azure.keyvault.models module¶
-
class
azure.keyvault.models.
Attributes
(*, enabled: bool = None, not_before=None, expires=None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
The object attributes managed by the KeyVault service.
Variables are only populated by the server, and will be ignored when sending a request.
-
class
azure.keyvault.models.
JsonWebKey
(*, kid: str = None, kty=None, key_ops=None, n: bytes = None, e: bytes = None, d: bytes = None, dp: bytes = None, dq: bytes = None, qi: bytes = None, p: bytes = None, q: bytes = None, k: bytes = None, t: bytes = None, crv=None, x: bytes = None, y: bytes = None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
As of http://tools.ietf.org/html/draft-ietf-jose-json-web-key-18.
- Parameters
kid (str) – Key identifier.
kty (str or JsonWebKeyType) – JsonWebKey Key Type (kty), as defined in https://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-40. Possible values include: ‘EC’, ‘EC-HSM’, ‘RSA’, ‘RSA-HSM’, ‘oct’
key_ops (list[str]) –
n (bytes) – RSA modulus.
e (bytes) – RSA public exponent.
d (bytes) – RSA private exponent, or the D component of an EC private key.
dp (bytes) – RSA private key parameter.
dq (bytes) – RSA private key parameter.
qi (bytes) – RSA private key parameter.
p (bytes) – RSA secret prime.
q (bytes) – RSA secret prime, with p < q.
k (bytes) – Symmetric key.
t (bytes) – HSM Token, used with ‘Bring Your Own Key’.
crv (str or JsonWebKeyCurveName) – Elliptic curve name. For valid values, see JsonWebKeyCurveName. Possible values include: ‘P-256’, ‘P-384’, ‘P-521’, ‘P-256K’
x (bytes) – X component of an EC public key.
y (bytes) – Y component of an EC public key.
-
class
azure.keyvault.models.
KeyAttributes
(*, enabled: bool = None, not_before=None, expires=None, **kwargs)[source]¶ Bases:
azure.keyvault.models.attributes_py3.Attributes
The attributes of a key managed by the key vault service.
Variables are only populated by the server, and will be ignored when sending a request.
- Parameters
enabled (bool) – Determines whether the object is enabled.
not_before (datetime) – Not before date in UTC.
expires (datetime) – Expiry date in UTC.
- Variables
created (datetime) – Creation time in UTC.
updated (datetime) – Last updated time in UTC.
recovery_level (str or DeletionRecoveryLevel) – Reflects the deletion recovery level currently in effect for keys in the current vault. If it contains ‘Purgeable’ the key can be permanently deleted by a privileged user; otherwise, only the system can purge the key, at the end of the retention interval. Possible values include: ‘Purgeable’, ‘Recoverable+Purgeable’, ‘Recoverable’, ‘Recoverable+ProtectedSubscription’
-
class
azure.keyvault.models.
KeyBundle
(*, key=None, attributes=None, tags=None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
A KeyBundle consisting of a WebKey plus its attributes.
Variables are only populated by the server, and will be ignored when sending a request.
- Parameters
key (JsonWebKey) – The Json web key.
attributes (KeyAttributes) – The key management attributes.
tags (dict[str, str]) – Application specific metadata in the form of key-value pairs.
- Variables
managed (bool) – True if the key’s lifetime is managed by key vault. If this is a key backing a certificate, then managed will be true.
-
class
azure.keyvault.models.
KeyItem
(*, kid: str = None, attributes=None, tags=None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
The key item containing key metadata.
Variables are only populated by the server, and will be ignored when sending a request.
- Parameters
kid (str) – Key identifier.
attributes (KeyAttributes) – The key management attributes.
tags (dict[str, str]) – Application specific metadata in the form of key-value pairs.
- Variables
managed (bool) – True if the key’s lifetime is managed by key vault. If this is a key backing a certificate, then managed will be true.
-
class
azure.keyvault.models.
DeletedKeyBundle
(*, key=None, attributes=None, tags=None, recovery_id: str = None, **kwargs)[source]¶ Bases:
azure.keyvault.models.key_bundle_py3.KeyBundle
A DeletedKeyBundle consisting of a WebKey plus its Attributes and deletion info.
Variables are only populated by the server, and will be ignored when sending a request.
- Parameters
key (JsonWebKey) – The Json web key.
attributes (KeyAttributes) – The key management attributes.
tags (dict[str, str]) – Application specific metadata in the form of key-value pairs.
recovery_id (str) – The url of the recovery object, used to identify and recover the deleted key.
- Variables
managed (bool) – True if the key’s lifetime is managed by key vault. If this is a key backing a certificate, then managed will be true.
scheduled_purge_date (datetime) – The time when the key is scheduled to be purged, in UTC
deleted_date (datetime) – The time when the key was deleted, in UTC
-
class
azure.keyvault.models.
DeletedKeyItem
(*, kid: str = None, attributes=None, tags=None, recovery_id: str = None, **kwargs)[source]¶ Bases:
azure.keyvault.models.key_item_py3.KeyItem
The deleted key item containing the deleted key metadata and information about deletion.
Variables are only populated by the server, and will be ignored when sending a request.
- Parameters
kid (str) – Key identifier.
attributes (KeyAttributes) – The key management attributes.
tags (dict[str, str]) – Application specific metadata in the form of key-value pairs.
recovery_id (str) – The url of the recovery object, used to identify and recover the deleted key.
- Variables
managed (bool) – True if the key’s lifetime is managed by key vault. If this is a key backing a certificate, then managed will be true.
scheduled_purge_date (datetime) – The time when the key is scheduled to be purged, in UTC
deleted_date (datetime) – The time when the key was deleted, in UTC
-
class
azure.keyvault.models.
SecretAttributes
(*, enabled: bool = None, not_before=None, expires=None, **kwargs)[source]¶ Bases:
azure.keyvault.models.attributes_py3.Attributes
The secret management attributes.
Variables are only populated by the server, and will be ignored when sending a request.
- Parameters
enabled (bool) – Determines whether the object is enabled.
not_before (datetime) – Not before date in UTC.
expires (datetime) – Expiry date in UTC.
- Variables
created (datetime) – Creation time in UTC.
updated (datetime) – Last updated time in UTC.
recovery_level (str or DeletionRecoveryLevel) – Reflects the deletion recovery level currently in effect for secrets in the current vault. If it contains ‘Purgeable’, the secret can be permanently deleted by a privileged user; otherwise, only the system can purge the secret, at the end of the retention interval. Possible values include: ‘Purgeable’, ‘Recoverable+Purgeable’, ‘Recoverable’, ‘Recoverable+ProtectedSubscription’
-
class
azure.keyvault.models.
SecretBundle
(*, value: str = None, id: str = None, content_type: str = None, attributes=None, tags=None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
A secret consisting of a value, id and its attributes.
Variables are only populated by the server, and will be ignored when sending a request.
- Parameters
value (str) – The secret value.
id (str) – The secret id.
content_type (str) – The content type of the secret.
attributes (SecretAttributes) – The secret management attributes.
tags (dict[str, str]) – Application specific metadata in the form of key-value pairs.
- Variables
kid (str) – If this is a secret backing a KV certificate, then this field specifies the corresponding key backing the KV certificate.
managed (bool) – True if the secret’s lifetime is managed by key vault. If this is a secret backing a certificate, then managed will be true.
-
class
azure.keyvault.models.
SecretItem
(*, id: str = None, attributes=None, tags=None, content_type: str = None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
The secret item containing secret metadata.
Variables are only populated by the server, and will be ignored when sending a request.
- Parameters
id (str) – Secret identifier.
attributes (SecretAttributes) – The secret management attributes.
tags (dict[str, str]) – Application specific metadata in the form of key-value pairs.
content_type (str) – Type of the secret value such as a password.
- Variables
managed (bool) – True if the secret’s lifetime is managed by key vault. If this is a key backing a certificate, then managed will be true.
-
class
azure.keyvault.models.
DeletedSecretBundle
(*, value: str = None, id: str = None, content_type: str = None, attributes=None, tags=None, recovery_id: str = None, **kwargs)[source]¶ Bases:
azure.keyvault.models.secret_bundle_py3.SecretBundle
A Deleted Secret consisting of its previous id, attributes and its tags, as well as information on when it will be purged.
Variables are only populated by the server, and will be ignored when sending a request.
- Parameters
value (str) – The secret value.
id (str) – The secret id.
content_type (str) – The content type of the secret.
attributes (SecretAttributes) – The secret management attributes.
tags (dict[str, str]) – Application specific metadata in the form of key-value pairs.
recovery_id (str) – The url of the recovery object, used to identify and recover the deleted secret.
- Variables
kid (str) – If this is a secret backing a KV certificate, then this field specifies the corresponding key backing the KV certificate.
managed (bool) – True if the secret’s lifetime is managed by key vault. If this is a secret backing a certificate, then managed will be true.
scheduled_purge_date (datetime) – The time when the secret is scheduled to be purged, in UTC
deleted_date (datetime) – The time when the secret was deleted, in UTC
-
class
azure.keyvault.models.
DeletedSecretItem
(*, id: str = None, attributes=None, tags=None, content_type: str = None, recovery_id: str = None, **kwargs)[source]¶ Bases:
azure.keyvault.models.secret_item_py3.SecretItem
The deleted secret item containing metadata about the deleted secret.
Variables are only populated by the server, and will be ignored when sending a request.
- Parameters
id (str) – Secret identifier.
attributes (SecretAttributes) – The secret management attributes.
tags (dict[str, str]) – Application specific metadata in the form of key-value pairs.
content_type (str) – Type of the secret value such as a password.
recovery_id (str) – The url of the recovery object, used to identify and recover the deleted secret.
- Variables
managed (bool) – True if the secret’s lifetime is managed by key vault. If this is a key backing a certificate, then managed will be true.
scheduled_purge_date (datetime) – The time when the secret is scheduled to be purged, in UTC
deleted_date (datetime) – The time when the secret was deleted, in UTC
-
class
azure.keyvault.models.
SecretRestoreParameters
(*, secret_bundle_backup: bytes, **kwargs)[source]¶ Bases:
msrest.serialization.Model
The secret restore parameters.
All required parameters must be populated in order to send to Azure.
- Parameters
secret_bundle_backup (bytes) – Required. The backup blob associated with a secret bundle.
-
class
azure.keyvault.models.
StorageRestoreParameters
(*, storage_bundle_backup: bytes, **kwargs)[source]¶ Bases:
msrest.serialization.Model
The secret restore parameters.
All required parameters must be populated in order to send to Azure.
- Parameters
storage_bundle_backup (bytes) – Required. The backup blob associated with a storage account.
-
class
azure.keyvault.models.
CertificateAttributes
(*, enabled: bool = None, not_before=None, expires=None, **kwargs)[source]¶ Bases:
azure.keyvault.models.attributes_py3.Attributes
The certificate management attributes.
Variables are only populated by the server, and will be ignored when sending a request.
- Parameters
enabled (bool) – Determines whether the object is enabled.
not_before (datetime) – Not before date in UTC.
expires (datetime) – Expiry date in UTC.
- Variables
created (datetime) – Creation time in UTC.
updated (datetime) – Last updated time in UTC.
recovery_level (str or DeletionRecoveryLevel) – Reflects the deletion recovery level currently in effect for certificates in the current vault. If it contains ‘Purgeable’, the certificate can be permanently deleted by a privileged user; otherwise, only the system can purge the certificate, at the end of the retention interval. Possible values include: ‘Purgeable’, ‘Recoverable+Purgeable’, ‘Recoverable’, ‘Recoverable+ProtectedSubscription’
-
class
azure.keyvault.models.
CertificateItem
(*, id: str = None, attributes=None, tags=None, x509_thumbprint: bytes = None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
The certificate item containing certificate metadata.
- Parameters
id (str) – Certificate identifier.
attributes (CertificateAttributes) – The certificate management attributes.
tags (dict[str, str]) – Application specific metadata in the form of key-value pairs.
x509_thumbprint (bytes) – Thumbprint of the certificate.
-
class
azure.keyvault.models.
CertificateIssuerItem
(*, id: str = None, provider: str = None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
The certificate issuer item containing certificate issuer metadata.
- Parameters
id (str) – Certificate Identifier.
provider (str) – The issuer provider.
-
class
azure.keyvault.models.
KeyProperties
(*, exportable: bool = None, key_type=None, key_size: int = None, reuse_key: bool = None, curve=None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
Properties of the key pair backing a certificate.
- Parameters
exportable (bool) – Indicates if the private key can be exported.
key_type (str or JsonWebKeyType) – The type of key pair to be used for the certificate. Possible values include: ‘EC’, ‘EC-HSM’, ‘RSA’, ‘RSA-HSM’, ‘oct’
key_size (int) – The key size in bits. For example: 2048, 3072, or 4096 for RSA.
reuse_key (bool) – Indicates if the same key pair will be used on certificate renewal.
curve (str or JsonWebKeyCurveName) – Elliptic curve name. For valid values, see JsonWebKeyCurveName. Possible values include: ‘P-256’, ‘P-384’, ‘P-521’, ‘P-256K’
-
class
azure.keyvault.models.
SecretProperties
(*, content_type: str = None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
Properties of the key backing a certificate.
- Parameters
content_type (str) – The media type (MIME type).
-
class
azure.keyvault.models.
SubjectAlternativeNames
(*, emails=None, dns_names=None, upns=None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
The subject alternate names of a X509 object.
- Parameters
emails (list[str]) – Email addresses.
dns_names (list[str]) – Domain names.
upns (list[str]) – User principal names.
-
class
azure.keyvault.models.
X509CertificateProperties
(*, subject: str = None, ekus=None, subject_alternative_names=None, key_usage=None, validity_in_months: int = None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
Properties of the X509 component of a certificate.
- Parameters
subject (str) – The subject name. Should be a valid X509 distinguished Name.
ekus (list[str]) – The enhanced key usage.
subject_alternative_names (SubjectAlternativeNames) – The subject alternative names.
key_usage (list[str or KeyUsageType]) – List of key usages.
validity_in_months (int) – The duration that the ceritifcate is valid in months.
-
class
azure.keyvault.models.
Trigger
(*, lifetime_percentage: int = None, days_before_expiry: int = None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
A condition to be satisfied for an action to be executed.
- Parameters
lifetime_percentage (int) – Percentage of lifetime at which to trigger. Value should be between 1 and 99.
days_before_expiry (int) – Days before expiry to attempt renewal. Value should be between 1 and validity_in_months multiplied by 27. If validity_in_months is 36, then value should be between 1 and 972 (36 * 27).
-
class
azure.keyvault.models.
Action
(*, action_type=None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
The action that will be executed.
- Parameters
action_type (str or ActionType) – The type of the action. Possible values include: ‘EmailContacts’, ‘AutoRenew’
-
class
azure.keyvault.models.
LifetimeAction
(*, trigger=None, action=None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
Action and its trigger that will be performed by Key Vault over the lifetime of a certificate.
-
class
azure.keyvault.models.
IssuerParameters
(*, name: str = None, certificate_type: str = None, certificate_transparency: bool = None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
Parameters for the issuer of the X509 component of a certificate.
- Parameters
name (str) – Name of the referenced issuer object or reserved names; for example, ‘Self’ or ‘Unknown’.
certificate_type (str) – Type of certificate to be requested from the issuer provider.
certificate_transparency (bool) – Indicates if the certificates generated under this policy should be published to certificate transparency logs.
-
class
azure.keyvault.models.
CertificatePolicy
(*, key_properties=None, secret_properties=None, x509_certificate_properties=None, lifetime_actions=None, issuer_parameters=None, attributes=None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
Management policy for a certificate.
Variables are only populated by the server, and will be ignored when sending a request.
- Variables
id (str) – The certificate id.
- Parameters
key_properties (KeyProperties) – Properties of the key backing a certificate.
secret_properties (SecretProperties) – Properties of the secret backing a certificate.
x509_certificate_properties (X509CertificateProperties) – Properties of the X509 component of a certificate.
lifetime_actions (list[LifetimeAction]) – Actions that will be performed by Key Vault over the lifetime of a certificate.
issuer_parameters (IssuerParameters) – Parameters for the issuer of the X509 component of a certificate.
attributes (CertificateAttributes) – The certificate attributes.
-
class
azure.keyvault.models.
CertificateBundle
(*, cer: bytearray = None, content_type: str = None, attributes=None, tags=None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
A certificate bundle consists of a certificate (X509) plus its attributes.
Variables are only populated by the server, and will be ignored when sending a request.
- Variables
id (str) – The certificate id.
kid (str) – The key id.
sid (str) – The secret id.
x509_thumbprint (bytes) – Thumbprint of the certificate.
policy (CertificatePolicy) – The management policy.
- Parameters
cer (bytearray) – CER contents of x509 certificate.
content_type (str) – The content type of the secret.
attributes (CertificateAttributes) – The certificate attributes.
tags (dict[str, str]) – Application specific metadata in the form of key-value pairs
-
class
azure.keyvault.models.
DeletedCertificateBundle
(*, cer: bytearray = None, content_type: str = None, attributes=None, tags=None, recovery_id: str = None, **kwargs)[source]¶ Bases:
azure.keyvault.models.certificate_bundle_py3.CertificateBundle
A Deleted Certificate consisting of its previous id, attributes and its tags, as well as information on when it will be purged.
Variables are only populated by the server, and will be ignored when sending a request.
- Variables
id (str) – The certificate id.
kid (str) – The key id.
sid (str) – The secret id.
x509_thumbprint (bytes) – Thumbprint of the certificate.
policy (CertificatePolicy) – The management policy.
scheduled_purge_date (datetime) – The time when the certificate is scheduled to be purged, in UTC
deleted_date (datetime) – The time when the certificate was deleted, in UTC
- Parameters
cer (bytearray) – CER contents of x509 certificate.
content_type (str) – The content type of the secret.
attributes (CertificateAttributes) – The certificate attributes.
tags (dict[str, str]) – Application specific metadata in the form of key-value pairs
recovery_id (str) – The url of the recovery object, used to identify and recover the deleted certificate.
-
class
azure.keyvault.models.
DeletedCertificateItem
(*, id: str = None, attributes=None, tags=None, x509_thumbprint: bytes = None, recovery_id: str = None, **kwargs)[source]¶ Bases:
azure.keyvault.models.certificate_item_py3.CertificateItem
The deleted certificate item containing metadata about the deleted certificate.
Variables are only populated by the server, and will be ignored when sending a request.
- Parameters
id (str) – Certificate identifier.
attributes (CertificateAttributes) – The certificate management attributes.
tags (dict[str, str]) – Application specific metadata in the form of key-value pairs.
x509_thumbprint (bytes) – Thumbprint of the certificate.
recovery_id (str) – The url of the recovery object, used to identify and recover the deleted certificate.
- Variables
scheduled_purge_date (datetime) – The time when the certificate is scheduled to be purged, in UTC
deleted_date (datetime) – The time when the certificate was deleted, in UTC
-
class
azure.keyvault.models.
Error
(**kwargs)[source]¶ Bases:
msrest.serialization.Model
The key vault server error.
Variables are only populated by the server, and will be ignored when sending a request.
-
class
azure.keyvault.models.
CertificateOperation
(*, issuer_parameters=None, csr: bytearray = None, cancellation_requested: bool = None, status: str = None, status_details: str = None, error=None, target: str = None, request_id: str = None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
A certificate operation is returned in case of asynchronous requests.
Variables are only populated by the server, and will be ignored when sending a request.
- Variables
id (str) – The certificate id.
- Parameters
issuer_parameters (IssuerParameters) – Parameters for the issuer of the X509 component of a certificate.
csr (bytearray) – The certificate signing request (CSR) that is being used in the certificate operation.
cancellation_requested (bool) – Indicates if cancellation was requested on the certificate operation.
status (str) – Status of the certificate operation.
status_details (str) – The status details of the certificate operation.
error (Error) – Error encountered, if any, during the certificate operation.
target (str) – Location which contains the result of the certificate operation.
request_id (str) – Identifier for the certificate operation.
-
class
azure.keyvault.models.
IssuerCredentials
(*, account_id: str = None, password: str = None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
The credentials to be used for the certificate issuer.
- Parameters
account_id (str) – The user name/account name/account id.
password (str) – The password/secret/account key.
-
class
azure.keyvault.models.
AdministratorDetails
(*, first_name: str = None, last_name: str = None, email_address: str = None, phone: str = None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
Details of the organization administrator of the certificate issuer.
- Parameters
first_name (str) – First name.
last_name (str) – Last name.
email_address (str) – Email addresss.
phone (str) – Phone number.
-
class
azure.keyvault.models.
OrganizationDetails
(*, id: str = None, admin_details=None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
Details of the organization of the certificate issuer.
- Parameters
id (str) – Id of the organization.
admin_details (list[AdministratorDetails]) – Details of the organization administrator.
-
class
azure.keyvault.models.
IssuerAttributes
(*, enabled: bool = None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
The attributes of an issuer managed by the Key Vault service.
Variables are only populated by the server, and will be ignored when sending a request.
-
class
azure.keyvault.models.
IssuerBundle
(*, provider: str = None, credentials=None, organization_details=None, attributes=None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
The issuer for Key Vault certificate.
Variables are only populated by the server, and will be ignored when sending a request.
- Variables
id (str) – Identifier for the issuer object.
- Parameters
provider (str) – The issuer provider.
credentials (IssuerCredentials) – The credentials to be used for the issuer.
organization_details (OrganizationDetails) – Details of the organization as provided to the issuer.
attributes (IssuerAttributes) – Attributes of the issuer object.
-
class
azure.keyvault.models.
Contact
(*, email_address: str = None, name: str = None, phone: str = None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
The contact information for the vault certificates.
- Parameters
email_address (str) – Email addresss.
name (str) – Name.
phone (str) – Phone number.
-
class
azure.keyvault.models.
Contacts
(*, contact_list=None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
The contacts for the vault certificates.
Variables are only populated by the server, and will be ignored when sending a request.
-
class
azure.keyvault.models.
KeyCreateParameters
(*, kty, key_size: int = None, key_ops=None, key_attributes=None, tags=None, curve=None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
The key create parameters.
All required parameters must be populated in order to send to Azure.
- Parameters
kty (str or JsonWebKeyType) – Required. The type of key to create. For valid values, see JsonWebKeyType. Possible values include: ‘EC’, ‘EC-HSM’, ‘RSA’, ‘RSA-HSM’, ‘oct’
key_size (int) – The key size in bits. For example: 2048, 3072, or 4096 for RSA.
key_ops (list[str or JsonWebKeyOperation]) –
key_attributes (KeyAttributes) –
tags (dict[str, str]) – Application specific metadata in the form of key-value pairs.
curve (str or JsonWebKeyCurveName) – Elliptic curve name. For valid values, see JsonWebKeyCurveName. Possible values include: ‘P-256’, ‘P-384’, ‘P-521’, ‘P-256K’
-
class
azure.keyvault.models.
KeyImportParameters
(*, key, hsm: bool = None, key_attributes=None, tags=None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
The key import parameters.
All required parameters must be populated in order to send to Azure.
- Parameters
hsm (bool) – Whether to import as a hardware key (HSM) or software key.
key (JsonWebKey) – Required. The Json web key
key_attributes (KeyAttributes) – The key management attributes.
tags (dict[str, str]) – Application specific metadata in the form of key-value pairs.
-
class
azure.keyvault.models.
KeyOperationsParameters
(*, algorithm, value: bytes, **kwargs)[source]¶ Bases:
msrest.serialization.Model
The key operations parameters.
All required parameters must be populated in order to send to Azure.
- Parameters
algorithm (str or JsonWebKeyEncryptionAlgorithm) – Required. algorithm identifier. Possible values include: ‘RSA-OAEP’, ‘RSA-OAEP-256’, ‘RSA1_5’
value (bytes) – Required.
-
class
azure.keyvault.models.
KeySignParameters
(*, algorithm, value: bytes, **kwargs)[source]¶ Bases:
msrest.serialization.Model
The key operations parameters.
All required parameters must be populated in order to send to Azure.
- Parameters
algorithm (str or JsonWebKeySignatureAlgorithm) – Required. The signing/verification algorithm identifier. For more information on possible algorithm types, see JsonWebKeySignatureAlgorithm. Possible values include: ‘PS256’, ‘PS384’, ‘PS512’, ‘RS256’, ‘RS384’, ‘RS512’, ‘RSNULL’, ‘ES256’, ‘ES384’, ‘ES512’, ‘ES256K’
value (bytes) – Required.
-
class
azure.keyvault.models.
KeyVerifyParameters
(*, algorithm, digest: bytes, signature: bytes, **kwargs)[source]¶ Bases:
msrest.serialization.Model
The key verify parameters.
All required parameters must be populated in order to send to Azure.
- Parameters
algorithm (str or JsonWebKeySignatureAlgorithm) – Required. The signing/verification algorithm. For more information on possible algorithm types, see JsonWebKeySignatureAlgorithm. Possible values include: ‘PS256’, ‘PS384’, ‘PS512’, ‘RS256’, ‘RS384’, ‘RS512’, ‘RSNULL’, ‘ES256’, ‘ES384’, ‘ES512’, ‘ES256K’
digest (bytes) – Required. The digest used for signing.
signature (bytes) – Required. The signature to be verified.
-
class
azure.keyvault.models.
KeyUpdateParameters
(*, key_ops=None, key_attributes=None, tags=None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
The key update parameters.
- Parameters
key_ops (list[str or JsonWebKeyOperation]) – Json web key operations. For more information on possible key operations, see JsonWebKeyOperation.
key_attributes (KeyAttributes) –
tags (dict[str, str]) – Application specific metadata in the form of key-value pairs.
-
class
azure.keyvault.models.
KeyRestoreParameters
(*, key_bundle_backup: bytes, **kwargs)[source]¶ Bases:
msrest.serialization.Model
The key restore parameters.
All required parameters must be populated in order to send to Azure.
- Parameters
key_bundle_backup (bytes) – Required. The backup blob associated with a key bundle.
-
class
azure.keyvault.models.
SecretSetParameters
(*, value: str, tags=None, content_type: str = None, secret_attributes=None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
The secret set parameters.
All required parameters must be populated in order to send to Azure.
- Parameters
value (str) – Required. The value of the secret.
tags (dict[str, str]) – Application specific metadata in the form of key-value pairs.
content_type (str) – Type of the secret value such as a password.
secret_attributes (SecretAttributes) – The secret management attributes.
-
class
azure.keyvault.models.
SecretUpdateParameters
(*, content_type: str = None, secret_attributes=None, tags=None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
The secret update parameters.
- Parameters
content_type (str) – Type of the secret value such as a password.
secret_attributes (SecretAttributes) – The secret management attributes.
tags (dict[str, str]) – Application specific metadata in the form of key-value pairs.
-
class
azure.keyvault.models.
CertificateCreateParameters
(*, certificate_policy=None, certificate_attributes=None, tags=None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
The certificate create parameters.
- Parameters
certificate_policy (CertificatePolicy) – The management policy for the certificate.
certificate_attributes (CertificateAttributes) – The attributes of the certificate (optional).
tags (dict[str, str]) – Application specific metadata in the form of key-value pairs.
-
class
azure.keyvault.models.
CertificateImportParameters
(*, base64_encoded_certificate: str, password: str = None, certificate_policy=None, certificate_attributes=None, tags=None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
The certificate import parameters.
All required parameters must be populated in order to send to Azure.
- Parameters
base64_encoded_certificate (str) – Required. Base64 encoded representation of the certificate object to import. This certificate needs to contain the private key.
password (str) – If the private key in base64EncodedCertificate is encrypted, the password used for encryption.
certificate_policy (CertificatePolicy) – The management policy for the certificate.
certificate_attributes (CertificateAttributes) – The attributes of the certificate (optional).
tags (dict[str, str]) – Application specific metadata in the form of key-value pairs.
-
class
azure.keyvault.models.
CertificateUpdateParameters
(*, certificate_policy=None, certificate_attributes=None, tags=None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
The certificate update parameters.
- Parameters
certificate_policy (CertificatePolicy) – The management policy for the certificate.
certificate_attributes (CertificateAttributes) – The attributes of the certificate (optional).
tags (dict[str, str]) – Application specific metadata in the form of key-value pairs.
-
class
azure.keyvault.models.
CertificateMergeParameters
(*, x509_certificates, certificate_attributes=None, tags=None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
The certificate merge parameters.
All required parameters must be populated in order to send to Azure.
- Parameters
x509_certificates (list[bytearray]) – Required. The certificate or the certificate chain to merge.
certificate_attributes (CertificateAttributes) – The attributes of the certificate (optional).
tags (dict[str, str]) – Application specific metadata in the form of key-value pairs.
-
class
azure.keyvault.models.
CertificateIssuerSetParameters
(*, provider: str, credentials=None, organization_details=None, attributes=None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
The certificate issuer set parameters.
All required parameters must be populated in order to send to Azure.
- Parameters
provider (str) – Required. The issuer provider.
credentials (IssuerCredentials) – The credentials to be used for the issuer.
organization_details (OrganizationDetails) – Details of the organization as provided to the issuer.
attributes (IssuerAttributes) – Attributes of the issuer object.
-
class
azure.keyvault.models.
CertificateIssuerUpdateParameters
(*, provider: str = None, credentials=None, organization_details=None, attributes=None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
The certificate issuer update parameters.
- Parameters
provider (str) – The issuer provider.
credentials (IssuerCredentials) – The credentials to be used for the issuer.
organization_details (OrganizationDetails) – Details of the organization as provided to the issuer.
attributes (IssuerAttributes) – Attributes of the issuer object.
-
class
azure.keyvault.models.
CertificateOperationUpdateParameter
(*, cancellation_requested: bool, **kwargs)[source]¶ Bases:
msrest.serialization.Model
The certificate operation update parameters.
All required parameters must be populated in order to send to Azure.
- Parameters
cancellation_requested (bool) – Required. Indicates if cancellation was requested on the certificate operation.
-
class
azure.keyvault.models.
KeyOperationResult
(**kwargs)[source]¶ Bases:
msrest.serialization.Model
The key operation result.
Variables are only populated by the server, and will be ignored when sending a request.
- Variables
kid (str) – Key identifier
result (bytes) –
-
class
azure.keyvault.models.
KeyVerifyResult
(**kwargs)[source]¶ Bases:
msrest.serialization.Model
The key verify result.
Variables are only populated by the server, and will be ignored when sending a request.
- Variables
value (bool) – True if the signature is verified, otherwise false.
-
class
azure.keyvault.models.
BackupKeyResult
(**kwargs)[source]¶ Bases:
msrest.serialization.Model
The backup key result, containing the backup blob.
Variables are only populated by the server, and will be ignored when sending a request.
- Variables
value (bytes) – The backup blob containing the backed up key.
-
class
azure.keyvault.models.
BackupSecretResult
(**kwargs)[source]¶ Bases:
msrest.serialization.Model
The backup secret result, containing the backup blob.
Variables are only populated by the server, and will be ignored when sending a request.
- Variables
value (bytes) – The backup blob containing the backed up secret.
-
class
azure.keyvault.models.
BackupStorageResult
(**kwargs)[source]¶ Bases:
msrest.serialization.Model
The backup storage result, containing the backup blob.
Variables are only populated by the server, and will be ignored when sending a request.
- Variables
value (bytes) – The backup blob containing the backed up storage account.
-
class
azure.keyvault.models.
PendingCertificateSigningRequestResult
(**kwargs)[source]¶ Bases:
msrest.serialization.Model
The pending certificate signing request result.
Variables are only populated by the server, and will be ignored when sending a request.
- Variables
value (str) – The pending certificate signing request as Base64 encoded string.
-
class
azure.keyvault.models.
StorageAccountAttributes
(*, enabled: bool = None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
The storage account management attributes.
Variables are only populated by the server, and will be ignored when sending a request.
- Parameters
enabled (bool) – the enabled state of the object.
- Variables
created (datetime) – Creation time in UTC.
updated (datetime) – Last updated time in UTC.
recovery_level (str or DeletionRecoveryLevel) – Reflects the deletion recovery level currently in effect for storage accounts in the current vault. If it contains ‘Purgeable’ the storage account can be permanently deleted by a privileged user; otherwise, only the system can purge the storage account, at the end of the retention interval. Possible values include: ‘Purgeable’, ‘Recoverable+Purgeable’, ‘Recoverable’, ‘Recoverable+ProtectedSubscription’
-
class
azure.keyvault.models.
StorageBundle
(**kwargs)[source]¶ Bases:
msrest.serialization.Model
A Storage account bundle consists of key vault storage account details plus its attributes.
Variables are only populated by the server, and will be ignored when sending a request.
- Variables
id (str) – The storage account id.
resource_id (str) – The storage account resource id.
active_key_name (str) – The current active storage account key name.
auto_regenerate_key (bool) – whether keyvault should manage the storage account for the user.
regeneration_period (str) – The key regeneration time duration specified in ISO-8601 format.
attributes (StorageAccountAttributes) – The storage account attributes.
tags (dict[str, str]) – Application specific metadata in the form of key-value pairs
-
class
azure.keyvault.models.
DeletedStorageBundle
(*, recovery_id: str = None, **kwargs)[source]¶ Bases:
azure.keyvault.models.storage_bundle_py3.StorageBundle
A deleted storage account bundle consisting of its previous id, attributes and its tags, as well as information on when it will be purged.
Variables are only populated by the server, and will be ignored when sending a request.
- Variables
id (str) – The storage account id.
resource_id (str) – The storage account resource id.
active_key_name (str) – The current active storage account key name.
auto_regenerate_key (bool) – whether keyvault should manage the storage account for the user.
regeneration_period (str) – The key regeneration time duration specified in ISO-8601 format.
attributes (StorageAccountAttributes) – The storage account attributes.
tags (dict[str, str]) – Application specific metadata in the form of key-value pairs
scheduled_purge_date (datetime) – The time when the storage account is scheduled to be purged, in UTC
deleted_date (datetime) – The time when the storage account was deleted, in UTC
- Parameters
recovery_id (str) – The url of the recovery object, used to identify and recover the deleted storage account.
-
class
azure.keyvault.models.
StorageAccountCreateParameters
(*, resource_id: str, active_key_name: str, auto_regenerate_key: bool, regeneration_period: str = None, storage_account_attributes=None, tags=None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
The storage account create parameters.
All required parameters must be populated in order to send to Azure.
- Parameters
resource_id (str) – Required. Storage account resource id.
active_key_name (str) – Required. Current active storage account key name.
auto_regenerate_key (bool) – Required. whether keyvault should manage the storage account for the user.
regeneration_period (str) – The key regeneration time duration specified in ISO-8601 format.
storage_account_attributes (StorageAccountAttributes) – The attributes of the storage account.
tags (dict[str, str]) – Application specific metadata in the form of key-value pairs.
-
class
azure.keyvault.models.
StorageAccountUpdateParameters
(*, active_key_name: str = None, auto_regenerate_key: bool = None, regeneration_period: str = None, storage_account_attributes=None, tags=None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
The storage account update parameters.
- Parameters
active_key_name (str) – The current active storage account key name.
auto_regenerate_key (bool) – whether keyvault should manage the storage account for the user.
regeneration_period (str) – The key regeneration time duration specified in ISO-8601 format.
storage_account_attributes (StorageAccountAttributes) – The attributes of the storage account.
tags (dict[str, str]) – Application specific metadata in the form of key-value pairs.
-
class
azure.keyvault.models.
StorageAccountRegenerteKeyParameters
(*, key_name: str, **kwargs)[source]¶ Bases:
msrest.serialization.Model
The storage account key regenerate parameters.
All required parameters must be populated in order to send to Azure.
- Parameters
key_name (str) – Required. The storage account key name.
-
class
azure.keyvault.models.
StorageAccountItem
(**kwargs)[source]¶ Bases:
msrest.serialization.Model
The storage account item containing storage account metadata.
Variables are only populated by the server, and will be ignored when sending a request.
- Variables
id (str) – Storage identifier.
resource_id (str) – Storage account resource Id.
attributes (StorageAccountAttributes) – The storage account management attributes.
tags (dict[str, str]) – Application specific metadata in the form of key-value pairs.
-
class
azure.keyvault.models.
DeletedStorageAccountItem
(*, recovery_id: str = None, **kwargs)[source]¶ Bases:
azure.keyvault.models.storage_account_item_py3.StorageAccountItem
The deleted storage account item containing metadata about the deleted storage account.
Variables are only populated by the server, and will be ignored when sending a request.
- Variables
id (str) – Storage identifier.
resource_id (str) – Storage account resource Id.
attributes (StorageAccountAttributes) – The storage account management attributes.
tags (dict[str, str]) – Application specific metadata in the form of key-value pairs.
scheduled_purge_date (datetime) – The time when the storage account is scheduled to be purged, in UTC
deleted_date (datetime) – The time when the storage account was deleted, in UTC
- Parameters
recovery_id (str) – The url of the recovery object, used to identify and recover the deleted storage account.
-
class
azure.keyvault.models.
SasDefinitionAttributes
(*, enabled: bool = None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
The SAS definition management attributes.
Variables are only populated by the server, and will be ignored when sending a request.
- Parameters
enabled (bool) – the enabled state of the object.
- Variables
created (datetime) – Creation time in UTC.
updated (datetime) – Last updated time in UTC.
recovery_level (str or DeletionRecoveryLevel) – Reflects the deletion recovery level currently in effect for SAS definitions in the current vault. If it contains ‘Purgeable’ the SAS definition can be permanently deleted by a privileged user; otherwise, only the system can purge the SAS definition, at the end of the retention interval. Possible values include: ‘Purgeable’, ‘Recoverable+Purgeable’, ‘Recoverable’, ‘Recoverable+ProtectedSubscription’
-
class
azure.keyvault.models.
SasDefinitionBundle
(**kwargs)[source]¶ Bases:
msrest.serialization.Model
A SAS definition bundle consists of key vault SAS definition details plus its attributes.
Variables are only populated by the server, and will be ignored when sending a request.
- Variables
id (str) – The SAS definition id.
secret_id (str) – Storage account SAS definition secret id.
template_uri (str) – The SAS definition token template signed with an arbitrary key. Tokens created according to the SAS definition will have the same properties as the template.
sas_type (str or SasTokenType) – The type of SAS token the SAS definition will create. Possible values include: ‘account’, ‘service’
validity_period (str) – The validity period of SAS tokens created according to the SAS definition.
attributes (SasDefinitionAttributes) – The SAS definition attributes.
tags (dict[str, str]) – Application specific metadata in the form of key-value pairs
-
class
azure.keyvault.models.
DeletedSasDefinitionBundle
(*, recovery_id: str = None, **kwargs)[source]¶ Bases:
azure.keyvault.models.sas_definition_bundle_py3.SasDefinitionBundle
A deleted SAS definition bundle consisting of its previous id, attributes and its tags, as well as information on when it will be purged.
Variables are only populated by the server, and will be ignored when sending a request.
- Variables
id (str) – The SAS definition id.
secret_id (str) – Storage account SAS definition secret id.
template_uri (str) – The SAS definition token template signed with an arbitrary key. Tokens created according to the SAS definition will have the same properties as the template.
sas_type (str or SasTokenType) – The type of SAS token the SAS definition will create. Possible values include: ‘account’, ‘service’
validity_period (str) – The validity period of SAS tokens created according to the SAS definition.
attributes (SasDefinitionAttributes) – The SAS definition attributes.
tags (dict[str, str]) – Application specific metadata in the form of key-value pairs
scheduled_purge_date (datetime) – The time when the SAS definition is scheduled to be purged, in UTC
deleted_date (datetime) – The time when the SAS definition was deleted, in UTC
- Parameters
recovery_id (str) – The url of the recovery object, used to identify and recover the deleted SAS definition.
-
class
azure.keyvault.models.
SasDefinitionItem
(**kwargs)[source]¶ Bases:
msrest.serialization.Model
The SAS definition item containing storage SAS definition metadata.
Variables are only populated by the server, and will be ignored when sending a request.
- Variables
id (str) – The storage SAS identifier.
secret_id (str) – The storage account SAS definition secret id.
attributes (SasDefinitionAttributes) – The SAS definition management attributes.
tags (dict[str, str]) – Application specific metadata in the form of key-value pairs.
-
class
azure.keyvault.models.
DeletedSasDefinitionItem
(*, recovery_id: str = None, **kwargs)[source]¶ Bases:
azure.keyvault.models.sas_definition_item_py3.SasDefinitionItem
The deleted SAS definition item containing metadata about the deleted SAS definition.
Variables are only populated by the server, and will be ignored when sending a request.
- Variables
id (str) – The storage SAS identifier.
secret_id (str) – The storage account SAS definition secret id.
attributes (SasDefinitionAttributes) – The SAS definition management attributes.
tags (dict[str, str]) – Application specific metadata in the form of key-value pairs.
scheduled_purge_date (datetime) – The time when the SAS definition is scheduled to be purged, in UTC
deleted_date (datetime) – The time when the SAS definition was deleted, in UTC
- Parameters
recovery_id (str) – The url of the recovery object, used to identify and recover the deleted SAS definition.
-
class
azure.keyvault.models.
SasDefinitionCreateParameters
(*, template_uri: str, sas_type, validity_period: str, sas_definition_attributes=None, tags=None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
The SAS definition create parameters.
All required parameters must be populated in order to send to Azure.
- Parameters
template_uri (str) – Required. The SAS definition token template signed with an arbitrary key. Tokens created according to the SAS definition will have the same properties as the template.
sas_type (str or SasTokenType) – Required. The type of SAS token the SAS definition will create. Possible values include: ‘account’, ‘service’
validity_period (str) – Required. The validity period of SAS tokens created according to the SAS definition.
sas_definition_attributes (SasDefinitionAttributes) – The attributes of the SAS definition.
tags (dict[str, str]) – Application specific metadata in the form of key-value pairs.
-
class
azure.keyvault.models.
SasDefinitionUpdateParameters
(*, template_uri: str = None, sas_type=None, validity_period: str = None, sas_definition_attributes=None, tags=None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
The SAS definition update parameters.
- Parameters
template_uri (str) – The SAS definition token template signed with an arbitrary key. Tokens created according to the SAS definition will have the same properties as the template.
sas_type (str or SasTokenType) – The type of SAS token the SAS definition will create. Possible values include: ‘account’, ‘service’
validity_period (str) – The validity period of SAS tokens created according to the SAS definition.
sas_definition_attributes (SasDefinitionAttributes) – The attributes of the SAS definition.
tags (dict[str, str]) – Application specific metadata in the form of key-value pairs.
-
class
azure.keyvault.models.
KeyVaultError
(**kwargs)[source]¶ Bases:
msrest.serialization.Model
The key vault error exception.
Variables are only populated by the server, and will be ignored when sending a request.
-
exception
azure.keyvault.models.
KeyVaultErrorException
(deserialize, response, *args)[source]¶ Bases:
msrest.exceptions.HttpOperationError
Server responsed with exception of type: ‘KeyVaultError’.
- Parameters
deserialize – A deserializer
response – Server response to be deserialized.
-
class
azure.keyvault.models.
CertificateRestoreParameters
(*, certificate_bundle_backup: bytes, **kwargs)[source]¶ Bases:
msrest.serialization.Model
The certificate restore parameters.
All required parameters must be populated in order to send to Azure.
- Parameters
certificate_bundle_backup (bytes) – Required. The backup blob associated with a certificate bundle.
-
class
azure.keyvault.models.
BackupCertificateResult
(**kwargs)[source]¶ Bases:
msrest.serialization.Model
The backup certificate result, containing the backup blob.
Variables are only populated by the server, and will be ignored when sending a request.
- Variables
value (bytes) – The backup blob containing the backed up certificate.
-
class
azure.keyvault.models.
KeyItemPaged
(*args, **kwargs)[source]¶ Bases:
msrest.paging.Paged
A paging container for iterating over a list of
KeyItem
objectBring async to Paging.
“async_command” is mandatory keyword argument for this mixin to work.
-
class
azure.keyvault.models.
DeletedKeyItemPaged
(*args, **kwargs)[source]¶ Bases:
msrest.paging.Paged
A paging container for iterating over a list of
DeletedKeyItem
objectBring async to Paging.
“async_command” is mandatory keyword argument for this mixin to work.
-
class
azure.keyvault.models.
SecretItemPaged
(*args, **kwargs)[source]¶ Bases:
msrest.paging.Paged
A paging container for iterating over a list of
SecretItem
objectBring async to Paging.
“async_command” is mandatory keyword argument for this mixin to work.
-
class
azure.keyvault.models.
DeletedSecretItemPaged
(*args, **kwargs)[source]¶ Bases:
msrest.paging.Paged
A paging container for iterating over a list of
DeletedSecretItem
objectBring async to Paging.
“async_command” is mandatory keyword argument for this mixin to work.
-
class
azure.keyvault.models.
CertificateItemPaged
(*args, **kwargs)[source]¶ Bases:
msrest.paging.Paged
A paging container for iterating over a list of
CertificateItem
objectBring async to Paging.
“async_command” is mandatory keyword argument for this mixin to work.
-
class
azure.keyvault.models.
CertificateIssuerItemPaged
(*args, **kwargs)[source]¶ Bases:
msrest.paging.Paged
A paging container for iterating over a list of
CertificateIssuerItem
objectBring async to Paging.
“async_command” is mandatory keyword argument for this mixin to work.
-
class
azure.keyvault.models.
DeletedCertificateItemPaged
(*args, **kwargs)[source]¶ Bases:
msrest.paging.Paged
A paging container for iterating over a list of
DeletedCertificateItem
objectBring async to Paging.
“async_command” is mandatory keyword argument for this mixin to work.
-
class
azure.keyvault.models.
StorageAccountItemPaged
(*args, **kwargs)[source]¶ Bases:
msrest.paging.Paged
A paging container for iterating over a list of
StorageAccountItem
objectBring async to Paging.
“async_command” is mandatory keyword argument for this mixin to work.
-
class
azure.keyvault.models.
DeletedStorageAccountItemPaged
(*args, **kwargs)[source]¶ Bases:
msrest.paging.Paged
A paging container for iterating over a list of
DeletedStorageAccountItem
objectBring async to Paging.
“async_command” is mandatory keyword argument for this mixin to work.
-
class
azure.keyvault.models.
SasDefinitionItemPaged
(*args, **kwargs)[source]¶ Bases:
msrest.paging.Paged
A paging container for iterating over a list of
SasDefinitionItem
objectBring async to Paging.
“async_command” is mandatory keyword argument for this mixin to work.
-
class
azure.keyvault.models.
DeletedSasDefinitionItemPaged
(*args, **kwargs)[source]¶ Bases:
msrest.paging.Paged
A paging container for iterating over a list of
DeletedSasDefinitionItem
objectBring async to Paging.
“async_command” is mandatory keyword argument for this mixin to work.
-
class
azure.keyvault.models.
JsonWebKeyType
[source]¶ Bases:
str
,enum.Enum
An enumeration.
-
ec
= 'EC'¶ Elliptic Curve.
-
ec_hsm
= 'EC-HSM'¶ Elliptic Curve with a private key which is not exportable from the HSM.
-
oct
= 'oct'¶ Octet sequence (used to represent symmetric keys)
-
rsa
= 'RSA'¶
-
rsa_hsm
= 'RSA-HSM'¶ RSA with a private key which is not exportable from the HSM.
-
-
class
azure.keyvault.models.
JsonWebKeyCurveName
[source]¶ Bases:
str
,enum.Enum
An enumeration.
-
p_256
= 'P-256'¶ The NIST P-256 elliptic curve, AKA SECG curve SECP256R1.
-
p_256_k
= 'P-256K'¶ The SECG SECP256K1 elliptic curve.
-
p_384
= 'P-384'¶ The NIST P-384 elliptic curve, AKA SECG curve SECP384R1.
-
p_521
= 'P-521'¶ The NIST P-521 elliptic curve, AKA SECG curve SECP521R1.
-
-
class
azure.keyvault.models.
DeletionRecoveryLevel
[source]¶ Bases:
str
,enum.Enum
An enumeration.
-
purgeable
= 'Purgeable'¶
-
recoverable
= 'Recoverable'¶
-
recoverable_protected_subscription
= 'Recoverable+ProtectedSubscription'¶
-
recoverable_purgeable
= 'Recoverable+Purgeable'¶
-
-
class
azure.keyvault.models.
KeyUsageType
[source]¶ Bases:
str
,enum.Enum
An enumeration.
-
c_rl_sign
= 'cRLSign'¶
-
data_encipherment
= 'dataEncipherment'¶
-
decipher_only
= 'decipherOnly'¶
-
digital_signature
= 'digitalSignature'¶
-
encipher_only
= 'encipherOnly'¶
-
key_agreement
= 'keyAgreement'¶
-
key_cert_sign
= 'keyCertSign'¶
-
key_encipherment
= 'keyEncipherment'¶
-
non_repudiation
= 'nonRepudiation'¶
-
-
class
azure.keyvault.models.
ActionType
[source]¶ Bases:
str
,enum.Enum
An enumeration.
-
auto_renew
= 'AutoRenew'¶
-
email_contacts
= 'EmailContacts'¶
-
-
class
azure.keyvault.models.
JsonWebKeyOperation
[source]¶ Bases:
str
,enum.Enum
An enumeration.
-
decrypt
= 'decrypt'¶
-
encrypt
= 'encrypt'¶
-
sign
= 'sign'¶
-
unwrap_key
= 'unwrapKey'¶
-
verify
= 'verify'¶
-
wrap_key
= 'wrapKey'¶
-
-
class
azure.keyvault.models.
JsonWebKeyEncryptionAlgorithm
[source]¶ Bases:
str
,enum.Enum
An enumeration.
-
rsa1_5
= 'RSA1_5'¶
-
rsa_oaep
= 'RSA-OAEP'¶
-
rsa_oaep_256
= 'RSA-OAEP-256'¶
-
-
class
azure.keyvault.models.
JsonWebKeySignatureAlgorithm
[source]¶ Bases:
str
,enum.Enum
An enumeration.
-
es256
= 'ES256'¶ ECDSA using P-256 and SHA-256, as described in https://tools.ietf.org/html/rfc7518.
-
es256_k
= 'ES256K'¶ ECDSA using P-256K and SHA-256, as described in https://tools.ietf.org/html/rfc7518
-
es384
= 'ES384'¶ ECDSA using P-384 and SHA-384, as described in https://tools.ietf.org/html/rfc7518
-
es512
= 'ES512'¶ ECDSA using P-521 and SHA-512, as described in https://tools.ietf.org/html/rfc7518
-
ps256
= 'PS256'¶ RSASSA-PSS using SHA-256 and MGF1 with SHA-256, as described in https://tools.ietf.org/html/rfc7518
-
ps384
= 'PS384'¶ RSASSA-PSS using SHA-384 and MGF1 with SHA-384, as described in https://tools.ietf.org/html/rfc7518
-
ps512
= 'PS512'¶ RSASSA-PSS using SHA-512 and MGF1 with SHA-512, as described in https://tools.ietf.org/html/rfc7518
-
rs256
= 'RS256'¶ RSASSA-PKCS1-v1_5 using SHA-256, as described in https://tools.ietf.org/html/rfc7518
-
rs384
= 'RS384'¶ RSASSA-PKCS1-v1_5 using SHA-384, as described in https://tools.ietf.org/html/rfc7518
-
rs512
= 'RS512'¶ RSASSA-PKCS1-v1_5 using SHA-512, as described in https://tools.ietf.org/html/rfc7518
-
rsnull
= 'RSNULL'¶ Reserved
-