diff --git a/src/azure-cli/azure/cli/command_modules/keyvault/_client_factory.py b/src/azure-cli/azure/cli/command_modules/keyvault/_client_factory.py index 1ceedd2c0c2..48a148db9fc 100644 --- a/src/azure-cli/azure/cli/command_modules/keyvault/_client_factory.py +++ b/src/azure-cli/azure/cli/command_modules/keyvault/_client_factory.py @@ -148,18 +148,6 @@ def get_client(cli_ctx, resource_type, client_name=''): return ClientEntity(client_factory, command_type, operations_docs_tmpl, models_docs_tmpl) -def is_azure_stack_profile(cmd=None, cli_ctx=None): - cli_ctx = cmd.cli_ctx if cmd else cli_ctx - if not cli_ctx: - raise CLIError("Can't judge profile without cli_ctx!") - return cli_ctx.cloud.profile in [ - '2020-09-01-hybrid', - '2019-03-01-hybrid', - '2018-03-01-hybrid', - '2017-03-09-profile' - ] - - def keyvault_mgmt_client_factory(resource_type, client_name): def _keyvault_mgmt_client_factory(cli_ctx, _): from azure.cli.core.commands.client_factory import get_mgmt_service_client @@ -210,48 +198,45 @@ def data_plane_azure_keyvault_administration_setting_client(cli_ctx, command_arg def data_plane_azure_keyvault_certificate_client(cli_ctx, command_args): from azure.keyvault.certificates import CertificateClient - vault_url, credential, version = _prepare_data_plane_azure_keyvault_client( + vault_url, credential, _ = _prepare_data_plane_azure_keyvault_client( cli_ctx, command_args, ResourceType.DATA_KEYVAULT_CERTIFICATES) command_args.pop('hsm_name', None) command_args.pop('vault_base_url', None) command_args.pop('identifier', None) - api_version = '7.4' if not is_azure_stack_profile(cmd=None, cli_ctx=cli_ctx) else '2016-10-01' client_kwargs = prepare_client_kwargs_track2(cli_ctx) client_kwargs.pop('http_logging_policy') return CertificateClient( - vault_url=vault_url, credential=credential, api_version=api_version or version, + vault_url=vault_url, credential=credential, api_version='7.4', verify_challenge_resource=False, **client_kwargs) def data_plane_azure_keyvault_key_client(cli_ctx, command_args): from azure.keyvault.keys import KeyClient - vault_url, credential, version = _prepare_data_plane_azure_keyvault_client( + vault_url, credential, _ = _prepare_data_plane_azure_keyvault_client( cli_ctx, command_args, ResourceType.DATA_KEYVAULT_KEYS) command_args.pop('hsm_name', None) command_args.pop('vault_base_url', None) command_args.pop('identifier', None) - api_version = '7.6-preview.2' if not is_azure_stack_profile(cmd=None, cli_ctx=cli_ctx) else '2016-10-01' client_kwargs = prepare_client_kwargs_track2(cli_ctx) client_kwargs.pop('http_logging_policy') return KeyClient( - vault_url=vault_url, credential=credential, api_version=api_version or version, + vault_url=vault_url, credential=credential, api_version='7.6-preview.2', verify_challenge_resource=False, **client_kwargs) def data_plane_azure_keyvault_secret_client(cli_ctx, command_args): from azure.keyvault.secrets import SecretClient - vault_url, credential, version = _prepare_data_plane_azure_keyvault_client( + vault_url, credential, _ = _prepare_data_plane_azure_keyvault_client( cli_ctx, command_args, ResourceType.DATA_KEYVAULT_SECRETS) command_args.pop('hsm_name', None) command_args.pop('vault_base_url', None) command_args.pop('identifier', None) - api_version = '7.4' if not is_azure_stack_profile(cmd=None, cli_ctx=cli_ctx) else '2016-10-01' client_kwargs = prepare_client_kwargs_track2(cli_ctx) client_kwargs.pop('http_logging_policy') return SecretClient( - vault_url=vault_url, credential=credential, api_version=api_version or version, + vault_url=vault_url, credential=credential, api_version='7.4', verify_challenge_resource=False, **client_kwargs) diff --git a/src/azure-cli/azure/cli/command_modules/keyvault/_completers.py b/src/azure-cli/azure/cli/command_modules/keyvault/_completers.py index b6172605e7a..510c8523022 100644 --- a/src/azure-cli/azure/cli/command_modules/keyvault/_completers.py +++ b/src/azure-cli/azure/cli/command_modules/keyvault/_completers.py @@ -17,21 +17,15 @@ def completer(cmd, prefix, namespace, **kwargs): # pylint: disable=unused-argum credential, _, _ = profile.get_login_credentials(subscription_id=cmd.cli_ctx.data.get('subscription_id')) if resource_name == 'key': from azure.keyvault.keys import KeyClient - from azure.cli.command_modules.keyvault._client_factory import is_azure_stack_profile - version = '7.6-preview.2' if not is_azure_stack_profile(cmd=cmd) else '2016-10-01' - client = KeyClient(vault_url=vault, credential=credential, api_version=version, + client = KeyClient(vault_url=vault, credential=credential, api_version='7.6-preview.2', verify_challenge_resource=False) elif resource_name == 'secret': from azure.keyvault.secrets import SecretClient - from azure.cli.command_modules.keyvault._client_factory import is_azure_stack_profile - version = '7.4' if not is_azure_stack_profile(cmd=cmd) else '2016-10-01' - client = SecretClient(vault_url=vault, credential=credential, api_version=version, + client = SecretClient(vault_url=vault, credential=credential, api_version='7.4', verify_challenge_resource=False) else: from azure.keyvault.certificates import CertificateClient - from azure.cli.command_modules.keyvault._client_factory import is_azure_stack_profile - version = '7.4' if not is_azure_stack_profile(cmd=cmd) else '2016-10-01' - client = CertificateClient(vault_url=vault, credential=credential, api_version=version, + client = CertificateClient(vault_url=vault, credential=credential, api_version='7.4', verify_challenge_resource=False) items = [] for y in list(getattr(client, func_name)()): @@ -51,21 +45,15 @@ def completer(cmd, prefix, namespace, **kwargs): # pylint: disable=unused-argum credential, _, _ = profile.get_login_credentials(subscription_id=cmd.cli_ctx.data.get('subscription_id')) if resource_name == 'key': from azure.keyvault.keys import KeyClient - from azure.cli.command_modules.keyvault._client_factory import is_azure_stack_profile - version = '7.6-preview.2' if not is_azure_stack_profile(cmd=cmd) else '2016-10-01' - client = KeyClient(vault_url=vault, credential=credential, api_version=version, + client = KeyClient(vault_url=vault, credential=credential, api_version='7.6-preview.2', verify_challenge_resource=False) elif resource_name == 'secret': from azure.keyvault.secrets import SecretClient - from azure.cli.command_modules.keyvault._client_factory import is_azure_stack_profile - version = '7.4' if not is_azure_stack_profile(cmd=cmd) else '2016-10-01' - client = SecretClient(vault_url=vault, credential=credential, api_version=version, + client = SecretClient(vault_url=vault, credential=credential, api_version='7.4', verify_challenge_resource=False) else: from azure.keyvault.certificates import CertificateClient - from azure.cli.command_modules.keyvault._client_factory import is_azure_stack_profile - version = '7.4' if not is_azure_stack_profile(cmd=cmd) else '2016-10-01' - client = CertificateClient(vault_url=vault, credential=credential, api_version=version, + client = CertificateClient(vault_url=vault, credential=credential, api_version='7.4', verify_challenge_resource=False) items = [] for y in list(getattr(client, func_name)()): diff --git a/src/azure-cli/azure/cli/command_modules/keyvault/_params.py b/src/azure-cli/azure/cli/command_modules/keyvault/_params.py index 800abb6e5b7..62f95d143b8 100644 --- a/src/azure-cli/azure/cli/command_modules/keyvault/_params.py +++ b/src/azure-cli/azure/cli/command_modules/keyvault/_params.py @@ -29,7 +29,6 @@ validate_vault_name_and_hsm_name, set_vault_base_url, validate_keyvault_resource_id, process_hsm_name, KeyEncryptionDataType, process_key_release_policy, process_certificate_policy, process_certificate_import) -from azure.cli.command_modules.keyvault._client_factory import is_azure_stack_profile # CUSTOM CHOICE LISTS @@ -684,11 +683,10 @@ class CLISecurityDomainOperation(str, Enum): type=get_json_object, validator=process_certificate_policy) c.extra('tags', tags_type) - if not is_azure_stack_profile(self): - for cmd in ['list', 'list-deleted']: - with self.argument_context('keyvault certificate {}'.format(cmd)) as c: - c.extra('include_pending', arg_type=get_three_state_flag(), - help='Specifies whether to include certificates which are not completely provisioned.') + for cmd in ['list', 'list-deleted']: + with self.argument_context('keyvault certificate {}'.format(cmd)) as c: + c.extra('include_pending', arg_type=get_three_state_flag(), + help='Specifies whether to include certificates which are not completely provisioned.') with self.argument_context('keyvault certificate import') as c: c.argument('certificate_name', options_list=['--name', '-n'], required=True, arg_group='Id', diff --git a/src/azure-cli/azure/cli/command_modules/keyvault/commands.py b/src/azure-cli/azure/cli/command_modules/keyvault/commands.py index 109a46fd14e..01872d99f9a 100644 --- a/src/azure-cli/azure/cli/command_modules/keyvault/commands.py +++ b/src/azure-cli/azure/cli/command_modules/keyvault/commands.py @@ -9,7 +9,7 @@ from azure.cli.core.profiles import get_api_version, ResourceType from azure.cli.command_modules.keyvault._client_factory import ( - get_client, get_client_factory, Clients, is_azure_stack_profile) + get_client, get_client_factory, Clients) from azure.cli.command_modules.keyvault._transformers import ( filter_out_managed_resources, @@ -50,28 +50,21 @@ def load_command_table(self, _): data_certificate_entity = get_client(self.cli_ctx, ResourceType.DATA_KEYVAULT_CERTIFICATES) data_secret_entity = get_client(self.cli_ctx, ResourceType.DATA_KEYVAULT_SECRETS) - if not is_azure_stack_profile(self): - mgmt_hsms_entity = get_client(self.cli_ctx, ResourceType.MGMT_KEYVAULT, Clients.managed_hsms) - mgmt_hsms_regions_entity = get_client(self.cli_ctx, ResourceType.MGMT_KEYVAULT, Clients.mhsm_regions) - data_security_domain_entity = get_client(self.cli_ctx, ResourceType.DATA_KEYVAULT_SECURITY_DOMAIN) - data_backup_entity = get_client(self.cli_ctx, ResourceType.DATA_KEYVAULT_ADMINISTRATION_BACKUP) - data_access_control_entity = get_client(self.cli_ctx, ResourceType.DATA_KEYVAULT_ADMINISTRATION_ACCESS_CONTROL) - data_setting_entity = get_client(self.cli_ctx, ResourceType.DATA_KEYVAULT_ADMINISTRATION_SETTING) - else: - mgmt_hsms_entity = mgmt_hsms_regions_entity = data_security_domain_entity = data_backup_entity = \ - data_access_control_entity = data_setting_entity = None + mgmt_hsms_entity = get_client(self.cli_ctx, ResourceType.MGMT_KEYVAULT, Clients.managed_hsms) + mgmt_hsms_regions_entity = get_client(self.cli_ctx, ResourceType.MGMT_KEYVAULT, Clients.mhsm_regions) + data_security_domain_entity = get_client(self.cli_ctx, ResourceType.DATA_KEYVAULT_SECURITY_DOMAIN) + data_backup_entity = get_client(self.cli_ctx, ResourceType.DATA_KEYVAULT_ADMINISTRATION_BACKUP) + data_access_control_entity = get_client(self.cli_ctx, ResourceType.DATA_KEYVAULT_ADMINISTRATION_ACCESS_CONTROL) + data_setting_entity = get_client(self.cli_ctx, ResourceType.DATA_KEYVAULT_ADMINISTRATION_SETTING) kv_vaults_custom = CliCommandType( operations_tmpl='azure.cli.command_modules.keyvault.custom#{}', client_factory=get_client_factory(ResourceType.MGMT_KEYVAULT, Clients.vaults) ) - if not is_azure_stack_profile(self): - kv_hsms_custom = CliCommandType( - operations_tmpl='azure.cli.command_modules.keyvault.custom#{}', - client_factory=get_client_factory(ResourceType.MGMT_KEYVAULT, Clients.managed_hsms) - ) - else: - kv_hsms_custom = None + kv_hsms_custom = CliCommandType( + operations_tmpl='azure.cli.command_modules.keyvault.custom#{}', + client_factory=get_client_factory(ResourceType.MGMT_KEYVAULT, Clients.managed_hsms) + ) # endregion # Management Plane Commands @@ -93,14 +86,13 @@ def load_command_table(self, _): supports_no_wait=True) g.wait_command('wait') - if not is_azure_stack_profile(self): - with self.command_group('keyvault', mgmt_hsms_entity.command_type, - client_factory=mgmt_hsms_entity.client_factory) as g: - g.generic_update_command( - 'update-hsm', setter_name='update_hsm_setter', setter_type=kv_hsms_custom, - custom_func_name='update_hsm', supports_no_wait=True) - g.custom_wait_command('wait-hsm', 'wait_hsm') - g.custom_command('check-name', 'check_name_availability') + with self.command_group('keyvault', mgmt_hsms_entity.command_type, + client_factory=mgmt_hsms_entity.client_factory) as g: + g.generic_update_command( + 'update-hsm', setter_name='update_hsm_setter', setter_type=kv_hsms_custom, + custom_func_name='update_hsm', supports_no_wait=True) + g.custom_wait_command('wait-hsm', 'wait_hsm') + g.custom_command('check-name', 'check_name_availability') with self.command_group('keyvault network-rule', mgmt_vaults_entity.command_type, @@ -135,19 +127,18 @@ def load_command_table(self, _): g.custom_command('list', 'list_private_link_resource', transform=gen_dict_to_list_transform(key='value')) # Data Plane Commands - if not is_azure_stack_profile(self): - with self.command_group('keyvault backup', data_backup_entity.command_type) as g: - g.keyvault_custom('start', 'full_backup') + with self.command_group('keyvault backup', data_backup_entity.command_type) as g: + g.keyvault_custom('start', 'full_backup') - with self.command_group('keyvault restore', data_backup_entity.command_type) as g: - g.keyvault_custom('start', 'full_restore') + with self.command_group('keyvault restore', data_backup_entity.command_type) as g: + g.keyvault_custom('start', 'full_restore') - with self.command_group('keyvault security-domain', data_security_domain_entity.command_type) as g: - g.keyvault_custom('init-recovery', 'security_domain_init_recovery') - g.keyvault_custom('restore-blob', 'security_domain_restore_blob') - g.keyvault_custom('upload', 'security_domain_upload', supports_no_wait=True) - g.keyvault_custom('download', 'security_domain_download', supports_no_wait=True) - g.keyvault_custom('wait', '_wait_security_domain_operation') + with self.command_group('keyvault security-domain', data_security_domain_entity.command_type) as g: + g.keyvault_custom('init-recovery', 'security_domain_init_recovery') + g.keyvault_custom('restore-blob', 'security_domain_restore_blob') + g.keyvault_custom('upload', 'security_domain_upload', supports_no_wait=True) + g.keyvault_custom('download', 'security_domain_download', supports_no_wait=True) + g.keyvault_custom('wait', '_wait_security_domain_operation') with self.command_group('keyvault key', data_key_entity.command_type) as g: g.keyvault_custom('create', 'create_key', transform=transform_key_output, validator=validate_key_create) @@ -172,16 +163,15 @@ def load_command_table(self, _): g.keyvault_custom('backup', 'backup_key') g.keyvault_custom('restore', 'restore_key', supports_no_wait=True, transform=transform_key_output) - if not is_azure_stack_profile(self): - with self.command_group('keyvault key', data_key_entity.command_type) as g: - g.keyvault_command('random', 'get_random_bytes', transform=transform_key_random_output) - g.keyvault_command('rotate', 'rotate_key', transform=transform_key_output) - g.keyvault_custom('sign', 'sign_key') - g.keyvault_custom('verify', 'verify_key') + with self.command_group('keyvault key', data_key_entity.command_type) as g: + g.keyvault_command('random', 'get_random_bytes', transform=transform_key_random_output) + g.keyvault_command('rotate', 'rotate_key', transform=transform_key_output) + g.keyvault_custom('sign', 'sign_key') + g.keyvault_custom('verify', 'verify_key') - with self.command_group('keyvault key rotation-policy', data_key_entity.command_type) as g: - g.keyvault_command('show', 'get_key_rotation_policy', ) - g.keyvault_custom('update', 'update_key_rotation_policy') + with self.command_group('keyvault key rotation-policy', data_key_entity.command_type) as g: + g.keyvault_command('show', 'get_key_rotation_policy', ) + g.keyvault_custom('update', 'update_key_rotation_policy') # secret track2 with self.command_group('keyvault secret', data_secret_entity.command_type) as g: @@ -287,35 +277,32 @@ def load_command_table(self, _): transform_certificate_issuer_admin_list)) g.keyvault_custom('delete', 'delete_certificate_issuer_admin') - if not is_azure_stack_profile(self): - with self.command_group('keyvault role', data_access_control_entity.command_type): - pass - - with self.command_group('keyvault role assignment', data_access_control_entity.command_type) as g: - g.keyvault_custom('delete', 'delete_role_assignment', validator=validate_role_assignment_args) - g.keyvault_custom('list', 'list_role_assignments', table_transformer=transform_assignment_list) - g.keyvault_custom('create', 'create_role_assignment') - - with self.command_group('keyvault role definition', data_access_control_entity.command_type) as g: - g.keyvault_custom('list', 'list_role_definitions', table_transformer=transform_definition_list) - g.keyvault_custom('create', 'create_role_definition') - g.keyvault_custom('update', 'update_role_definition') - g.keyvault_custom('delete', 'delete_role_definition') - g.keyvault_custom('show', 'show_role_definition') - - if not is_azure_stack_profile(self): - with self.command_group('keyvault setting', data_setting_entity.command_type) as g: - g.keyvault_command('list', 'list_settings') - g.keyvault_command('show', 'get_setting') - g.keyvault_custom('update', 'update_hsm_setting') - - if not is_azure_stack_profile(self): - with self.command_group('keyvault region', mgmt_hsms_regions_entity.command_type, - client_factory=mgmt_hsms_regions_entity.client_factory, min_api='2023-02-01') as g: - g.command('list', 'list_by_resource', client_factory=mgmt_hsms_regions_entity.client_factory) - - with self.command_group('keyvault region', mgmt_hsms_entity.command_type, - client_factory=mgmt_hsms_entity.client_factory, min_api='2023-02-01') as g: - g.custom_command('add', 'add_hsm_region', supports_no_wait=True) - g.custom_command('remove', 'remove_hsm_region', supports_no_wait=True) - g.wait_command('wait') + with self.command_group('keyvault role', data_access_control_entity.command_type): + pass + + with self.command_group('keyvault role assignment', data_access_control_entity.command_type) as g: + g.keyvault_custom('delete', 'delete_role_assignment', validator=validate_role_assignment_args) + g.keyvault_custom('list', 'list_role_assignments', table_transformer=transform_assignment_list) + g.keyvault_custom('create', 'create_role_assignment') + + with self.command_group('keyvault role definition', data_access_control_entity.command_type) as g: + g.keyvault_custom('list', 'list_role_definitions', table_transformer=transform_definition_list) + g.keyvault_custom('create', 'create_role_definition') + g.keyvault_custom('update', 'update_role_definition') + g.keyvault_custom('delete', 'delete_role_definition') + g.keyvault_custom('show', 'show_role_definition') + + with self.command_group('keyvault setting', data_setting_entity.command_type) as g: + g.keyvault_command('list', 'list_settings') + g.keyvault_command('show', 'get_setting') + g.keyvault_custom('update', 'update_hsm_setting') + + with self.command_group('keyvault region', mgmt_hsms_regions_entity.command_type, + client_factory=mgmt_hsms_regions_entity.client_factory, min_api='2023-02-01') as g: + g.command('list', 'list_by_resource', client_factory=mgmt_hsms_regions_entity.client_factory) + + with self.command_group('keyvault region', mgmt_hsms_entity.command_type, + client_factory=mgmt_hsms_entity.client_factory, min_api='2023-02-01') as g: + g.custom_command('add', 'add_hsm_region', supports_no_wait=True) + g.custom_command('remove', 'remove_hsm_region', supports_no_wait=True) + g.wait_command('wait') diff --git a/src/azure-cli/azure/cli/command_modules/keyvault/custom.py b/src/azure-cli/azure/cli/command_modules/keyvault/custom.py index 3577a8ff230..e1171a23dde 100644 --- a/src/azure-cli/azure/cli/command_modules/keyvault/custom.py +++ b/src/azure-cli/azure/cli/command_modules/keyvault/custom.py @@ -16,7 +16,7 @@ import uuid from ipaddress import ip_network -from azure.cli.command_modules.keyvault._client_factory import get_client_factory, Clients, is_azure_stack_profile +from azure.cli.command_modules.keyvault._client_factory import get_client_factory, Clients from azure.cli.command_modules.keyvault._validators import _construct_vnet, secret_text_encoding_values from azure.cli.command_modules.keyvault.security_domain.jwe import JWE from azure.cli.command_modules.keyvault.security_domain.security_domain import Datum, SecurityDomainRestoreData @@ -66,18 +66,6 @@ def _not_less_than(current_profile, resource_type, min_api_version, sub_resource return api_version >= min_api_version -def _azure_stack_wrapper(cmd, client, function_name, resource_type, min_api_version, sub_resource_name=None, **kwargs): - no_wait = False - if 'no_wait' in kwargs: - no_wait = kwargs.pop('no_wait') - - if _not_less_than(cmd.cli_ctx.cloud.profile, resource_type, min_api_version, sub_resource_name): - function_name = 'begin_' + function_name - return sdk_no_wait(no_wait, getattr(client, function_name), **kwargs) - - return getattr(client, function_name)(**kwargs) - - def _default_certificate_profile(cmd): def get_model(x): return cmd.loader.get_sdk(x, resource_type=ResourceType.DATA_KEYVAULT_CERTIFICATES, mod='_generated_models') @@ -207,7 +195,7 @@ def get_model(x): def delete_vault_or_hsm(cmd, client, resource_group_name=None, vault_name=None, hsm_name=None, no_wait=False): - if is_azure_stack_profile(cmd) or vault_name: + if vault_name: return client.delete(resource_group_name=resource_group_name, vault_name=vault_name) assert hsm_name @@ -222,7 +210,7 @@ def delete_vault_or_hsm(cmd, client, resource_group_name=None, vault_name=None, def get_deleted_vault_or_hsm(cmd, client, location=None, vault_name=None, hsm_name=None): - if is_azure_stack_profile(cmd) or vault_name: + if vault_name: return client.get_deleted(vault_name=vault_name, location=location) hsm_client = get_client_factory(ResourceType.MGMT_KEYVAULT, Clients.managed_hsms)(cmd.cli_ctx, None) @@ -231,7 +219,7 @@ def get_deleted_vault_or_hsm(cmd, client, location=None, vault_name=None, hsm_na def purge_vault_or_hsm(cmd, client, location=None, vault_name=None, hsm_name=None, # pylint: disable=unused-argument no_wait=False): - if is_azure_stack_profile(cmd) or vault_name: + if vault_name: return sdk_no_wait( no_wait, client.begin_purge_deleted, @@ -249,9 +237,6 @@ def purge_vault_or_hsm(cmd, client, location=None, vault_name=None, hsm_name=Non def list_deleted_vault_or_hsm(cmd, client, resource_type=None): - if is_azure_stack_profile(cmd): - return client.list_deleted() - if resource_type is None: hsm_client = get_client_factory(ResourceType.MGMT_KEYVAULT, Clients.managed_hsms)(cmd.cli_ctx, None) resources = [] @@ -270,9 +255,6 @@ def list_deleted_vault_or_hsm(cmd, client, resource_type=None): def list_vault_or_hsm(cmd, client, resource_group_name=None, resource_type=None): - if is_azure_stack_profile(cmd): - return list_vault(client, resource_group_name) - if resource_type is None: hsm_client = get_client_factory(ResourceType.MGMT_KEYVAULT, Clients.managed_hsms)(cmd.cli_ctx, None) resources = [] @@ -332,7 +314,7 @@ def get_default_policy(cmd, scaffold=False): # pylint: disable=unused-argument def recover_vault_or_hsm(cmd, client, resource_group_name=None, location=None, vault_name=None, hsm_name=None, no_wait=False): - if is_azure_stack_profile(cmd) or vault_name: + if vault_name: return recover_vault(cmd=cmd, client=client, resource_group_name=resource_group_name, @@ -394,13 +376,10 @@ def recover_vault(cmd, client, vault_name, resource_group_name, location, no_wai 'sku': Sku(name=SkuName.standard.value, family='A'), 'create_mode': CreateMode.recover.value}) - return _azure_stack_wrapper(cmd, client, 'create_or_update', - resource_type=ResourceType.MGMT_KEYVAULT, - min_api_version='2018-02-14', - resource_group_name=resource_group_name, - vault_name=vault_name, - parameters=params, - no_wait=no_wait) + return sdk_no_wait(no_wait, client.begin_create_or_update, + resource_group_name=resource_group_name, + vault_name=vault_name, + parameters=params) def _parse_network_acls(cmd, resource_group_name, network_acls_json, network_acls_ips, network_acls_vnets, @@ -454,7 +433,7 @@ def _parse_network_acls(cmd, resource_group_name, network_acls_json, network_acl def get_vault_or_hsm(cmd, client, resource_group_name, vault_name=None, hsm_name=None): - if is_azure_stack_profile(cmd) or vault_name: + if vault_name: return client.get(resource_group_name=resource_group_name, vault_name=vault_name) hsm_client = get_client_factory(ResourceType.MGMT_KEYVAULT, Clients.managed_hsms)(cmd.cli_ctx, None) @@ -483,7 +462,7 @@ def create_vault_or_hsm(cmd, client, public_network_access=None, user_identities=None, ): - if is_azure_stack_profile(cmd) or vault_name: + if vault_name: return create_vault(cmd=cmd, client=client, resource_group_name=resource_group_name, @@ -731,28 +710,22 @@ def create_vault(cmd, client, # pylint: disable=too-many-locals, too-many-state tags=tags, properties=properties) - return _azure_stack_wrapper(cmd, client, 'create_or_update', - resource_type=ResourceType.MGMT_KEYVAULT, - min_api_version='2018-02-14', - resource_group_name=resource_group_name, - vault_name=vault_name, - parameters=parameters, - no_wait=no_wait) + return sdk_no_wait(no_wait, client.begin_create_or_update, + resource_group_name=resource_group_name, + vault_name=vault_name, + parameters=parameters) def update_vault_setter(cmd, client, parameters, resource_group_name, vault_name, no_wait=False): VaultCreateOrUpdateParameters = cmd.get_models('VaultCreateOrUpdateParameters', resource_type=ResourceType.MGMT_KEYVAULT) - return _azure_stack_wrapper(cmd, client, 'create_or_update', - resource_type=ResourceType.MGMT_KEYVAULT, - min_api_version='2018-02-14', - resource_group_name=resource_group_name, - vault_name=vault_name, - parameters=VaultCreateOrUpdateParameters( - location=parameters.location, - tags=parameters.tags, - properties=parameters.properties), - no_wait=no_wait) + return sdk_no_wait(no_wait, client.begin_create_or_update, + resource_group_name=resource_group_name, + vault_name=vault_name, + parameters=VaultCreateOrUpdateParameters( + location=parameters.location, + tags=parameters.tags, + properties=parameters.properties)) def update_hsm_setter(cmd, client, parameters, resource_group_name, name, no_wait=False): @@ -913,16 +886,13 @@ def set_policy(cmd, client, resource_group_name, vault_name, storage = policy.permissions.storage if storage_permissions is None else storage_permissions policy.permissions = Permissions(keys=keys, secrets=secrets, certificates=certs, storage=storage) - return _azure_stack_wrapper(cmd, client, 'create_or_update', - resource_type=ResourceType.MGMT_KEYVAULT, - min_api_version='2018-02-14', - resource_group_name=resource_group_name, - vault_name=vault_name, - parameters=VaultCreateOrUpdateParameters( - location=vault.location, - tags=vault.tags, - properties=vault.properties), - no_wait=no_wait) + return sdk_no_wait(no_wait, client.begin_create_or_update, + resource_group_name=resource_group_name, + vault_name=vault_name, + parameters=VaultCreateOrUpdateParameters( + location=vault.location, + tags=vault.tags, + properties=vault.properties)) def add_network_rule(cmd, client, resource_group_name, vault_name, ip_address=None, subnet=None, @@ -975,16 +945,13 @@ def add_network_rule(cmd, client, resource_group_name, vault_name, ip_address=No if not to_update: return vault - return _azure_stack_wrapper(cmd, client, 'create_or_update', - resource_type=ResourceType.MGMT_KEYVAULT, - min_api_version='2018-02-14', - resource_group_name=resource_group_name, - vault_name=vault_name, - parameters=VaultCreateOrUpdateParameters( - location=vault.location, - tags=vault.tags, - properties=vault.properties), - no_wait=no_wait) + return sdk_no_wait(no_wait, client.begin_create_or_update, + resource_group_name=resource_group_name, + vault_name=vault_name, + parameters=VaultCreateOrUpdateParameters( + location=vault.location, + tags=vault.tags, + properties=vault.properties)) def remove_network_rule(cmd, client, resource_group_name, vault_name, ip_address=None, subnet=None, @@ -1021,16 +988,13 @@ def remove_network_rule(cmd, client, resource_group_name, vault_name, ip_address return vault # otherwise update - return _azure_stack_wrapper(cmd, client, 'create_or_update', - resource_type=ResourceType.MGMT_KEYVAULT, - min_api_version='2018-02-14', - resource_group_name=resource_group_name, - vault_name=vault_name, - parameters=VaultCreateOrUpdateParameters( - location=vault.location, - tags=vault.tags, - properties=vault.properties), - no_wait=no_wait) + return sdk_no_wait(no_wait, client.begin_create_or_update, + resource_group_name=resource_group_name, + vault_name=vault_name, + parameters=VaultCreateOrUpdateParameters( + location=vault.location, + tags=vault.tags, + properties=vault.properties)) def list_network_rules(cmd, client, resource_group_name, vault_name): # pylint: disable=unused-argument @@ -1064,16 +1028,13 @@ def delete_policy(cmd, client, resource_group_name, vault_name, if len(vault.properties.access_policies) == prev_policies_len: raise CLIError('No matching policies found') - return _azure_stack_wrapper(cmd, client, 'create_or_update', - resource_type=ResourceType.MGMT_KEYVAULT, - min_api_version='2018-02-14', - resource_group_name=resource_group_name, - vault_name=vault_name, - parameters=VaultCreateOrUpdateParameters( - location=vault.location, - tags=vault.tags, - properties=vault.properties), - no_wait=no_wait) + return sdk_no_wait(no_wait, client.begin_create_or_update, + resource_group_name=resource_group_name, + vault_name=vault_name, + parameters=VaultCreateOrUpdateParameters( + location=vault.location, + tags=vault.tags, + properties=vault.properties)) # endregion @@ -1705,7 +1666,7 @@ def _verify_vault_or_hsm_name(vault_name, hsm_name): def list_private_link_resource(cmd, client, resource_group_name, vault_name=None, hsm_name=None): _verify_vault_or_hsm_name(vault_name, hsm_name) - if is_azure_stack_profile(cmd) or vault_name: + if vault_name: return client.list_by_vault(resource_group_name=resource_group_name, vault_name=vault_name) hsm_plr_client = get_client_factory(ResourceType.MGMT_KEYVAULT, @@ -1758,7 +1719,7 @@ def _wait_private_link_operation(client, resource_group_name, name, private_endp def _get_vault_or_hsm_pec_client(cmd, client, vault_name, hsm_name): _verify_vault_or_hsm_name(vault_name, hsm_name) - if is_azure_stack_profile(cmd) or vault_name: + if vault_name: return client return get_client_factory(ResourceType.MGMT_KEYVAULT, Clients.mhsm_private_endpoint_connections)(cmd.cli_ctx, None)