diff --git a/plugins/modules/azure_rm_keyvault.py b/plugins/modules/azure_rm_keyvault.py index 821385162..90012de4a 100644 --- a/plugins/modules/azure_rm_keyvault.py +++ b/plugins/modules/azure_rm_keyvault.py @@ -138,6 +138,10 @@ - Property specifying whether protection against purge is enabled for this vault. type: bool default: False + soft_delete_retention_in_days: + description: + - Property specifying the number of days to retain deleted vaults. + type: int recover_mode: description: - Create vault in recovery mode. @@ -252,6 +256,9 @@ def __init__(self): type='bool', default=True ), + soft_delete_retention_in_days=dict( + type='int' + ), enable_purge_protection=dict( type='bool', default=False @@ -326,6 +333,8 @@ def exec_module(self, **kwargs): self.parameters.setdefault("properties", {})["enable_soft_delete"] = kwargs[key] elif key == "enable_purge_protection": self.parameters.setdefault("properties", {})["enable_purge_protection"] = kwargs[key] + elif key == "soft_delete_retention_in_days": + self.parameters.setdefault("properties", {})["soft_delete_retention_in_days"] = kwargs[key] elif key == "recover_mode": self.parameters.setdefault("properties", {})["create_mode"] = 'recover' if kwargs[key] else 'default' @@ -334,7 +343,7 @@ def exec_module(self, **kwargs): self.mgmt_client = self.get_mgmt_svc_client(KeyVaultManagementClient, base_url=self._cloud_environment.endpoints.resource_manager, - api_version="2018-02-14") + api_version="2019-09-01") resource_group = self.get_resource_group(self.resource_group) @@ -380,6 +389,11 @@ def exec_module(self, **kwargs): elif (('enable_soft_delete' in self.parameters['properties']) and (self.parameters['properties']['enable_soft_delete'] != getattr(old_response['properties'], 'enable_soft_delete', None))): self.to_do = Actions.Update + elif (('soft_delete_retention_in_days' in self.parameters['properties']) and + (self.parameters['properties']['soft_delete_retention_in_days'] != getattr(old_response['properties'], + 'soft_delete_retention_in_days', + None))): + self.to_do = Actions.Update elif (('enable_purge_protection' in self.parameters['properties']) and (self.parameters['properties']['enable_purge_protection'] != getattr(old_response['properties'], 'enable_purge_protection', diff --git a/plugins/modules/azure_rm_keyvault_info.py b/plugins/modules/azure_rm_keyvault_info.py index 5871096c8..f8f4a1d70 100644 --- a/plugins/modules/azure_rm_keyvault_info.py +++ b/plugins/modules/azure_rm_keyvault_info.py @@ -113,6 +113,12 @@ type: bool returned: always sample: False + soft_delete_retention_in_days: + description: + - Property specifying the number of days to retain deleted vaults. + type: int + returned: always + sample: 90 tags: description: - List of tags. @@ -204,6 +210,8 @@ def keyvault_to_dict(vault): enabled_for_disk_encryption=vault.properties.enabled_for_disk_encryption, enabled_for_template_deployment=vault.properties.enabled_for_template_deployment, enable_soft_delete=vault.properties.enable_soft_delete, + soft_delete_retention_in_days=vault.properties.soft_delete_retention_in_days + if vault.properties.soft_delete_retention_in_days else 90, enable_purge_protection=vault.properties.enable_purge_protection if vault.properties.enable_purge_protection else False, access_policies=[dict( @@ -253,7 +261,7 @@ def exec_module(self, **kwargs): self._client = self.get_mgmt_svc_client(KeyVaultManagementClient, base_url=self._cloud_environment.endpoints.resource_manager, - api_version="2018-02-14") + api_version="2019-09-01") if self.name: if self.resource_group: diff --git a/requirements-azure.txt b/requirements-azure.txt index b41bd76b8..61d314d64 100644 --- a/requirements-azure.txt +++ b/requirements-azure.txt @@ -17,7 +17,7 @@ azure-mgmt-containerservice==20.0.0 azure-mgmt-datalake-store==1.0.0 azure-mgmt-datafactory==2.0.0 azure-mgmt-dns==8.0.0 -azure-mgmt-keyvault==1.1.0 +azure-mgmt-keyvault==2.2.0 azure-mgmt-marketplaceordering==0.1.0 azure-mgmt-monitor==3.0.0 azure-mgmt-managedservices==1.0.0 diff --git a/tests/integration/targets/azure_rm_keyvault/tasks/main.yml b/tests/integration/targets/azure_rm_keyvault/tasks/main.yml index e2107ca4a..2cd690fbc 100644 --- a/tests/integration/targets/azure_rm_keyvault/tasks/main.yml +++ b/tests/integration/targets/azure_rm_keyvault/tasks/main.yml @@ -18,6 +18,7 @@ vault_name: "vault{{ rpfx }}" enabled_for_deployment: yes vault_tenant: "{{ tenant_id }}" + soft_delete_retention_in_days: 7 sku: name: standard family: A @@ -55,6 +56,7 @@ vault_name: "vault{{ rpfx }}" enabled_for_deployment: yes vault_tenant: "{{ tenant_id }}" + soft_delete_retention_in_days: 7 sku: name: standard family: A @@ -82,6 +84,7 @@ vault_name: "vault{{ rpfx }}" enabled_for_deployment: yes vault_tenant: "{{ tenant_id }}" + soft_delete_retention_in_days: 7 sku: name: standard family: A @@ -108,6 +111,7 @@ vault_name: "vault{{ rpfx }}" enabled_for_deployment: yes vault_tenant: "{{ tenant_id }}" + soft_delete_retention_in_days: 7 sku: name: standard family: A @@ -156,6 +160,7 @@ - facts['keyvaults'][0]['sku'] != None - facts['keyvaults'][0]['id'] != None - facts['keyvaults'][0]['enable_soft_delete'] == true + - facts['keyvaults'][0]['soft_delete_retention_in_days'] == 7 # # azure_rm_keyvaultkey tests #