github/azure-sdk-for-cpp
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

Setting up keyvault live test (#1465)

Browse Source 
* Setting up keyvault live test
This commit is contained in:
Victor Vazquez 2021-01-26 15:44:59 -08:00 committed by GitHub
parent 583120d3ef
commit 5f20767a4b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 271 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
sdk/keyvault/ci.yml
View File

@ -34,6 +34,8 @@ stages:
parameters:
ServiceDirectory: keyvault
CtestRegex: azure-security-keyvault
LiveTestCtestRegex: live-azure-security-keyvault
SubscriptionConfiguration: $(sub-config-azure-cloud-test-resources-preview)
Artifacts:
- Name: azure-security-keyvault-common
Path: azure-security-keyvault-common

269
sdk/keyvault/test-resources.json Normal file
View File

@ -0,0 +1,269 @@
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"baseName": {
"type": "string",
"defaultValue": "[resourceGroup().name]",
"metadata": {
"description": "The base resource name."
}
},
"tenantId": {
"type": "string",
"defaultValue": "72f988bf-86f1-41af-91ab-2d7cd011db47",
"metadata": {
"description": "The tenant ID to which the application and resources belong."
}
},
"testApplicationOid": {
"type": "string",
"defaultValue": "b3653439-8136-4cd5-aac3-2a9460871ca6",
"metadata": {
"description": "The client OID to grant access to test resources."
}
},
"location": {
"type": "string",
"defaultValue": "[resourceGroup().location]",
"metadata": {
"description": "The location of the resource. By default, this is the same as the resource group."
}
},
"hsmLocation": {
"type": "string",
"defaultValue": "southcentralus",
"allowedValues": [
"eastus2",
"southcentralus",
"northeurope",
"westeurope"
],
"metadata": {
"description": "The location of the Managed HSM. By default, this is 'southcentralus'."
}
},
"enableHsm": {
"type": "bool",
"defaultValue": false,
"metadata": {
"description": "Whether to enable deployment of Managed HSM. The default is false."
}
},
"enableSoftDelete": {
"type": "bool",
"defaultValue": true,
"metadata": {
"description": "Whether to enable soft delete for the Key Vault. The default is true."
}
},
"keyVaultDomainSuffix": {
"type": "string",
"defaultValue": ".vault.azure.net",
"metadata": {
"description": "Domain suffix for sovereign clouds, requies the preceeding '.'. The default uses the public Azure Cloud (.vault.azure.net)"
}
},
"keyVaultSku": {
"type": "string",
"defaultValue": "premium",
"metadata": {
"description": "Key Vault SKU to deploy. The default is 'premium'"
}
}
},
"variables": {
"azureKeyVaultUrl": "[format('https://{0}{1}', parameters('baseName'), parameters('keyVaultDomainSuffix'))]",
"hsmApiVersion": "2020-04-01-preview",
"hsmName": "[concat(parameters('baseName'), 'hsm')]",
"mgmtApiVersion": "2019-04-01",
"blobContainerName": "backup",
"primaryAccountName": "[concat(parameters('baseName'), 'prim')]",
"encryption": {
"services": {
"blob": {
"enabled": true
}
},
"keySource": "Microsoft.Storage"
},
"networkAcls": {
"bypass": "AzureServices",
"virtualNetworkRules": [],
"ipRules": [],
"defaultAction": "Allow"
}
},
"resources": [
{
"type": "Microsoft.KeyVault/vaults",
"apiVersion": "2016-10-01",
"name": "[parameters('baseName')]",
"location": "[parameters('location')]",
"properties": {
"sku": {
"family": "A",
"name": "[parameters('keyVaultSku')]"
},
"tenantId": "[parameters('tenantId')]",
"accessPolicies": [
{
"tenantId": "[parameters('tenantId')]",
"objectId": "[parameters('testApplicationOid')]",
"permissions": {
"keys": [
"get",
"list",
"update",
"create",
"import",
"delete",
"recover",
"backup",
"restore",
"decrypt",
"encrypt",
"unwrapKey",
"wrapKey",
"verify",
"sign",
"purge"
],
"secrets": [
"get",
"list",
"set",
"delete",
"recover",
"backup",
"restore",
"purge"
],
"certificates": [
"get",
"list",
"update",
"create",
"import",
"delete",
"recover",
"backup",
"restore",
"managecontacts",
"manageissuers",
"getissuers",
"listissuers",
"setissuers",
"deleteissuers",
"purge"
]
}
}
],
"enabledForDeployment": false,
"enabledForDiskEncryption": false,
"enabledForTemplateDeployment": false,
"enableSoftDelete": "[parameters('enableSoftDelete')]"
}
},
{
"type": "Microsoft.KeyVault/managedHSMs",
"apiVersion": "[variables('hsmApiVersion')]",
"name": "[variables('hsmName')]",
"condition": "[parameters('enableHsm')]",
"location": "[parameters('hsmLocation')]",
"sku": {
"family": "B",
"name": "Standard_B1"
},
"properties": {
"tenantId": "[parameters('tenantId')]",
"initialAdminObjectIds": [
"[parameters('testApplicationOid')]"
],
"enablePurgeProtection": false,
"enableSoftDelete": "[parameters('enableSoftDelete')]"
}
},
{
"type": "Microsoft.Storage/storageAccounts",
"apiVersion": "[variables('mgmtApiVersion')]",
"name": "[variables('primaryAccountName')]",
"location": "[parameters('location')]",
"sku": {
"name": "Standard_RAGRS",
"tier": "Standard"
},
"kind": "StorageV2",
"properties": {
"networkAcls": "[variables('networkAcls')]",
"supportsHttpsTrafficOnly": true,
"encryption": "[variables('encryption')]",
"accessTier": "Hot"
}
},
{
"type": "Microsoft.Storage/storageAccounts/blobServices",
"apiVersion": "2019-06-01",
"name": "[concat(variables('primaryAccountName'), '/default')]",
"dependsOn": [
"[resourceId('Microsoft.Storage/storageAccounts', variables('primaryAccountName'))]"
],
"sku": {
"name": "Standard_RAGRS",
"tier": "Standard"
},
"properties": {
"cors": {
"corsRules": []
},
"deleteRetentionPolicy": {
"enabled": false
}
}
},
{
"type": "Microsoft.Storage/storageAccounts/blobServices/containers",
"apiVersion": "2019-06-01",
"name": "[concat(variables('primaryAccountName'), '/default/', variables('blobContainerName'))]",
"dependsOn": [
"[resourceId('Microsoft.Storage/storageAccounts/blobServices', variables('primaryAccountName'), 'default')]",
"[resourceId('Microsoft.Storage/storageAccounts', variables('primaryAccountName'))]"
],
"properties": {
"publicAccess": "None"
}
}
],
"outputs": {
"AZURE_KEYVAULT_URL": {
"type": "string",
"value": "[variables('azureKeyVaultUrl')]"
},
"AZURE_MANAGEDHSM_URL": {
"type": "string",
"condition": "[parameters('enableHsm')]",
"value": "[reference(variables('hsmName')).hsmUri]"
},
"KEYVAULT_SKU": {
"type": "string",
"value": "[reference(parameters('baseName')).sku.name]"
},
"CLIENT_OBJECTID": {
"type": "string",
"value": "[parameters('testApplicationOid')]"
},
"BLOB_STORAGE_ACCOUNT_NAME": {
"type": "string",
"value": "[variables('primaryAccountName')]"
},
"BLOB_PRIMARY_STORAGE_ACCOUNT_KEY": {
"type": "string",
"value": "[listKeys(variables('primaryAccountName'), variables('mgmtApiVersion')).keys[0].value]"
},
"BLOB_CONTAINER_NAME": {
"type": "string",
"value": "[variables('blobContainerName')]"
}
}
}