Added Rotate into the list of permissions to keys (#18015)

* Added Rotate into the list of permissions to keys

* update docs

Author: BethanyZhou

src/KeyVault/KeyVault/ChangeLog.md

@@ -18,6 +18,7 @@
         - Additional information about change #1
 -->
 ## Upcoming Release
+* Added `Rotate` into the list of permissions to keys [#17970]
 
 ## Version 4.4.0
 * Supported getting random number from managed HSM by `Get-AzKeyVaultRandomNumber`

src/KeyVault/KeyVault/Commands/SetAzureKeyVaultAccessPolicy.cs

@@ -282,7 +282,7 @@ public class SetAzureKeyVaultAccessPolicy : KeyVaultManagementCmdletBase
         [Parameter(Mandatory = false,
             ParameterSetName = ResourceIdByEmailAddress,
             HelpMessage = "Specifies key operation permissions to grant to a user or service principal.")]
-        [ValidateSet("all", "decrypt", "encrypt", "unwrapKey", "wrapKey", "verify", "sign", "get", "list", "update", "create", "import", "delete", "backup", "restore", "recover", "purge")]
+        [PSArgumentCompleter("all", "decrypt", "encrypt", "unwrapKey", "wrapKey", "verify", "sign", "get", "list", "update", "create", "import", "delete", "backup", "restore", "recover", "purge", "rotate")]
         public string[] PermissionsToKeys { get; set; }
 
         /// <summary>
@@ -324,7 +324,7 @@ public class SetAzureKeyVaultAccessPolicy : KeyVaultManagementCmdletBase
         [Parameter(Mandatory = false,
             ParameterSetName = ResourceIdByEmailAddress,
             HelpMessage = "Specifies secret operation permissions to grant to a user or service principal.")]
-        [ValidateSet("all", "get", "list", "set", "delete", "backup", "restore", "recover", "purge")]
+        [PSArgumentCompleter("all", "get", "list", "set", "delete", "backup", "restore", "recover", "purge")]
         public string[] PermissionsToSecrets { get; set; }
 
         /// <summary>
@@ -366,7 +366,7 @@ public class SetAzureKeyVaultAccessPolicy : KeyVaultManagementCmdletBase
         [Parameter(Mandatory = false,
             ParameterSetName = ResourceIdByEmailAddress,
             HelpMessage = "Specifies certificate operation permissions to grant to a user or service principal.")]
-        [ValidateSet("all", "get", "list", "delete", "create", "import", "update", "managecontacts", "getissuers", "listissuers", "setissuers", "deleteissuers", "manageissuers", "recover", "purge", "backup", "restore")]
+        [PSArgumentCompleter("all", "get", "list", "delete", "create", "import", "update", "managecontacts", "getissuers", "listissuers", "setissuers", "deleteissuers", "manageissuers", "recover", "purge", "backup", "restore")]
         public string[] PermissionsToCertificates { get; set; }
 
         /// <summary>
@@ -408,7 +408,7 @@ public class SetAzureKeyVaultAccessPolicy : KeyVaultManagementCmdletBase
         [Parameter(Mandatory = false,
             ParameterSetName = ResourceIdByEmailAddress,
             HelpMessage = "Specifies managed storage account and sas definition  operation permissions to grant to a user or service principal.")]
-        [ValidateSet("all", "get", "list", "delete", "set", "update", "regeneratekey", "getsas", "listsas", "deletesas", "setsas", "recover", "backup", "restore", "purge")]
+        [PSArgumentCompleter("all", "get", "list", "delete", "set", "update", "regeneratekey", "getsas", "listsas", "deletesas", "setsas", "recover", "backup", "restore", "purge")]
         public string[] PermissionsToStorage { get; set; }
 
         [Parameter(Mandatory = false,

src/KeyVault/KeyVault/help/Set-AzKeyVaultAccessPolicy.md

@@ -479,7 +479,6 @@ The acceptable values for this parameter:
 Type: System.String[]
 Parameter Sets: ByUserPrincipalName, ByObjectId, ByServicePrincipalName, ByEmailAddress, InputObjectByObjectId, InputObjectByServicePrincipalName, InputObjectByUserPrincipalName, InputObjectByEmailAddress, ResourceIdByObjectId, ResourceIdByServicePrincipalName, ResourceIdByUserPrincipalName, ResourceIdByEmailAddress
 Aliases:
-Accepted values: all, get, list, delete, create, import, update, managecontacts, getissuers, listissuers, setissuers, deleteissuers, manageissuers, recover, purge, backup, restore
 
 Required: False
 Position: Named
@@ -509,12 +508,12 @@ The acceptable values for this parameter:
 - Restore
 - Recover
 - Purge
+- Rotate
 
 ```yaml
 Type: System.String[]
 Parameter Sets: ByUserPrincipalName, ByObjectId, ByServicePrincipalName, ByEmailAddress, InputObjectByObjectId, InputObjectByServicePrincipalName, InputObjectByUserPrincipalName, InputObjectByEmailAddress, ResourceIdByObjectId, ResourceIdByServicePrincipalName, ResourceIdByUserPrincipalName, ResourceIdByEmailAddress
 Aliases:
-Accepted values: all, decrypt, encrypt, unwrapKey, wrapKey, verify, sign, get, list, update, create, import, delete, backup, restore, recover, purge
 
 Required: False
 Position: Named
@@ -541,7 +540,6 @@ The acceptable values for this parameter:
 Type: System.String[]
 Parameter Sets: ByUserPrincipalName, ByObjectId, ByServicePrincipalName, ByEmailAddress, InputObjectByObjectId, InputObjectByServicePrincipalName, InputObjectByUserPrincipalName, InputObjectByEmailAddress, ResourceIdByObjectId, ResourceIdByServicePrincipalName, ResourceIdByUserPrincipalName, ResourceIdByEmailAddress
 Aliases:
-Accepted values: all, get, list, set, delete, backup, restore, recover, purge
 
 Required: False
 Position: Named
@@ -574,7 +572,6 @@ The acceptable values for this parameter:
 Type: System.String[]
 Parameter Sets: ByUserPrincipalName, ByObjectId, ByServicePrincipalName, ByEmailAddress, InputObjectByObjectId, InputObjectByServicePrincipalName, InputObjectByUserPrincipalName, InputObjectByEmailAddress, ResourceIdByObjectId, ResourceIdByServicePrincipalName, ResourceIdByUserPrincipalName, ResourceIdByEmailAddress
 Aliases:
-Accepted values: all, get, list, delete, set, update, regeneratekey, getsas, listsas, deletesas, setsas, recover, backup, restore, purge
 
 Required: False
 Position: Named