: str 3604 :param certificate_name: The name of the certificate in the given 3605 vault. 3606 :type certificate_name: str 3607 :param certificate_version: The version of the certificate. 3608 :type certificate_version: str 3609 :param dict custom_headers: headers that will be added to the request 3610 :param bool raw: returns the direct response alongside the 3611 deserialized response 3612 :param operation_config: :ref:`Operation configuration 3613 overrides<msrest:optionsforoperations>`. 3614 :return: CertificateBundle or ClientRawResponse if raw=true 3615 :rtype: ~azure.keyvault.v7_0.models.CertificateBundle or 3616 ~msrest.pipeline.ClientRawResponse 3617 :raises: 3618 :class:`KeyVaultErrorException<azure.keyvault.v7_0.models.KeyVaultErrorException>` 3619 """ 3620 # Construct URL 3621 url = self.get_certificate.metadata['url'] 3622 path_format_arguments = { 3623 'vaultBaseUrl': self._serialize.url("vault_base_url", vault_base_url, 'str', skip_quote=True), 3624 'certificate-name': self._serialize.url("certificate_name", certificate_name, 'str'), 3625 'certificate-version': self._serialize.url("certificate_version", certificate_version, 'str') 3626 } 3627 url = self._client.format_url(url, **path_format_arguments) 3628 3629 # Construct parameters 3630 query_parameters = {} 3631 query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') 3632 3633 # Construct headers 3634 header_parameters = {} 3635 header_parameters['Content-Type'] = 'application/json; charset=utf-8' 3636 if self.config.generate_client_request_id: 3637 header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) 3638 if custom_headers: 3639 header_parameters.update(custom_headers) 3640 if self.config.accept_language is not None: 3641 header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') 3642 3643 # Construct and send request 3644 request = self._client.get(url, query_parameters) 3645 response = self._client.send(request, header_parameters, stream=False, **operation_config) 3646 3647 if response.status_code not in [200]: 3648 raise models.KeyVaultErrorException(self._deserialize, response) 3649 3650 deserialized = None 3651 3652 if response.status_code == 200: 3653 deserialized = self._deserialize('CertificateBundle', response) 3654 3655 if raw: 3656 client_raw_response = ClientRawResponse(deserialized, response) 3657 return client_raw_response 3658 3659 return deserialized 3660 get_certificate.metadata = {'url': '/certificates/{certificate-name}/{certificate-version}'} 3661 3662 def update_certificate_operation( 3663 self, vault_base_url, certificate_name, cancellation_requested, custom_headers=None, raw=False, **operation_config): 3664 """Updates a certificate operation. 3665 3666 Updates a certificate creation operation that is already in progress. 3667 This operation requires the certificates/update permission. 3668 3669 :param vault_base_url: The vault name, for example 3670 https://myvault.vault.azure.net. 3671 :type vault_base_url: str 3672 :param certificate_name: The name of the certificate. 3673 :type certificate_name: str 3674 :param cancellation_requested: Indicates if cancellation was requested 3675 on the certificate operation. 3676 :type cancellation_requested: bool 3677 :param dict custom_headers: headers that will be added to the request 3678 :param bool raw: returns the direct response alongside the 3679 deserialized response 3680 :param operation_config: :ref:`Operation configuration 3681 overrides<msrest:optionsforoperations>`. 3682 :return: CertificateOperation or ClientRawResponse if raw=true 3683 :rtype: ~azure.keyvault.v7_0.models.CertificateOperation or 3684 ~msrest.pipeline.ClientRawResponse 3685 :raises: 3686 :class:`KeyVaultErrorException<azure.keyvault.v7_0.models.KeyVaultErrorException>` 3687 """ 3688 certificate_operation = models.CertificateOperationUpdateParameter(cancellation_requested=cancellation_requested) 3689 3690 # Construct URL 3691 url = self.update_certificate_operation.metadata['url'] 3692 path_format_arguments = { 3693 'vaultBaseUrl': self._serialize.url("vault_base_url", vault_base_url, 'str', skip_quote=True), 3694 'certificate-name': self._serialize.url("certificate_name", certificate_name, 'str') 3695 } 3696 url = self._client.format_url(url, **path_format_arguments) 3697 3698 # Construct parameters 3699 query_parameters = {} 3700 query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') 3701 3702 # Construct headers 3703 header_parameters = {} 3704 header_parameters['Content-Type'] = 'application/json; charset=utf-8' 3705 if self.config.generate_client_request_id: 3706 header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) 3707 if custom_headers: 3708 header_parameters.update(custom_headers) 3709 if self.config.accept_language is not None: 3710 header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') 3711 3712 # Construct body 3713 body_content = self._serialize.body(certificate_operation, 'CertificateOperationUpdateParameter') 3714 3715 # Construct and send request 3716 request = self._client.patch(url, query_parameters) 3717 response = self._client.send( 3718 request, header_parameters, body_content, stream=False, **operation_config) 3719 3720 if response.status_code not in [200]: 3721 raise models.KeyVaultErrorException(self._deserialize, response) 3722 3723 deserialized = None 3724 3725 if response.status_code == 200: 3726 deserialized = self._deserialize('CertificateOperation', response) 3727 3728 if raw: 3729 client_raw_response = ClientRawResponse(deserialized, response) 3730 return client_raw_response 3731 3732 return deserialized 3733 update_certificate_operation.metadata = {'url': '/certificates/{certificate-name}/pending'} 3734 3735 def get_certificate_operation( 3736 self, vault_base_url, certificate_name, custom_headers=None, raw=False, **operation_config): 3737 """Gets the creation operation of a certificate. 3738 3739 Gets the creation operation associated with a specified certificate. 3740 This operation requires the certificates/get permission. 3741 3742 :param vault_base_url: The vault name, for example 3743 https://myvault.vault.azure.net. 3744 :type vault_base_url: str 3745 :param certificate_name: The name of the certificate. 3746 :type certificate_name: str 3747 :param dict custom_headers: headers that will be added to the request 3748 :param bool raw: returns the direct response alongside the 3749 deserialized response 3750 :param operation_config: :ref:`Operation configuration 3751 overrides<msrest:optionsforoperations>`. 3752 :return: CertificateOperation or ClientRawResponse if raw=true 3753 :rtype: ~azure.keyvault.v7_0.models.CertificateOperation or 3754 ~msrest.pipeline.ClientRawResponse 3755 :raises: 3756 :class:`KeyVaultErrorException<azure.keyvault.v7_0.models.KeyVaultErrorException>` 3757 """ 3758 # Construct URL 3759 url = self.get_certificate_operation.metadata['url'] 3760 path_format_arguments = { 3761 'vaultBaseUrl': self._serialize.url("vault_base_url", vault_base_url, 'str', skip_quote=True), 3762 'certificate-name': self._serialize.url("certificate_name", certificate_name, 'str') 3763 } 3764 url = self._client.format_url(url, **path_format_arguments) 3765 3766 # Construct parameters 3767 query_parameters = {} 3768 query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') 3769 3770 # Construct headers 3771 header_parameters = {} 3772 header_parameters['Content-Type'] = 'application/json; charset=utf-8' 3773 if self.config.generate_client_request_id: 3774 header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) 3775 if custom_headers: 3776 header_parameters.update(custom_headers) 3777 if self.config.accept_language is not None: 3778 header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') 3779 3780 # Construct and send request 3781 request = self._client.get(url, query_parameters) 3782 response = self._client.send(request, header_parameters, stream=False, **operation_config) 3783 3784 if response.status_code not in [200]: 3785 raise models.KeyVaultErrorException(self._deserialize, response) 3786 3787 deserialized = None 3788 3789 if response.status_code == 200: 3790 deserialized = self._deserialize('CertificateOperation', response) 3791 3792 if raw: 3793 client_raw_response = ClientRawResponse(deserialized, response) 3794 return client_raw_response 3795 3796 return deserialized 3797 get_certificate_operation.metadata = {'url': '/certificates/{certificate-name}/pending'} 3798 3799 def delete_certificate_operation( 3800 self, vault_base_url, certificate_name, custom_headers=None, raw=False, **operation_config): 3801 """Deletes the creation operation for a specific certificate. 3802 3803 Deletes the creation operation for a specified certificate that is in 3804 the process of being created. The certificate is no longer created. 3805 This operation requires the certificates/update permission. 3806 3807 :param vault_base_url: The vault name, for example 3808 https://myvault.vault.azure.net. 3809 :type vault_base_url: str 3810 :param certificate_name: The name of the certificate. 3811 :type certificate_name: str 3812 :param dict custom_headers: headers that will be added to the request 3813 :param bool raw: returns the direct response alongside the 3814 deserialized response 3815 :param operation_config: :ref:`Operation configuration 3816 overrides<msrest:optionsforoperations>`. 3817 :return: CertificateOperation or ClientRawResponse if raw=true 3818 :rtype: ~azure.keyvault.v7_0.models.CertificateOperation or 3819 ~msrest.pipeline.ClientRawResponse 3820 :raises: 3821 :class:`KeyVaultErrorException<azure.keyvault.v7_0.models.KeyVaultErrorException>` 3822 """ 3823 # Construct URL 3824 url = self.delete_certificate_operation.metadata['url'] 3825 path_format_arguments = { 3826 'vaultBaseUrl': self._serialize.url("vault_base_url", vault_base_url, 'str', skip_quote=True), 3827 'certificate-name': self._serialize.url("certificate_name", certificate_name, 'str') 3828 } 3829 url = self._client.format_url(url, **path_format_arguments) 3830 3831 # Construct parameters 3832 query_parameters = {} 3833 query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') 3834 3835 # Construct headers 3836 header_parameters = {} 3837 header_parameters['Content-Type'] = 'application/json; charset=utf-8' 3838 if self.config.generate_client_request_id: 3839 header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) 3840 if custom_headers: 3841 header_parameters.update(custom_headers) 3842 if self.config.accept_language is not None: 3843 header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') 3844 3845 # Construct and send request 3846 request = self._client.delete(url, query_parameters) 3847 response = self._client.send(request, header_parameters, stream=False, **operation_config) 3848 3849 if response.status_code not in [200]: 3850 raise models.KeyVaultErrorException(self._deserialize, response) 3851 3852 deserialized = None 3853 3854 if response.status_code == 200: 3855 deserialized = self._deserialize('CertificateOperation', response) 3856 3857 if raw: 3858 client_raw_response = ClientRawResponse(deserialized, response) 3859 return client_raw_response 3860 3861 return deserialized 3862 delete_certificate_operation.metadata = {'url': '/certificates/{certificate-name}/pending'} 3863 3864 def merge_certificate( 3865 self, vault_base_url, certificate_name, x509_certificates, certificate_attributes=None, tags=None, custom_headers=None, raw=False, **operation_config): 3866 """Merges a certificate or a certificate chain with a key pair existing on 3867 the server. 3868 3869 The MergeCertificate operation performs the merging of a certificate or 3870 certificate chain with a key pair currently available in the service. 3871 This operation requires the certificates/create permission. 3872 3873 :param vault_base_url: The vault name, for example 3874 https://myvault.vault.azure.net. 3875 :type vault_base_url: str 3876 :param certificate_name: The name of the certificate. 3877 :type certificate_name: str 3878 :param x509_certificates: The certificate or the certificate chain to 3879 merge. 3880 :type x509_certificates: list[bytearray] 3881 :param certificate_attributes: The attributes of the certificate 3882 (optional). 3883 :type certificate_attributes: 3884 ~azure.keyvault.v7_0.models.CertificateAttributes 3885 :param tags: Application specific metadata in the form of key-value 3886 pairs. 3887 :type tags: dict[str, str] 3888 :param dict custom_headers: headers that will be added to the request 3889 :param bool raw: returns the direct response alongside the 3890 deserialized response 3891 :param operation_config: :ref:`Operation configuration 3892 overrides<msrest:optionsforoperations>`. 3893 :return: CertificateBundle or ClientRawResponse if raw=true 3894 :rtype: ~azure.keyvault.v7_0.models.CertificateBundle or 3895 ~msrest.pipeline.ClientRawResponse 3896 :raises: 3897 :class:`KeyVaultErrorException<azure.keyvault.v7_0.models.KeyVaultErrorException>` 3898 """ 3899 parameters = models.CertificateMergeParameters(x509_certificates=x509_certificates, certificate_attributes=certificate_attributes, tags=tags) 3900 3901 # Construct URL 3902 url = self.merge_certificate.metadata['url'] 3903 path_format_arguments = { 3904 'vaultBaseUrl': self._serialize.url("vault_base_url", vault_base_url, 'str', skip_quote=True), 3905 'certificate-name': self._serialize.url("certificate_name", certificate_name, 'str') 3906 } 3907 url = self._client.format_url(url, **path_format_arguments) 3908 3909 # Construct parameters 3910 query_parameters = {} 3911 query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') 3912 3913 # Construct headers 3914 header_parameters = {} 3915 header_parameters['Content-Type'] = 'application/json; charset=utf-8' 3916 if self.config.generate_client_request_id: 3917 header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) 3918 if custom_headers: 3919 header_parameters.update(custom_headers) 3920 if self.config.accept_language is not None: 3921 header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') 3922 3923 # Construct body 3924 body_content = self._serialize.body(parameters, 'CertificateMergeParameters') 3925 3926 # Construct and send request 3927 request = self._client.post(url, query_parameters) 3928 response = self._client.send( 3929 request, header_parameters, body_content, stream=False, **operation_config) 3930 3931 if response.status_code not in [201]: 3932 raise models.KeyVaultErrorException(self._deserialize, response) 3933 3934 deserialized = None 3935 3936 if response.status_code == 201: 3937 deserialized = self._deserialize('CertificateBundle', response) 3938 3939 if raw: 3940 client_raw_response = ClientRawResponse(deserialized, response) 3941 return client_raw_response 3942 3943 return deserialized 3944 merge_certificate.metadata = {'url': '/certificates/{certificate-name}/pending/merge'} 3945 3946 def backup_certificate( 3947 self, vault_base_url, certificate_name, custom_headers=None, raw=False, **operation_config): 3948 """Backs up the specified certificate. 3949 3950 Requests that a backup of the specified certificate be downloaded to 3951 the client. All versions of the certificate will be downloaded. This 3952 operation requires the certificates/backup permission. 3953 3954 :param vault_base_url: The vault name, for example 3955 https://myvault.vault.azure.net. 3956 :type vault_base_url: str 3957 :param certificate_name: The name of the certificate. 3958 :type certificate_name: str 3959 :param dict custom_headers: headers that will be added to the request 3960 :param bool raw: returns the direct response alongside the 3961 deserialized response 3962 :param operation_config: :ref:`Operation configuration 3963 overrides<msrest:optionsforoperations>`. 3964 :return: BackupCertificateResult or ClientRawResponse if raw=true 3965 :rtype: ~azure.keyvault.v7_0.models.BackupCertificateResult or 3966 ~msrest.pipeline.ClientRawResponse 3967 :raises: 3968 :class:`KeyVaultErrorException<azure.keyvault.v7_0.models.KeyVaultErrorException>` 3969 """ 3970 # Construct URL 3971 url = self.backup_certificate.metadata['url'] 3972 path_format_arguments = { 3973 'vaultBaseUrl': self._serialize.url("vault_base_url", vault_base_url, 'str', skip_quote=True), 3974 'certificate-name': self._serialize.url("certificate_name", certificate_name, 'str') 3975 } 3976 url = self._client.format_url(url, **path_format_arguments) 3977 3978 # Construct parameters 3979 query_parameters = {} 3980 query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') 3981 3982 # Construct headers 3983 header_parameters = {} 3984 header_parameters['Content-Type'] = 'application/json; charset=utf-8' 3985 if self.config.generate_client_request_id: 3986 header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) 3987 if custom_headers: 3988 header_parameters.update(custom_headers) 3989 if self.config.accept_language is not None: 3990 header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') 3991 3992 # Construct and send request 3993 request = self._client.post(url, query_parameters) 3994 response = self._client.send(request, header_parameters, stream=False, **operation_config) 3995 3996 if response.status_code not in [200]: 3997 raise models.KeyVaultErrorException(self._deserialize, response) 3998 3999 deserialized = None 4000 4001 if response.status_code == 200: 4002 deserialized = self._deserialize('BackupCertificateResult', response) 4003 4004 if raw: 4005 client_raw_response = ClientRawResponse(deserialized, response) 4006 return client_raw_response 4007 4008 return deserialized 4009 backup_certificate.metadata = {'url': '/certificates/{certificate-name}/backup'} 4010 4011 def restore_certificate( 4012 self, vault_base_url, certificate_bundle_backup, custom_headers=None, raw=False, **operation_config): 4013 """Restores a backed up certificate to a vault. 4014 4015 Restores a backed up certificate, and all its versions, to a vault. 4016 This operation requires the certificates/restore permission. 4017 4018 :param vault_base_url: The vault name, for example 4019 https://myvault.vault.azure.net. 4020 :type vault_base_url: str 4021 :param certificate_bundle_backup: The backup blob associated with a 4022 certificate bundle. 4023 :type certificate_bundle_backup: bytes 4024 :param dict custom_headers: headers that will be added to the request 4025 :param bool raw: returns the direct response alongside the 4026 deserialized response 4027 :param operation_config: :ref:`Operation configuration 4028 overrides<msrest:optionsforoperations>`. 4029 :return: CertificateBundle or ClientRawResponse if raw=true 4030 :rtype: ~azure.keyvault.v7_0.models.CertificateBundle or 4031 ~msrest.pipeline.ClientRawResponse 4032 :raises: 4033 :class:`KeyVaultErrorException<azure.keyvault.v7_0.models.KeyVaultErrorException>` 4034 """ 4035 parameters = models.CertificateRestoreParameters(certificate_bundle_backup=certificate_bundle_backup) 4036 4037 # Construct URL 4038 url = self.restore_certificate.metadata['url'] 4039 path_format_arguments = { 4040 'vaultBaseUrl': self._serialize.url("vault_base_url", vault_base_url, 'str', skip_quote=True) 4041 } 4042 url = self._client.format_url(url, **path_format_arguments) 4043 4044 # Construct parameters 4045 query_parameters = {} 4046 query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') 4047 4048 # Construct headers 4049 header_parameters = {} 4050 header_parameters['Content-Type'] = 'application/json; charset=utf-8' 4051 if self.config.generate_client_request_id: 4052 header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) 4053 if custom_headers: 4054 header_parameters.update(custom_headers) 4055 if self.config.accept_language is not None: 4056 header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') 4057 4058 # Construct body 4059 body_content = self._serialize.body(parameters, 'CertificateRestoreParameters') 4060 4061 # Construct and send request 4062 request = self._client.post(url, query_parameters) 4063 response = self._client.send( 4064 request, header_parameters, body_content, stream=False, **operation_config) 4065 4066 if response.status_code not in [200]: 4067 raise models.KeyVaultErrorException(self._deserialize, response) 4068 4069 deserialized = None 4070 4071 if response.status_code == 200: 4072 deserialized = self._deserialize('CertificateBundle', response) 4073 4074 if raw: 4075 client_raw_response = ClientRawResponse(deserialized, response) 4076 return client_raw_response 4077 4078 return deserialized 4079 restore_certificate.metadata = {'url': '/certificates/restore'} 4080 4081 def get_deleted_certificates( 4082 self, vault_base_url, maxresults=None, include_pending=None, custom_headers=None, raw=False, **operation_config): 4083 """Lists the deleted certificates in the specified vault currently 4084 available for recovery. 4085 4086 The GetDeletedCertificates operation retrieves the certificates in the 4087 current vault which are in a deleted state and ready for recovery or 4088 purging. This operation includes deletion-specific information. This 4089 operation requires the certificates/get/list permission. This operation 4090 can only be enabled on soft-delete enabled vaults. 4091 4092 :param vault_base_url: The vault name, for example 4093 https://myvault.vault.azure.net. 4094 :type vault_base_url: str 4095 :param maxresults: Maximum number of results to return in a page. If 4096 not specified the service will return up to 25 results. 4097 :type maxresults: int 4098 :param include_pending: Specifies whether to include certificates 4099 which are not completely provisioned. 4100 :type include_pending: bool 4101 :param dict custom_headers: headers that will be added to the request 4102 :param bool raw: returns the direct response alongside the 4103 deserialized response 4104 :param operation_config: :ref:`Operation configuration 4105 overrides<msrest:optionsforoperations>`. 4106 :return: An iterator like instance of DeletedCertificateItem 4107 :rtype: 4108 ~azure.keyvault.v7_0.models.DeletedCertificateItemPaged[~azure.keyvault.v7_0.models.DeletedCertificateItem] 4109 :raises: 4110 :class:`KeyVaultErrorException<azure.keyvault.v7_0.models.KeyVaultErrorException>` 4111 """ 4112 def internal_paging(next_link=None, raw=False): 4113 4114 if not next_link: 4115 # Construct URL 4116 url = self.get_deleted_certificates.metadata['url'] 4117 path_format_arguments = { 4118 'vaultBaseUrl': self._serialize.url("vault_base_url", vault_base_url, 'str', skip_quote=True) 4119 } 4120 url = self._client.format_url(url, **path_format_arguments) 4121 4122 # Construct parameters 4123 query_parameters = {} 4124 if maxresults is not None: 4125 query_parameters['maxresults'] = self._serialize.query("maxresults", maxresults, 'int', maximum=25, minimum=1) 4126 if include_pending is not None: 4127 query_parameters['includePending'] = self._serialize.query("include_pending", include_pending, 'bool') 4128 query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') 4129 4130 else: 4131 url = next_link 4132 query_parameters = {} 4133 4134 # Construct headers 4135 header_parameters = {} 4136 header_parameters['Content-Type'] = 'application/json; charset=utf-8' 4137 if self.config.generate_client_request_id: 4138 header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) 4139 if custom_headers: 4140 header_parameters.update(custom_headers) 4141 if self.config.accept_language is not None: 4142 header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') 4143 4144 # Construct and send request 4145 request = self._client.get(url, query_parameters) 4146 response = self._client.send( 4147 request, header_parameters, stream=False, **operation_config) 4148 4149 if response.status_code not in [200]: 4150 raise models.KeyVaultErrorException(self._deserialize, response) 4151 4152 return response 4153 4154 # Deserialize response 4155 deserialized = models.DeletedCertificateItemPaged(internal_paging, self._deserialize.dependencies) 4156 4157 if raw: 4158 header_dict = {} 4159 client_raw_response = models.DeletedCertificateItemPaged(internal_paging, self._deserialize.dependencies, header_dict) 4160 return client_raw_response 4161 4162 return deserialized 4163 get_deleted_certificates.metadata = {'url': '/deletedcertificates'} 4164 4165 def get_deleted_certificate( 4166 self, vault_base_url, certificate_name, custom_headers=None, raw=False, **operation_config): 4167 """Retrieves information about the specified deleted certificate. 4168 4169 The GetDeletedCertificate operation retrieves the deleted certificate 4170 information plus its attributes, such as retention interval, scheduled 4171 permanent deletion and the current deletion recovery level. This 4172 operation requires the certificates/get permission. 4173 4174 :param vault_base_url: The vault name, for example 4175 https://myvault.vault.azure.net. 4176 :type vault_base_url: str 4177 :param certificate_name: The name of the certificate 4178 :type certificate_name: str 4179 :param dict custom_headers: headers that will be added to the request 4180 :param bool raw: returns the direct response alongside the 4181 deserialized response 4182 :param operation_config: :ref:`Operation configuration 4183 overrides<msrest:optionsforoperations>`. 4184 :return: DeletedCertificateBundle or ClientRawResponse if raw=true 4185 :rtype: ~azure.keyvault.v7_0.models.DeletedCertificateBundle or 4186 ~msrest.pipeline.ClientRawResponse 4187 :raises: 4188 :class:`KeyVaultErrorException<azure.keyvault.v7_0.models.KeyVaultErrorException>` 4189 """ 4190 # Construct URL 4191 url = self.get_deleted_certificate.metadata['url'] 4192 path_format_arguments = { 4193 'vaultBaseUrl': self._serialize.url("vault_base_url", vault_base_url, 'str', skip_quote=True), 4194 'certificate-name': self._serialize.url("certificate_name", certificate_name, 'str') 4195 } 4196 url = self._client.format_url(url, **path_format_arguments) 4197 4198 # Construct parameters 4199 query_parameters = {} 4200 query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') 4201 4202 # Construct headers 4203 header_parameters = {} 4204 header_parameters['Content-Type'] = 'application/json; charset=utf-8' 4205 if self.config.generate_client_request_id: 4206 header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) 4207 if custom_headers: 4208 header_parameters.update(custom_headers) 4209 if self.config.accept_language is not None: 4210 header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') 4211 4212 # Construct and send request 4213 request = self._client.get(url, query_parameters) 4214 response = self._client.send(request, header_parameters, stream=False, **operation_config) 4215 4216 if response.status_code not in [200]: 4217 raise models.KeyVaultErrorException(self._deserialize, response) 4218 4219 deserialized = None 4220 4221 if response.status_code == 200: 4222 deserialized = self._deserialize('DeletedCertificateBundle', response) 4223 4224 if raw: 4225 client_raw_response = ClientRawResponse(deserialized, response) 4226 return client_raw_response 4227 4228 return deserialized 4229 get_deleted_certificate.metadata = {'url': '/deletedcertificates/{certificate-name}'} 4230 4231 def purge_deleted_certificate( 4232 self, vault_base_url, certificate_name, custom_headers=None, raw=False, **operation_config): 4233 """Permanently deletes the specified deleted certificate. 4234 4235 The PurgeDeletedCertificate operation performs an irreversible deletion 4236 of the specified certificate, without possibility for recovery. The 4237 operation is not available if the recovery level does not specify 4238 'Purgeable'. This operation requires the certificate/purge permission. 4239 4240 :param vault_base_url: The vault name, for example 4241 https://myvault.vault.azure.net. 4242 :type vault_base_url: str 4243 :param certificate_name: The name of the certificate 4244 :type certificate_name: str 4245 :param dict custom_headers: headers that will be added to the request 4246 :param bool raw: returns the direct response alongside the 4247 deserialized response 4248 :param operation_config: :ref:`Operation configuration 4249 overrides<msrest:optionsforoperations>`. 4250 :return: None or ClientRawResponse if raw=true 4251 :rtype: None or ~msrest.pipeline.ClientRawResponse 4252 :raises: 4253 :class:`KeyVaultErrorException<azure.keyvault.v7_0.models.KeyVaultErrorException>` 4254 """ 4255 # Construct URL 4256 url = self.purge_deleted_certificate.metadata['url'] 4257 path_format_arguments = { 4258 'vaultBaseUrl': self._serialize.url("vault_base_url", vault_base_url, 'str', skip_quote=True), 4259 'certificate-name': self._serialize.url("certificate_name", certificate_name, 'str') 4260 } 4261 url = self._client.format_url(url, **path_format_arguments) 4262 4263 # Construct parameters 4264 query_parameters = {} 4265 query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') 4266 4267 # Construct headers 4268 header_parameters = {} 4269 header_parameters['Content-Type'] = 'application/json; charset=utf-8' 4270 if self.config.generate_client_request_id: 4271 header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) 4272 if custom_headers: 4273 header_parameters.update(custom_headers) 4274 if self.config.accept_language is not None: 4275 header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') 4276 4277 # Construct and send request 4278 request = self._client.delete(url, query_parameters) 4279 response = self._client.send(request, header_parameters, stream=False, **operation_config) 4280 4281 if response.status_code not in [204]: 4282 raise models.KeyVaultErrorException(self._deserialize, response) 4283 4284 if raw: 4285 client_raw_response = ClientRawResponse(None, response) 4286 return client_raw_response 4287 purge_deleted_certificate.metadata = {'url': '/deletedcertificates/{certificate-name}'} 4288 4289 def recover_deleted_certificate( 4290 self, vault_base_url, certificate_name, custom_headers=None, raw=False, **operation_config): 4291 """Recovers the deleted certificate back to its current version under 4292 /certificates. 4293 4294 The RecoverDeletedCertificate operation performs the reversal of the 4295 Delete operation. The operation is applicable in vaults enabled for 4296 soft-delete, and must be issued during the retention interval 4297 (available in the deleted certificate's attributes). This operation 4298 requires the certificates/recover permission. 4299 4300 :param vault_base_url: The vault name, for example 4301 https://myvault.vault.azure.net. 4302 :type vault_base_url: str 4303 :param certificate_name: The name of the deleted certificate 4304 :type certificate_name: str 4305 :param dict custom_headers: headers that will be added to the request 4306 :param bool raw: returns the direct response alongside the 4307 deserialized response 4308 :param operation_config: :ref:`Operation configuration 4309 overrides<msrest:optionsforoperations>`. 4310 :return: CertificateBundle or ClientRawResponse if raw=true 4311 :rtype: ~azure.keyvault.v7_0.models.CertificateBundle or 4312 ~msrest.pipeline.ClientRawResponse 4313 :raises: 4314 :class:`KeyVaultErrorException<azure.keyvault.v7_0.models.KeyVaultErrorException>` 4315 """ 4316 # Construct URL 4317 url = self.recover_deleted_certificate.metadata['url'] 4318 path_format_arguments = { 4319 'vaultBaseUrl': self._serialize.url("vault_base_url", vault_base_url, 'str', skip_quote=True), 4320 'certificate-name': self._serialize.url("certificate_name", certificate_name, 'str') 4321 } 4322 url = self._client.format_url(url, **path_format_arguments) 4323 4324 # Construct parameters 4325 query_parameters = {} 4326 query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') 4327 4328 # Construct headers 4329 header_parameters = {} 4330 header_parameters['Content-Type'] = 'application/json; charset=utf-8' 4331 if self.config.generate_client_request_id: 4332 header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) 4333 if custom_headers: 4334 header_parameters.update(custom_headers) 4335 if self.config.accept_language is not None: 4336 header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') 4337 4338 # Construct and send request 4339 request = self._client.post(url, query_parameters) 4340 response = self._client.send(request, header_parameters, stream=False, **operation_config) 4341 4342 if response.status_code not in [200]: 4343 raise models.KeyVaultErrorException(self._deserialize, response) 4344 4345 deserialized = None 4346 4347 if response.status_code == 200: 4348 deserialized = self._deserialize('CertificateBundle', response) 4349 4350 if raw: 4351 client_raw_response = ClientRawResponse(deserialized, response) 4352 return client_raw_response 4353 4354 return deserialized 4355 recover_deleted_certificate.metadata = {'url': '/deletedcertificates/{certificate-name}/recover'} 4356 4357 def get_storage_accounts( 4358 self, vault_base_url, maxresults=None, custom_headers=None, raw=False, **operation_config): 4359 """List storage accounts managed by the specified key vault. This 4360 operation requires the storage/list permission. 4361 4362 :param vault_base_url: The vault name, for example 4363 https://myvault.vault.azure.net. 4364 :type vault_base_url: str 4365 :param maxresults: Maximum number of results to return in a page. If 4366 not specified the service will return up to 25 results. 4367 :type maxresults: int 4368 :param dict custom_headers: headers that will be added to the request 4369 :param bool raw: returns the direct response alongside the 4370 deserialized response 4371 :param operation_config: :ref:`Operation configuration 4372 overrides<msrest:optionsforoperations>`. 4373 :return: An iterator like instance of StorageAccountItem 4374 :rtype: 4375 ~azure.keyvault.v7_0.models.StorageAccountItemPaged[~azure.keyvault.v7_0.models.StorageAccountItem] 4376 :raises: 4377 :class:`KeyVaultErrorException<azure.keyvault.v7_0.models.KeyVaultErrorException>` 4378 """ 4379 def internal_paging(next_link=None, raw=False): 4380 4381 if not next_link: 4382 # Construct URL 4383 url = self.get_storage_accounts.metadata['url'] 4384 path_format_arguments = { 4385 'vaultBaseUrl': self._serialize.url("vault_base_url", vault_base_url, 'str', skip_quote=True) 4386 } 4387 url = self._client.format_url(url, **path_format_arguments) 4388 4389 # Construct parameters 4390 query_parameters = {} 4391 if maxresults is not None: 4392 query_parameters['maxresults'] = self._serialize.query("maxresults", maxresults, 'int', maximum=25, minimum=1) 4393 query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') 4394 4395 else: 4396 url = next_link 4397 query_parameters = {} 4398 4399 # Construct headers 4400 header_parameters = {} 4401 header_parameters['Content-Type'] = 'application/json; charset=utf-8' 4402 if self.config.generate_client_request_id: 4403 header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) 4404 if custom_headers: 4405 header_parameters.update(custom_headers) 4406 if self.config.accept_language is not None: 4407 header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') 4408 4409 # Construct and send request 4410 request = self._client.get(url, query_parameters) 4411 response = self._client.send( 4412 request, header_parameters, stream=False, **operation_config) 4413 4414 if response.status_code not in [200]: 4415 raise models.KeyVaultErrorException(self._deserialize, response) 4416 4417 return response 4418 4419 # Deserialize response 4420 deserialized = models.StorageAccountItemPaged(internal_paging, self._deserialize.dependencies) 4421 4422 if raw: 4423 header_dict = {} 4424 client_raw_response = models.StorageAccountItemPaged(internal_paging, self._deserialize.dependencies, header_dict) 4425 return client_raw_response 4426 4427 return deserialized 4428 get_storage_accounts.metadata = {'url': '/storage'} 4429 4430 def get_deleted_storage_accounts( 4431 self, vault_base_url, maxresults=None, custom_headers=None, raw=False, **operation_config): 4432 """Lists deleted storage accounts for the specified vault. 4433 4434 The Get Deleted Storage Accounts operation returns the storage accounts 4435 that have been deleted for a vault enabled for soft-delete. This 4436 operation requires the storage/list permission. 4437 4438 :param vault_base_url: The vault name, for example 4439 https://myvault.vault.azure.net. 4440 :type vault_base_url: str 4441 :param maxresults: Maximum number of results to return in a page. If 4442 not specified the service will return up to 25 results. 4443 :type maxresults: int 4444 :param dict custom_headers: headers that will be added to the request 4445 :param bool raw: returns the direct response alongside the 4446 deserialized response 4447 :param operation_config: :ref:`Operation configuration 4448 overrides<msrest:optionsforoperations>`. 4449 :return: An iterator like instance of DeletedStorageAccountItem 4450 :rtype: 4451 ~azure.keyvault.v7_0.models.DeletedStorageAccountItemPaged[~azure.keyvault.v7_0.models.DeletedStorageAccountItem] 4452 :raises: 4453 :class:`KeyVaultErrorException<azure.keyvault.v7_0.models.KeyVaultErrorException>` 4454 """ 4455 def internal_paging(next_link=None, raw=False): 4456 4457 if not next_link: 4458 # Construct URL 4459 url = self.get_deleted_storage_accounts.metadata['url'] 4460 path_format_arguments = { 4461 'vaultBaseUrl': self._serialize.url("vault_base_url", vault_base_url, 'str', skip_quote=True) 4462 } 4463 url = self._client.format_url(url, **path_format_arguments) 4464 4465 # Construct parameters 4466 query_parameters = {} 4467 if maxresults is not None: 4468 query_parameters['maxresults'] = self._serialize.query("maxresults", maxresults, 'int', maximum=25, minimum=1) 4469 query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') 4470 4471 else: 4472 url = next_link 4473 query_parameters = {} 4474 4475 # Construct headers 4476 header_parameters = {} 4477 header_parameters['Content-Type'] = 'application/json; charset=utf-8' 4478 if self.config.generate_client_request_id: 4479 header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) 4480 if custom_headers: 4481 header_parameters.update(custom_headers) 4482 if self.config.accept_language is not None: 4483 header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') 4484 4485 # Construct and send request 4486 request = self._client.get(url, query_parameters) 4487 response = self._client.send( 4488 request, header_parameters, stream=False, **operation_config) 4489 4490 if response.status_code not in [200]: 4491 raise models.KeyVaultErrorException(self._deserialize, response) 4492 4493 return response 4494 4495 # Deserialize response 4496 deserialized = models.DeletedStorageAccountItemPaged(internal_paging, self._deserialize.dependencies) 4497 4498 if raw: 4499 header_dict = {} 4500 client_raw_response = models.DeletedStorageAccountItemPaged(internal_paging, self._deserialize.dependencies, header_dict) 4501 return client_raw_response 4502 4503 return deserialized 4504 get_deleted_storage_accounts.metadata = {'url': '/deletedstorage'} 4505 4506 def get_deleted_storage_account( 4507 self, vault_base_url, storage_account_name, custom_headers=None, raw=False, **operation_config): 4508 """Gets the specified deleted storage account. 4509 4510 The Get Deleted Storage Account operation returns the specified deleted 4511 storage account along with its attributes. This operation requires the 4512 storage/get permission. 4513 4514 :param vault_base_url: The vault name, for example 4515 https://myvault.vault.azure.net. 4516 :type vault_base_url: str 4517 :param storage_account_name: The name of the storage account. 4518 :type storage_account_name: str 4519 :param dict custom_headers: headers that will be added to the request 4520 :param bool raw: returns the direct response alongside the 4521 deserialized response 4522 :param operation_config: :ref:`Operation configuration 4523 overrides<msrest:optionsforoperations>`. 4524 :return: DeletedStorageBundle or ClientRawResponse if raw=true 4525 :rtype: ~azure.keyvault.v7_0.models.DeletedStorageBundle or 4526 ~msrest.pipeline.ClientRawResponse 4527 :raises: 4528 :class:`KeyVaultErrorException<azure.keyvault.v7_0.models.KeyVaultErrorException>` 4529 """ 4530 # Construct URL 4531 url = self.get_deleted_storage_account.metadata['url'] 4532 path_format_arguments = { 4533 'vaultBaseUrl': self._serialize.url("vault_base_url", vault_base_url, 'str', skip_quote=True), 4534 'storage-account-name': self._serialize.url("storage_account_name", storage_account_name, 'str', pattern=r'^[0-9a-zA-Z]+$') 4535 } 4536 url = self._client.format_url(url, **path_format_arguments) 4537 4538 # Construct parameters 4539 query_parameters = {} 4540 query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') 4541 4542 # Construct headers 4543 header_parameters = {} 4544 header_parameters['Content-Type'] = 'application/json; charset=utf-8' 4545 if self.config.generate_client_request_id: 4546 header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) 4547 if custom_headers: 4548 header_parameters.update(custom_headers) 4549 if self.config.accept_language is not None: 4550 header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') 4551 4552 # Construct and send request 4553 request = self._client.get(url, query_parameters) 4554 response = self._client.send(request, header_parameters, stream=False, **operation_config) 4555 4556 if response.status_code not in [200]: 4557 raise models.KeyVaultErrorException(self._deserialize, response) 4558 4559 deserialized = None 4560 4561 if response.status_code == 200: 4562 deserialized = self._deserialize('DeletedStorageBundle', response) 4563 4564 if raw: 4565 client_raw_response = ClientRawResponse(deserialized, response) 4566 return client_raw_response 4567 4568 return deserialized 4569 get_deleted_storage_account.metadata = {'url': '/deletedstorage/{storage-account-name}'} 4570 4571 def purge_deleted_storage_account( 4572 self, vault_base_url, storage_account_name, custom_headers=None, raw=False, **operation_config): 4573 """Permanently deletes the specified storage account. 4574 4575 The purge deleted storage account operation removes the secret 4576 permanently, without the possibility of recovery. This operation can 4577 only be performed on a soft-delete enabled vault. This operation 4578 requires the storage/purge permission. 4579 4580 :param vault_base_url: The vault name, for example 4581 https://myvault.vault.azure.net. 4582 :type vault_base_url: str 4583 :param storage_account_name: The name of the storage account. 4584 :type storage_account_name: str 4585 :param dict custom_headers: headers that will be added to the request 4586 :param bool raw: returns the direct response alongside the 4587 deserialized response 4588 :param operation_config: :ref:`Operation configuration 4589 overrides<msrest:optionsforoperations>`. 4590 :return: None or ClientRawResponse if raw=true 4591 :rtype: None or ~msrest.pipeline.ClientRawResponse 4592 :raises: 4593 :class:`KeyVaultErrorException<azure.keyvault.v7_0.models.KeyVaultErrorException>` 4594 """ 4595 # Construct URL 4596 url = self.purge_deleted_storage_account.metadata['url'] 4597 path_format_arguments = { 4598 'vaultBaseUrl': self._serialize.url("vault_base_url", vault_base_url, 'str', skip_quote=True), 4599 'storage-account-name': self._serialize.url("storage_account_name", storage_account_name, 'str', pattern=r'^[0-9a-zA-Z]+$') 4600 } 4601 url = self._client.format_url(url, **path_format_arguments) 4602 4603 # Construct parameters 4604 query_parameters = {} 4605 query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') 4606 4607 # Construct headers 4608 header_parameters = {} 4609 header_parameters['Content-Type'] = 'application/json; charset=utf-8' 4610 if self.config.generate_client_request_id: 4611 header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) 4612 if custom_headers: 4613 header_parameters.update(custom_headers) 4614 if self.config.accept_language is not None: 4615 header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') 4616 4617 # Construct and send request 4618 request = self._client.delete(url, query_parameters) 4619 response = self._client.send(request, header_parameters, stream=False, **operation_config) 4620 4621 if response.status_code not in [204]: 4622 raise models.KeyVaultErrorException(self._deserialize, response) 4623 4624 if raw: 4625 client_raw_response = ClientRawResponse(None, response) 4626 return client_raw_response 4627 purge_deleted_storage_account.metadata = {'url': '/deletedstorage/{storage-account-name}'} 4628 4629 def recover_deleted_storage_account( 4630 self, vault_base_url, storage_account_name, custom_headers=None, raw=False, **operation_config): 4631 """Recovers the deleted storage account. 4632 4633 Recovers the deleted storage account in the specified vault. This 4634 operation can only be performed on a soft-delete enabled vault. This 4635 operation requires the storage/recover permission. 4636 4637 :param vault_base_url: The vault name, for example 4638 https://myvault.vault.azure.net. 4639 :type vault_base_url: str 4640 :param storage_account_name: The name of the storage account. 4641 :type storage_account_name: str 4642 :param dict custom_headers: headers that will be added to the request 4643 :param bool raw: returns the direct response alongside the 4644 deserialized response 4645 :param operation_config: :ref:`Operation configuration 4646 overrides<msrest:optionsforoperations>`. 4647 :return: StorageBundle or ClientRawResponse if raw=true 4648 :rtype: ~azure.keyvault.v7_0.models.StorageBundle or 4649 ~msrest.pipeline.ClientRawResponse 4650 :raises: 4651 :class:`KeyVaultErrorException<azure.keyvault.v7_0.models.KeyVaultErrorException>` 4652 """ 4653 # Construct URL 4654 url = self.recover_deleted_storage_account.metadata['url'] 4655 path_format_arguments = { 4656 'vaultBaseUrl': self._serialize.url("vault_base_url", vault_base_url, 'str', skip_quote=True), 4657 'storage-account-name': self._serialize.url("storage_account_name", storage_account_name, 'str', pattern=r'^[0-9a-zA-Z]+$') 4658 } 4659 url = self._client.format_url(url, **path_format_arguments) 4660 4661 # Construct parameters 4662 query_parameters = {} 4663 query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') 4664 4665 # Construct headers 4666 header_parameters = {} 4667 header_parameters['Content-Type'] = 'application/json; charset=utf-8' 4668 if self.config.generate_client_request_id: 4669 header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) 4670 if custom_headers: 4671 header_parameters.update(custom_headers) 4672 if self.config.accept_language is not None: 4673 header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') 4674 4675 # Construct and send request 4676 request = self._client.post(url, query_parameters) 4677 response = self._client.send(request, header_parameters, stream=False, **operation_config) 4678 4679 if response.status_code not in [200]: 4680 raise models.KeyVaultErrorException(self._deserialize, response) 4681 4682 deserialized = None 4683 4684 if response.status_code == 200: 4685 deserialized = self._deserialize('StorageBundle', response) 4686 4687 if raw: 4688 client_raw_response = ClientRawResponse(deserialized, response) 4689 return client_raw_response 4690 4691 return deserialized 4692 recover_deleted_storage_account.metadata = {'url': '/deletedstorage/{storage-account-name}/recover'} 4693 4694 def backup_storage_account( 4695 self, vault_base_url, storage_account_name, custom_headers=None, raw=False, **operation_config): 4696 """Backs up the specified storage account. 4697 4698 Requests that a backup of the specified storage account be downloaded 4699 to the client. This operation requires the storage/backup permission. 4700 4701 :param vault_base_url: The vault name, for example 4702 https://myvault.vault.azure.net. 4703 :type vault_base_url: str 4704 :param storage_account_name: The name of the storage account. 4705 :type storage_account_name: str 4706 :param dict custom_headers: headers that will be added to the request 4707 :param bool raw: returns the direct response alongside the 4708 deserialized response 4709 :param operation_config: :ref:`Operation configuration 4710 overrides<msrest:optionsforoperations>`. 4711 :return: BackupStorageResult or ClientRawResponse if raw=true 4712 :rtype: ~azure.keyvault.v7_0.models.BackupStorageResult or 4713 ~msrest.pipeline.ClientRawResponse 4714 :raises: 4715 :class:`KeyVaultErrorException<azure.keyvault.v7_0.models.KeyVaultErrorException>` 4716 """ 4717 # Construct URL 4718 url = self.backup_storage_account.metadata['url'] 4719 path_format_arguments = { 4720 'vaultBaseUrl': self._serialize.url("vault_base_url", vault_base_url, 'str', skip_quote=True), 4721 'storage-account-name': self._serialize.url("storage_account_name", storage_account_name, 'str') 4722 } 4723 url = self._client.format_url(url, **path_format_arguments) 4724 4725 # Construct parameters 4726 query_parameters = {} 4727 query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') 4728 4729 # Construct headers 4730 header_parameters = {} 4731 header_parameters['Content-Type'] = 'application/json; charset=utf-8' 4732 if self.config.generate_client_request_id: 4733 header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) 4734 if custom_headers: 4735 header_parameters.update(custom_headers) 4736 if self.config.accept_language is not None: 4737 header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') 4738 4739 # Construct and send request 4740 request = self._client.post(url, query_parameters) 4741 response = self._client.send(request, header_parameters, stream=False, **operation_config) 4742 4743 if response.status_code not in [200]: 4744 raise models.KeyVaultErrorException(self._deserialize, response) 4745 4746 deserialized = None 4747 4748 if response.status_code == 200: 4749 deserialized = self._deserialize('BackupStorageResult', response) 4750 4751 if raw: 4752 client_raw_response = ClientRawResponse(deserialized, response) 4753 return client_raw_response 4754 4755 return deserialized 4756 backup_storage_account.metadata = {'url': '/storage/{storage-account-name}/backup'} 4757 4758 def restore_storage_account( 4759 self, vault_base_url, storage_bundle_backup, custom_headers=None, raw=False, **operation_config): 4760 """Restores a backed up storage account to a vault. 4761 4762 Restores a backed up storage account to a vault. This operation 4763 requires the storage/restore permission. 4764 4765 :param vault_base_url: The vault name, for example 4766 https://myvault.vault.azure.net. 4767 :type vault_base_url: str 4768 :param storage_bundle_backup: The backup blob associated with a 4769 storage account. 4770 :type storage_bundle_backup: bytes 4771 :param dict custom_headers: headers that will be added to the request 4772 :param bool raw: returns the direct response alongside the 4773 deserialized response 4774 :param operation_config: :ref:`Operation configuration 4775 overrides<msrest:optionsforoperations>`. 4776 :return: StorageBundle or ClientRawResponse if raw=true 4777 :rtype: ~azure.keyvault.v7_0.models.StorageBundle or 4778 ~msrest.pipeline.ClientRawResponse 4779 :raises: 4780 :class:`KeyVaultErrorException<azure.keyvault.v7_0.models.KeyVaultErrorException>` 4781 """ 4782 parameters = models.StorageRestoreParameters(storage_bundle_backup=storage_bundle_backup) 4783 4784 # Construct URL 4785 url = self.restore_storage_account.metadata['url'] 4786 path_format_arguments = { 4787 'vaultBaseUrl': self._serialize.url("vault_base_url", vault_base_url, 'str', skip_quote=True) 4788 } 4789 url = self._client.format_url(url, **path_format_arguments) 4790 4791 # Construct parameters 4792 query_parameters = {} 4793 query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') 4794 4795 # Construct headers 4796 header_parameters = {} 4797 header_parameters['Content-Type'] = 'application/json; charset=utf-8' 4798 if self.config.generate_client_request_id: 4799 header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) 4800 if custom_headers: 4801 header_parameters.update(custom_headers) 4802 if self.config.accept_language is not None: 4803 header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') 4804 4805 # Construct body 4806 body_content = self._serialize.body(parameters, 'StorageRestoreParameters') 4807 4808 # Construct and send request 4809 request = self._client.post(url, query_parameters) 4810 response = self._client.send( 4811 request, header_parameters, body_content, stream=False, **operation_config) 4812 4813 if response.status_code not in [200]: 4814 raise models.KeyVaultErrorException(self._deserialize, response) 4815 4816 deserialized = None 4817 4818 if response.status_code == 200: 4819 deserialized = self._deserialize('StorageBundle', response) 4820 4821 if raw: 4822 client_raw_response = ClientRawResponse(deserialized, response) 4823 return client_raw_response 4824 4825 return deserialized 4826 restore_storage_account.metadata = {'url': '/storage/restore'} 4827 4828 def delete_storage_account( 4829 self, vault_base_url, storage_account_name, custom_headers=None, raw=False, **operation_config): 4830 """Deletes a storage account. This operation requires the storage/delete 4831 permission. 4832 4833 :param vault_base_url: The vault name, for example 4834 https://myvault.vault.azure.net. 4835 :type vault_base_url: str 4836 :param storage_account_name: The name of the storage account. 4837 :type storage_account_name: str 4838 :param dict custom_headers: headers that will be added to the request 4839 :param bool raw: returns the direct response alongside the 4840 deserialized response 4841 :param operation_config: :ref:`Operation configuration 4842 overrides<msrest:optionsforoperations>`. 4843 :return: DeletedStorageBundle or ClientRawResponse if raw=true 4844 :rtype: ~azure.keyvault.v7_0.models.DeletedStorageBundle or 4845 ~msrest.pipeline.ClientRawResponse 4846 :raises: 4847 :class:`KeyVaultErrorException<azure.keyvault.v7_0.models.KeyVaultErrorException>` 4848 """ 4849 # Construct URL 4850 url = self.delete_storage_account.metadata['url'] 4851 path_format_arguments = { 4852 'vaultBaseUrl': self._serialize.url("vault_base_url", vault_base_url, 'str', skip_quote=True), 4853 'storage-account-name': self._serialize.url("storage_account_name", storage_account_name, 'str', pattern=r'^[0-9a-zA-Z]+$') 4854 } 4855 url = self._client.format_url(url, **path_format_arguments) 4856 4857 # Construct parameters 4858 query_parameters = {} 4859 query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') 4860 4861 # Construct headers 4862 header_parameters = {} 4863 header_parameters['Content-Type'] = 'application/json; charset=utf-8' 4864 if self.config.generate_client_request_id: 4865 header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) 4866 if custom_headers: 4867 header_parameters.update(custom_headers) 4868 if self.config.accept_language is not None: 4869 header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') 4870 4871 # Construct and send request 4872 request = self._client.delete(url, query_parameters) 4873 response = self._client.send(request, header_parameters, stream=False, **operation_config) 4874 4875 if response.status_code not in [200]: 4876 raise models.KeyVaultErrorException(self._deserialize, response) 4877 4878 deserialized = None 4879 4880 if response.status_code == 200: 4881 deserialized = self._deserialize('DeletedStorageBundle', response) 4882 4883 if raw: 4884 client_raw_response = ClientRawResponse(deserialized, response) 4885 return client_raw_response 4886 4887 return deserialized 4888 delete_storage_account.metadata = {'url': '/storage/{storage-account-name}'} 4889 4890 def get_storage_account( 4891 self, vault_base_url, storage_account_name, custom_headers=None, raw=False, **operation_config): 4892 """Gets information about a specified storage account. This operation 4893 requires the storage/get permission. 4894 4895 :param vault_base_url: The vault name, for example 4896 https://myvault.vault.azure.net. 4897 :type vault_base_url: str 4898 :param storage_account_name: The name of the storage account. 4899 :type storage_account_name: str 4900 :param dict custom_headers: headers that will be added to the request 4901 :param bool raw: returns the direct response alongside the 4902 deserialized response 4903 :param operation_config: :ref:`Operation configuration 4904 overrides<msrest:optionsforoperations>`. 4905 :return: StorageBundle or ClientRawResponse if raw=true 4906 :rtype: ~azure.keyvault.v7_0.models.StorageBundle or 4907 ~msrest.pipeline.ClientRawResponse 4908 :raises: 4909 :class:`KeyVaultErrorException<azure.keyvault.v7_0.models.KeyVaultErrorException>` 4910 """ 4911 # Construct URL 4912 url = self.get_storage_account.metadata['url'] 4913 path_format_arguments = { 4914 'vaultBaseUrl': self._serialize.url("vault_base_url", vault_base_url, 'str', skip_quote=True), 4915 'storage-account-name': self._serialize.url("storage_account_name", storage_account_name, 'str', pattern=r'^[0-9a-zA-Z]+$') 4916 } 4917 url = self._client.format_url(url, **path_format_arguments) 4918 4919 # Construct parameters 4920 query_parameters = {} 4921 query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') 4922 4923 # Construct headers 4924 header_parameters = {} 4925 header_parameters['Content-Type'] = 'application/json; charset=utf-8' 4926 if self.config.generate_client_request_id: 4927 header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) 4928 if custom_headers: 4929 header_parameters.update(custom_headers) 4930 if self.config.accept_language is not None: 4931 header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') 4932 4933 # Construct and send request 4934 request = self._client.get(url, query_parameters) 4935 response = self._client.send(request, header_parameters, stream=False, **operation_config) 4936 4937 if response.status_code not in [200]: 4938 raise models.KeyVaultErrorException(self._deserialize, response) 4939 4940 deserialized = None 4941 4942 if response.status_code == 200: 4943 deserialized = self._deserialize('StorageBundle', response) 4944 4945 if raw: 4946 client_raw_response = ClientRawResponse(deserialized, response) 4947 return client_raw_response 4948 4949 return deserialized 4950 get_storage_account.metadata = {'url': '/storage/{storage-account-name}'} 4951 4952 def set_storage_account( 4953 self, vault_base_url, storage_account_name, resource_id, active_key_name, auto_regenerate_key, regeneration_period=None, storage_account_attributes=None, tags=None, custom_headers=None, raw=False, **operation_config): 4954 """Creates or updates a new storage account. This operation requires the 4955 storage/set permission. 4956 4957 :param vault_base_url: The vault name, for example 4958 https://myvault.vault.azure.net. 4959 :type vault_base_url: str 4960 :param storage_account_name: The name of the storage account. 4961 :type storage_account_name: str 4962 :param resource_id: Storage account resource id. 4963 :type resource_id: str 4964 :param active_key_name: Current active storage account key name. 4965 :type active_key_name: str 4966 :param auto_regenerate_key: whether keyvault should manage the storage 4967 account for the user. 4968 :type auto_regenerate_key: bool 4969 :param regeneration_period: The key regeneration time duration 4970 specified in ISO-8601 format. 4971 :type regeneration_period: str 4972 :param storage_account_attributes: The attributes of the storage 4973 account. 4974 :type storage_account_attributes: 4975 ~azure.keyvault.v7_0.models.StorageAccountAttributes 4976 :param tags: Application specific metadata in the form of key-value 4977 pairs. 4978 :type tags: dict[str, str] 4979 :param dict custom_headers: headers that will be added to the request 4980 :param bool raw: returns the direct response alongside the 4981 deserialized response 4982 :param operation_config: :ref:`Operation configuration 4983 overrides<msrest:optionsforoperations>`. 4984 :return: StorageBundle or ClientRawResponse if raw=true 4985 :rtype: ~azure.keyvault.v7_0.models.StorageBundle or 4986 ~msrest.pipeline.ClientRawResponse 4987 :raises: 4988 :class:`KeyVaultErrorException<azure.keyvault.v7_0.models.KeyVaultErrorException>` 4989 """ 4990 parameters = models.StorageAccountCreateParameters(resource_id=resource_id, active_key_name=active_key_name, auto_regenerate_key=auto_regenerate_key, regeneration_period=regeneration_period, storage_account_attributes=storage_account_attributes, tags=tags) 4991 4992 # Construct URL 4993 url = self.set_storage_account.metadata['url'] 4994 path_format_arguments = { 4995 'vaultBaseUrl': self._serialize.url("vault_base_url", vault_base_url, 'str', skip_quote=True), 4996 'storage-account-name': self._serialize.url("storage_account_name", storage_account_name, 'str', pattern=r'^[0-9a-zA-Z]+$') 4997 } 4998 url = self._client.format_url(url, **path_format_arguments) 4999 5000 # Construct parameters 5001 query_parameters = {} 5002 query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') 5003 5004 # Construct headers 5005 header_parameters = {} 5006 header_parameters['Content-Type'] = 'application/json; charset=utf-8' 5007 if self.config.generate_client_request_id: 5008 header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) 5009 if custom_headers: 5010 header_parameters.update(custom_headers) 5011 if self.config.accept_language is not None: 5012 header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') 5013 5014 # Construct body 5015 body_content = self._serialize.body(parameters, 'StorageAccountCreateParameters') 5016 5017 # Construct and send request 5018 request = self._client.put(url, query_parameters) 5019 response = self._client.send( 5020 request, header_parameters, body_content, stream=False, **operation_config) 5021 5022 if response.status_code not in [200]: 5023 raise models.KeyVaultErrorException(self._deserialize, response) 5024 5025 deserialized = None 5026 5027 if response.status_code == 200: 5028 deserialized = self._deserialize('StorageBundle', response) 5029 5030 if raw: 5031 client_raw_response = ClientRawResponse(deserialized, response) 5032 return client_raw_response 5033 5034 return deserialized 5035 set_storage_account.metadata = {'url': '/storage/{storage-account-name}'} 5036 5037 def update_storage_account( 5038 self, vault_base_url, storage_account_name, active_key_name=None, auto_regenerate_key=None, regeneration_period=None, storage_account_attributes=None, tags=None, custom_headers=None, raw=False, **operation_config): 5039 """Updates the specified attributes associated with the given storage 5040 account. This operation requires the storage/set/update permission. 5041 5042 :param vault_base_url: The vault name, for example 5043 https://myvault.vault.azure.net. 5044 :type vault_base_url: str 5045 :param storage_account_name: The name of the storage account. 5046 :type storage_account_name: str 5047 :param active_key_name: The current active storage account key name. 5048 :type active_key_name: str 5049 :param auto_regenerate_key: whether keyvault should manage the storage 5050 account for the user. 5051 :type auto_regenerate_key: bool 5052 :param regeneration_period: The key regeneration time duration 5053 specified in ISO-8601 format. 5054 :type regeneration_period: str 5055 :param storage_account_attributes: The attributes of the storage 5056 account. 5057 :type storage_account_attributes: 5058 ~azure.keyvault.v7_0.models.StorageAccountAttributes 5059 :param tags: Application specific metadata in the form of key-value 5060 pairs. 5061 :type tags: dict[str, str] 5062 :param dict custom_headers: headers that will be added to the request 5063 :param bool raw: returns the direct response alongside the 5064 deserialized response 5065 :param operation_config: :ref:`Operation configuration 5066 overrides<msrest:optionsforoperations>`. 5067 :return: StorageBundle or ClientRawResponse if raw=true 5068 :rtype: ~azure.keyvault.v7_0.models.StorageBundle or 5069 ~msrest.pipeline.ClientRawResponse 5070 :raises: 5071 :class:`KeyVaultErrorException<azure.keyvault.v7_0.models.KeyVaultErrorException>` 5072 """ 5073 parameters = models.StorageAccountUpdateParameters(active_key_name=active_key_name, auto_regenerate_key=auto_regenerate_key, regeneration_period=regeneration_period, storage_account_attributes=storage_account_attributes, tags=tags) 5074 5075 # Construct URL 5076 url = self.update_storage_account.metadata['url'] 5077 path_format_arguments = { 5078 'vaultBaseUrl': self._serialize.url("vault_base_url", vault_base_url, 'str', skip_quote=True), 5079 'storage-account-name': self._serialize.url("storage_account_name", storage_account_name, 'str', pattern=r'^[0-9a-zA-Z]+$') 5080 } 5081 url = self._client.format_url(url, **path_format_arguments) 5082 5083 # Construct parameters 5084 query_parameters = {} 5085 query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') 5086 5087 # Construct headers 5088 header_parameters = {} 5089 header_parameters['Content-Type'] = 'application/json; charset=utf-8' 5090 if self.config.generate_client_request_id: 5091 header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) 5092 if custom_headers: 5093 header_parameters.update(custom_headers) 5094 if self.config.accept_language is not None: 5095 header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') 5096 5097 # Construct body 5098 body_content = self._serialize.body(parameters, 'StorageAccountUpdateParameters') 5099 5100 # Construct and send request 5101 request = self._client.patch(url, query_parameters) 5102 response = self._client.send( 5103 request, header_parameters, body_content, stream=False, **operation_config) 5104 5105 if response.status_code not in [200]: 5106 raise models.KeyVaultErrorException(self._deserialize, response) 5107 5108 deserialized = None 5109 5110 if response.status_code == 200: 5111 deserialized = self._deserialize('StorageBundle', response) 5112 5113 if raw: 5114 client_raw_response = ClientRawResponse(deserialized, response) 5115 return client_raw_response 5116 5117 return deserialized 5118 update_storage_account.metadata = {'url': '/storage/{storage-account-name}'} 5119 5120 def regenerate_storage_account_key( 5121 self, vault_base_url, storage_account_name, key_name, custom_headers=None, raw=False, **operation_config): 5122 """Regenerates the specified key value for the given storage account. This 5123 operation requires the storage/regeneratekey permission. 5124 5125 :param vault_base_url: The vault name, for example 5126 https://myvault.vault.azure.net. 5127 :type vault_base_url: str 5128 :param storage_account_name: The name of the storage account. 5129 :type storage_account_name: str 5130 :param key_name: The storage account key name. 5131 :type key_name: str 5132 :param dict custom_headers: headers that will be added to the request 5133 :param bool raw: returns the direct response alongside the 5134 deserialized response 5135 :param operation_config: :ref:`Operation configuration 5136 overrides<msrest:optionsforoperations>`. 5137 :return: StorageBundle or ClientRawResponse if raw=true 5138 :rtype: ~azure.keyvault.v7_0.models.StorageBundle or 5139 ~msrest.pipeline.ClientRawResponse 5140 :raises: 5141 :class:`KeyVaultErrorException<azure.keyvault.v7_0.models.KeyVaultErrorException>` 5142 """ 5143 parameters = models.StorageAccountRegenerteKeyParameters(key_name=key_name) 5144 5145 # Construct URL 5146 url = self.regenerate_storage_account_key.metadata['url'] 5147 path_format_arguments = { 5148 'vaultBaseUrl': self._serialize.url("vault_base_url", vault_base_url, 'str', skip_quote=True), 5149 'storage-account-name': self._serialize.url("storage_account_name", storage_account_name, 'str', pattern=r'^[0-9a-zA-Z]+$') 5150 } 5151 url = self._client.format_url(url, **path_format_arguments) 5152 5153 # Construct parameters 5154 query_parameters = {} 5155 query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') 5156 5157 # Construct headers 5158 header_parameters = {} 5159 header_parameters['Content-Type'] = 'application/json; charset=utf-8' 5160 if self.config.generate_client_request_id: 5161 header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) 5162 if custom_headers: 5163 header_parameters.update(custom_headers) 5164 if self.config.accept_language is not None: 5165 header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') 5166 5167 # Construct body 5168 body_content = self._serialize.body(parameters, 'StorageAccountRegenerteKeyParameters') 5169 5170 # Construct and send request 5171 request = self._client.post(url, query_parameters) 5172 response = self._client.send( 5173 request, header_parameters, body_content, stream=False, **operation_config) 5174 5175 if response.status_code not in [200]: 5176 raise models.KeyVaultErrorException(self._deserialize, response) 5177 5178 deserialized = None 5179 5180 if response.status_code == 200: 5181 deserialized = self._deserialize('StorageBundle', response) 5182 5183 if raw: 5184 client_raw_response = ClientRawResponse(deserialized, response) 5185 return client_raw_response 5186 5187 return deserialized 5188 regenerate_storage_account_key.metadata = {'url': '/storage/{storage-account-name}/regeneratekey'} 5189 5190 def get_sas_definitions( 5191 self, vault_base_url, storage_account_name, maxresults=None, custom_headers=None, raw=False, **operation_config): 5192 """List storage SAS definitions for the given storage account. This 5193 operation requires the storage/listsas permission. 5194 5195 :param vault_base_url: The vault name, for example 5196 https://myvault.vault.azure.net. 5197 :type vault_base_url: str 5198 :param storage_account_name: The name of the storage account. 5199 :type storage_account_name: str 5200 :param maxresults: Maximum number of results to return in a page. If 5201 not specified the service will return up to 25 results. 5202 :type maxresults: int 5203 :param dict custom_headers: headers that will be added to the request 5204 :param bool raw: returns the direct response alongside the 5205 deserialized response 5206 :param operation_config: :ref:`Operation configuration 5207 overrides<msrest:optionsforoperations>`. 5208 :return: An iterator like instance of SasDefinitionItem 5209 :rtype: 5210 ~azure.keyvault.v7_0.models.SasDefinitionItemPaged[~azure.keyvault.v7_0.models.SasDefinitionItem] 5211 :raises: 5212 :class:`KeyVaultErrorException<azure.keyvault.v7_0.models.KeyVaultErrorException>` 5213 """ 5214 def internal_paging(next_link=None, raw=False): 5215 5216 if not next_link: 5217 # Construct URL 5218 url = self.get_sas_definitions.metadata['url'] 5219 path_format_arguments = { 5220 'vaultBaseUrl': self._serialize.url("vault_base_url", vault_base_url, 'str', skip_quote=True), 5221 'storage-account-name': self._serialize.url("storage_account_name", storage_account_name, 'str', pattern=r'^[0-9a-zA-Z]+$') 5222 } 5223 url = self._client.format_url(url, **path_format_arguments) 5224 5225 # Construct parameters 5226 query_parameters = {} 5227 if maxresults is not None: 5228 query_parameters['maxresults'] = self._serialize.query("maxresults", maxresults, 'int', maximum=25, minimum=1) 5229 query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') 5230 5231 else: 5232 url = next_link 5233 query_parameters = {} 5234 5235 # Construct headers 5236 header_parameters = {} 5237 header_parameters['Content-Type'] = 'application/json; charset=utf-8' 5238 if self.config.generate_client_request_id: 5239 header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) 5240 if custom_headers: 5241 header_parameters.update(custom_headers) 5242 if self.config.accept_language is not None: 5243 header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') 5244 5245 # Construct and send request 5246 request = self._client.get(url, query_parameters) 5247 response = self._client.send( 5248 request, header_parameters, stream=False, **operation_config) 5249 5250 if response.status_code not in [200]: 5251 raise models.KeyVaultErrorException(self._deserialize, response) 5252 5253 return response 5254 5255 # Deserialize response 5256 deserialized = models.SasDefinitionItemPaged(internal_paging, self._deserialize.dependencies) 5257 5258 if raw: 5259 header_dict = {} 5260 client_raw_response = models.SasDefinitionItemPaged(internal_paging, self._deserialize.dependencies, header_dict) 5261 return client_raw_response 5262 5263 return deserialized 5264 get_sas_definitions.metadata = {'url': '/storage/{storage-account-name}/sas'} 5265 5266 def get_deleted_sas_definitions( 5267 self, vault_base_url, storage_account_name, maxresults=None, custom_headers=None, raw=False, **operation_config): 5268 """Lists deleted SAS definitions for the specified vault and storage 5269 account. 5270 5271 The Get Deleted Sas Definitions operation returns the SAS definitions 5272 that have been deleted for a vault enabled for soft-delete. This 5273 operation requires the storage/listsas permission. 5274 5275 :param vault_base_url: The vault name, for example 5276 https://myvault.vault.azure.net. 5277 :type vault_base_url: str 5278 :param storage_account_name: The name of the storage account. 5279 :type storage_account_name: str 5280 :param maxresults: Maximum number of results to return in a page. If 5281 not specified the service will return up to 25 results. 5282 :type maxresults: int 5283 :param dict custom_headers: headers that will be added to the request 5284 :param bool raw: returns the direct response alongside the 5285 deserialized response 5286 :param operation_config: :ref:`Operation configuration 5287 overrides<msrest:optionsforoperations>`. 5288 :return: An iterator like instance of DeletedSasDefinitionItem 5289 :rtype: 5290 ~azure.keyvault.v7_0.models.DeletedSasDefinitionItemPaged[~azure.keyvault.v7_0.models.DeletedSasDefinitionItem] 5291 :raises: 5292 :class:`KeyVaultErrorException<azure.keyvault.v7_0.models.KeyVaultErrorException>` 5293 """ 5294 def internal_paging(next_link=None, raw=False): 5295 5296 if not next_link: 5297 # Construct URL 5298 url = self.get_deleted_sas_definitions.metadata['url'] 5299 path_format_arguments = { 5300 'vaultBaseUrl': self._serialize.url("vault_base_url", vault_base_url, 'str', skip_quote=True), 5301 'storage-account-name': self._serialize.url("storage_account_name", storage_account_name, 'str', pattern=r'^[0-9a-zA-Z]+$') 5302 } 5303 url = self._client.format_url(url, **path_format_arguments) 5304 5305 # Construct parameters 5306 query_parameters = {} 5307 if maxresults is not None: 5308 query_parameters['maxresults'] = self._serialize.query("maxresults", maxresults, 'int', maximum=25, minimum=1) 5309 query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') 5310 5311 else: 5312 url = next_link 5313 query_parameters = {} 5314 5315 # Construct headers 5316 header_parameters = {} 5317 header_parameters['Content-Type'] = 'application/json; charset=utf-8' 5318 if self.config.generate_client_request_id: 5319 header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) 5320 if custom_headers: 5321 header_parameters.update(custom_headers) 5322 if self.config.accept_language is not None: 5323 header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') 5324 5325 # Construct and send request 5326 request = self._client.get(url, query_parameters) 5327 response = self._client.send( 5328 request, header_parameters, stream=False, **operation_config) 5329 5330 if response.status_code not in [200]: 5331 raise models.KeyVaultErrorException(self._deserialize, response) 5332 5333 return response 5334 5335 # Deserialize response 5336 deserialized = models.DeletedSasDefinitionItemPaged(internal_paging, self._deserialize.dependencies) 5337 5338 if raw: 5339 header_dict = {} 5340 client_raw_response = models.DeletedSasDefinitionItemPaged(internal_paging, self._deserialize.dependencies, header_dict) 5341 return client_raw_response 5342 5343 return deserialized 5344 get_deleted_sas_definitions.metadata = {'url': '/deletedstorage/{storage-account-name}/sas'} 5345 5346 def get_deleted_sas_definition( 5347 self, vault_base_url, storage_account_name, sas_definition_name, custom_headers=None, raw=False, **operation_config): 5348 """Gets the specified deleted sas definition. 5349 5350 The Get Deleted SAS Definition operation returns the specified deleted 5351 SAS definition along with its attributes. This operation requires the 5352 storage/getsas permission. 5353 5354 :param vault_base_url: The vault name, for example 5355 https://myvault.vault.azure.net. 5356 :type vault_base_url: str 5357 :param storage_account_name: The name of the storage account. 5358 :type storage_account_name: str 5359 :param sas_definition_name: The name of the SAS definition. 5360 :type sas_definition_name: str 5361 :param dict custom_headers: headers that will be added to the request 5362 :param bool raw: returns the direct response alongside the 5363 deserialized response 5364 :param operation_config: :ref:`Operation configuration 5365 overrides<msrest:optionsforoperations>`. 5366 :return: DeletedSasDefinitionBundle or ClientRawResponse if raw=true 5367 :rtype: ~azure.keyvault.v7_0.models.DeletedSasDefinitionBundle or 5368 ~msrest.pipeline.ClientRawResponse 5369 :raises: 5370 :class:`KeyVaultErrorException<azure.keyvault.v7_0.models.KeyVaultErrorException>` 5371 """ 5372 # Construct URL 5373 url = self.get_deleted_sas_definition.metadata['url'] 5374 path_format_arguments = { 5375 'vaultBaseUrl': self._serialize.url("vault_base_url", vault_base_url, 'str', skip_quote=True), 5376 'storage-account-name': self._serialize.url("storage_account_name", storage_account_name, 'str', pattern=r'^[0-9a-zA-Z]+$'), 5377 'sas-definition-name': self._serialize.url("sas_definition_name", sas_definition_name, 'str', pattern=r'^[0-9a-zA-Z]+$') 5378 } 5379 url = self._client.format_url(url, **path_format_arguments) 5380 5381 # Construct parameters 5382 query_parameters = {} 5383 query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') 5384 5385 # Construct headers 5386 header_parameters = {} 5387 header_parameters['Content-Type'] = 'application/json; charset=utf-8' 5388 if self.config.generate_client_request_id: 5389 header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) 5390 if custom_headers: 5391 header_parameters.update(custom_headers) 5392 if self.config.accept_language is not None: 5393 header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') 5394 5395 # Construct and send request 5396 request = self._client.get(url, query_parameters) 5397 response = self._client.send(request, header_parameters, stream=False, **operation_config) 5398 5399 if response.status_code not in [200]: 5400 raise models.KeyVaultErrorException(self._deserialize, response) 5401 5402 deserialized = None 5403 5404 if response.status_code == 200: 5405 deserialized = self._deserialize('DeletedSasDefinitionBundle', response) 5406 5407 if raw: 5408 client_raw_response = ClientRawResponse(deserialized, response) 5409 return client_raw_response 5410 5411 return deserialized 5412 get_deleted_sas_definition.metadata = {'url': '/deletedstorage/{storage-account-name}/sas/{sas-definition-name}'} 5413 5414 def recover_deleted_sas_definition( 5415 self, vault_base_url, storage_account_name, sas_definition_name, custom_headers=None, raw=False, **operation_config): 5416 """Recovers the deleted SAS definition. 5417 5418 Recovers the deleted SAS definition for the specified storage account. 5419 This operation can only be performed on a soft-delete enabled vault. 5420 This operation requires the storage/recover permission. 5421 5422 :param vault_base_url: The vault name, for example 5423 https://myvault.vault.azure.net. 5424 :type vault_base_url: str 5425 :param storage_account_name: The name of the storage account. 5426 :type storage_account_name: str 5427 :param sas_definition_name: The name of the SAS definition. 5428 :type sas_definition_name: str 5429 :param dict custom_headers: headers that will be added to the request 5430 :param bool raw: returns the direct response alongside the 5431 deserialized response 5432 :param operation_config: :ref:`Operation configuration 5433 overrides<msrest:optionsforoperations>`. 5434 :return: SasDefinitionBundle or ClientRawResponse if raw=true 5435 :rtype: ~azure.keyvault.v7_0.models.SasDefinitionBundle or 5436 ~msrest.pipeline.ClientRawResponse 5437 :raises: 5438 :class:`KeyVaultErrorException<azure.keyvault.v7_0.models.KeyVaultErrorException>` 5439 """ 5440 # Construct URL 5441 url = self.recover_deleted_sas_definition.metadata['url'] 5442 path_format_arguments = { 5443 'vaultBaseUrl': self._serialize.url("vault_base_url", vault_base_url, 'str', skip_quote=True), 5444 'storage-account-name': self._serialize.url("storage_account_name", storage_account_name, 'str', pattern=r'^[0-9a-zA-Z]+$'), 5445 'sas-definition-name': self._serialize.url("sas_definition_name", sas_definition_name, 'str', pattern=r'^[0-9a-zA-Z]+$') 5446 } 5447 url = self._client.format_url(url, **path_format_arguments) 5448 5449 # Construct parameters 5450 query_parameters = {} 5451 query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') 5452 5453 # Construct headers 5454 header_parameters = {} 5455 header_parameters['Content-Type'] = 'application/json; charset=utf-8' 5456 if self.config.generate_client_request_id: 5457 header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) 5458 if custom_headers: 5459 header_parameters.update(custom_headers) 5460 if self.config.accept_language is not None: 5461 header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') 5462 5463 # Construct and send request 5464 request = self._client.post(url, query_parameters) 5465 response = self._client.send(request, header_parameters, stream=False, **operation_config) 5466 5467 if response.status_code not in [200]: 5468 raise models.KeyVaultErrorException(self._deserialize, response) 5469 5470 deserialized = None 5471 5472 if response.status_code == 200: 5473 deserialized = self._deserialize('SasDefinitionBundle', response) 5474 5475 if raw: 5476 client_raw_response = ClientRawResponse(deserialized, response) 5477 return client_raw_response 5478 5479 return deserialized 5480 recover_deleted_sas_definition.metadata = {'url': '/deletedstorage/{storage-account-name}/sas/{sas-definition-name}/recover'} 5481 5482 def delete_sas_definition( 5483 self, vault_base_url, storage_account_name, sas_definition_name, custom_headers=None, raw=False, **operation_config): 5484 """Deletes a SAS definition from a specified storage account. This 5485 operation requires the storage/deletesas permission. 5486 5487 :param vault_base_url: The vault name, for example 5488 https://myvault.vault.azure.net. 5489 :type vault_base_url: str 5490 :param storage_account_name: The name of the storage account. 5491 :type storage_account_name: str 5492 :param sas_definition_name: The name of the SAS definition. 5493 :type sas_definition_name: str 5494 :param dict custom_headers: headers that will be added to the request 5495 :param bool raw: returns the direct response alongside the 5496 deserialized response 5497 :param operation_config: :ref:`Operation configuration 5498 overrides<msrest:optionsforoperations>`. 5499 :return: DeletedSasDefinitionBundle or ClientRawResponse if raw=true 5500 :rtype: ~azure.keyvault.v7_0.models.DeletedSasDefinitionBundle or 5501 ~msrest.pipeline.ClientRawResponse 5502 :raises: 5503 :class:`KeyVaultErrorException<azure.keyvault.v7_0.models.KeyVaultErrorException>` 5504 """ 5505 # Construct URL 5506 url = self.delete_sas_definition.metadata['url'] 5507 path_format_arguments = { 5508 'vaultBaseUrl': self._serialize.url("vault_base_url", vault_base_url, 'str', skip_quote=True), 5509 'storage-account-name': self._serialize.url("storage_account_name", storage_account_name, 'str', pattern=r'^[0-9a-zA-Z]+$'), 5510 'sas-definition-name': self._serialize.url("sas_definition_name", sas_definition_name, 'str', pattern=r'^[0-9a-zA-Z]+$') 5511 } 5512 url = self._client.format_url(url, **path_format_arguments) 5513 5514 # Construct parameters 5515 query_parameters = {} 5516 query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') 5517 5518 # Construct headers 5519 header_parameters = {} 5520 header_parameters['Content-Type'] = 'application/json; charset=utf-8' 5521 if self.config.generate_client_request_id: 5522 header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) 5523 if custom_headers: 5524 header_parameters.update(custom_headers) 5525 if self.config.accept_language is not None: 5526 header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') 5527 5528 # Construct and send request 5529 request = self._client.delete(url, query_parameters) 5530 response = self._client.send(request, header_parameters, stream=False, **operation_config) 5531 5532 if response.status_code not in [200]: 5533 raise models.KeyVaultErrorException(self._deserialize, response) 5534 5535 deserialized = None 5536 5537 if response.status_code == 200: 5538 deserialized = self._deserialize('DeletedSasDefinitionBundle', response) 5539 5540 if raw: 5541 client_raw_response = ClientRawResponse(deserialized, response) 5542 return client_raw_response 5543 5544 return deserialized 5545 delete_sas_definition.metadata = {'url': '/storage/{storage-account-name}/sas/{sas-definition-name}'} 5546 5547 def get_sas_definition( 5548 self, vault_base_url, storage_account_name, sas_definition_name, custom_headers=None, raw=False, **operation_config): 5549 """Gets information about a SAS definition for the specified storage 5550 account. This operation requires the storage/getsas permission. 5551 5552 :param vault_base_url: The vault name, for example 5553 https://myvault.vault.azure.net. 5554 :type vault_base_url: str 5555 :param storage_account_name: The name of the storage account. 5556 :type storage_account_name: str 5557 :param sas_definition_name: The name of the SAS definition. 5558 :type sas_definition_name: str 5559 :param dict custom_headers: headers that will be added to the request 5560 :param bool raw: returns the direct response alongside the 5561 deserialized response 5562 :param operation_config: :ref:`Operation configuration 5563 overrides<msrest:optionsforoperations>`. 5564 :return: SasDefinitionBundle or ClientRawResponse if raw=true 5565 :rtype: ~azure.keyvault.v7_0.models.SasDefinitionBundle or 5566 ~msrest.pipeline.ClientRawResponse 5567 :raises: 5568 :class:`KeyVaultErrorException<azure.keyvault.v7_0.models.KeyVaultErrorException>` 5569 """ 5570 # Construct URL 5571 url = self.get_sas_definition.metadata['url'] 5572 path_format_arguments = { 5573 'vaultBaseUrl': self._serialize.url("vault_base_url", vault_base_url, 'str', skip_quote=True), 5574 'storage-account-name': self._serialize.url("storage_account_name", storage_account_name, 'str', pattern=r'^[0-9a-zA-Z]+$'), 5575 'sas-definition-name': self._serialize.url("sas_definition_name", sas_definition_name, 'str', pattern=r'^[0-9a-zA-Z]+$') 5576 } 5577 url = self._client.format_url(url, **path_format_arguments) 5578 5579 # Construct parameters 5580 query_parameters = {} 5581 query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') 5582 5583 # Construct headers 5584 header_parameters = {} 5585 header_parameters['Content-Type'] = 'application/json; charset=utf-8' 5586 if self.config.generate_client_request_id: 5587 header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) 5588 if custom_headers: 5589 header_parameters.update(custom_headers) 5590 if self.config.accept_language is not None: 5591 header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') 5592 5593 # Construct and send request 5594 request = self._client.get(url, query_parameters) 5595 response = self._client.send(request, header_parameters, stream=False, **operation_config) 5596 5597 if response.status_code not in [200]: 5598 raise models.KeyVaultErrorException(self._deserialize, response) 5599 5600 deserialized = None 5601 5602 if response.status_code == 200: 5603 deserialized = self._deserialize('SasDefinitionBundle', response) 5604 5605 if raw: 5606 client_raw_response = ClientRawResponse(deserialized, response) 5607 return client_raw_response 5608 5609 return deserialized 5610 get_sas_definition.metadata = {'url': '/storage/{storage-account-name}/sas/{sas-definition-name}'} 5611 5612 def set_sas_definition( 5613 self, vault_base_url, storage_account_name, sas_definition_name, template_uri, sas_type, validity_period, sas_definition_attributes=None, tags=None, custom_headers=None, raw=False, **operation_config): 5614 """Creates or updates a new SAS definition for the specified storage 5615 account. This operation requires the storage/setsas permission. 5616 5617 :param vault_base_url: The vault name, for example 5618 https://myvault.vault.azure.net. 5619 :type vault_base_url: str 5620 :param storage_account_name: The name of the storage account. 5621 :type storage_account_name: str 5622 :param sas_definition_name: The name of the SAS definition. 5623 :type sas_definition_name: str 5624 :param template_uri: The SAS definition token template signed with an 5625 arbitrary key. Tokens created according to the SAS definition will 5626 have the same properties as the template. 5627 :type template_uri: str 5628 :param sas_type: The type of SAS token the SAS definition will create. 5629 Possible values include: 'account', 'service' 5630 :type sas_type: str or ~azure.keyvault.v7_0.models.SasTokenType 5631 :param validity_period: The validity period of SAS tokens created 5632 according to the SAS definition. 5633 :type validity_period: str 5634 :param sas_definition_attributes: The attributes of the SAS 5635 definition. 5636 :type sas_definition_attributes: 5637 ~azure.keyvault.v7_0.models.SasDefinitionAttributes 5638 :param tags: Application specific metadata in the form of key-value 5639 pairs. 5640 :type tags: dict[str, str] 5641 :param dict custom_headers: headers that will be added to the request 5642 :param bool raw: returns the direct response alongside the 5643 deserialized response 5644 :param operation_config: :ref:`Operation configuration 5645 overrides<msrest:optionsforoperations>`. 5646 :return: SasDefinitionBundle or ClientRawResponse if raw=true 5647 :rtype: ~azure.keyvault.v7_0.models.SasDefinitionBundle or 5648 ~msrest.pipeline.ClientRawResponse 5649 :raises: 5650 :class:`KeyVaultErrorException<azure.keyvault.v7_0.models.KeyVaultErrorException>` 5651 """ 5652 parameters = models.SasDefinitionCreateParameters(template_uri=template_uri, sas_type=sas_type, validity_period=validity_period, sas_definition_attributes=sas_definition_attributes, tags=tags) 5653 5654 # Construct URL 5655 url = self.set_sas_definition.metadata['url'] 5656 path_format_arguments = { 5657 'vaultBaseUrl': self._serialize.url("vault_base_url", vault_base_url, 'str', skip_quote=True), 5658 'storage-account-name': self._serialize.url("storage_account_name", storage_account_name, 'str', pattern=r'^[0-9a-zA-Z]+$'), 5659 'sas-definition-name': self._serialize.url("sas_definition_name", sas_definition_name, 'str', pattern=r'^[0-9a-zA-Z]+$') 5660 } 5661 url = self._client.format_url(url, **path_format_arguments) 5662 5663 # Construct parameters 5664 query_parameters = {} 5665 query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') 5666 5667 # Construct headers 5668 header_parameters = {} 5669 header_parameters['Content-Type'] = 'application/json; charset=utf-8' 5670 if self.config.generate_client_request_id: 5671 header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) 5672 if custom_headers: 5673 header_parameters.update(custom_headers) 5674 if self.config.accept_language is not None: 5675 header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') 5676 5677 # Construct body 5678 body_content = self._serialize.body(parameters, 'SasDefinitionCreateParameters') 5679 5680 # Construct and send request 5681 request = self._client.put(url, query_parameters) 5682 response = self._client.send( 5683 request, header_parameters, body_content, stream=False, **operation_config) 5684 5685 if response.status_code not in [200]: 5686 raise models.KeyVaultErrorException(self._deserialize, response) 5687 5688 deserialized = None 5689 5690 if response.status_code == 200: 5691 deserialized = self._deserialize('SasDefinitionBundle', response) 5692 5693 if raw: 5694 client_raw_response = ClientRawResponse(deserialized, response) 5695 return client_raw_response 5696 5697 return deserialized 5698 set_sas_definition.metadata = {'url': '/storage/{storage-account-name}/sas/{sas-definition-name}'} 5699 5700 def update_sas_definition( 5701 self, vault_base_url, storage_account_name, sas_definition_name, template_uri=None, sas_type=None, validity_period=None, sas_definition_attributes=None, tags=None, custom_headers=None, raw=False, **operation_config): 5702 """Updates the specified attributes associated with the given SAS 5703 definition. This operation requires the storage/setsas permission. 5704 5705 :param vault_base_url: The vault name, for example 5706 https://myvault.vault.azure.net. 5707 :type vault_base_url: str 5708 :param storage_account_name: The name of the storage account. 5709 :type storage_account_name: str 5710 :param sas_definition_name: The name of the SAS definition. 5711 :type sas_definition_name: str 5712 :param template_uri: The SAS definition token template signed with an 5713 arbitrary key. Tokens created according to the SAS definition will 5714 have the same properties as the template. 5715 :type template_uri: str 5716 :param sas_type: The type of SAS token the SAS definition will create. 5717 Possible values include: 'account', 'service' 5718 :type sas_type: str or ~azure.keyvault.v7_0.models.SasTokenType 5719 :param validity_period: The validity period of SAS tokens created 5720 according to the SAS definition. 5721 :type validity_period: str 5722 :param sas_definition_attributes: The attributes of the SAS 5723 definition. 5724 :type sas_definition_attributes: 5725 ~azure.keyvault.v7_0.models.SasDefinitionAttributes 5726 :param tags: Application specific metadata in the form of key-value 5727 pairs. 5728 :type tags: dict[str, str] 5729 :param dict custom_headers: headers that will be added to the request 5730 :param bool raw: returns the direct response alongside the 5731 deserialized response 5732 :param operation_config: :ref:`Operation configuration 5733 overrides<msrest:optionsforoperations>`. 5734 :return: SasDefinitionBundle or ClientRawResponse if raw=true 5735 :rtype: ~azure.keyvault.v7_0.models.SasDefinitionBundle or 5736 ~msrest.pipeline.ClientRawResponse 5737 :raises: 5738 :class:`KeyVaultErrorException<azure.keyvault.v7_0.models.KeyVaultErrorException>` 5739 """ 5740 parameters = models.SasDefinitionUpdateParameters(template_uri=template_uri, sas_type=sas_type, validity_period=validity_period, sas_definition_attributes=sas_definition_attributes, tags=tags) 5741 5742 # Construct URL 5743 url = self.update_sas_definition.metadata['url'] 5744 path_format_arguments = { 5745 'vaultBaseUrl': self._serialize.url("vault_base_url", vault_base_url, 'str', skip_quote=True), 5746 'storage-account-name': self._serialize.url("storage_account_name", storage_account_name, 'str', pattern=r'^[0-9a-zA-Z]+$'), 5747 'sas-definition-name': self._serialize.url("sas_definition_name", sas_definition_name, 'str', pattern=r'^[0-9a-zA-Z]+$') 5748 } 5749 url = self._client.format_url(url, **path_format_arguments) 5750 5751 # Construct parameters 5752 query_parameters = {} 5753 query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') 5754 5755 # Construct headers 5756 header_parameters = {} 5757 header_parameters['Content-Type'] = 'application/json; charset=utf-8' 5758 if self.config.generate_client_request_id: 5759 header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) 5760 if custom_headers: 5761 header_parameters.update(custom_headers) 5762 if self.config.accept_language is not None: 5763 header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') 5764 5765 # Construct body 5766 body_content = self._serialize.body(parameters, 'SasDefinitionUpdateParameters') 5767 5768 # Construct and send request 5769 request = self._client.patch(url, query_parameters) 5770 response = self._client.send( 5771 request, header_parameters, body_content, stream=False, **operation_config) 5772 5773 if response.status_code not in [200]: 5774 raise models.KeyVaultErrorException(self._deserialize, response) 5775 5776 deserialized = None 5777 5778 if response.status_code == 200: 5779 deserialized = self._deserialize('SasDefinitionBundle', response) 5780 5781 if raw: 5782 client_raw_response = ClientRawResponse(deserialized, response) 5783 return client_raw_response 5784 5785 return deserialized 5786 update_sas_definition.metadata = {'url': '/storage/{storage-account-name}/sas/{sas-definition-name}'} 5787