diff --git a/sdk/keyvault/azure-security-keyvault-certificates/perf-resources.json b/sdk/keyvault/azure-security-keyvault-certificates/perf-resources.json new file mode 100644 index 000000000..acb70c5e3 --- /dev/null +++ b/sdk/keyvault/azure-security-keyvault-certificates/perf-resources.json @@ -0,0 +1,283 @@ +{ + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "baseName": { + "defaultValue": "[resourceGroup().name]", + "type": "String", + "metadata": { + "description": "The base resource name." + } + }, + "keyName": { + "defaultValue": "testKey", + "type": "String", + "metadata": { + "description": "The initial key in the keys." + } + }, + "secretName": { + "defaultValue": "testSecret", + "type": "String", + "metadata": { + "description": "The initial secret in the secrets." + } + }, + "tenantId": { + "defaultValue": "72f988bf-86f1-41af-91ab-2d7cd011db47", + "type": "String", + "metadata": { + "description": "The tenant ID to which the application and resources belong." + } + }, + "testApplicationId": { + "type": "String", + "metadata": { + "description": "The application client ID used to run tests." + } + }, + "testApplicationSecret": { + "type": "String", + "metadata": { + "description": "The application client secret used to run tests." + } + }, + "testApplicationOid": { + "defaultValue": "b3653439-8136-4cd5-aac3-2a9460871ca6", + "type": "String", + "metadata": { + "description": "The client OID to grant access to test resources." + } + }, + "location": { + "defaultValue": "[resourceGroup().location]", + "type": "String", + "metadata": { + "description": "The location of the resource. By default, this is the same as the resource group." + } + }, + "enableSoftDelete": { + "defaultValue": true, + "type": "Bool", + "metadata": { + "description": "Whether to enable soft delete for the Key Vault. The default is true." + } + }, + "keyVaultDomainSuffix": { + "defaultValue": ".vault.azure.net", + "type": "String", + "metadata": { + "description": "Domain suffix for sovereign clouds, requires the preceeding '.'. The default uses the public Azure Cloud (.vault.azure.net)" + } + }, + "keyVaultSku": { + "defaultValue": "premium", + "type": "String", + "metadata": { + "description": "Key Vault SKU to deploy. The default is 'premium'" + } + }, + "keyType": { + "defaultValue": "RSA", + "type": "String", + "metadata": { + "description": "The JsonWebKeyType of the key to be created." + } + }, + "keyOps": { + "defaultValue": [], + "type": "Array", + "metadata": { + "description": "The permitted JSON web key operations of the key to be created." + } + }, + "keySize": { + "defaultValue": 2048, + "type": "Int", + "metadata": { + "description": "The size in bits of the key to be created." + } + }, + "curveName": { + "defaultValue": "", + "type": "String", + "metadata": { + "description": "The JsonWebKeyCurveName of the key to be created." + } + }, + "provisionerApplicationOid": { + "type": "String", + "metadata": { + "description": "The provisioner OID to grant access to test resources." + } + }, + "enableHSM": { + "defaultValue": false, + "type": "Bool", + "metadata": { + "description": "Whether to enable deployment of Managed HSM. The default is false." + } + } + }, + "variables": { + "azureKeyVaultUrl": "[format('https://{0}{1}/', parameters('baseName'), parameters('keyVaultDomainSuffix'))]", + "hsmApiVersion": "2021-11-01-preview", + "hsmName": "[concat(parameters('baseName'), 'hsm')]", + "networkAcls": { + "bypass": "AzureServices", + "defaultAction": "Allow", + "virtualNetworkRules": [], + "ipRules": [] + } + }, + "resources": [ + { + "type": "Microsoft.KeyVault/vaults", + "apiVersion": "2021-11-01-preview", + "name": "[parameters('baseName')]", + "location": "[parameters('location')]", + "properties": { + "sku": { + "family": "A", + "name": "[parameters('keyVaultSku')]" + }, + "tenantId": "[parameters('tenantId')]", + "accessPolicies": [ + { + "tenantId": "[parameters('tenantId')]", + "objectId": "[parameters('testApplicationOid')]", + "permissions": { + "keys": [ + "wrapKey", + "decrypt", + "list", + "purge", + "recover", + "restore", + "getrotationpolicy", + "sign", + "release", + "encrypt", + "rotate", + "import", + "create", + "verify", + "setrotationpolicy", + "backup", + "update", + "get", + "unwrapKey", + "delete" + ], + "secrets": [ + "Get", + "List", + "Set", + "Delete", + "Recover", + "Backup", + "Restore", + "Purge" + ], + "certificates": [ + "Get", + "List", + "Update", + "Create", + "Import", + "Delete", + "Recover", + "Backup", + "Restore", + "ManageContacts", + "ManageIssuers", + "GetIssuers", + "ListIssuers", + "SetIssuers", + "DeleteIssuers", + "Purge" + ] + } + } + ], + "enabledForDeployment": false, + "enabledForDiskEncryption": false, + "enabledForTemplateDeployment": false, + "enableSoftDelete": "[parameters('enableSoftDelete')]" + } + }, + { + "type": "Microsoft.KeyVault/vaults/keys", + "apiVersion": "2019-09-01", + "name": "[concat(parameters('baseName'), '/', parameters('keyName'))]", + "location": "[parameters('location')]", + "dependsOn": [ + "[resourceId('Microsoft.KeyVault/vaults', parameters('baseName'))]" + ], + "properties": { + "kty": "[parameters('keyType')]", + "keyOps": "[parameters('keyOps')]", + "keySize": "[parameters('keySize')]", + "curveName": "[parameters('curveName')]" + } + }, + { + "type": "Microsoft.KeyVault/managedHSMs", + "apiVersion": "[variables('hsmApiVersion')]", + "name": "[variables('hsmName')]", + "location": "[parameters('location')]", + "sku": { + "family": "B", + "name": "Standard_B1" + }, + "properties": { + "tenantId": "[parameters('tenantId')]", + "initialAdminObjectIds": "[union(array(parameters('testApplicationOid')), array(parameters('provisionerApplicationOid')))]", + "enablePurgeProtection": false, + "enableSoftDelete": true, + "softDeleteRetentionInDays": 7, + "publicNetworkAccess": "Enabled", + "networkAcls": "[variables('networkAcls')]" + }, + "condition": "[parameters('enableHSM')]" + } + ], + "outputs": { + "AZURE_KEYVAULT_URL": { + "type": "String", + "value": "[variables('azureKeyVaultUrl')]" + }, + "AZURE_ENABLE_HSM": { + "type": "Bool", + "value": "[parameters('enableHSM')]" + }, + "AZURE_ENABLE_HSM_STR": { + "type": "String", + "value": "[if(bool(parameters('enableHSM')),'true','false')]" + }, + "AZURE_KEYVAULT_HSM_URL": { + "type": "String", + "value": "[if(bool(parameters('enableHSM')),reference(variables('hsmName')).hsmUri,variables('azureKeyVaultUrl'))]" + }, + "AZURE_TENANT_ID": { + "type": "String", + "value": "[parameters('tenantId')]" + }, + "AZURE_CLIENT_ID": { + "type": "String", + "value": "[parameters('testApplicationId')]" + }, + "AZURE_CLIENT_SECRET": { + "type": "String", + "value": "[parameters('testApplicationSecret')]" + }, + "KEYVAULT_SKU": { + "type": "String", + "value": "[reference(parameters('baseName')).sku.name]" + }, + "CLIENT_OBJECTID": { + "type": "String", + "value": "[parameters('testApplicationOid')]" + } + } +} diff --git a/sdk/keyvault/azure-security-keyvault-keys/perf-resources.json b/sdk/keyvault/azure-security-keyvault-keys/perf-resources.json new file mode 100644 index 000000000..acb70c5e3 --- /dev/null +++ b/sdk/keyvault/azure-security-keyvault-keys/perf-resources.json @@ -0,0 +1,283 @@ +{ + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "baseName": { + "defaultValue": "[resourceGroup().name]", + "type": "String", + "metadata": { + "description": "The base resource name." + } + }, + "keyName": { + "defaultValue": "testKey", + "type": "String", + "metadata": { + "description": "The initial key in the keys." + } + }, + "secretName": { + "defaultValue": "testSecret", + "type": "String", + "metadata": { + "description": "The initial secret in the secrets." + } + }, + "tenantId": { + "defaultValue": "72f988bf-86f1-41af-91ab-2d7cd011db47", + "type": "String", + "metadata": { + "description": "The tenant ID to which the application and resources belong." + } + }, + "testApplicationId": { + "type": "String", + "metadata": { + "description": "The application client ID used to run tests." + } + }, + "testApplicationSecret": { + "type": "String", + "metadata": { + "description": "The application client secret used to run tests." + } + }, + "testApplicationOid": { + "defaultValue": "b3653439-8136-4cd5-aac3-2a9460871ca6", + "type": "String", + "metadata": { + "description": "The client OID to grant access to test resources." + } + }, + "location": { + "defaultValue": "[resourceGroup().location]", + "type": "String", + "metadata": { + "description": "The location of the resource. By default, this is the same as the resource group." + } + }, + "enableSoftDelete": { + "defaultValue": true, + "type": "Bool", + "metadata": { + "description": "Whether to enable soft delete for the Key Vault. The default is true." + } + }, + "keyVaultDomainSuffix": { + "defaultValue": ".vault.azure.net", + "type": "String", + "metadata": { + "description": "Domain suffix for sovereign clouds, requires the preceeding '.'. The default uses the public Azure Cloud (.vault.azure.net)" + } + }, + "keyVaultSku": { + "defaultValue": "premium", + "type": "String", + "metadata": { + "description": "Key Vault SKU to deploy. The default is 'premium'" + } + }, + "keyType": { + "defaultValue": "RSA", + "type": "String", + "metadata": { + "description": "The JsonWebKeyType of the key to be created." + } + }, + "keyOps": { + "defaultValue": [], + "type": "Array", + "metadata": { + "description": "The permitted JSON web key operations of the key to be created." + } + }, + "keySize": { + "defaultValue": 2048, + "type": "Int", + "metadata": { + "description": "The size in bits of the key to be created." + } + }, + "curveName": { + "defaultValue": "", + "type": "String", + "metadata": { + "description": "The JsonWebKeyCurveName of the key to be created." + } + }, + "provisionerApplicationOid": { + "type": "String", + "metadata": { + "description": "The provisioner OID to grant access to test resources." + } + }, + "enableHSM": { + "defaultValue": false, + "type": "Bool", + "metadata": { + "description": "Whether to enable deployment of Managed HSM. The default is false." + } + } + }, + "variables": { + "azureKeyVaultUrl": "[format('https://{0}{1}/', parameters('baseName'), parameters('keyVaultDomainSuffix'))]", + "hsmApiVersion": "2021-11-01-preview", + "hsmName": "[concat(parameters('baseName'), 'hsm')]", + "networkAcls": { + "bypass": "AzureServices", + "defaultAction": "Allow", + "virtualNetworkRules": [], + "ipRules": [] + } + }, + "resources": [ + { + "type": "Microsoft.KeyVault/vaults", + "apiVersion": "2021-11-01-preview", + "name": "[parameters('baseName')]", + "location": "[parameters('location')]", + "properties": { + "sku": { + "family": "A", + "name": "[parameters('keyVaultSku')]" + }, + "tenantId": "[parameters('tenantId')]", + "accessPolicies": [ + { + "tenantId": "[parameters('tenantId')]", + "objectId": "[parameters('testApplicationOid')]", + "permissions": { + "keys": [ + "wrapKey", + "decrypt", + "list", + "purge", + "recover", + "restore", + "getrotationpolicy", + "sign", + "release", + "encrypt", + "rotate", + "import", + "create", + "verify", + "setrotationpolicy", + "backup", + "update", + "get", + "unwrapKey", + "delete" + ], + "secrets": [ + "Get", + "List", + "Set", + "Delete", + "Recover", + "Backup", + "Restore", + "Purge" + ], + "certificates": [ + "Get", + "List", + "Update", + "Create", + "Import", + "Delete", + "Recover", + "Backup", + "Restore", + "ManageContacts", + "ManageIssuers", + "GetIssuers", + "ListIssuers", + "SetIssuers", + "DeleteIssuers", + "Purge" + ] + } + } + ], + "enabledForDeployment": false, + "enabledForDiskEncryption": false, + "enabledForTemplateDeployment": false, + "enableSoftDelete": "[parameters('enableSoftDelete')]" + } + }, + { + "type": "Microsoft.KeyVault/vaults/keys", + "apiVersion": "2019-09-01", + "name": "[concat(parameters('baseName'), '/', parameters('keyName'))]", + "location": "[parameters('location')]", + "dependsOn": [ + "[resourceId('Microsoft.KeyVault/vaults', parameters('baseName'))]" + ], + "properties": { + "kty": "[parameters('keyType')]", + "keyOps": "[parameters('keyOps')]", + "keySize": "[parameters('keySize')]", + "curveName": "[parameters('curveName')]" + } + }, + { + "type": "Microsoft.KeyVault/managedHSMs", + "apiVersion": "[variables('hsmApiVersion')]", + "name": "[variables('hsmName')]", + "location": "[parameters('location')]", + "sku": { + "family": "B", + "name": "Standard_B1" + }, + "properties": { + "tenantId": "[parameters('tenantId')]", + "initialAdminObjectIds": "[union(array(parameters('testApplicationOid')), array(parameters('provisionerApplicationOid')))]", + "enablePurgeProtection": false, + "enableSoftDelete": true, + "softDeleteRetentionInDays": 7, + "publicNetworkAccess": "Enabled", + "networkAcls": "[variables('networkAcls')]" + }, + "condition": "[parameters('enableHSM')]" + } + ], + "outputs": { + "AZURE_KEYVAULT_URL": { + "type": "String", + "value": "[variables('azureKeyVaultUrl')]" + }, + "AZURE_ENABLE_HSM": { + "type": "Bool", + "value": "[parameters('enableHSM')]" + }, + "AZURE_ENABLE_HSM_STR": { + "type": "String", + "value": "[if(bool(parameters('enableHSM')),'true','false')]" + }, + "AZURE_KEYVAULT_HSM_URL": { + "type": "String", + "value": "[if(bool(parameters('enableHSM')),reference(variables('hsmName')).hsmUri,variables('azureKeyVaultUrl'))]" + }, + "AZURE_TENANT_ID": { + "type": "String", + "value": "[parameters('tenantId')]" + }, + "AZURE_CLIENT_ID": { + "type": "String", + "value": "[parameters('testApplicationId')]" + }, + "AZURE_CLIENT_SECRET": { + "type": "String", + "value": "[parameters('testApplicationSecret')]" + }, + "KEYVAULT_SKU": { + "type": "String", + "value": "[reference(parameters('baseName')).sku.name]" + }, + "CLIENT_OBJECTID": { + "type": "String", + "value": "[parameters('testApplicationOid')]" + } + } +} diff --git a/sdk/keyvault/azure-security-keyvault-secrets/perf-resources.json b/sdk/keyvault/azure-security-keyvault-secrets/perf-resources.json new file mode 100644 index 000000000..acb70c5e3 --- /dev/null +++ b/sdk/keyvault/azure-security-keyvault-secrets/perf-resources.json @@ -0,0 +1,283 @@ +{ + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "baseName": { + "defaultValue": "[resourceGroup().name]", + "type": "String", + "metadata": { + "description": "The base resource name." + } + }, + "keyName": { + "defaultValue": "testKey", + "type": "String", + "metadata": { + "description": "The initial key in the keys." + } + }, + "secretName": { + "defaultValue": "testSecret", + "type": "String", + "metadata": { + "description": "The initial secret in the secrets." + } + }, + "tenantId": { + "defaultValue": "72f988bf-86f1-41af-91ab-2d7cd011db47", + "type": "String", + "metadata": { + "description": "The tenant ID to which the application and resources belong." + } + }, + "testApplicationId": { + "type": "String", + "metadata": { + "description": "The application client ID used to run tests." + } + }, + "testApplicationSecret": { + "type": "String", + "metadata": { + "description": "The application client secret used to run tests." + } + }, + "testApplicationOid": { + "defaultValue": "b3653439-8136-4cd5-aac3-2a9460871ca6", + "type": "String", + "metadata": { + "description": "The client OID to grant access to test resources." + } + }, + "location": { + "defaultValue": "[resourceGroup().location]", + "type": "String", + "metadata": { + "description": "The location of the resource. By default, this is the same as the resource group." + } + }, + "enableSoftDelete": { + "defaultValue": true, + "type": "Bool", + "metadata": { + "description": "Whether to enable soft delete for the Key Vault. The default is true." + } + }, + "keyVaultDomainSuffix": { + "defaultValue": ".vault.azure.net", + "type": "String", + "metadata": { + "description": "Domain suffix for sovereign clouds, requires the preceeding '.'. The default uses the public Azure Cloud (.vault.azure.net)" + } + }, + "keyVaultSku": { + "defaultValue": "premium", + "type": "String", + "metadata": { + "description": "Key Vault SKU to deploy. The default is 'premium'" + } + }, + "keyType": { + "defaultValue": "RSA", + "type": "String", + "metadata": { + "description": "The JsonWebKeyType of the key to be created." + } + }, + "keyOps": { + "defaultValue": [], + "type": "Array", + "metadata": { + "description": "The permitted JSON web key operations of the key to be created." + } + }, + "keySize": { + "defaultValue": 2048, + "type": "Int", + "metadata": { + "description": "The size in bits of the key to be created." + } + }, + "curveName": { + "defaultValue": "", + "type": "String", + "metadata": { + "description": "The JsonWebKeyCurveName of the key to be created." + } + }, + "provisionerApplicationOid": { + "type": "String", + "metadata": { + "description": "The provisioner OID to grant access to test resources." + } + }, + "enableHSM": { + "defaultValue": false, + "type": "Bool", + "metadata": { + "description": "Whether to enable deployment of Managed HSM. The default is false." + } + } + }, + "variables": { + "azureKeyVaultUrl": "[format('https://{0}{1}/', parameters('baseName'), parameters('keyVaultDomainSuffix'))]", + "hsmApiVersion": "2021-11-01-preview", + "hsmName": "[concat(parameters('baseName'), 'hsm')]", + "networkAcls": { + "bypass": "AzureServices", + "defaultAction": "Allow", + "virtualNetworkRules": [], + "ipRules": [] + } + }, + "resources": [ + { + "type": "Microsoft.KeyVault/vaults", + "apiVersion": "2021-11-01-preview", + "name": "[parameters('baseName')]", + "location": "[parameters('location')]", + "properties": { + "sku": { + "family": "A", + "name": "[parameters('keyVaultSku')]" + }, + "tenantId": "[parameters('tenantId')]", + "accessPolicies": [ + { + "tenantId": "[parameters('tenantId')]", + "objectId": "[parameters('testApplicationOid')]", + "permissions": { + "keys": [ + "wrapKey", + "decrypt", + "list", + "purge", + "recover", + "restore", + "getrotationpolicy", + "sign", + "release", + "encrypt", + "rotate", + "import", + "create", + "verify", + "setrotationpolicy", + "backup", + "update", + "get", + "unwrapKey", + "delete" + ], + "secrets": [ + "Get", + "List", + "Set", + "Delete", + "Recover", + "Backup", + "Restore", + "Purge" + ], + "certificates": [ + "Get", + "List", + "Update", + "Create", + "Import", + "Delete", + "Recover", + "Backup", + "Restore", + "ManageContacts", + "ManageIssuers", + "GetIssuers", + "ListIssuers", + "SetIssuers", + "DeleteIssuers", + "Purge" + ] + } + } + ], + "enabledForDeployment": false, + "enabledForDiskEncryption": false, + "enabledForTemplateDeployment": false, + "enableSoftDelete": "[parameters('enableSoftDelete')]" + } + }, + { + "type": "Microsoft.KeyVault/vaults/keys", + "apiVersion": "2019-09-01", + "name": "[concat(parameters('baseName'), '/', parameters('keyName'))]", + "location": "[parameters('location')]", + "dependsOn": [ + "[resourceId('Microsoft.KeyVault/vaults', parameters('baseName'))]" + ], + "properties": { + "kty": "[parameters('keyType')]", + "keyOps": "[parameters('keyOps')]", + "keySize": "[parameters('keySize')]", + "curveName": "[parameters('curveName')]" + } + }, + { + "type": "Microsoft.KeyVault/managedHSMs", + "apiVersion": "[variables('hsmApiVersion')]", + "name": "[variables('hsmName')]", + "location": "[parameters('location')]", + "sku": { + "family": "B", + "name": "Standard_B1" + }, + "properties": { + "tenantId": "[parameters('tenantId')]", + "initialAdminObjectIds": "[union(array(parameters('testApplicationOid')), array(parameters('provisionerApplicationOid')))]", + "enablePurgeProtection": false, + "enableSoftDelete": true, + "softDeleteRetentionInDays": 7, + "publicNetworkAccess": "Enabled", + "networkAcls": "[variables('networkAcls')]" + }, + "condition": "[parameters('enableHSM')]" + } + ], + "outputs": { + "AZURE_KEYVAULT_URL": { + "type": "String", + "value": "[variables('azureKeyVaultUrl')]" + }, + "AZURE_ENABLE_HSM": { + "type": "Bool", + "value": "[parameters('enableHSM')]" + }, + "AZURE_ENABLE_HSM_STR": { + "type": "String", + "value": "[if(bool(parameters('enableHSM')),'true','false')]" + }, + "AZURE_KEYVAULT_HSM_URL": { + "type": "String", + "value": "[if(bool(parameters('enableHSM')),reference(variables('hsmName')).hsmUri,variables('azureKeyVaultUrl'))]" + }, + "AZURE_TENANT_ID": { + "type": "String", + "value": "[parameters('tenantId')]" + }, + "AZURE_CLIENT_ID": { + "type": "String", + "value": "[parameters('testApplicationId')]" + }, + "AZURE_CLIENT_SECRET": { + "type": "String", + "value": "[parameters('testApplicationSecret')]" + }, + "KEYVAULT_SKU": { + "type": "String", + "value": "[reference(parameters('baseName')).sku.name]" + }, + "CLIENT_OBJECTID": { + "type": "String", + "value": "[parameters('testApplicationOid')]" + } + } +}