/* * Copyright (c) Microsoft Corporation. All rights reserved. * Licensed under the MIT License. See License.txt in the project root for * license information. * * Code generated by Microsoft (R) AutoRest Code Generator. * Changes may cause incorrect behavior and will be lost if the code is * regenerated. */ import { BaseResource } from 'ms-rest-azure'; import { CloudError } from 'ms-rest-azure'; import * as moment from 'moment'; export { BaseResource } from 'ms-rest-azure'; export { CloudError } from 'ms-rest-azure'; /** * @class * Initializes a new instance of the Attributes class. * @constructor * The object attributes managed by the KeyVault service. * * @member {boolean} [enabled] Determines whether the object is enabled. * @member {date} [notBefore] Not before date in UTC. * @member {date} [expires] Expiry date in UTC. * @member {date} [created] Creation time in UTC. * @member {date} [updated] Last updated time in UTC. */ export interface Attributes { enabled?: boolean; notBefore?: Date; expires?: Date; readonly created?: Date; readonly updated?: Date; } /** * @class * Initializes a new instance of the JsonWebKey class. * @constructor * As of http://tools.ietf.org/html/draft-ietf-jose-json-web-key-18 * * @member {string} [kid] Key identifier. * @member {string} [kty] JsonWebKey Key Type (kty), as defined in * https://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-40. Possible * values include: 'EC', 'EC-HSM', 'RSA', 'RSA-HSM', 'oct' * @member {array} [keyOps] * @member {buffer} [n] RSA modulus. * @member {buffer} [e] RSA public exponent. * @member {buffer} [d] RSA private exponent, or the D component of an EC * private key. * @member {buffer} [dp] RSA private key parameter. * @member {buffer} [dq] RSA private key parameter. * @member {buffer} [qi] RSA private key parameter. * @member {buffer} [p] RSA secret prime. * @member {buffer} [q] RSA secret prime, with p < q. * @member {buffer} [k] Symmetric key. * @member {buffer} [t] HSM Token, used with 'Bring Your Own Key'. * @member {string} [crv] Elliptic curve name. For valid values, see * JsonWebKeyCurveName. Possible values include: 'P-256', 'P-384', 'P-521', * 'P-256K' * @member {buffer} [x] X component of an EC public key. * @member {buffer} [y] Y component of an EC public key. */ export interface JsonWebKey { kid?: string; kty?: string; keyOps?: string[]; n?: Buffer; e?: Buffer; d?: Buffer; dp?: Buffer; dq?: Buffer; qi?: Buffer; p?: Buffer; q?: Buffer; k?: Buffer; t?: Buffer; crv?: string; x?: Buffer; y?: Buffer; } /** * @class * Initializes a new instance of the KeyAttributes class. * @constructor * The attributes of a key managed by the key vault service. * * @member {string} [recoveryLevel] Reflects the deletion recovery level * currently in effect for keys in the current vault. If it contains * 'Purgeable' the key can be permanently deleted by a privileged user; * otherwise, only the system can purge the key, at the end of the retention * interval. Possible values include: 'Purgeable', 'Recoverable+Purgeable', * 'Recoverable', 'Recoverable+ProtectedSubscription' */ export interface KeyAttributes extends Attributes { readonly recoveryLevel?: string; } /** * @class * Initializes a new instance of the KeyBundle class. * @constructor * A KeyBundle consisting of a WebKey plus its attributes. * * @member {object} [key] The Json web key. * @member {string} [key.kid] Key identifier. * @member {string} [key.kty] JsonWebKey Key Type (kty), as defined in * https://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-40. Possible * values include: 'EC', 'EC-HSM', 'RSA', 'RSA-HSM', 'oct' * @member {array} [key.keyOps] * @member {buffer} [key.n] RSA modulus. * @member {buffer} [key.e] RSA public exponent. * @member {buffer} [key.d] RSA private exponent, or the D component of an EC * private key. * @member {buffer} [key.dp] RSA private key parameter. * @member {buffer} [key.dq] RSA private key parameter. * @member {buffer} [key.qi] RSA private key parameter. * @member {buffer} [key.p] RSA secret prime. * @member {buffer} [key.q] RSA secret prime, with p < q. * @member {buffer} [key.k] Symmetric key. * @member {buffer} [key.t] HSM Token, used with 'Bring Your Own Key'. * @member {string} [key.crv] Elliptic curve name. For valid values, see * JsonWebKeyCurveName. Possible values include: 'P-256', 'P-384', 'P-521', * 'P-256K' * @member {buffer} [key.x] X component of an EC public key. * @member {buffer} [key.y] Y component of an EC public key. * @member {object} [attributes] The key management attributes. * @member {string} [attributes.recoveryLevel] Reflects the deletion recovery * level currently in effect for keys in the current vault. If it contains * 'Purgeable' the key can be permanently deleted by a privileged user; * otherwise, only the system can purge the key, at the end of the retention * interval. Possible values include: 'Purgeable', 'Recoverable+Purgeable', * 'Recoverable', 'Recoverable+ProtectedSubscription' * @member {object} [tags] Application specific metadata in the form of * key-value pairs. * @member {boolean} [managed] True if the key's lifetime is managed by key * vault. If this is a key backing a certificate, then managed will be true. */ export interface KeyBundle { key?: JsonWebKey; attributes?: KeyAttributes; tags?: { [propertyName: string]: string }; readonly managed?: boolean; } /** * @class * Initializes a new instance of the KeyItem class. * @constructor * The key item containing key metadata. * * @member {string} [kid] Key identifier. * @member {object} [attributes] The key management attributes. * @member {string} [attributes.recoveryLevel] Reflects the deletion recovery * level currently in effect for keys in the current vault. If it contains * 'Purgeable' the key can be permanently deleted by a privileged user; * otherwise, only the system can purge the key, at the end of the retention * interval. Possible values include: 'Purgeable', 'Recoverable+Purgeable', * 'Recoverable', 'Recoverable+ProtectedSubscription' * @member {object} [tags] Application specific metadata in the form of * key-value pairs. * @member {boolean} [managed] True if the key's lifetime is managed by key * vault. If this is a key backing a certificate, then managed will be true. */ export interface KeyItem { kid?: string; attributes?: KeyAttributes; tags?: { [propertyName: string]: string }; readonly managed?: boolean; } /** * @class * Initializes a new instance of the DeletedKeyBundle class. * @constructor * A DeletedKeyBundle consisting of a WebKey plus its Attributes and deletion * info * * @member {string} [recoveryId] The url of the recovery object, used to * identify and recover the deleted key. * @member {date} [scheduledPurgeDate] The time when the key is scheduled to be * purged, in UTC * @member {date} [deletedDate] The time when the key was deleted, in UTC */ export interface DeletedKeyBundle extends KeyBundle { recoveryId?: string; readonly scheduledPurgeDate?: Date; readonly deletedDate?: Date; } /** * @class * Initializes a new instance of the DeletedKeyItem class. * @constructor * The deleted key item containing the deleted key metadata and information * about deletion. * * @member {string} [recoveryId] The url of the recovery object, used to * identify and recover the deleted key. * @member {date} [scheduledPurgeDate] The time when the key is scheduled to be * purged, in UTC * @member {date} [deletedDate] The time when the key was deleted, in UTC */ export interface DeletedKeyItem extends KeyItem { recoveryId?: string; readonly scheduledPurgeDate?: Date; readonly deletedDate?: Date; } /** * @class * Initializes a new instance of the SecretAttributes class. * @constructor * The secret management attributes. * * @member {string} [recoveryLevel] Reflects the deletion recovery level * currently in effect for secrets in the current vault. If it contains * 'Purgeable', the secret can be permanently deleted by a privileged user; * otherwise, only the system can purge the secret, at the end of the retention * interval. Possible values include: 'Purgeable', 'Recoverable+Purgeable', * 'Recoverable', 'Recoverable+ProtectedSubscription' */ export interface SecretAttributes extends Attributes { readonly recoveryLevel?: string; } /** * @class * Initializes a new instance of the SecretBundle class. * @constructor * A secret consisting of a value, id and its attributes. * * @member {string} [value] The secret value. * @member {string} [id] The secret id. * @member {string} [contentType] The content type of the secret. * @member {object} [attributes] The secret management attributes. * @member {string} [attributes.recoveryLevel] Reflects the deletion recovery * level currently in effect for secrets in the current vault. If it contains * 'Purgeable', the secret can be permanently deleted by a privileged user; * otherwise, only the system can purge the secret, at the end of the retention * interval. Possible values include: 'Purgeable', 'Recoverable+Purgeable', * 'Recoverable', 'Recoverable+ProtectedSubscription' * @member {object} [tags] Application specific metadata in the form of * key-value pairs. * @member {string} [kid] If this is a secret backing a KV certificate, then * this field specifies the corresponding key backing the KV certificate. * @member {boolean} [managed] True if the secret's lifetime is managed by key * vault. If this is a secret backing a certificate, then managed will be true. */ export interface SecretBundle { value?: string; id?: string; contentType?: string; attributes?: SecretAttributes; tags?: { [propertyName: string]: string }; readonly kid?: string; readonly managed?: boolean; } /** * @class * Initializes a new instance of the SecretItem class. * @constructor * The secret item containing secret metadata. * * @member {string} [id] Secret identifier. * @member {object} [attributes] The secret management attributes. * @member {string} [attributes.recoveryLevel] Reflects the deletion recovery * level currently in effect for secrets in the current vault. If it contains * 'Purgeable', the secret can be permanently deleted by a privileged user; * otherwise, only the system can purge the secret, at the end of the retention * interval. Possible values include: 'Purgeable', 'Recoverable+Purgeable', * 'Recoverable', 'Recoverable+ProtectedSubscription' * @member {object} [tags] Application specific metadata in the form of * key-value pairs. * @member {string} [contentType] Type of the secret value such as a password. * @member {boolean} [managed] True if the secret's lifetime is managed by key * vault. If this is a key backing a certificate, then managed will be true. */ export interface SecretItem { id?: string; attributes?: SecretAttributes; tags?: { [propertyName: string]: string }; contentType?: string; readonly managed?: boolean; } /** * @class * Initializes a new instance of the DeletedSecretBundle class. * @constructor * A Deleted Secret consisting of its previous id, attributes and its tags, as * well as information on when it will be purged. * * @member {string} [recoveryId] The url of the recovery object, used to * identify and recover the deleted secret. * @member {date} [scheduledPurgeDate] The time when the secret is scheduled to * be purged, in UTC * @member {date} [deletedDate] The time when the secret was deleted, in UTC */ export interface DeletedSecretBundle extends SecretBundle { recoveryId?: string; readonly scheduledPurgeDate?: Date; readonly deletedDate?: Date; } /** * @class * Initializes a new instance of the DeletedSecretItem class. * @constructor * The deleted secret item containing metadata about the deleted secret. * * @member {string} [recoveryId] The url of the recovery object, used to * identify and recover the deleted secret. * @member {date} [scheduledPurgeDate] The time when the secret is scheduled to * be purged, in UTC * @member {date} [deletedDate] The time when the secret was deleted, in UTC */ export interface DeletedSecretItem extends SecretItem { recoveryId?: string; readonly scheduledPurgeDate?: Date; readonly deletedDate?: Date; } /** * @class * Initializes a new instance of the SecretRestoreParameters class. * @constructor * The secret restore parameters. * * @member {buffer} secretBundleBackup The backup blob associated with a secret * bundle. */ export interface SecretRestoreParameters { secretBundleBackup: Buffer; } /** * @class * Initializes a new instance of the StorageRestoreParameters class. * @constructor * The secret restore parameters. * * @member {buffer} storageBundleBackup The backup blob associated with a * storage account. */ export interface StorageRestoreParameters { storageBundleBackup: Buffer; } /** * @class * Initializes a new instance of the CertificateAttributes class. * @constructor * The certificate management attributes. * * @member {string} [recoveryLevel] Reflects the deletion recovery level * currently in effect for certificates in the current vault. If it contains * 'Purgeable', the certificate can be permanently deleted by a privileged * user; otherwise, only the system can purge the certificate, at the end of * the retention interval. Possible values include: 'Purgeable', * 'Recoverable+Purgeable', 'Recoverable', 'Recoverable+ProtectedSubscription' */ export interface CertificateAttributes extends Attributes { readonly recoveryLevel?: string; } /** * @class * Initializes a new instance of the CertificateItem class. * @constructor * The certificate item containing certificate metadata. * * @member {string} [id] Certificate identifier. * @member {object} [attributes] The certificate management attributes. * @member {string} [attributes.recoveryLevel] Reflects the deletion recovery * level currently in effect for certificates in the current vault. If it * contains 'Purgeable', the certificate can be permanently deleted by a * privileged user; otherwise, only the system can purge the certificate, at * the end of the retention interval. Possible values include: 'Purgeable', * 'Recoverable+Purgeable', 'Recoverable', 'Recoverable+ProtectedSubscription' * @member {object} [tags] Application specific metadata in the form of * key-value pairs. * @member {buffer} [x509Thumbprint] Thumbprint of the certificate. */ export interface CertificateItem { id?: string; attributes?: CertificateAttributes; tags?: { [propertyName: string]: string }; x509Thumbprint?: Buffer; } /** * @class * Initializes a new instance of the CertificateIssuerItem class. * @constructor * The certificate issuer item containing certificate issuer metadata. * * @member {string} [id] Certificate Identifier. * @member {string} [provider] The issuer provider. */ export interface CertificateIssuerItem { id?: string; provider?: string; } /** * @class * Initializes a new instance of the KeyProperties class. * @constructor * Properties of the key pair backing a certificate. * * @member {boolean} [exportable] Indicates if the private key can be exported. * @member {string} [keyType] The type of key pair to be used for the * certificate. Possible values include: 'EC', 'EC-HSM', 'RSA', 'RSA-HSM', * 'oct' * @member {number} [keySize] The key size in bits. For example: 2048, 3072, or * 4096 for RSA. * @member {boolean} [reuseKey] Indicates if the same key pair will be used on * certificate renewal. * @member {string} [curve] Elliptic curve name. For valid values, see * JsonWebKeyCurveName. Possible values include: 'P-256', 'P-384', 'P-521', * 'P-256K' */ export interface KeyProperties { exportable?: boolean; keyType?: string; keySize?: number; reuseKey?: boolean; curve?: string; } /** * @class * Initializes a new instance of the SecretProperties class. * @constructor * Properties of the key backing a certificate. * * @member {string} [contentType] The media type (MIME type). */ export interface SecretProperties { contentType?: string; } /** * @class * Initializes a new instance of the SubjectAlternativeNames class. * @constructor * The subject alternate names of a X509 object. * * @member {array} [emails] Email addresses. * @member {array} [dnsNames] Domain names. * @member {array} [upns] User principal names. */ export interface SubjectAlternativeNames { emails?: string[]; dnsNames?: string[]; upns?: string[]; } /** * @class * Initializes a new instance of the X509CertificateProperties class. * @constructor * Properties of the X509 component of a certificate. * * @member {string} [subject] The subject name. Should be a valid X509 * distinguished Name. * @member {array} [ekus] The enhanced key usage. * @member {object} [subjectAlternativeNames] The subject alternative names. * @member {array} [subjectAlternativeNames.emails] Email addresses. * @member {array} [subjectAlternativeNames.dnsNames] Domain names. * @member {array} [subjectAlternativeNames.upns] User principal names. * @member {array} [keyUsage] List of key usages. * @member {number} [validityInMonths] The duration that the ceritifcate is * valid in months. */ export interface X509CertificateProperties { subject?: string; ekus?: string[]; subjectAlternativeNames?: SubjectAlternativeNames; keyUsage?: string[]; validityInMonths?: number; } /** * @class * Initializes a new instance of the Trigger class. * @constructor * A condition to be satisfied for an action to be executed. * * @member {number} [lifetimePercentage] Percentage of lifetime at which to * trigger. Value should be between 1 and 99. * @member {number} [daysBeforeExpiry] Days before expiry to attempt renewal. * Value should be between 1 and validity_in_months multiplied by 27. If * validity_in_months is 36, then value should be between 1 and 972 (36 * 27). */ export interface Trigger { lifetimePercentage?: number; daysBeforeExpiry?: number; } /** * @class * Initializes a new instance of the Action class. * @constructor * The action that will be executed. * * @member {string} [actionType] The type of the action. Possible values * include: 'EmailContacts', 'AutoRenew' */ export interface Action { actionType?: string; } /** * @class * Initializes a new instance of the LifetimeAction class. * @constructor * Action and its trigger that will be performed by Key Vault over the lifetime * of a certificate. * * @member {object} [trigger] The condition that will execute the action. * @member {number} [trigger.lifetimePercentage] Percentage of lifetime at * which to trigger. Value should be between 1 and 99. * @member {number} [trigger.daysBeforeExpiry] Days before expiry to attempt * renewal. Value should be between 1 and validity_in_months multiplied by 27. * If validity_in_months is 36, then value should be between 1 and 972 (36 * * 27). * @member {object} [action] The action that will be executed. * @member {string} [action.actionType] The type of the action. Possible values * include: 'EmailContacts', 'AutoRenew' */ export interface LifetimeAction { trigger?: Trigger; action?: Action; } /** * @class * Initializes a new instance of the IssuerParameters class. * @constructor * Parameters for the issuer of the X509 component of a certificate. * * @member {string} [name] Name of the referenced issuer object or reserved * names; for example, 'Self' or 'Unknown'. * @member {string} [certificateType] Type of certificate to be requested from * the issuer provider. * @member {boolean} [certificateTransparency] Indicates if the certificates * generated under this policy should be published to certificate transparency * logs. */ export interface IssuerParameters { name?: string; certificateType?: string; certificateTransparency?: boolean; } /** * @class * Initializes a new instance of the CertificatePolicy class. * @constructor * Management policy for a certificate. * * @member {string} [id] The certificate id. * @member {object} [keyProperties] Properties of the key backing a * certificate. * @member {boolean} [keyProperties.exportable] Indicates if the private key * can be exported. * @member {string} [keyProperties.keyType] The type of key pair to be used for * the certificate. Possible values include: 'EC', 'EC-HSM', 'RSA', 'RSA-HSM', * 'oct' * @member {number} [keyProperties.keySize] The key size in bits. For example: * 2048, 3072, or 4096 for RSA. * @member {boolean} [keyProperties.reuseKey] Indicates if the same key pair * will be used on certificate renewal. * @member {string} [keyProperties.curve] Elliptic curve name. For valid * values, see JsonWebKeyCurveName. Possible values include: 'P-256', 'P-384', * 'P-521', 'P-256K' * @member {object} [secretProperties] Properties of the secret backing a * certificate. * @member {string} [secretProperties.contentType] The media type (MIME type). * @member {object} [x509CertificateProperties] Properties of the X509 * component of a certificate. * @member {string} [x509CertificateProperties.subject] The subject name. * Should be a valid X509 distinguished Name. * @member {array} [x509CertificateProperties.ekus] The enhanced key usage. * @member {object} [x509CertificateProperties.subjectAlternativeNames] The * subject alternative names. * @member {array} [x509CertificateProperties.subjectAlternativeNames.emails] * Email addresses. * @member {array} [x509CertificateProperties.subjectAlternativeNames.dnsNames] * Domain names. * @member {array} [x509CertificateProperties.subjectAlternativeNames.upns] * User principal names. * @member {array} [x509CertificateProperties.keyUsage] List of key usages. * @member {number} [x509CertificateProperties.validityInMonths] The duration * that the ceritifcate is valid in months. * @member {array} [lifetimeActions] Actions that will be performed by Key * Vault over the lifetime of a certificate. * @member {object} [issuerParameters] Parameters for the issuer of the X509 * component of a certificate. * @member {string} [issuerParameters.name] Name of the referenced issuer * object or reserved names; for example, 'Self' or 'Unknown'. * @member {string} [issuerParameters.certificateType] Type of certificate to * be requested from the issuer provider. * @member {boolean} [issuerParameters.certificateTransparency] Indicates if * the certificates generated under this policy should be published to * certificate transparency logs. * @member {object} [attributes] The certificate attributes. * @member {string} [attributes.recoveryLevel] Reflects the deletion recovery * level currently in effect for certificates in the current vault. If it * contains 'Purgeable', the certificate can be permanently deleted by a * privileged user; otherwise, only the system can purge the certificate, at * the end of the retention interval. Possible values include: 'Purgeable', * 'Recoverable+Purgeable', 'Recoverable', 'Recoverable+ProtectedSubscription' */ export interface CertificatePolicy { readonly id?: string; keyProperties?: KeyProperties; secretProperties?: SecretProperties; x509CertificateProperties?: X509CertificateProperties; lifetimeActions?: LifetimeAction[]; issuerParameters?: IssuerParameters; attributes?: CertificateAttributes; } /** * @class * Initializes a new instance of the CertificateBundle class. * @constructor * A certificate bundle consists of a certificate (X509) plus its attributes. * * @member {string} [id] The certificate id. * @member {string} [kid] The key id. * @member {string} [sid] The secret id. * @member {buffer} [x509Thumbprint] Thumbprint of the certificate. * @member {object} [policy] The management policy. * @member {string} [policy.id] The certificate id. * @member {object} [policy.keyProperties] Properties of the key backing a * certificate. * @member {boolean} [policy.keyProperties.exportable] Indicates if the private * key can be exported. * @member {string} [policy.keyProperties.keyType] The type of key pair to be * used for the certificate. Possible values include: 'EC', 'EC-HSM', 'RSA', * 'RSA-HSM', 'oct' * @member {number} [policy.keyProperties.keySize] The key size in bits. For * example: 2048, 3072, or 4096 for RSA. * @member {boolean} [policy.keyProperties.reuseKey] Indicates if the same key * pair will be used on certificate renewal. * @member {string} [policy.keyProperties.curve] Elliptic curve name. For valid * values, see JsonWebKeyCurveName. Possible values include: 'P-256', 'P-384', * 'P-521', 'P-256K' * @member {object} [policy.secretProperties] Properties of the secret backing * a certificate. * @member {string} [policy.secretProperties.contentType] The media type (MIME * type). * @member {object} [policy.x509CertificateProperties] Properties of the X509 * component of a certificate. * @member {string} [policy.x509CertificateProperties.subject] The subject * name. Should be a valid X509 distinguished Name. * @member {array} [policy.x509CertificateProperties.ekus] The enhanced key * usage. * @member {object} [policy.x509CertificateProperties.subjectAlternativeNames] * The subject alternative names. * @member {array} * [policy.x509CertificateProperties.subjectAlternativeNames.emails] Email * addresses. * @member {array} * [policy.x509CertificateProperties.subjectAlternativeNames.dnsNames] Domain * names. * @member {array} * [policy.x509CertificateProperties.subjectAlternativeNames.upns] User * principal names. * @member {array} [policy.x509CertificateProperties.keyUsage] List of key * usages. * @member {number} [policy.x509CertificateProperties.validityInMonths] The * duration that the ceritifcate is valid in months. * @member {array} [policy.lifetimeActions] Actions that will be performed by * Key Vault over the lifetime of a certificate. * @member {object} [policy.issuerParameters] Parameters for the issuer of the * X509 component of a certificate. * @member {string} [policy.issuerParameters.name] Name of the referenced * issuer object or reserved names; for example, 'Self' or 'Unknown'. * @member {string} [policy.issuerParameters.certificateType] Type of * certificate to be requested from the issuer provider. * @member {boolean} [policy.issuerParameters.certificateTransparency] * Indicates if the certificates generated under this policy should be * published to certificate transparency logs. * @member {object} [policy.attributes] The certificate attributes. * @member {string} [policy.attributes.recoveryLevel] Reflects the deletion * recovery level currently in effect for certificates in the current vault. If * it contains 'Purgeable', the certificate can be permanently deleted by a * privileged user; otherwise, only the system can purge the certificate, at * the end of the retention interval. Possible values include: 'Purgeable', * 'Recoverable+Purgeable', 'Recoverable', 'Recoverable+ProtectedSubscription' * @member {buffer} [cer] CER contents of x509 certificate. * @member {string} [contentType] The content type of the secret. * @member {object} [attributes] The certificate attributes. * @member {string} [attributes.recoveryLevel] Reflects the deletion recovery * level currently in effect for certificates in the current vault. If it * contains 'Purgeable', the certificate can be permanently deleted by a * privileged user; otherwise, only the system can purge the certificate, at * the end of the retention interval. Possible values include: 'Purgeable', * 'Recoverable+Purgeable', 'Recoverable', 'Recoverable+ProtectedSubscription' * @member {object} [tags] Application specific metadata in the form of * key-value pairs */ export interface CertificateBundle { readonly id?: string; readonly kid?: string; readonly sid?: string; readonly x509Thumbprint?: Buffer; readonly policy?: CertificatePolicy; cer?: Buffer; contentType?: string; attributes?: CertificateAttributes; tags?: { [propertyName: string]: string }; } /** * @class * Initializes a new instance of the DeletedCertificateBundle class. * @constructor * A Deleted Certificate consisting of its previous id, attributes and its * tags, as well as information on when it will be purged. * * @member {string} [recoveryId] The url of the recovery object, used to * identify and recover the deleted certificate. * @member {date} [scheduledPurgeDate] The time when the certificate is * scheduled to be purged, in UTC * @member {date} [deletedDate] The time when the certificate was deleted, in * UTC */ export interface DeletedCertificateBundle extends CertificateBundle { recoveryId?: string; readonly scheduledPurgeDate?: Date; readonly deletedDate?: Date; } /** * @class * Initializes a new instance of the DeletedCertificateItem class. * @constructor * The deleted certificate item containing metadata about the deleted * certificate. * * @member {string} [recoveryId] The url of the recovery object, used to * identify and recover the deleted certificate. * @member {date} [scheduledPurgeDate] The time when the certificate is * scheduled to be purged, in UTC * @member {date} [deletedDate] The time when the certificate was deleted, in * UTC */ export interface DeletedCertificateItem extends CertificateItem { recoveryId?: string; readonly scheduledPurgeDate?: Date; readonly deletedDate?: Date; } /** * @class * Initializes a new instance of the ErrorModel class. * @constructor * The key vault server error. * * @member {string} [code] The error code. * @member {string} [message] The error message. * @member {object} [innerError] */ export interface ErrorModel { readonly code?: string; readonly message?: string; readonly innerError?: ErrorModel; } /** * @class * Initializes a new instance of the CertificateOperation class. * @constructor * A certificate operation is returned in case of asynchronous requests. * * @member {string} [id] The certificate id. * @member {object} [issuerParameters] Parameters for the issuer of the X509 * component of a certificate. * @member {string} [issuerParameters.name] Name of the referenced issuer * object or reserved names; for example, 'Self' or 'Unknown'. * @member {string} [issuerParameters.certificateType] Type of certificate to * be requested from the issuer provider. * @member {boolean} [issuerParameters.certificateTransparency] Indicates if * the certificates generated under this policy should be published to * certificate transparency logs. * @member {buffer} [csr] The certificate signing request (CSR) that is being * used in the certificate operation. * @member {boolean} [cancellationRequested] Indicates if cancellation was * requested on the certificate operation. * @member {string} [status] Status of the certificate operation. * @member {string} [statusDetails] The status details of the certificate * operation. * @member {object} [error] Error encountered, if any, during the certificate * operation. * @member {string} [error.code] The error code. * @member {string} [error.message] The error message. * @member {object} [error.innerError] * @member {string} [target] Location which contains the result of the * certificate operation. * @member {string} [requestId] Identifier for the certificate operation. */ export interface CertificateOperation { readonly id?: string; issuerParameters?: IssuerParameters; csr?: Buffer; cancellationRequested?: boolean; status?: string; statusDetails?: string; error?: ErrorModel; target?: string; requestId?: string; } /** * @class * Initializes a new instance of the IssuerCredentials class. * @constructor * The credentials to be used for the certificate issuer. * * @member {string} [accountId] The user name/account name/account id. * @member {string} [password] The password/secret/account key. */ export interface IssuerCredentials { accountId?: string; password?: string; } /** * @class * Initializes a new instance of the AdministratorDetails class. * @constructor * Details of the organization administrator of the certificate issuer. * * @member {string} [firstName] First name. * @member {string} [lastName] Last name. * @member {string} [emailAddress] Email addresss. * @member {string} [phone] Phone number. */ export interface AdministratorDetails { firstName?: string; lastName?: string; emailAddress?: string; phone?: string; } /** * @class * Initializes a new instance of the OrganizationDetails class. * @constructor * Details of the organization of the certificate issuer. * * @member {string} [id] Id of the organization. * @member {array} [adminDetails] Details of the organization administrator. */ export interface OrganizationDetails { id?: string; adminDetails?: AdministratorDetails[]; } /** * @class * Initializes a new instance of the IssuerAttributes class. * @constructor * The attributes of an issuer managed by the Key Vault service. * * @member {boolean} [enabled] Determines whether the issuer is enabled. * @member {date} [created] Creation time in UTC. * @member {date} [updated] Last updated time in UTC. */ export interface IssuerAttributes { enabled?: boolean; readonly created?: Date; readonly updated?: Date; } /** * @class * Initializes a new instance of the IssuerBundle class. * @constructor * The issuer for Key Vault certificate. * * @member {string} [id] Identifier for the issuer object. * @member {string} [provider] The issuer provider. * @member {object} [credentials] The credentials to be used for the issuer. * @member {string} [credentials.accountId] The user name/account name/account * id. * @member {string} [credentials.password] The password/secret/account key. * @member {object} [organizationDetails] Details of the organization as * provided to the issuer. * @member {string} [organizationDetails.id] Id of the organization. * @member {array} [organizationDetails.adminDetails] Details of the * organization administrator. * @member {object} [attributes] Attributes of the issuer object. * @member {boolean} [attributes.enabled] Determines whether the issuer is * enabled. * @member {date} [attributes.created] Creation time in UTC. * @member {date} [attributes.updated] Last updated time in UTC. */ export interface IssuerBundle { readonly id?: string; provider?: string; credentials?: IssuerCredentials; organizationDetails?: OrganizationDetails; attributes?: IssuerAttributes; } /** * @class * Initializes a new instance of the Contact class. * @constructor * The contact information for the vault certificates. * * @member {string} [emailAddress] Email addresss. * @member {string} [name] Name. * @member {string} [phone] Phone number. */ export interface Contact { emailAddress?: string; name?: string; phone?: string; } /** * @class * Initializes a new instance of the Contacts class. * @constructor * The contacts for the vault certificates. * * @member {string} [id] Identifier for the contacts collection. * @member {array} [contactList] The contact list for the vault certificates. */ export interface Contacts { readonly id?: string; contactList?: Contact[]; } /** * @class * Initializes a new instance of the KeyCreateParameters class. * @constructor * The key create parameters. * * @member {string} kty The type of key to create. For valid values, see * JsonWebKeyType. Possible values include: 'EC', 'EC-HSM', 'RSA', 'RSA-HSM', * 'oct' * @member {number} [keySize] The key size in bits. For example: 2048, 3072, or * 4096 for RSA. * @member {array} [keyOps] * @member {object} [keyAttributes] * @member {string} [keyAttributes.recoveryLevel] Reflects the deletion * recovery level currently in effect for keys in the current vault. If it * contains 'Purgeable' the key can be permanently deleted by a privileged * user; otherwise, only the system can purge the key, at the end of the * retention interval. Possible values include: 'Purgeable', * 'Recoverable+Purgeable', 'Recoverable', 'Recoverable+ProtectedSubscription' * @member {object} [tags] Application specific metadata in the form of * key-value pairs. * @member {string} [curve] Elliptic curve name. For valid values, see * JsonWebKeyCurveName. Possible values include: 'P-256', 'P-384', 'P-521', * 'P-256K' */ export interface KeyCreateParameters { kty: string; keySize?: number; keyOps?: string[]; keyAttributes?: KeyAttributes; tags?: { [propertyName: string]: string }; curve?: string; } /** * @class * Initializes a new instance of the KeyImportParameters class. * @constructor * The key import parameters. * * @member {boolean} [hsm] Whether to import as a hardware key (HSM) or * software key. * @member {object} key The Json web key * @member {string} [key.kid] Key identifier. * @member {string} [key.kty] JsonWebKey Key Type (kty), as defined in * https://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-40. Possible * values include: 'EC', 'EC-HSM', 'RSA', 'RSA-HSM', 'oct' * @member {array} [key.keyOps] * @member {buffer} [key.n] RSA modulus. * @member {buffer} [key.e] RSA public exponent. * @member {buffer} [key.d] RSA private exponent, or the D component of an EC * private key. * @member {buffer} [key.dp] RSA private key parameter. * @member {buffer} [key.dq] RSA private key parameter. * @member {buffer} [key.qi] RSA private key parameter. * @member {buffer} [key.p] RSA secret prime. * @member {buffer} [key.q] RSA secret prime, with p < q. * @member {buffer} [key.k] Symmetric key. * @member {buffer} [key.t] HSM Token, used with 'Bring Your Own Key'. * @member {string} [key.crv] Elliptic curve name. For valid values, see * JsonWebKeyCurveName. Possible values include: 'P-256', 'P-384', 'P-521', * 'P-256K' * @member {buffer} [key.x] X component of an EC public key. * @member {buffer} [key.y] Y component of an EC public key. * @member {object} [keyAttributes] The key management attributes. * @member {string} [keyAttributes.recoveryLevel] Reflects the deletion * recovery level currently in effect for keys in the current vault. If it * contains 'Purgeable' the key can be permanently deleted by a privileged * user; otherwise, only the system can purge the key, at the end of the * retention interval. Possible values include: 'Purgeable', * 'Recoverable+Purgeable', 'Recoverable', 'Recoverable+ProtectedSubscription' * @member {object} [tags] Application specific metadata in the form of * key-value pairs. */ export interface KeyImportParameters { hsm?: boolean; key: JsonWebKey; keyAttributes?: KeyAttributes; tags?: { [propertyName: string]: string }; } /** * @class * Initializes a new instance of the KeyOperationsParameters class. * @constructor * The key operations parameters. * * @member {string} algorithm algorithm identifier. Possible values include: * 'RSA-OAEP', 'RSA-OAEP-256', 'RSA1_5' * @member {buffer} value */ export interface KeyOperationsParameters { algorithm: string; value: Buffer; } /** * @class * Initializes a new instance of the KeySignParameters class. * @constructor * The key operations parameters. * * @member {string} algorithm The signing/verification algorithm identifier. * For more information on possible algorithm types, see * JsonWebKeySignatureAlgorithm. Possible values include: 'PS256', 'PS384', * 'PS512', 'RS256', 'RS384', 'RS512', 'RSNULL', 'ES256', 'ES384', 'ES512', * 'ES256K' * @member {buffer} value */ export interface KeySignParameters { algorithm: string; value: Buffer; } /** * @class * Initializes a new instance of the KeyVerifyParameters class. * @constructor * The key verify parameters. * * @member {string} algorithm The signing/verification algorithm. For more * information on possible algorithm types, see JsonWebKeySignatureAlgorithm. * Possible values include: 'PS256', 'PS384', 'PS512', 'RS256', 'RS384', * 'RS512', 'RSNULL', 'ES256', 'ES384', 'ES512', 'ES256K' * @member {buffer} digest The digest used for signing. * @member {buffer} signature The signature to be verified. */ export interface KeyVerifyParameters { algorithm: string; digest: Buffer; signature: Buffer; } /** * @class * Initializes a new instance of the KeyUpdateParameters class. * @constructor * The key update parameters. * * @member {array} [keyOps] Json web key operations. For more information on * possible key operations, see JsonWebKeyOperation. * @member {object} [keyAttributes] * @member {string} [keyAttributes.recoveryLevel] Reflects the deletion * recovery level currently in effect for keys in the current vault. If it * contains 'Purgeable' the key can be permanently deleted by a privileged * user; otherwise, only the system can purge the key, at the end of the * retention interval. Possible values include: 'Purgeable', * 'Recoverable+Purgeable', 'Recoverable', 'Recoverable+ProtectedSubscription' * @member {object} [tags] Application specific metadata in the form of * key-value pairs. */ export interface KeyUpdateParameters { keyOps?: string[]; keyAttributes?: KeyAttributes; tags?: { [propertyName: string]: string }; } /** * @class * Initializes a new instance of the KeyRestoreParameters class. * @constructor * The key restore parameters. * * @member {buffer} keyBundleBackup The backup blob associated with a key * bundle. */ export interface KeyRestoreParameters { keyBundleBackup: Buffer; } /** * @class * Initializes a new instance of the SecretSetParameters class. * @constructor * The secret set parameters. * * @member {string} value The value of the secret. * @member {object} [tags] Application specific metadata in the form of * key-value pairs. * @member {string} [contentType] Type of the secret value such as a password. * @member {object} [secretAttributes] The secret management attributes. * @member {string} [secretAttributes.recoveryLevel] Reflects the deletion * recovery level currently in effect for secrets in the current vault. If it * contains 'Purgeable', the secret can be permanently deleted by a privileged * user; otherwise, only the system can purge the secret, at the end of the * retention interval. Possible values include: 'Purgeable', * 'Recoverable+Purgeable', 'Recoverable', 'Recoverable+ProtectedSubscription' */ export interface SecretSetParameters { value: string; tags?: { [propertyName: string]: string }; contentType?: string; secretAttributes?: SecretAttributes; } /** * @class * Initializes a new instance of the SecretUpdateParameters class. * @constructor * The secret update parameters. * * @member {string} [contentType] Type of the secret value such as a password. * @member {object} [secretAttributes] The secret management attributes. * @member {string} [secretAttributes.recoveryLevel] Reflects the deletion * recovery level currently in effect for secrets in the current vault. If it * contains 'Purgeable', the secret can be permanently deleted by a privileged * user; otherwise, only the system can purge the secret, at the end of the * retention interval. Possible values include: 'Purgeable', * 'Recoverable+Purgeable', 'Recoverable', 'Recoverable+ProtectedSubscription' * @member {object} [tags] Application specific metadata in the form of * key-value pairs. */ export interface SecretUpdateParameters { contentType?: string; secretAttributes?: SecretAttributes; tags?: { [propertyName: string]: string }; } /** * @class * Initializes a new instance of the CertificateCreateParameters class. * @constructor * The certificate create parameters. * * @member {object} [certificatePolicy] The management policy for the * certificate. * @member {string} [certificatePolicy.id] The certificate id. * @member {object} [certificatePolicy.keyProperties] Properties of the key * backing a certificate. * @member {boolean} [certificatePolicy.keyProperties.exportable] Indicates if * the private key can be exported. * @member {string} [certificatePolicy.keyProperties.keyType] The type of key * pair to be used for the certificate. Possible values include: 'EC', * 'EC-HSM', 'RSA', 'RSA-HSM', 'oct' * @member {number} [certificatePolicy.keyProperties.keySize] The key size in * bits. For example: 2048, 3072, or 4096 for RSA. * @member {boolean} [certificatePolicy.keyProperties.reuseKey] Indicates if * the same key pair will be used on certificate renewal. * @member {string} [certificatePolicy.keyProperties.curve] Elliptic curve * name. For valid values, see JsonWebKeyCurveName. Possible values include: * 'P-256', 'P-384', 'P-521', 'P-256K' * @member {object} [certificatePolicy.secretProperties] Properties of the * secret backing a certificate. * @member {string} [certificatePolicy.secretProperties.contentType] The media * type (MIME type). * @member {object} [certificatePolicy.x509CertificateProperties] Properties of * the X509 component of a certificate. * @member {string} [certificatePolicy.x509CertificateProperties.subject] The * subject name. Should be a valid X509 distinguished Name. * @member {array} [certificatePolicy.x509CertificateProperties.ekus] The * enhanced key usage. * @member {object} * [certificatePolicy.x509CertificateProperties.subjectAlternativeNames] The * subject alternative names. * @member {array} * [certificatePolicy.x509CertificateProperties.subjectAlternativeNames.emails] * Email addresses. * @member {array} * [certificatePolicy.x509CertificateProperties.subjectAlternativeNames.dnsNames] * Domain names. * @member {array} * [certificatePolicy.x509CertificateProperties.subjectAlternativeNames.upns] * User principal names. * @member {array} [certificatePolicy.x509CertificateProperties.keyUsage] List * of key usages. * @member {number} * [certificatePolicy.x509CertificateProperties.validityInMonths] The duration * that the ceritifcate is valid in months. * @member {array} [certificatePolicy.lifetimeActions] Actions that will be * performed by Key Vault over the lifetime of a certificate. * @member {object} [certificatePolicy.issuerParameters] Parameters for the * issuer of the X509 component of a certificate. * @member {string} [certificatePolicy.issuerParameters.name] Name of the * referenced issuer object or reserved names; for example, 'Self' or * 'Unknown'. * @member {string} [certificatePolicy.issuerParameters.certificateType] Type * of certificate to be requested from the issuer provider. * @member {boolean} * [certificatePolicy.issuerParameters.certificateTransparency] Indicates if * the certificates generated under this policy should be published to * certificate transparency logs. * @member {object} [certificatePolicy.attributes] The certificate attributes. * @member {string} [certificatePolicy.attributes.recoveryLevel] Reflects the * deletion recovery level currently in effect for certificates in the current * vault. If it contains 'Purgeable', the certificate can be permanently * deleted by a privileged user; otherwise, only the system can purge the * certificate, at the end of the retention interval. Possible values include: * 'Purgeable', 'Recoverable+Purgeable', 'Recoverable', * 'Recoverable+ProtectedSubscription' * @member {object} [certificateAttributes] The attributes of the certificate * (optional). * @member {string} [certificateAttributes.recoveryLevel] Reflects the deletion * recovery level currently in effect for certificates in the current vault. If * it contains 'Purgeable', the certificate can be permanently deleted by a * privileged user; otherwise, only the system can purge the certificate, at * the end of the retention interval. Possible values include: 'Purgeable', * 'Recoverable+Purgeable', 'Recoverable', 'Recoverable+ProtectedSubscription' * @member {object} [tags] Application specific metadata in the form of * key-value pairs. */ export interface CertificateCreateParameters { certificatePolicy?: CertificatePolicy; certificateAttributes?: CertificateAttributes; tags?: { [propertyName: string]: string }; } /** * @class * Initializes a new instance of the CertificateImportParameters class. * @constructor * The certificate import parameters. * * @member {string} base64EncodedCertificate Base64 encoded representation of * the certificate object to import. This certificate needs to contain the * private key. * @member {string} [password] If the private key in base64EncodedCertificate * is encrypted, the password used for encryption. * @member {object} [certificatePolicy] The management policy for the * certificate. * @member {string} [certificatePolicy.id] The certificate id. * @member {object} [certificatePolicy.keyProperties] Properties of the key * backing a certificate. * @member {boolean} [certificatePolicy.keyProperties.exportable] Indicates if * the private key can be exported. * @member {string} [certificatePolicy.keyProperties.keyType] The type of key * pair to be used for the certificate. Possible values include: 'EC', * 'EC-HSM', 'RSA', 'RSA-HSM', 'oct' * @member {number} [certificatePolicy.keyProperties.keySize] The key size in * bits. For example: 2048, 3072, or 4096 for RSA. * @member {boolean} [certificatePolicy.keyProperties.reuseKey] Indicates if * the same key pair will be used on certificate renewal. * @member {string} [certificatePolicy.keyProperties.curve] Elliptic curve * name. For valid values, see JsonWebKeyCurveName. Possible values include: * 'P-256', 'P-384', 'P-521', 'P-256K' * @member {object} [certificatePolicy.secretProperties] Properties of the * secret backing a certificate. * @member {string} [certificatePolicy.secretProperties.contentType] The media * type (MIME type). * @member {object} [certificatePolicy.x509CertificateProperties] Properties of * the X509 component of a certificate. * @member {string} [certificatePolicy.x509CertificateProperties.subject] The * subject name. Should be a valid X509 distinguished Name. * @member {array} [certificatePolicy.x509CertificateProperties.ekus] The * enhanced key usage. * @member {object} * [certificatePolicy.x509CertificateProperties.subjectAlternativeNames] The * subject alternative names. * @member {array} * [certificatePolicy.x509CertificateProperties.subjectAlternativeNames.emails] * Email addresses. * @member {array} * [certificatePolicy.x509CertificateProperties.subjectAlternativeNames.dnsNames] * Domain names. * @member {array} * [certificatePolicy.x509CertificateProperties.subjectAlternativeNames.upns] * User principal names. * @member {array} [certificatePolicy.x509CertificateProperties.keyUsage] List * of key usages. * @member {number} * [certificatePolicy.x509CertificateProperties.validityInMonths] The duration * that the ceritifcate is valid in months. * @member {array} [certificatePolicy.lifetimeActions] Actions that will be * performed by Key Vault over the lifetime of a certificate. * @member {object} [certificatePolicy.issuerParameters] Parameters for the * issuer of the X509 component of a certificate. * @member {string} [certificatePolicy.issuerParameters.name] Name of the * referenced issuer object or reserved names; for example, 'Self' or * 'Unknown'. * @member {string} [certificatePolicy.issuerParameters.certificateType] Type * of certificate to be requested from the issuer provider. * @member {boolean} * [certificatePolicy.issuerParameters.certificateTransparency] Indicates if * the certificates generated under this policy should be published to * certificate transparency logs. * @member {object} [certificatePolicy.attributes] The certificate attributes. * @member {string} [certificatePolicy.attributes.recoveryLevel] Reflects the * deletion recovery level currently in effect for certificates in the current * vault. If it contains 'Purgeable', the certificate can be permanently * deleted by a privileged user; otherwise, only the system can purge the * certificate, at the end of the retention interval. Possible values include: * 'Purgeable', 'Recoverable+Purgeable', 'Recoverable', * 'Recoverable+ProtectedSubscription' * @member {object} [certificateAttributes] The attributes of the certificate * (optional). * @member {string} [certificateAttributes.recoveryLevel] Reflects the deletion * recovery level currently in effect for certificates in the current vault. If * it contains 'Purgeable', the certificate can be permanently deleted by a * privileged user; otherwise, only the system can purge the certificate, at * the end of the retention interval. Possible values include: 'Purgeable', * 'Recoverable+Purgeable', 'Recoverable', 'Recoverable+ProtectedSubscription' * @member {object} [tags] Application specific metadata in the form of * key-value pairs. */ export interface CertificateImportParameters { base64EncodedCertificate: string; password?: string; certificatePolicy?: CertificatePolicy; certificateAttributes?: CertificateAttributes; tags?: { [propertyName: string]: string }; } /** * @class * Initializes a new instance of the CertificateUpdateParameters class. * @constructor * The certificate update parameters. * * @member {object} [certificatePolicy] The management policy for the * certificate. * @member {string} [certificatePolicy.id] The certificate id. * @member {object} [certificatePolicy.keyProperties] Properties of the key * backing a certificate. * @member {boolean} [certificatePolicy.keyProperties.exportable] Indicates if * the private key can be exported. * @member {string} [certificatePolicy.keyProperties.keyType] The type of key * pair to be used for the certificate. Possible values include: 'EC', * 'EC-HSM', 'RSA', 'RSA-HSM', 'oct' * @member {number} [certificatePolicy.keyProperties.keySize] The key size in * bits. For example: 2048, 3072, or 4096 for RSA. * @member {boolean} [certificatePolicy.keyProperties.reuseKey] Indicates if * the same key pair will be used on certificate renewal. * @member {string} [certificatePolicy.keyProperties.curve] Elliptic curve * name. For valid values, see JsonWebKeyCurveName. Possible values include: * 'P-256', 'P-384', 'P-521', 'P-256K' * @member {object} [certificatePolicy.secretProperties] Properties of the * secret backing a certificate. * @member {string} [certificatePolicy.secretProperties.contentType] The media * type (MIME type). * @member {object} [certificatePolicy.x509CertificateProperties] Properties of * the X509 component of a certificate. * @member {string} [certificatePolicy.x509CertificateProperties.subject] The * subject name. Should be a valid X509 distinguished Name. * @member {array} [certificatePolicy.x509CertificateProperties.ekus] The * enhanced key usage. * @member {object} * [certificatePolicy.x509CertificateProperties.subjectAlternativeNames] The * subject alternative names. * @member {array} * [certificatePolicy.x509CertificateProperties.subjectAlternativeNames.emails] * Email addresses. * @member {array} * [certificatePolicy.x509CertificateProperties.subjectAlternativeNames.dnsNames] * Domain names. * @member {array} * [certificatePolicy.x509CertificateProperties.subjectAlternativeNames.upns] * User principal names. * @member {array} [certificatePolicy.x509CertificateProperties.keyUsage] List * of key usages. * @member {number} * [certificatePolicy.x509CertificateProperties.validityInMonths] The duration * that the ceritifcate is valid in months. * @member {array} [certificatePolicy.lifetimeActions] Actions that will be * performed by Key Vault over the lifetime of a certificate. * @member {object} [certificatePolicy.issuerParameters] Parameters for the * issuer of the X509 component of a certificate. * @member {string} [certificatePolicy.issuerParameters.name] Name of the * referenced issuer object or reserved names; for example, 'Self' or * 'Unknown'. * @member {string} [certificatePolicy.issuerParameters.certificateType] Type * of certificate to be requested from the issuer provider. * @member {boolean} * [certificatePolicy.issuerParameters.certificateTransparency] Indicates if * the certificates generated under this policy should be published to * certificate transparency logs. * @member {object} [certificatePolicy.attributes] The certificate attributes. * @member {string} [certificatePolicy.attributes.recoveryLevel] Reflects the * deletion recovery level currently in effect for certificates in the current * vault. If it contains 'Purgeable', the certificate can be permanently * deleted by a privileged user; otherwise, only the system can purge the * certificate, at the end of the retention interval. Possible values include: * 'Purgeable', 'Recoverable+Purgeable', 'Recoverable', * 'Recoverable+ProtectedSubscription' * @member {object} [certificateAttributes] The attributes of the certificate * (optional). * @member {string} [certificateAttributes.recoveryLevel] Reflects the deletion * recovery level currently in effect for certificates in the current vault. If * it contains 'Purgeable', the certificate can be permanently deleted by a * privileged user; otherwise, only the system can purge the certificate, at * the end of the retention interval. Possible values include: 'Purgeable', * 'Recoverable+Purgeable', 'Recoverable', 'Recoverable+ProtectedSubscription' * @member {object} [tags] Application specific metadata in the form of * key-value pairs. */ export interface CertificateUpdateParameters { certificatePolicy?: CertificatePolicy; certificateAttributes?: CertificateAttributes; tags?: { [propertyName: string]: string }; } /** * @class * Initializes a new instance of the CertificateMergeParameters class. * @constructor * The certificate merge parameters * * @member {array} x509Certificates The certificate or the certificate chain to * merge. * @member {object} [certificateAttributes] The attributes of the certificate * (optional). * @member {string} [certificateAttributes.recoveryLevel] Reflects the deletion * recovery level currently in effect for certificates in the current vault. If * it contains 'Purgeable', the certificate can be permanently deleted by a * privileged user; otherwise, only the system can purge the certificate, at * the end of the retention interval. Possible values include: 'Purgeable', * 'Recoverable+Purgeable', 'Recoverable', 'Recoverable+ProtectedSubscription' * @member {object} [tags] Application specific metadata in the form of * key-value pairs. */ export interface CertificateMergeParameters { x509Certificates: Buffer[]; certificateAttributes?: CertificateAttributes; tags?: { [propertyName: string]: string }; } /** * @class * Initializes a new instance of the CertificateIssuerSetParameters class. * @constructor * The certificate issuer set parameters. * * @member {string} provider The issuer provider. * @member {object} [credentials] The credentials to be used for the issuer. * @member {string} [credentials.accountId] The user name/account name/account * id. * @member {string} [credentials.password] The password/secret/account key. * @member {object} [organizationDetails] Details of the organization as * provided to the issuer. * @member {string} [organizationDetails.id] Id of the organization. * @member {array} [organizationDetails.adminDetails] Details of the * organization administrator. * @member {object} [attributes] Attributes of the issuer object. * @member {boolean} [attributes.enabled] Determines whether the issuer is * enabled. * @member {date} [attributes.created] Creation time in UTC. * @member {date} [attributes.updated] Last updated time in UTC. */ export interface CertificateIssuerSetParameters { provider: string; credentials?: IssuerCredentials; organizationDetails?: OrganizationDetails; attributes?: IssuerAttributes; } /** * @class * Initializes a new instance of the CertificateIssuerUpdateParameters class. * @constructor * The certificate issuer update parameters. * * @member {string} [provider] The issuer provider. * @member {object} [credentials] The credentials to be used for the issuer. * @member {string} [credentials.accountId] The user name/account name/account * id. * @member {string} [credentials.password] The password/secret/account key. * @member {object} [organizationDetails] Details of the organization as * provided to the issuer. * @member {string} [organizationDetails.id] Id of the organization. * @member {array} [organizationDetails.adminDetails] Details of the * organization administrator. * @member {object} [attributes] Attributes of the issuer object. * @member {boolean} [attributes.enabled] Determines whether the issuer is * enabled. * @member {date} [attributes.created] Creation time in UTC. * @member {date} [attributes.updated] Last updated time in UTC. */ export interface CertificateIssuerUpdateParameters { provider?: string; credentials?: IssuerCredentials; organizationDetails?: OrganizationDetails; attributes?: IssuerAttributes; } /** * @class * Initializes a new instance of the CertificateOperationUpdateParameter class. * @constructor * The certificate operation update parameters. * * @member {boolean} cancellationRequested Indicates if cancellation was * requested on the certificate operation. */ export interface CertificateOperationUpdateParameter { cancellationRequested: boolean; } /** * @class * Initializes a new instance of the KeyOperationResult class. * @constructor * The key operation result. * * @member {string} [kid] Key identifier * @member {buffer} [result] */ export interface KeyOperationResult { readonly kid?: string; readonly result?: Buffer; } /** * @class * Initializes a new instance of the KeyVerifyResult class. * @constructor * The key verify result. * * @member {boolean} [value] True if the signature is verified, otherwise * false. */ export interface KeyVerifyResult { readonly value?: boolean; } /** * @class * Initializes a new instance of the BackupKeyResult class. * @constructor * The backup key result, containing the backup blob. * * @member {buffer} [value] The backup blob containing the backed up key. */ export interface BackupKeyResult { readonly value?: Buffer; } /** * @class * Initializes a new instance of the BackupSecretResult class. * @constructor * The backup secret result, containing the backup blob. * * @member {buffer} [value] The backup blob containing the backed up secret. */ export interface BackupSecretResult { readonly value?: Buffer; } /** * @class * Initializes a new instance of the BackupStorageResult class. * @constructor * The backup storage result, containing the backup blob. * * @member {buffer} [value] The backup blob containing the backed up storage * account. */ export interface BackupStorageResult { readonly value?: Buffer; } /** * @class * Initializes a new instance of the PendingCertificateSigningRequestResult class. * @constructor * The pending certificate signing request result. * * @member {string} [value] The pending certificate signing request as Base64 * encoded string. */ export interface PendingCertificateSigningRequestResult { readonly value?: string; } /** * @class * Initializes a new instance of the StorageAccountAttributes class. * @constructor * The storage account management attributes. * * @member {boolean} [enabled] the enabled state of the object. * @member {date} [created] Creation time in UTC. * @member {date} [updated] Last updated time in UTC. * @member {string} [recoveryLevel] Reflects the deletion recovery level * currently in effect for storage accounts in the current vault. If it * contains 'Purgeable' the storage account can be permanently deleted by a * privileged user; otherwise, only the system can purge the storage account, * at the end of the retention interval. Possible values include: 'Purgeable', * 'Recoverable+Purgeable', 'Recoverable', 'Recoverable+ProtectedSubscription' */ export interface StorageAccountAttributes { enabled?: boolean; readonly created?: Date; readonly updated?: Date; readonly recoveryLevel?: string; } /** * @class * Initializes a new instance of the StorageBundle class. * @constructor * A Storage account bundle consists of key vault storage account details plus * its attributes. * * @member {string} [id] The storage account id. * @member {string} [resourceId] The storage account resource id. * @member {string} [activeKeyName] The current active storage account key * name. * @member {boolean} [autoRegenerateKey] whether keyvault should manage the * storage account for the user. * @member {string} [regenerationPeriod] The key regeneration time duration * specified in ISO-8601 format. * @member {object} [attributes] The storage account attributes. * @member {boolean} [attributes.enabled] the enabled state of the object. * @member {date} [attributes.created] Creation time in UTC. * @member {date} [attributes.updated] Last updated time in UTC. * @member {string} [attributes.recoveryLevel] Reflects the deletion recovery * level currently in effect for storage accounts in the current vault. If it * contains 'Purgeable' the storage account can be permanently deleted by a * privileged user; otherwise, only the system can purge the storage account, * at the end of the retention interval. Possible values include: 'Purgeable', * 'Recoverable+Purgeable', 'Recoverable', 'Recoverable+ProtectedSubscription' * @member {object} [tags] Application specific metadata in the form of * key-value pairs */ export interface StorageBundle { readonly id?: string; readonly resourceId?: string; readonly activeKeyName?: string; readonly autoRegenerateKey?: boolean; readonly regenerationPeriod?: string; readonly attributes?: StorageAccountAttributes; readonly tags?: { [propertyName: string]: string }; } /** * @class * Initializes a new instance of the DeletedStorageBundle class. * @constructor * A deleted storage account bundle consisting of its previous id, attributes * and its tags, as well as information on when it will be purged. * * @member {string} [recoveryId] The url of the recovery object, used to * identify and recover the deleted storage account. * @member {date} [scheduledPurgeDate] The time when the storage account is * scheduled to be purged, in UTC * @member {date} [deletedDate] The time when the storage account was deleted, * in UTC */ export interface DeletedStorageBundle extends StorageBundle { recoveryId?: string; readonly scheduledPurgeDate?: Date; readonly deletedDate?: Date; } /** * @class * Initializes a new instance of the StorageAccountCreateParameters class. * @constructor * The storage account create parameters. * * @member {string} resourceId Storage account resource id. * @member {string} activeKeyName Current active storage account key name. * @member {boolean} autoRegenerateKey whether keyvault should manage the * storage account for the user. * @member {string} [regenerationPeriod] The key regeneration time duration * specified in ISO-8601 format. * @member {object} [storageAccountAttributes] The attributes of the storage * account. * @member {boolean} [storageAccountAttributes.enabled] the enabled state of * the object. * @member {date} [storageAccountAttributes.created] Creation time in UTC. * @member {date} [storageAccountAttributes.updated] Last updated time in UTC. * @member {string} [storageAccountAttributes.recoveryLevel] Reflects the * deletion recovery level currently in effect for storage accounts in the * current vault. If it contains 'Purgeable' the storage account can be * permanently deleted by a privileged user; otherwise, only the system can * purge the storage account, at the end of the retention interval. Possible * values include: 'Purgeable', 'Recoverable+Purgeable', 'Recoverable', * 'Recoverable+ProtectedSubscription' * @member {object} [tags] Application specific metadata in the form of * key-value pairs. */ export interface StorageAccountCreateParameters { resourceId: string; activeKeyName: string; autoRegenerateKey: boolean; regenerationPeriod?: string; storageAccountAttributes?: StorageAccountAttributes; tags?: { [propertyName: string]: string }; } /** * @class * Initializes a new instance of the StorageAccountUpdateParameters class. * @constructor * The storage account update parameters. * * @member {string} [activeKeyName] The current active storage account key * name. * @member {boolean} [autoRegenerateKey] whether keyvault should manage the * storage account for the user. * @member {string} [regenerationPeriod] The key regeneration time duration * specified in ISO-8601 format. * @member {object} [storageAccountAttributes] The attributes of the storage * account. * @member {boolean} [storageAccountAttributes.enabled] the enabled state of * the object. * @member {date} [storageAccountAttributes.created] Creation time in UTC. * @member {date} [storageAccountAttributes.updated] Last updated time in UTC. * @member {string} [storageAccountAttributes.recoveryLevel] Reflects the * deletion recovery level currently in effect for storage accounts in the * current vault. If it contains 'Purgeable' the storage account can be * permanently deleted by a privileged user; otherwise, only the system can * purge the storage account, at the end of the retention interval. Possible * values include: 'Purgeable', 'Recoverable+Purgeable', 'Recoverable', * 'Recoverable+ProtectedSubscription' * @member {object} [tags] Application specific metadata in the form of * key-value pairs. */ export interface StorageAccountUpdateParameters { activeKeyName?: string; autoRegenerateKey?: boolean; regenerationPeriod?: string; storageAccountAttributes?: StorageAccountAttributes; tags?: { [propertyName: string]: string }; } /** * @class * Initializes a new instance of the StorageAccountRegenerteKeyParameters class. * @constructor * The storage account key regenerate parameters. * * @member {string} keyName The storage account key name. */ export interface StorageAccountRegenerteKeyParameters { keyName: string; } /** * @class * Initializes a new instance of the StorageAccountItem class. * @constructor * The storage account item containing storage account metadata. * * @member {string} [id] Storage identifier. * @member {string} [resourceId] Storage account resource Id. * @member {object} [attributes] The storage account management attributes. * @member {boolean} [attributes.enabled] the enabled state of the object. * @member {date} [attributes.created] Creation time in UTC. * @member {date} [attributes.updated] Last updated time in UTC. * @member {string} [attributes.recoveryLevel] Reflects the deletion recovery * level currently in effect for storage accounts in the current vault. If it * contains 'Purgeable' the storage account can be permanently deleted by a * privileged user; otherwise, only the system can purge the storage account, * at the end of the retention interval. Possible values include: 'Purgeable', * 'Recoverable+Purgeable', 'Recoverable', 'Recoverable+ProtectedSubscription' * @member {object} [tags] Application specific metadata in the form of * key-value pairs. */ export interface StorageAccountItem { readonly id?: string; readonly resourceId?: string; readonly attributes?: StorageAccountAttributes; readonly tags?: { [propertyName: string]: string }; } /** * @class * Initializes a new instance of the DeletedStorageAccountItem class. * @constructor * The deleted storage account item containing metadata about the deleted * storage account. * * @member {string} [recoveryId] The url of the recovery object, used to * identify and recover the deleted storage account. * @member {date} [scheduledPurgeDate] The time when the storage account is * scheduled to be purged, in UTC * @member {date} [deletedDate] The time when the storage account was deleted, * in UTC */ export interface DeletedStorageAccountItem extends StorageAccountItem { recoveryId?: string; readonly scheduledPurgeDate?: Date; readonly deletedDate?: Date; } /** * @class * Initializes a new instance of the SasDefinitionAttributes class. * @constructor * The SAS definition management attributes. * * @member {boolean} [enabled] the enabled state of the object. * @member {date} [created] Creation time in UTC. * @member {date} [updated] Last updated time in UTC. * @member {string} [recoveryLevel] Reflects the deletion recovery level * currently in effect for SAS definitions in the current vault. If it contains * 'Purgeable' the SAS definition can be permanently deleted by a privileged * user; otherwise, only the system can purge the SAS definition, at the end of * the retention interval. Possible values include: 'Purgeable', * 'Recoverable+Purgeable', 'Recoverable', 'Recoverable+ProtectedSubscription' */ export interface SasDefinitionAttributes { enabled?: boolean; readonly created?: Date; readonly updated?: Date; readonly recoveryLevel?: string; } /** * @class * Initializes a new instance of the SasDefinitionBundle class. * @constructor * A SAS definition bundle consists of key vault SAS definition details plus * its attributes. * * @member {string} [id] The SAS definition id. * @member {string} [secretId] Storage account SAS definition secret id. * @member {string} [templateUri] The SAS definition token template signed with * an arbitrary key. Tokens created according to the SAS definition will have * the same properties as the template. * @member {string} [sasType] The type of SAS token the SAS definition will * create. Possible values include: 'account', 'service' * @member {string} [validityPeriod] The validity period of SAS tokens created * according to the SAS definition. * @member {object} [attributes] The SAS definition attributes. * @member {boolean} [attributes.enabled] the enabled state of the object. * @member {date} [attributes.created] Creation time in UTC. * @member {date} [attributes.updated] Last updated time in UTC. * @member {string} [attributes.recoveryLevel] Reflects the deletion recovery * level currently in effect for SAS definitions in the current vault. If it * contains 'Purgeable' the SAS definition can be permanently deleted by a * privileged user; otherwise, only the system can purge the SAS definition, at * the end of the retention interval. Possible values include: 'Purgeable', * 'Recoverable+Purgeable', 'Recoverable', 'Recoverable+ProtectedSubscription' * @member {object} [tags] Application specific metadata in the form of * key-value pairs */ export interface SasDefinitionBundle { readonly id?: string; readonly secretId?: string; readonly templateUri?: string; readonly sasType?: string; readonly validityPeriod?: string; readonly attributes?: SasDefinitionAttributes; readonly tags?: { [propertyName: string]: string }; } /** * @class * Initializes a new instance of the DeletedSasDefinitionBundle class. * @constructor * A deleted SAS definition bundle consisting of its previous id, attributes * and its tags, as well as information on when it will be purged. * * @member {string} [recoveryId] The url of the recovery object, used to * identify and recover the deleted SAS definition. * @member {date} [scheduledPurgeDate] The time when the SAS definition is * scheduled to be purged, in UTC * @member {date} [deletedDate] The time when the SAS definition was deleted, * in UTC */ export interface DeletedSasDefinitionBundle extends SasDefinitionBundle { recoveryId?: string; readonly scheduledPurgeDate?: Date; readonly deletedDate?: Date; } /** * @class * Initializes a new instance of the SasDefinitionItem class. * @constructor * The SAS definition item containing storage SAS definition metadata. * * @member {string} [id] The storage SAS identifier. * @member {string} [secretId] The storage account SAS definition secret id. * @member {object} [attributes] The SAS definition management attributes. * @member {boolean} [attributes.enabled] the enabled state of the object. * @member {date} [attributes.created] Creation time in UTC. * @member {date} [attributes.updated] Last updated time in UTC. * @member {string} [attributes.recoveryLevel] Reflects the deletion recovery * level currently in effect for SAS definitions in the current vault. If it * contains 'Purgeable' the SAS definition can be permanently deleted by a * privileged user; otherwise, only the system can purge the SAS definition, at * the end of the retention interval. Possible values include: 'Purgeable', * 'Recoverable+Purgeable', 'Recoverable', 'Recoverable+ProtectedSubscription' * @member {object} [tags] Application specific metadata in the form of * key-value pairs. */ export interface SasDefinitionItem { readonly id?: string; readonly secretId?: string; readonly attributes?: SasDefinitionAttributes; readonly tags?: { [propertyName: string]: string }; } /** * @class * Initializes a new instance of the DeletedSasDefinitionItem class. * @constructor * The deleted SAS definition item containing metadata about the deleted SAS * definition. * * @member {string} [recoveryId] The url of the recovery object, used to * identify and recover the deleted SAS definition. * @member {date} [scheduledPurgeDate] The time when the SAS definition is * scheduled to be purged, in UTC * @member {date} [deletedDate] The time when the SAS definition was deleted, * in UTC */ export interface DeletedSasDefinitionItem extends SasDefinitionItem { recoveryId?: string; readonly scheduledPurgeDate?: Date; readonly deletedDate?: Date; } /** * @class * Initializes a new instance of the SasDefinitionCreateParameters class. * @constructor * The SAS definition create parameters. * * @member {string} templateUri The SAS definition token template signed with * an arbitrary key. Tokens created according to the SAS definition will have * the same properties as the template. * @member {string} sasType The type of SAS token the SAS definition will * create. Possible values include: 'account', 'service' * @member {string} validityPeriod The validity period of SAS tokens created * according to the SAS definition. * @member {object} [sasDefinitionAttributes] The attributes of the SAS * definition. * @member {boolean} [sasDefinitionAttributes.enabled] the enabled state of the * object. * @member {date} [sasDefinitionAttributes.created] Creation time in UTC. * @member {date} [sasDefinitionAttributes.updated] Last updated time in UTC. * @member {string} [sasDefinitionAttributes.recoveryLevel] Reflects the * deletion recovery level currently in effect for SAS definitions in the * current vault. If it contains 'Purgeable' the SAS definition can be * permanently deleted by a privileged user; otherwise, only the system can * purge the SAS definition, at the end of the retention interval. Possible * values include: 'Purgeable', 'Recoverable+Purgeable', 'Recoverable', * 'Recoverable+ProtectedSubscription' * @member {object} [tags] Application specific metadata in the form of * key-value pairs. */ export interface SasDefinitionCreateParameters { templateUri: string; sasType: string; validityPeriod: string; sasDefinitionAttributes?: SasDefinitionAttributes; tags?: { [propertyName: string]: string }; } /** * @class * Initializes a new instance of the SasDefinitionUpdateParameters class. * @constructor * The SAS definition update parameters. * * @member {string} [templateUri] The SAS definition token template signed with * an arbitrary key. Tokens created according to the SAS definition will have * the same properties as the template. * @member {string} [sasType] The type of SAS token the SAS definition will * create. Possible values include: 'account', 'service' * @member {string} [validityPeriod] The validity period of SAS tokens created * according to the SAS definition. * @member {object} [sasDefinitionAttributes] The attributes of the SAS * definition. * @member {boolean} [sasDefinitionAttributes.enabled] the enabled state of the * object. * @member {date} [sasDefinitionAttributes.created] Creation time in UTC. * @member {date} [sasDefinitionAttributes.updated] Last updated time in UTC. * @member {string} [sasDefinitionAttributes.recoveryLevel] Reflects the * deletion recovery level currently in effect for SAS definitions in the * current vault. If it contains 'Purgeable' the SAS definition can be * permanently deleted by a privileged user; otherwise, only the system can * purge the SAS definition, at the end of the retention interval. Possible * values include: 'Purgeable', 'Recoverable+Purgeable', 'Recoverable', * 'Recoverable+ProtectedSubscription' * @member {object} [tags] Application specific metadata in the form of * key-value pairs. */ export interface SasDefinitionUpdateParameters { templateUri?: string; sasType?: string; validityPeriod?: string; sasDefinitionAttributes?: SasDefinitionAttributes; tags?: { [propertyName: string]: string }; } /** * @class * Initializes a new instance of the KeyVaultError class. * @constructor * The key vault error exception. * * @member {object} [error] * @member {string} [error.code] The error code. * @member {string} [error.message] The error message. * @member {object} [error.innerError] */ export interface KeyVaultError { readonly error?: ErrorModel; } /** * @class * Initializes a new instance of the CertificateRestoreParameters class. * @constructor * The certificate restore parameters. * * @member {buffer} certificateBundleBackup The backup blob associated with a * certificate bundle. */ export interface CertificateRestoreParameters { certificateBundleBackup: Buffer; } /** * @class * Initializes a new instance of the BackupCertificateResult class. * @constructor * The backup certificate result, containing the backup blob. * * @member {buffer} [value] The backup blob containing the backed up * certificate. */ export interface BackupCertificateResult { readonly value?: Buffer; } /** * @class * Initializes a new instance of the KeyListResult class. * @constructor * The key list result. * * @member {string} [nextLink] The URL to get the next set of keys. */ export interface KeyListResult extends Array { readonly nextLink?: string; } /** * @class * Initializes a new instance of the DeletedKeyListResult class. * @constructor * A list of keys that have been deleted in this vault. * * @member {string} [nextLink] The URL to get the next set of deleted keys. */ export interface DeletedKeyListResult extends Array { readonly nextLink?: string; } /** * @class * Initializes a new instance of the SecretListResult class. * @constructor * The secret list result. * * @member {string} [nextLink] The URL to get the next set of secrets. */ export interface SecretListResult extends Array { readonly nextLink?: string; } /** * @class * Initializes a new instance of the DeletedSecretListResult class. * @constructor * The deleted secret list result * * @member {string} [nextLink] The URL to get the next set of deleted secrets. */ export interface DeletedSecretListResult extends Array { readonly nextLink?: string; } /** * @class * Initializes a new instance of the CertificateListResult class. * @constructor * The certificate list result. * * @member {string} [nextLink] The URL to get the next set of certificates. */ export interface CertificateListResult extends Array { readonly nextLink?: string; } /** * @class * Initializes a new instance of the CertificateIssuerListResult class. * @constructor * The certificate issuer list result. * * @member {string} [nextLink] The URL to get the next set of certificate * issuers. */ export interface CertificateIssuerListResult extends Array { readonly nextLink?: string; } /** * @class * Initializes a new instance of the DeletedCertificateListResult class. * @constructor * A list of certificates that have been deleted in this vault. * * @member {string} [nextLink] The URL to get the next set of deleted * certificates. */ export interface DeletedCertificateListResult extends Array { readonly nextLink?: string; } /** * @class * Initializes a new instance of the StorageListResult class. * @constructor * The storage accounts list result. * * @member {string} [nextLink] The URL to get the next set of storage accounts. */ export interface StorageListResult extends Array { readonly nextLink?: string; } /** * @class * Initializes a new instance of the DeletedStorageListResult class. * @constructor * The deleted storage account list result * * @member {string} [nextLink] The URL to get the next set of deleted storage * accounts. */ export interface DeletedStorageListResult extends Array { readonly nextLink?: string; } /** * @class * Initializes a new instance of the SasDefinitionListResult class. * @constructor * The storage account SAS definition list result. * * @member {string} [nextLink] The URL to get the next set of SAS defintions. */ export interface SasDefinitionListResult extends Array { readonly nextLink?: string; } /** * @class * Initializes a new instance of the DeletedSasDefinitionListResult class. * @constructor * The deleted SAS definition list result * * @member {string} [nextLink] The URL to get the next set of deleted SAS * definitions. */ export interface DeletedSasDefinitionListResult extends Array { readonly nextLink?: string; }