Skip to content

Commit

Permalink
Expose soft_delete_retention_in_days in Azure Key Vault module (#906)
Browse files Browse the repository at this point in the history
  • Loading branch information
@andreadecorte
andreadecorte authored Jul 20, 2022
1 parent 3c2f1b3 commit 073f53a
Show file tree
Hide file tree
Showing 4 changed files with 30 additions and 3 deletions.
16 changes: 15 additions & 1 deletion plugins/modules/azure_rm_keyvault.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -138,6 +138,10 @@
- Property specifying whether protection against purge is enabled for this vault.
type: bool
default: False
soft_delete_retention_in_days:
description:
- Property specifying the number of days to retain deleted vaults.
type: int
recover_mode:
description:
- Create vault in recovery mode.
Expand Down Expand Up @@ -252,6 +256,9 @@ def __init__(self):
type='bool',
default=True
),
soft_delete_retention_in_days=dict(
type='int'
),
enable_purge_protection=dict(
type='bool',
default=False
Expand Down Expand Up @@ -326,6 +333,8 @@ def exec_module(self, **kwargs):
self.parameters.setdefault("properties", {})["enable_soft_delete"] = kwargs[key]
elif key == "enable_purge_protection":
self.parameters.setdefault("properties", {})["enable_purge_protection"] = kwargs[key]
elif key == "soft_delete_retention_in_days":
self.parameters.setdefault("properties", {})["soft_delete_retention_in_days"] = kwargs[key]
elif key == "recover_mode":
self.parameters.setdefault("properties", {})["create_mode"] = 'recover' if kwargs[key] else 'default'

Expand All @@ -334,7 +343,7 @@ def exec_module(self, **kwargs):

self.mgmt_client = self.get_mgmt_svc_client(KeyVaultManagementClient,
base_url=self._cloud_environment.endpoints.resource_manager,
api_version="2018-02-14")
api_version="2019-09-01")

resource_group = self.get_resource_group(self.resource_group)

Expand Down Expand Up @@ -380,6 +389,11 @@ def exec_module(self, **kwargs):
elif (('enable_soft_delete' in self.parameters['properties']) and
(self.parameters['properties']['enable_soft_delete'] != getattr(old_response['properties'], 'enable_soft_delete', None))):
self.to_do = Actions.Update
elif (('soft_delete_retention_in_days' in self.parameters['properties']) and
(self.parameters['properties']['soft_delete_retention_in_days'] != getattr(old_response['properties'],
'soft_delete_retention_in_days',
None))):
self.to_do = Actions.Update
elif (('enable_purge_protection' in self.parameters['properties']) and
(self.parameters['properties']['enable_purge_protection'] != getattr(old_response['properties'],
'enable_purge_protection',
Expand Down
10 changes: 9 additions & 1 deletion plugins/modules/azure_rm_keyvault_info.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -113,6 +113,12 @@
type: bool
returned: always
sample: False
soft_delete_retention_in_days:
description:
- Property specifying the number of days to retain deleted vaults.
type: int
returned: always
sample: 90
tags:
description:
- List of tags.
Expand Down Expand Up @@ -204,6 +210,8 @@ def keyvault_to_dict(vault):
enabled_for_disk_encryption=vault.properties.enabled_for_disk_encryption,
enabled_for_template_deployment=vault.properties.enabled_for_template_deployment,
enable_soft_delete=vault.properties.enable_soft_delete,
soft_delete_retention_in_days=vault.properties.soft_delete_retention_in_days
if vault.properties.soft_delete_retention_in_days else 90,
enable_purge_protection=vault.properties.enable_purge_protection
if vault.properties.enable_purge_protection else False,
access_policies=[dict(
Expand Down Expand Up @@ -253,7 +261,7 @@ def exec_module(self, **kwargs):

self._client = self.get_mgmt_svc_client(KeyVaultManagementClient,
base_url=self._cloud_environment.endpoints.resource_manager,
api_version="2018-02-14")
api_version="2019-09-01")

if self.name:
if self.resource_group:
Expand Down
2 changes: 1 addition & 1 deletion requirements-azure.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ azure-mgmt-containerservice==20.0.0
azure-mgmt-datalake-store==1.0.0
azure-mgmt-datafactory==2.0.0
azure-mgmt-dns==8.0.0
azure-mgmt-keyvault==1.1.0
azure-mgmt-keyvault==2.2.0
azure-mgmt-marketplaceordering==0.1.0
azure-mgmt-monitor==3.0.0
azure-mgmt-managedservices==1.0.0
Expand Down
5 changes: 5 additions & 0 deletions tests/integration/targets/azure_rm_keyvault/tasks/main.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@
vault_name: "vault{{ rpfx }}"
enabled_for_deployment: yes
vault_tenant: "{{ tenant_id }}"
soft_delete_retention_in_days: 7
sku:
name: standard
family: A
Expand Down Expand Up @@ -55,6 +56,7 @@
vault_name: "vault{{ rpfx }}"
enabled_for_deployment: yes
vault_tenant: "{{ tenant_id }}"
soft_delete_retention_in_days: 7
sku:
name: standard
family: A
Expand Down Expand Up @@ -82,6 +84,7 @@
vault_name: "vault{{ rpfx }}"
enabled_for_deployment: yes
vault_tenant: "{{ tenant_id }}"
soft_delete_retention_in_days: 7
sku:
name: standard
family: A
Expand All @@ -108,6 +111,7 @@
vault_name: "vault{{ rpfx }}"
enabled_for_deployment: yes
vault_tenant: "{{ tenant_id }}"
soft_delete_retention_in_days: 7
sku:
name: standard
family: A
Expand Down Expand Up @@ -156,6 +160,7 @@
- facts['keyvaults'][0]['sku'] != None
- facts['keyvaults'][0]['id'] != None
- facts['keyvaults'][0]['enable_soft_delete'] == true
- facts['keyvaults'][0]['soft_delete_retention_in_days'] == 7
#
# azure_rm_keyvaultkey tests
#
Expand Down

0 comments on commit 073f53a

Please sign in to comment.