|
208 | 208 | } |
209 | 209 | } |
210 | 210 | }, |
211 | | - "/ekm": { |
212 | | - "get": { |
213 | | - "operationId": "GetEkmConnection", |
214 | | - "summary": "Gets the EKM connection.", |
215 | | - "description": "The External Key Manager (EKM) Get operation returns EKM connection. This operation requires ekm/read permission.", |
216 | | - "parameters": [ |
217 | | - { |
218 | | - "$ref": "#/parameters/Azure.Core.Foundations.ApiVersionParameter" |
219 | | - } |
220 | | - ], |
221 | | - "responses": { |
222 | | - "200": { |
223 | | - "description": "The request has succeeded.", |
224 | | - "schema": { |
225 | | - "$ref": "#/definitions/EkmConnection" |
226 | | - } |
227 | | - }, |
228 | | - "default": { |
229 | | - "description": "An unexpected error response.", |
230 | | - "schema": { |
231 | | - "$ref": "#/definitions/KeyVaultError" |
232 | | - } |
233 | | - } |
234 | | - } |
235 | | - }, |
236 | | - "patch": { |
237 | | - "operationId": "UpdateEkmConnection", |
238 | | - "summary": "Updates the EKM connection.", |
239 | | - "description": "The External Key Manager (EKM) updates the existing EKM connection. If the EKM connection does not exist, this operation fails. This operation requires ekm/write permission.", |
240 | | - "parameters": [ |
241 | | - { |
242 | | - "$ref": "#/parameters/Azure.Core.Foundations.ApiVersionParameter" |
243 | | - }, |
244 | | - { |
245 | | - "name": "ekmConnection", |
246 | | - "in": "body", |
247 | | - "description": "The ekmConnection to update.", |
248 | | - "required": true, |
249 | | - "schema": { |
250 | | - "$ref": "#/definitions/EkmConnectionUpdate" |
251 | | - } |
252 | | - } |
253 | | - ], |
254 | | - "responses": { |
255 | | - "200": { |
256 | | - "description": "The request has succeeded.", |
257 | | - "schema": { |
258 | | - "$ref": "#/definitions/EkmConnection" |
259 | | - } |
260 | | - }, |
261 | | - "default": { |
262 | | - "description": "An unexpected error response.", |
263 | | - "schema": { |
264 | | - "$ref": "#/definitions/KeyVaultError" |
265 | | - } |
266 | | - } |
267 | | - } |
268 | | - }, |
269 | | - "delete": { |
270 | | - "operationId": "DeleteEkmConnection", |
271 | | - "summary": "Deletes the EKM connection.", |
272 | | - "description": "The External Key Manager (EKM) deletes the existing EKM connection. If the EKM connection does not already exists, this operation fails. This operation requires ekm/delete permission.", |
273 | | - "parameters": [ |
274 | | - { |
275 | | - "$ref": "#/parameters/Azure.Core.Foundations.ApiVersionParameter" |
276 | | - } |
277 | | - ], |
278 | | - "responses": { |
279 | | - "200": { |
280 | | - "description": "The request has succeeded.", |
281 | | - "schema": { |
282 | | - "$ref": "#/definitions/EkmConnection" |
283 | | - } |
284 | | - }, |
285 | | - "default": { |
286 | | - "description": "An unexpected error response.", |
287 | | - "schema": { |
288 | | - "$ref": "#/definitions/KeyVaultError" |
289 | | - } |
290 | | - } |
291 | | - } |
292 | | - } |
293 | | - }, |
294 | | - "/ekm/certificate": { |
295 | | - "get": { |
296 | | - "operationId": "GetEkmCertificate", |
297 | | - "summary": "Gets the EKM proxy client certificate.", |
298 | | - "description": "The External Key Manager (EKM) Certificate Get operation returns Proxy client certificate. This operation requires ekm/read permission.", |
299 | | - "parameters": [ |
300 | | - { |
301 | | - "$ref": "#/parameters/Azure.Core.Foundations.ApiVersionParameter" |
302 | | - } |
303 | | - ], |
304 | | - "responses": { |
305 | | - "200": { |
306 | | - "description": "The request has succeeded.", |
307 | | - "schema": { |
308 | | - "$ref": "#/definitions/EkmProxyClientCertificateInfo" |
309 | | - } |
310 | | - }, |
311 | | - "default": { |
312 | | - "description": "An unexpected error response.", |
313 | | - "schema": { |
314 | | - "$ref": "#/definitions/KeyVaultError" |
315 | | - } |
316 | | - } |
317 | | - } |
318 | | - } |
319 | | - }, |
320 | | - "/ekm/check": { |
321 | | - "post": { |
322 | | - "operationId": "CheckEkmConnection", |
323 | | - "summary": "Checks the connectivity and authentication with the EKM proxy.", |
324 | | - "description": "The External Key Manager (EKM) Check operation checks the connectivity and authentication with the EKM proxy. This operation requires ekm/read permission.", |
325 | | - "parameters": [ |
326 | | - { |
327 | | - "$ref": "#/parameters/Azure.Core.Foundations.ApiVersionParameter" |
328 | | - } |
329 | | - ], |
330 | | - "responses": { |
331 | | - "200": { |
332 | | - "description": "The request has succeeded.", |
333 | | - "schema": { |
334 | | - "$ref": "#/definitions/EkmProxyInfo" |
335 | | - } |
336 | | - }, |
337 | | - "default": { |
338 | | - "description": "An unexpected error response.", |
339 | | - "schema": { |
340 | | - "$ref": "#/definitions/KeyVaultError" |
341 | | - } |
342 | | - } |
343 | | - } |
344 | | - } |
345 | | - }, |
346 | | - "/ekm/create": { |
347 | | - "post": { |
348 | | - "operationId": "CreateEkmConnection", |
349 | | - "summary": "Creates the EKM connection.", |
350 | | - "description": "The External Key Manager (EKM) sets up the EKM connection. If the EKM connection already exists, this operation fails. This operation requires ekm/write permission.", |
351 | | - "parameters": [ |
352 | | - { |
353 | | - "$ref": "#/parameters/Azure.Core.Foundations.ApiVersionParameter" |
354 | | - }, |
355 | | - { |
356 | | - "name": "ekmConnection", |
357 | | - "in": "body", |
358 | | - "description": "The ekmConnection to create.", |
359 | | - "required": true, |
360 | | - "schema": { |
361 | | - "$ref": "#/definitions/EkmConnection" |
362 | | - } |
363 | | - } |
364 | | - ], |
365 | | - "responses": { |
366 | | - "200": { |
367 | | - "description": "The request has succeeded.", |
368 | | - "schema": { |
369 | | - "$ref": "#/definitions/EkmConnection" |
370 | | - } |
371 | | - }, |
372 | | - "default": { |
373 | | - "description": "An unexpected error response.", |
374 | | - "schema": { |
375 | | - "$ref": "#/definitions/KeyVaultError" |
376 | | - } |
377 | | - } |
378 | | - } |
379 | | - } |
380 | | - }, |
381 | 211 | "/keys": { |
382 | 212 | "get": { |
383 | 213 | "operationId": "GetKeys", |
|
1715 | 1545 | ] |
1716 | 1546 | } |
1717 | 1547 | }, |
1718 | | - "EkmConnection": { |
1719 | | - "type": "object", |
1720 | | - "description": "A EkmConnection model object.", |
1721 | | - "properties": { |
1722 | | - "host": { |
1723 | | - "type": "string", |
1724 | | - "description": "EKM proxy FQDN (Fully Qualified Domain Name). Only allowed characters are a-z, A-Z, 0-9, hyphen (-), dot (.), and colon (:)." |
1725 | | - }, |
1726 | | - "path_prefix": { |
1727 | | - "type": "string", |
1728 | | - "description": "Optional path prefix for the EKM proxy (if any).", |
1729 | | - "x-ms-client-name": "pathPrefix" |
1730 | | - }, |
1731 | | - "server_ca_certificates": { |
1732 | | - "type": "array", |
1733 | | - "description": "The root CA certificate chain that issued the proxy server's certificate. An array of certificates in the certificate chain, each in DER format and base64 encoded.", |
1734 | | - "items": { |
1735 | | - "type": "string", |
1736 | | - "format": "byte" |
1737 | | - }, |
1738 | | - "x-ms-client-name": "serverCaCertificates" |
1739 | | - }, |
1740 | | - "server_subject_common_name": { |
1741 | | - "type": "string", |
1742 | | - "description": "The subject common name of the server certificate of EKM Proxy.", |
1743 | | - "x-ms-client-name": "serverSubjectCommonName" |
1744 | | - } |
1745 | | - }, |
1746 | | - "required": [ |
1747 | | - "host", |
1748 | | - "server_ca_certificates" |
1749 | | - ] |
1750 | | - }, |
1751 | | - "EkmConnectionUpdate": { |
1752 | | - "type": "object", |
1753 | | - "description": "A EkmConnection model object.", |
1754 | | - "properties": { |
1755 | | - "host": { |
1756 | | - "type": "string", |
1757 | | - "description": "EKM proxy FQDN (Fully Qualified Domain Name). Only allowed characters are a-z, A-Z, 0-9, hyphen (-), dot (.), and colon (:)." |
1758 | | - }, |
1759 | | - "path_prefix": { |
1760 | | - "type": "string", |
1761 | | - "description": "Optional path prefix for the EKM proxy (if any).", |
1762 | | - "x-ms-client-name": "pathPrefix" |
1763 | | - }, |
1764 | | - "server_ca_certificates": { |
1765 | | - "type": "array", |
1766 | | - "description": "The root CA certificate chain that issued the proxy server's certificate. An array of certificates in the certificate chain, each in DER format and base64 encoded.", |
1767 | | - "items": { |
1768 | | - "type": "string", |
1769 | | - "format": "byte" |
1770 | | - }, |
1771 | | - "x-ms-client-name": "serverCaCertificates" |
1772 | | - }, |
1773 | | - "server_subject_common_name": { |
1774 | | - "type": "string", |
1775 | | - "description": "The subject common name of the server certificate of EKM Proxy.", |
1776 | | - "x-ms-client-name": "serverSubjectCommonName" |
1777 | | - } |
1778 | | - } |
1779 | | - }, |
1780 | | - "EkmProxyClientCertificateInfo": { |
1781 | | - "type": "object", |
1782 | | - "description": "EKM proxy client certificate information.", |
1783 | | - "properties": { |
1784 | | - "ca_certificates": { |
1785 | | - "type": "array", |
1786 | | - "description": "The client root CA certificate chain to authenticate to the EKM proxy. An array of certificates in the certificate chain, each in DER format and base64 encoded.", |
1787 | | - "items": { |
1788 | | - "type": "string", |
1789 | | - "format": "byte" |
1790 | | - }, |
1791 | | - "readOnly": true, |
1792 | | - "x-ms-client-name": "caCertificates" |
1793 | | - }, |
1794 | | - "subject_common_name": { |
1795 | | - "type": "string", |
1796 | | - "description": "The subject common name of the client certificate used to authenticate to the EKM proxy.", |
1797 | | - "readOnly": true, |
1798 | | - "x-ms-client-name": "subjectCommonName" |
1799 | | - } |
1800 | | - }, |
1801 | | - "required": [ |
1802 | | - "ca_certificates", |
1803 | | - "subject_common_name" |
1804 | | - ] |
1805 | | - }, |
1806 | | - "EkmProxyInfo": { |
1807 | | - "type": "object", |
1808 | | - "description": "EKM proxy information.", |
1809 | | - "properties": { |
1810 | | - "api_version": { |
1811 | | - "type": "string", |
1812 | | - "description": "The highest version of proxy interface API supported by the EKM Proxy.", |
1813 | | - "x-ms-client-name": "apiVersion" |
1814 | | - }, |
1815 | | - "proxy_vendor": { |
1816 | | - "type": "string", |
1817 | | - "description": "The name of the proxy vendor.", |
1818 | | - "x-ms-client-name": "proxyVendor" |
1819 | | - }, |
1820 | | - "proxy_name": { |
1821 | | - "type": "string", |
1822 | | - "description": "The name of the proxy product and its version.", |
1823 | | - "x-ms-client-name": "proxyName" |
1824 | | - }, |
1825 | | - "ekm_vendor": { |
1826 | | - "type": "string", |
1827 | | - "description": "The name of the EKM vendor.", |
1828 | | - "x-ms-client-name": "ekmVendor" |
1829 | | - }, |
1830 | | - "ekm_product": { |
1831 | | - "type": "string", |
1832 | | - "description": "The name of the EKM product and its version.", |
1833 | | - "x-ms-client-name": "ekmProduct" |
1834 | | - } |
1835 | | - }, |
1836 | | - "required": [ |
1837 | | - "api_version", |
1838 | | - "proxy_vendor", |
1839 | | - "proxy_name", |
1840 | | - "ekm_vendor", |
1841 | | - "ekm_product" |
1842 | | - ] |
1843 | | - }, |
1844 | 1548 | "Error": { |
1845 | 1549 | "type": "object", |
1846 | 1550 | "properties": { |
|
0 commit comments