From 518a9a99da8cdc8c6acadbd325449a9a99fa5074 Mon Sep 17 00:00:00 2001 From: mrohera Date: Fri, 11 Dec 2020 17:02:45 -0800 Subject: [PATCH] [Hub Generated] Review request for Microsoft.Devices to add version preview/2020-09-01-preview (#11809) * Support userassigned identities for the KEK * Address PR comments * Update rev for breaking changes * Add identity information to the DPS description * Revert back version * Lint warnings --- .../preview/2020-09-01-preview/iotdps.json | 67 ++++++++++++++++++- 1 file changed, 64 insertions(+), 3 deletions(-) diff --git a/specification/deviceprovisioningservices/resource-manager/Microsoft.Devices/preview/2020-09-01-preview/iotdps.json b/specification/deviceprovisioningservices/resource-manager/Microsoft.Devices/preview/2020-09-01-preview/iotdps.json index 20b815e53811..2c8ac1949c60 100644 --- a/specification/deviceprovisioningservices/resource-manager/Microsoft.Devices/preview/2020-09-01-preview/iotdps.json +++ b/specification/deviceprovisioningservices/resource-manager/Microsoft.Devices/preview/2020-09-01-preview/iotdps.json @@ -1772,6 +1772,10 @@ "sku": { "description": "Sku info for a provisioning Service.", "$ref": "#/definitions/IotDpsSkuInfo" + }, + "identity": { + "description": "The managed identities for the IotDps instance.", + "$ref": "#/definitions/ArmIdentity" } }, "allOf": [ @@ -1920,20 +1924,67 @@ "location" ] }, + "ArmIdentity": { + "type": "object", + "description": "The set of ARM identities associated with the IoT DPS resource.", + "properties": { + "principalId": { + "description": "Principal Id", + "type": "string", + "readOnly": true + }, + "tenantId": { + "description": "Tenant Id", + "type": "string", + "readOnly": true + }, + "identityType": { + "description": "Identity type. Only allowed values are SystemAssigned and UserAssigned. Comma separated if both for ex: SystemAssigned,UserAssigned.", + "type": "string" + }, + "userAssignedIdentities": { + "type": "object", + "description": "The set of UserAssigned identities associated with the IoT DPS resource.", + "additionalProperties": { + "$ref": "#/definitions/ArmUserIdentity" + } + } + } + }, + "ArmUserIdentity": { + "type": "object", + "description": "The ARM UserAssigned identity information", + "properties": { + "principalId": { + "description": "Principal Id", + "type": "string", + "readOnly": true + }, + "clientId": { + "description": "Client Id", + "type": "string", + "readOnly": true + } + } + }, "EncryptionPropertiesDescription": { - "description": "The encryption properties for the IoT DPS instance.", + "description": "The customer-managed encryption key (CMK) properties for the IoT DPS instance.", "type": "object", "properties": { "keySource": { - "description": "The source of the key.", + "description": "The source of the encryption key. Typically, Microsoft.KeyVault", "type": "string" }, "keyVaultProperties": { - "description": "The properties of the KeyVault key.", + "description": "The properties of the encryption key configured in KeyVault.", "type": "array", "items": { "$ref": "#/definitions/KeyVaultKeyProperties" } + }, + "identity": { + "description": "The identity used to access the encryption key in KeyVault.", + "$ref": "#/definitions/EncryptionKeyIdentity" } } }, @@ -1947,6 +1998,16 @@ } } }, + "EncryptionKeyIdentity": { + "description": "The properties of the identity used to access the key encryption key in KeyVault.", + "type": "object", + "properties": { + "userAssignedIdentity": { + "type": "string", + "description": "The user assigned identity." + } + } + }, "IpFilterRule": { "description": "The IP filter rules for a provisioning Service.", "type": "object",