[QUERY] How to set Key Vault IP restrictions?

[oskarm93]

Query/Question Is there a way to set network ACLS on Key Vault using Fluent API libraries? Currently I create a Key Vault using Fluent APIs but then edit the firewall using the management client:

private IVault CreateKeyVault(IIdentity keyVaultReaderIdentity)
{
    var keyVault = _connectivityContext.Azure
        .Vaults
        .Define(_resourceNames.KeyVault)
        .WithRegion(_options.Region)
        .WithNewResourceGroup(ResourceGroupName)
        .WithEmptyAccessPolicy()
        .WithSku(SkuName.Premium)
        .WithDeploymentDisabled()
        .WithDiskEncryptionDisabled()
        .WithDeploymentDisabled()
        .WithTags(_tags)
        .DefineAccessPolicy()
        .ForObjectId(keyVaultReaderIdentity.PrincipalId)
        .AllowSecretPermissions(SecretPermissions.Get, SecretPermissions.List)
        .Attach()
        .Create();

    UpdateKeyVaultFirewall(keyVault);

    return keyVault;
}

private void UpdateKeyVaultFirewall(IVault keyVault)
{
    var client = new KeyVaultManagementClient(_connectivityContext.Credentials)
    {
        SubscriptionId = _connectivityContext.Options.SubscriptionId
    };
    using (client)
    {
        var vaultProperties = new VaultPatchProperties
        {
            NetworkAcls = new NetworkRuleSet("None", "Deny",
                Extensions.GetCorporateEndpointsIpRulesForKeyVault(),
                new List<VirtualNetworkRule>
                {
                    new VirtualNetworkRule(_options.ClusterSubnetResourceId)
                })
        };
        client.Vaults.Update(
            keyVault.ResourceGroupName,
            keyVault.Name,
            new VaultPatchParameters(_tags, vaultProperties));
    }
}

Why is this not a Bug or a feature Request? Don't know what's possible yet.

Setup (please complete the following information if applicable):

• Using Microsoft.Azure.Management.KeyVault.Fluent 1.23.0

• Using Microsoft.Azure.Management.KeyVault 2.4.3

  Information Checklist Kindly make sure that you have added all the following information above and checkoff the required fields otherwise we will treat the issuer as an incomplete report

• [x] Query Added
• [x] Setup information Added

[mozehgir]

@xenalite - thanks for reporting this issue.

cc @yaohaizh

[yaohaizh]

We need update KeyVault version for Fluent in order to support this. https://github.com/Azure/azure-libraries-for-net/issues/721 logged for this.

[coppercosmo]

Is there an ETA for this to get done?