Skip to content

azure-keyvault-keys_4.5.0

Choose a tag to compare

View all tags
@azure-sdk azure-sdk released this 28 Mar 18:54
azure-keyvault-keys_4.5.0
a4aa521
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

4.5.0 (2022-03-28)

Features Added

  • Key Vault API version 7.3 is now the default
  • Added support for multi-tenant authentication when using azure-identity
    1.8.0 or newer (#20698)
  • (From 4.5.0b1) KeyClient has a get_random_bytes method for getting a requested number of
    random bytes from a managed HSM
  • (From 4.5.0b2) Added support for secure key release from a Managed HSM
    (#19588)
    • Added release_key method to KeyClient for releasing the private component of a key
    • Added exportable and release_policy keyword-only arguments to key creation and import
      methods
    • Added KeyExportEncryptionAlgorithm enum for specifying an encryption algorithm to be used
      in key release
  • (From 4.5.0b4) Added KeyClient.get_cryptography_client, which provides a simple way to
    create a CryptographyClient for a key, given its name and optionally a version
    (#20621)
  • (From 4.5.0b4) Added support for automated and on-demand key rotation in Azure Key Vault
    (#19840)
    • Added KeyClient.rotate_key to rotate a key on-demand
    • Added KeyClient.update_key_rotation_policy to update a key's automated rotation policy
  • (From 4.5.0b6) Added immutable keyword-only argument and property to KeyReleasePolicy to
    support immutable release policies. Once a release policy is marked as immutable, it can no
    longer be modified.

Breaking Changes

These changes do not impact the API of stable versions such as 4.4.0.
Only code written against a beta version such as 4.5.0b1 may be affected.

  • KeyClient.update_key_rotation_policy accepts a required policy argument
    (#22981)
  • The optional version parameter in KeyClient.release_key is now a keyword-only argument
    (#22981)
  • Renamed the name parameter in KeyClient.get_key_rotation_policy and
    KeyClient.update_key_rotation_policy to key_name
    (#22981)
  • Enum values in azure-keyvault-keys are now uniformly lower-cased
    (#22981)

Bugs Fixed

  • KeyType now ignores casing during declaration, which resolves a scenario where Key Vault
    keys created with non-standard casing could not be fetched with the SDK
    (#22797)

Other Changes

  • (From 4.5.0b6) Python 2.7 is no longer supported. Please use Python version 3.6 or later.
  • (From 4.5.0b6) Updated minimum azure-core version to 1.20.0
  • (From 4.5.0b3) Updated type hints to fix mypy errors
    (#19158)
  • (From 4.5.0b4) CryptographyClient no longer requires a key version when providing a key ID to its constructor
    (though providing a version is still recommended)
  • (From 4.5.0b5) To support multi-tenant authentication, get_token calls during challenge
    authentication requests now pass in a tenant_id keyword argument
    (#20698). See
    https://aka.ms/azsdk/python/identity/tokencredential for more details on how to integrate
    this parameter if get_token is implemented by a custom credential.
  • (From 4.5.0b6) Updated type hints for KeyProperties model's managed, exportable, and
    release_policy properties (#22368)
Assets 2
Loading