Skip to content

Commit 0e14d2e

Browse files
markcowlCopilot
andcommitted
Remove v5/v6 common-types refs for CustomerManagedKeyEncryption
- Created new types in Azure.ResourceManager.Foundations namespace that duplicate CustomerManagedKeyEncryption and its dependencies - Removed @@armCommonDefinition augment decorators for v5 and v6 versions of CustomerManagedKeyEncryption (type was removed from common-types after v4) - Deprecated CustomerManagedKeyEncryption, directing users to use the Encryption type instead Fixes #4513 Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
1 parent 8cd8304 commit 0e14d2e

5 files changed

Lines changed: 45 additions & 12 deletions

File tree

packages/typespec-azure-resource-manager/lib/backcompat.tsp

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -6,6 +6,7 @@ namespace Azure.ResourceManager;
66
alias InfrastructureEncryption = CommonTypes.InfrastructureEncryption;
77
alias KeyEncryptionIdentity = CommonTypes.KeyEncryptionKeyIdentity;
88
alias KeyEncryptionKeyIdentity = CommonTypes.KeyEncryptionKeyIdentity;
9+
#suppress "deprecated" "Need for back compatibility in common-types"
910
alias CustomerManagedKeyEncryption = CommonTypes.CustomerManagedKeyEncryption;
1011
alias EncryptionConfiguration = CommonTypes.Encryption;
1112

packages/typespec-azure-resource-manager/lib/common-types/customer-managed-keys-ref.tsp

Lines changed: 0 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -29,15 +29,3 @@ namespace Azure.ResourceManager.CommonTypes;
2929
#{ version: Azure.ResourceManager.CommonTypes.Versions.v4, isDefault: true },
3030
"customermanagedkeys.json"
3131
);
32-
@@armCommonDefinition(
33-
CustomerManagedKeyEncryption,
34-
"customerManagedKeyEncryption",
35-
Azure.ResourceManager.CommonTypes.Versions.v5,
36-
"customermanagedkeys.json"
37-
);
38-
@@armCommonDefinition(
39-
CustomerManagedKeyEncryption,
40-
"customerManagedKeyEncryption",
41-
Azure.ResourceManager.CommonTypes.Versions.v6,
42-
"customermanagedkeys.json"
43-
);

packages/typespec-azure-resource-manager/lib/common-types/customer-managed-keys.tsp

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -48,6 +48,7 @@ model KeyEncryptionKeyIdentity {
4848
}
4949

5050
/** Customer-managed key encryption properties for the resource. */
51+
#deprecated "Use Azure.ResourceManager.CommonTypes.Encryption instead"
5152
@added(Versions.v4)
5253
model CustomerManagedKeyEncryption {
5354
/** All identity configuration for Customer-managed key settings defining which identity should be used to auth to Key Vault. */
@@ -65,6 +66,7 @@ model Encryption {
6566
infrastructureEncryption?: InfrastructureEncryption;
6667

6768
/** All Customer-managed key encryption properties for the resource. */
69+
#suppress "deprecated" "Encryption wraps CustomerManagedKeyEncryption by design"
6870
@added(Versions.v4)
6971
customerManagedKeyEncryption?: CustomerManagedKeyEncryption;
7072
}

packages/typespec-azure-resource-manager/lib/foundations/arm.foundations.tsp

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -3,6 +3,7 @@ import "@typespec/rest";
33

44
import "./backcompat.tsp";
55
import "./deprecation.tsp";
6+
import "./encryption.tsp";
67
import "../common-types/common-types.tsp";
78
import "../decorators.tsp";
89
import "../responses.tsp";
Lines changed: 41 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,41 @@
1+
using Azure.Core;
2+
3+
namespace Azure.ResourceManager.Foundations;
4+
5+
/** The type of identity to use. */
6+
union KeyEncryptionKeyIdentityType {
7+
/** System assigned identity */
8+
SystemAssignedIdentity: "systemAssignedIdentity",
9+
10+
/** User assigned identity */
11+
UserAssignedIdentity: "userAssignedIdentity",
12+
13+
/** Delegated identity */
14+
DelegatedResourceIdentity: "delegatedResourceIdentity",
15+
16+
string,
17+
}
18+
19+
/** All identity configuration for Customer-managed key settings defining which identity should be used to auth to Key Vault. */
20+
model KeyEncryptionKeyIdentity {
21+
/** The type of identity to use. Values can be systemAssignedIdentity, userAssignedIdentity, or delegatedResourceIdentity. */
22+
identityType?: KeyEncryptionKeyIdentityType;
23+
24+
/** User assigned identity to use for accessing key encryption key Url. Ex: /subscriptions/fa5fc227-a624-475e-b696-cdd604c735bc/resourceGroups/<resource group>/providers/Microsoft.ManagedIdentity/userAssignedIdentities/myId. Mutually exclusive with identityType systemAssignedIdentity. */
25+
userAssignedIdentityResourceId?: Azure.Core.armResourceIdentifier;
26+
27+
/** application client identity to use for accessing key encryption key Url in a different tenant. Ex: f83c6b1b-4d34-47e4-bb34-9d83df58b540 */
28+
federatedClientId?: uuid;
29+
30+
/** delegated identity to use for accessing key encryption key Url. Ex: /subscriptions/fa5fc227-a624-475e-b696-cdd604c735bc/resourceGroups/<resource group>/providers/Microsoft.ManagedIdentity/userAssignedIdentities/myId. Mutually exclusive with identityType systemAssignedIdentity and userAssignedIdentity - internal use only. */
31+
delegatedIdentityClientId?: uuid;
32+
}
33+
34+
/** Customer-managed key encryption properties for the resource. */
35+
model CustomerManagedKeyEncryption {
36+
/** All identity configuration for Customer-managed key settings defining which identity should be used to auth to Key Vault. */
37+
keyEncryptionKeyIdentity?: KeyEncryptionKeyIdentity;
38+
39+
/** key encryption key Url, versioned or non-versioned. Ex: https://contosovault.vault.azure.net/keys/contosokek/562a4bb76b524a1493a6afe8e536ee78 or https://contosovault.vault.azure.net/keys/contosokek. */
40+
keyEncryptionKeyUrl?: string;
41+
}

0 commit comments

Comments
 (0)