tessl/pypi-azure-mgmt-recoveryservices
Microsoft Azure Recovery Services Client Library for Python providing comprehensive APIs for managing Recovery Services vaults, certificates, private endpoints, and usage monitoring.
—
Pending
Quality
Pending
Does it follow best practices?
Impact
Pending
No eval scenarios have been run
certificate-management.mddocs/
Certificate Management
Operations for uploading and managing certificates for Recovery Services vaults. Certificates enable secure communication and authentication for backup and recovery operations, providing the cryptographic foundation for protecting data in transit and at rest.
Capabilities
Upload Certificate
Uploads a certificate to a Recovery Services vault for secure authentication and communication.
def create(
resource_group_name: str,
vault_name: str,
certificate_name: str,
certificate_request: Union[CertificateRequest, IO[bytes]],
**kwargs
) -> VaultCertificateResponse:
"""
Uploads a certificate for a Recovery Services vault resource.
Parameters:
- resource_group_name: str - The name of the resource group
- vault_name: str - The name of the recovery services vault
- certificate_name: str - Certificate friendly name
- certificate_request: Union[CertificateRequest, IO[bytes]] - Input to upload certificate
Returns:
VaultCertificateResponse: Response containing certificate details
"""Usage Example:
from azure.mgmt.recoveryservices.models import CertificateRequest, RawCertificateData, AuthType
# Read certificate from file
with open("certificate.cer", "rb") as cert_file:
cert_data = cert_file.read()
# Create certificate request
certificate_request = CertificateRequest(
properties=RawCertificateData(
certificate=cert_data,
auth_type=AuthType.AAD
)
)
# Upload certificate
response = client.vault_certificates.create(
resource_group_name="my-rg",
vault_name="my-vault",
certificate_name="backup-certificate",
certificate_request=certificate_request
)
print(f"Certificate uploaded: {response.name}")
print(f"Certificate ID: {response.id}")
print(f"Thumbprint: {response.properties.thumbprint}")Certificate Types
Certificate Request
class CertificateRequest:
"""
Details of the certificate to be uploaded to the vault.
Parameters:
- properties: Optional[RawCertificateData] - Raw certificate data
"""Raw Certificate Data
class RawCertificateData(ResourceCertificateDetails):
"""
Raw certificate data.
Parameters:
- certificate: Optional[bytes] - The base64 encoded certificate raw data string
- auth_type: Union[str, AuthType] - Specifies the authentication type (AAD, ACS)
"""Certificate Response
class VaultCertificateResponse:
"""
Certificate corresponding to a vault that can be used by clients to register themselves with the vault.
Parameters:
- name: Optional[str] - Resource name
- type: Optional[str] - Resource type
- id: Optional[str] - Resource Id
- properties: Optional[ResourceCertificateDetails] - Certificate details
"""Certificate Details
class ResourceCertificateDetails:
"""
Certificate details representing the Vault credentials for AAD.
Parameters:
- certificate: Optional[bytes] - The base64 encoded certificate raw data string
- friendly_name: Optional[str] - Certificate friendly name
- issuer: Optional[str] - Certificate issuer
- resource_id: Optional[int] - Resource id of the vault
- subject: Optional[str] - Certificate Subject Name
- thumbprint: Optional[str] - Certificate thumbprint
- valid_from: Optional[datetime] - Certificate Validity start Date time
- valid_to: Optional[datetime] - Certificate Validity End Date time
"""AAD Certificate Details
class ResourceCertificateAndAadDetails(ResourceCertificateDetails):
"""
Certificate details representing the Vault credentials for AAD.
Parameters:
- aad_authority: Optional[str] - AAD tenant authority
- aad_tenant_id: Optional[str] - AAD tenant Id
- service_principal_client_id: Optional[str] - AAD service principal clientId
- service_principal_object_id: Optional[str] - AAD service principal ObjectId
- azure_management_endpoint_audience: Optional[str] - Azure Management Endpoint Audience
"""ACS Certificate Details
class ResourceCertificateAndAcsDetails(ResourceCertificateDetails):
"""
Certificate details representing the Vault credentials for ACS.
Parameters:
- global_acs_namespace: Optional[str] - ACS namespace name - used for ServiceBus connection
- global_acs_host_name: Optional[str] - Acs mgmt host name to connect to
- global_acs_rp_realm: Optional[str] - Global ACS namespace RP realm
"""Authentication Types
class AuthType(str, Enum):
"""
Specifies the authentication type.
"""
INVALID = "Invalid"
ACS = "ACS"
AAD = "AAD"
ACCESS_CONTROL_SERVICE = "AccessControlService"
AZURE_ACTIVE_DIRECTORY = "AzureActiveDirectory"Usage Patterns
Certificate Upload with Error Handling
from azure.core.exceptions import HttpResponseError
from azure.mgmt.recoveryservices.models import CertificateRequest, RawCertificateData, AuthType
def upload_vault_certificate(client, resource_group: str, vault_name: str, cert_file_path: str, cert_name: str):
"""Upload a certificate to a Recovery Services vault with proper error handling."""
try:
# Read certificate file
with open(cert_file_path, "rb") as cert_file:
cert_data = cert_file.read()
# Create certificate request
certificate_request = CertificateRequest(
properties=RawCertificateData(
certificate=cert_data,
auth_type=AuthType.AAD
)
)
# Upload certificate
response = client.vault_certificates.create(
resource_group_name=resource_group,
vault_name=vault_name,
certificate_name=cert_name,
certificate_request=certificate_request
)
print(f"Certificate '{cert_name}' uploaded successfully")
print(f"Thumbprint: {response.properties.thumbprint}")
print(f"Valid from: {response.properties.valid_from}")
print(f"Valid to: {response.properties.valid_to}")
return response
except FileNotFoundError:
print(f"Certificate file not found: {cert_file_path}")
raise
except HttpResponseError as e:
print(f"Failed to upload certificate: {e.status_code} - {e.message}")
raise
except Exception as e:
print(f"Unexpected error during certificate upload: {e}")
raiseCertificate Validation
from datetime import datetime, timezone
def validate_certificate_response(cert_response: VaultCertificateResponse) -> bool:
"""Validate that a certificate response is valid and not expired."""
if not cert_response or not cert_response.properties:
print("Invalid certificate response")
return False
props = cert_response.properties
# Check if certificate has required properties
if not props.thumbprint:
print("Certificate missing thumbprint")
return False
# Check certificate validity
if props.valid_to:
now = datetime.now(timezone.utc)
if props.valid_to < now:
print(f"Certificate expired on {props.valid_to}")
return False
# Warn if certificate expires soon (within 30 days)
days_until_expiry = (props.valid_to - now).days
if days_until_expiry < 30:
print(f"Warning: Certificate expires in {days_until_expiry} days")
print(f"Certificate validation passed:")
print(f" Subject: {props.subject}")
print(f" Issuer: {props.issuer}")
print(f" Valid from: {props.valid_from}")
print(f" Valid to: {props.valid_to}")
return TrueInstall with Tessl CLI
npx tessl i tessl/pypi-azure-mgmt-recoveryservices