How to upload the BYOK through azure go lang sdk to the azure keyvault keys

[Roopan92]

Bug Report

• import path of package - https://pkg.go.dev/github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azkeys#Client.ImportKey
• SDK version - latest

Ref Link: https://learn.microsoft.com/en-us/azure/key-vault/keys/byok-specification

• What happened?

  • Need to import the key into the keyvault - BYOK

• What did you expect or want to happen?

  • Need to import the BYOK through azure sdk to the keyvault.

• How can we reproduce it?

• Please provide the sample go code for import BYOK into the keyvault

• Anything we should know about your environment. - NA

[Roopan92]

@heaths - Do you have any idea on this issue? Because you already gave the solution for this issue https://github.com/Azure/azure-sdk-for-go/issues/22173. Try to seek help from you.

Please provide the sample code for Import BYOK into azure key vault.

Sample BYOK Request from: https://learn.microsoft.com/en-us/azure/key-vault/keys/byok-specification { "schema_version": "1.0.0", "header": { "kid": "", "alg": "dir", "enc": "CKM_RSA_AES_KEY_WRAP" }, "ciphertext":"BASE64URL()", "generator": "BYOK tool name and version; source HSM name and firmware version" }

[Roopan92]

@gracewilcox - Any update here?

[gracewilcox]

Hi @Roopan92! I can't at this moment create a sample for you, but I created the above issue to track when I do add more samples to the Key Vault SDK's.

[github-actions[bot]]

Hi @Roopan92. Thank you for opening this issue and giving us the opportunity to assist. We believe that this has been addressed. If you feel that further discussion is needed, please add a comment with the text "/unresolve" to remove the "issue-addressed" label and continue the conversation.

[Roopan92]

Thanks @gracewilcox - Can you please help which function we can use from the below package https://pkg.go.dev/github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azkeys.

Just want to know how to import BYOK into azure key vault using azure go lang SDK

[gracewilcox]

Hi @Roopan92! I would use the ImportKey method to import your key into Azure.

[Roopan92]

Thanks for your response @gracewilcox.

But how will you use this ImportKey function for the BYOK scenraio as we have byok file and we need to the send the API request like below,

Sample BYOK Request from: https://learn.microsoft.com/en-us/azure/key-vault/keys/byok-specification { "schema_version": "1.0.0", "header": { "kid": "", "alg": "dir", "enc": "CKM_RSA_AES_KEY_WRAP" }, "ciphertext":"BASE64URL()", "generator": "BYOK tool name and version; source HSM name and firmware version" }

Please help.

[github-actions[bot]]

Hi @Roopan92, since you haven’t asked that we /unresolve the issue, we’ll close this out. If you believe further discussion is needed, please add a comment /unresolve to reopen the issue.

[Roopan92]

/unresolve