Add deprecation messages and fixes for KeyVault

src/ResourceManager/KeyVault/ChangeLog.md

@@ -19,6 +19,7 @@
 -->
 ## Current Release
 * Updated cmdlets to include piping scenarios
+* Add deprecation messages for upcoming breaking change release
 * Updated to the latest version of the Azure ClientRuntime
 
 ## Version 4.2.1

src/ResourceManager/KeyVault/Commands.KeyVault/Commands/AddAzureKeyVaultCertificate.cs

@@ -73,6 +73,7 @@ public class AddAzureKeyVaultCertificate : KeyVaultCmdletBase
 
         public override void ExecuteCmdlet()
         {
+            WriteWarning("Add-AzureKeyVaultCertificate: The -CertificatePolicy parameter will become mandatory in the May 2018 release.");
             if (ShouldProcess(Name, Properties.Resources.AddCertificate)) {
                 var certificateOperation = this.DataServiceClient.EnrollCertificate(VaultName, Name, CertificatePolicy == null ? null : CertificatePolicy.ToCertificatePolicy(), Tag == null ? null : Tag.ConvertToDictionary());
                 var kvCertificateOperation = PSKeyVaultCertificateOperation.FromCertificateOperation(certificateOperation);

src/ResourceManager/KeyVault/Commands.KeyVault/Commands/ManagedStorageAccounts/SetAzureKeyVaultManagedStorageSasDefinition.cs

@@ -62,6 +62,7 @@ public partial class SetAzureKeyVaultManagedStorageSasDefinition : KeyVaultCmdle
             ValueFromPipelineByPropertyName = true,
             HelpMessage = "Sas definition parameters that will be used to create the sas token.",
             ParameterSetName = ParameterSetRawSas )]
+        [Obsolete("-Parameter will be removed and replaced by -TemplateUri and -SasType in May 2018")]
         [ValidateNotNull]
         public Hashtable Parameter { get; set; }
 
@@ -277,7 +278,9 @@ private IDictionary<string, string> GetParameters()
                 case ParameterSetRawSas:
                 {
                     var dictionary = new Dictionary<string, string>();
+#pragma warning disable CS0618
                     foreach ( DictionaryEntry p in Parameter )
+#pragma warning restore CS0618
                     {
                         if ( p.Key == null || string.IsNullOrEmpty( p.Key.ToString() ) )
                             throw new ArgumentException( "An invalid parameter was specified." );

src/ResourceManager/KeyVault/Commands.KeyVault/Commands/RemoveAzureKeyVault.cs

@@ -90,21 +90,11 @@ public class RemoveAzureKeyVault : KeyVaultManagementCmdletBase
             ParameterSetName = RemoveVaultParameterSet,
             ValueFromPipelineByPropertyName = true,
             HelpMessage = "The location of the deleted vault.")]
-        [Parameter(Mandatory = false,
-            Position = 1,
-            ParameterSetName = InputObjectRemoveVaultParameterSet,
-            ValueFromPipelineByPropertyName = true,
-            HelpMessage = "The location of the deleted vault.")]
         [Parameter(Mandatory = true,
             Position = 1,
             ParameterSetName = RemoveDeletedVaultParameterSet,
             ValueFromPipelineByPropertyName = true,
             HelpMessage = "The location of the deleted vault.")]
-        [Parameter(Mandatory = true,
-            Position = 1,
-            ParameterSetName = InputObjectRemoveDeletedVaultParameterSet,
-            ValueFromPipelineByPropertyName = true,
-            HelpMessage = "The location of the deleted vault.")]
         [LocationCompleter("Microsoft.KeyVault/vaults")]
         [ValidateNotNullOrEmpty()]
         public string Location { get; set; }
@@ -142,6 +132,7 @@ public override void ExecuteCmdlet()
             {
                 VaultName = InputObject.VaultName;
                 ResourceGroupName = InputObject.ResourceGroupName;
+                Location = InputObject.Location;
             }
 
             if (InRemovedState)

src/ResourceManager/KeyVault/Commands.KeyVault/Commands/SetAzureKeyVaultCertificateIssuer.cs

@@ -136,6 +136,7 @@ public override void ExecuteCmdlet()
                 }
                 else
                 {
+                    WriteWarning("Set-AzureKeyVaultCertificateIssuer: The -IssuerProvider parameter will become mandatory in the May 2018 release.");
                     issuerToUse = new PSKeyVaultCertificateIssuer
                     {
                         Name = Name,

src/ResourceManager/KeyVault/Commands.KeyVault/Commands/SetAzureKeyVaultSecretAttribute.cs

@@ -142,7 +142,6 @@ public override void ExecuteCmdlet()
                 Name,
                 Version ?? string.Empty,
                 new PSKeyVaultSecretAttributes(Enable, Expires, NotBefore, ContentType, Tag));
-
                 if (PassThru)
                 {
                     WriteObject(secret);

src/ResourceManager/KeyVault/Commands.KeyVault/Commands/UndoAzureKeyVaultCertificateRemoval.cs

@@ -80,6 +80,7 @@ public override void ExecuteCmdlet()
 
             if ( ShouldProcess( Name, Properties.Resources.RecoverCertificate ) )
             {
+                WriteWarning("Undo-AzureKeyVaultCertificateRemoval: The output of the cmdlet will be changing from CertificateBundle to PSKeyVaultCertificate in May 2018");
                 CertificateBundle certificate = DataServiceClient.RecoverCertificate(VaultName, Name);
 
                 WriteObject( certificate );

src/ResourceManager/KeyVault/Commands.KeyVault/Commands/UndoAzureKeyVaultRemoval.cs

@@ -91,6 +91,7 @@ public override void ExecuteCmdlet()
         {
             if (InputObject != null)
             {
+                WriteWarning("Undo-AzureRmKeyVaultRemoval: ResourceGroupName will be removed from the InputObject parameter set in May 2018, and will instead be obtained from the ResourceId.");
                 VaultName = InputObject.VaultName;
                 Location = InputObject.Location;
             }

src/ResourceManager/KeyVault/Commands.KeyVault/Models/ModelExtensions.cs

@@ -117,6 +117,11 @@ public static string GetDisplayNameForADObject(string objectId, ActiveDirectoryC
                         displayName = servicePrincipal.DisplayName;
                         upnOrSpn = servicePrincipal.ServicePrincipalNames.FirstOrDefault();
                     }
+                    else if (obj.Type.Equals("group", StringComparison.InvariantCultureIgnoreCase))
+                    {
+                        var group = adClient.FilterGroups(new ADObjectFilterOptions { Id = objectId }).FirstOrDefault();
+                        displayName = group.DisplayName;
+                    }
                 }
 #else
                 var obj = adClient.GetObjectsByObjectIdsAsync(new[] { objectId }, new string[] { }).GetAwaiter().GetResult().FirstOrDefault();
@@ -134,6 +139,12 @@ public static string GetDisplayNameForADObject(string objectId, ActiveDirectoryC
                         displayName = servicePrincipal.AppDisplayName;
                         upnOrSpn = servicePrincipal.ServicePrincipalNames.FirstOrDefault();
                     }
+                    else if (obj.ObjectType.Equals("group", StringComparison.InvariantCultureIgnoreCase))
+                    {
+                        var group = adClient.Groups.GetByObjectId(objectId).ExecuteAsync().GetAwaiter().GetResult();
+                        displayName = group.DisplayName;
+                        upnOrSpn = group.MailNickname;
+                    }
                 }
 
 #endif

src/ResourceManager/KeyVault/Commands.KeyVault/Properties/Resources.resx

@@ -391,7 +391,7 @@ You can find the object ID using Azure Active Directory Module for Windows Power
     <value>Purge secret</value>
   </data>
   <data name="AllPermissionExpansionWarning" xml:space="preserve">
-    <value>The 'all' permission is being deprecated and does not include the 'purge' permission. 'Purge' permission must be explicitly set.</value>
+    <value>The 'all' permission will be removed in May 2018 and does not include the 'purge' permission. 'Purge' permission must be explicitly set.</value>
   </data>
   <data name="RecoverVault" xml:space="preserve">
     <value>Recover vault</value>

src/ResourceManager/KeyVault/Commands.KeyVault/help/Remove-AzureRmKeyVault.md

@@ -27,14 +27,14 @@ Remove-AzureRmKeyVault [-VaultName] <String> [-Location] <String> [-InRemovedSta
 
 ### InputObjectByAvailableVault
 ```
-Remove-AzureRmKeyVault [-InputObject] <PSKeyVault> [[-Location] <String>] [-Force] [-AsJob] [-PassThru]
+Remove-AzureRmKeyVault [-InputObject] <PSKeyVault> [-Force] [-AsJob] [-PassThru]
  [-DefaultProfile <IAzureContextContainer>] [-WhatIf] [-Confirm] [<CommonParameters>]
 ```
 
 ### InputObjectByDeletedVault
 ```
-Remove-AzureRmKeyVault [-InputObject] <PSKeyVault> [-Location] <String> [-InRemovedState] [-Force] [-AsJob]
- [-PassThru] [-DefaultProfile <IAzureContextContainer>] [-WhatIf] [-Confirm] [<CommonParameters>]
+Remove-AzureRmKeyVault [-InputObject] <PSKeyVault> [-InRemovedState] [-Force] [-AsJob] [-PassThru]
+ [-DefaultProfile <IAzureContextContainer>] [-WhatIf] [-Confirm] [<CommonParameters>]
 ```
 
 ## DESCRIPTION
@@ -143,7 +143,7 @@ The location of the deleted vault.
 
 ```yaml
 Type: String
-Parameter Sets: ByAvailableVault, InputObjectByAvailableVault
+Parameter Sets: ByAvailableVault
 Aliases:
 
 Required: False
@@ -155,7 +155,7 @@ Accept wildcard characters: False
 
 ```yaml
 Type: String
-Parameter Sets: ByDeletedVault, InputObjectByDeletedVault
+Parameter Sets: ByDeletedVault
 Aliases:
 
 Required: True

src/ResourceManager/KeyVault/Commands.KeyVault/help/Set-AzureKeyVaultCertificatePolicy.md

@@ -175,7 +175,7 @@ Aliases: CertificatePolicy
 Required: True
 Position: 2
 Default value: None
-Accept pipeline input: True (ByValue)
+Accept pipeline input: True (ByPropertyName, ByValue)
 Accept wildcard characters: False
 ```
 

src/ResourceManager/KeyVault/documentation/upcoming-breaking-changes.md

@@ -27,6 +27,90 @@
 
 # Upcoming Breaking Changes
 
+The following cmdlets were affected this release:
+
+**Add-AzureKeyVaultCertificate**
+- The -Certificate parameter has become mandatory.
+
+**Set-AzureKeyVaultManagedStorageSasDefinition**
+- The -Parameter parameter has been removed and replaced by -TemplateUri and -SasType
+
+**Set-AzureKeyVaultCertificateIssuer**
+- The -IssuerProvider parameter has become mandatory.
+
+**Undo-AzureKeyVaultCertificateRemoval**
+- The output of this cmdlet has changed from CertificateBundle to PSKeyVaultCertificate.
+
+**Undo-AzureRmKeyVaultRemoval**
+- ResourceGroupName has been removed from the InputObject parameter set, and is instead obtained from the InputObject parameter's ResourceId property.
+
+**Set-AzureRmKeyVaultAccessPolicy**
+- The "all" permission was removed from "PermissionsToKeys", "PermissionsToSecrets", and "PermissionsToCertificates".
+
+**General**
+- ValueFromPipelineByPropertyName was removed from all cmdlets where piping by InputObject was enabled.  These cmdlets are:
+    - Add-AzureKeyVaultCertificate
+    - Add-AzureKeyVaultCertificateContact
+    - Add-AzureKeyVaultKey
+    - Backup-AzureKeyVaultKey
+    - Backup-AzureKeyVaultSecret
+    - Get-AzureKeyVaultCertficate
+    - Get-AzureKeyVaultCertificateContact
+    - Get-AzureKeyVaultCertificateIssuer
+    - Get-AzureKeyVaultCertificateOperation
+    - Get-AzureKeyVaultCertificatePolicy
+    - Get-AzureKeyVaultKey
+    - Get-AzureKeyVaultSecret
+    - Remove-AzureRmKeyVault
+    - Remove-AzureRmKeyVaultAccessPolicy
+    - Remove-AzureKeyVaultCertificate
+    - Remove-AzureKeyVaultCertificateContact
+    - Remove-AzureKeyVaultCertificateIssuer
+    - Remove-AzureKeyVaultCertificateOperation
+    - Remove-AzureKeyVaultKey
+    - Remove-AzureKeyVaultSecret
+    - Restore-AzureKeyVaultKey
+    - Restore-AzureKeyVaultSecret
+    - Set-AzureRmKeyVaultAccessPolicy
+    - Set-AzureKeyVaultCertificateAttribute
+    - Set-AzureKeyVaultCertificateIssuer
+    - Set-AzureKeyVaultCertificatePolicy
+    - Set-AzureKeyVaultKeyAttribute
+    - Set-AzureKeyVaultSecret
+    - Set-AzureKeyVaultSecretAttribute
+    - Stop-AzureKeyVaultCertificateOperation
+    - Undo-AzureKeyVaultCertificateRemoval
+    - Undo-AzureKeyVaultKeyRemoval
+    - Undo-AzureRmKeyVaultRemoval
+    - Undo-AzureKeyVaultSecretRemoval
+- ConfirmImpact levels were removed from all cmdlets.  Those affected are:
+    - Remove-AzureRmKeyVault
+    - Remove-AzureKeyVaultCertificate
+    - Remove-AzureKeyVaultCertificateIssuer
+    - Remove-AzureKeyVaultCertificateOperation
+    - Remove-AzureKeyVaultKey
+    - Remove-AzureKeyVaultSecret
+    - Stop-AzureKeyVaultCertificateOperation
+- The IKeyVaultDataServiceClient was updated so all Certificate operations return PSTypes instead of SDK types. This includes:
+    - SetCertificateContacts
+    - GetCertificateContacts
+    - GetCertificate
+    - GetDeletedCertificate
+    - MergeCertificate
+    - ImportCertificate
+    - DeleteCertificate
+    - RecoverCertificate
+    - EnrollCertificate
+    - UpdateCertificate
+    - GetCertificateOperation
+    - DeleteCertificateOperation
+    - CancelCertificateOperation
+    - GetCertificatePolicy
+    - UpdateCertificatePolicy
+    - GetCertificateIssuer
+    - SetCertificateIssuer
+    - DeleteCertificateIssuer
+
 ## Release 3.0.0
 
     The following cmdlets were affected this release: