4.0.0 (2021-06-22)
Changed
- Key Vault API version 7.2 is now the default
KeyVaultAccessControlClient.delete_role_assignmentand
.delete_role_definitionno longer raise an error when the resource to be
deleted is not found- Raised minimum azure-core version to 1.11.0
Added
KeyVaultAccessControlClient.set_role_definitionaccepts an optional
assignable_scopeskeyword-only argument
Breaking Changes
KeyVaultAccessControlClient.delete_role_assignmentand
.delete_role_definitionreturn None- Changed parameter order in
KeyVaultAccessControlClient.set_role_definition.
permissionsis now an optional keyword-only argument - Renamed
BackupOperationtoKeyVaultBackupResult, and removed all but
itsfolder_urlproperty - Removed
RestoreOperationandSelectiveKeyRestoreOperationclasses - Removed
KeyVaultBackupClient.begin_selective_restore. To restore a
single key, pass the key's name toKeyVaultBackupClient.begin_restore:# before (4.0.0b3): client.begin_selective_restore(folder_url, sas_token, key_name) # after: client.begin_restore(folder_url, sas_token, key_name=key_name) - Removed
KeyVaultBackupClient.get_backup_statusand.get_restore_status. Use
the pollers returned byKeyVaultBackupClient.begin_backupand.begin_restore
to check whether an operation has completed KeyVaultRoleAssignment'sprincipal_id,role_definition_id, andscope
are now properties of apropertiesproperty# before (4.0.0b3): print(KeyVaultRoleAssignment.scope) # after: print(KeyVaultRoleAssignment.properties.scope)- Renamed
KeyVaultPermissionproperties:allowed_actions->actionsdenied_actions->not_actionsallowed_data_actions->data_actionsdenied_data_actions->denied_data_actions
- Renamed argument
role_assignment_nametonamein
KeyVaultAccessControlClient.create_role_assignment,.delete_role_assignment,
and.get_role_assignment - Renamed argument
role_definition_nametonamein
KeyVaultAccessControlClient.delete_role_definitionand.get_role_definition - Renamed argument
role_scopetoscopeinKeyVaultAccessControlClientmethods