Problem with azure-sdk-for-go v60.1.0 (2020-04-01-preview) for managedHsm vault support

Sarah Thompson 1 Reputation point
2022-03-16T01:34:41.943+00:00

Hi,
I'm using this version of azure sdk-for-go so I can use the managedHsm vault apis.
azure-sdk-for-go/services/preview/keyvault/mgmt/2020-04-01-preview/keyvault/
When I call ListBySubscription passing in a "top" value of 1 I get 2 managedHsm's listed.
func (client ManagedHsmsClient) ListBySubscription(ctx context.Context, top *int32) (result ManagedHsmListResultPage, err error) {
If I do the same for regular vaults I only get 1 vault listed.
I only have 2 managedHsms and can't keep creating them as they are costly so not sure how many would be returned if there were more.
I'm 100% sure the top value is 1.

Azure Key Vault
Azure Key Vault
An Azure service that is used to manage and protect cryptographic keys and other secrets used by cloud apps and services.
1,126 questions

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Sarah Thompson 1 Reputation point
    2022-06-01T02:35:05.907+00:00

    Hi James,

    Thanks for getting back to me, I'd all but given up. Thanks for the info on listing managed-hsm vaults. GetVault isn't the answer as it's not that we want to list 1 but a given number. It's good to know that top is ignored and I'm assuming we can expect to get a listing for all the managed-hsm vaults - we can live with that.

    Thanks to your above links I joined the Gopher slack channel to see if I could talk to someone about my next issue. I've described it below and it's a little long winded but I hope it makes sense, please contact me if it doesn't.

    We are using azure-sdk-for-go - latest version

    To get the first set of keys from using the azure-sdk-for-go keyClient.GetKeys() is called. This returns a KeyListResultPage.

    This works fine but again always returns 10 keys for managed-hsm vaults instead of the requested number but that is a minor issue only as the call is repeated until there is no more keys.

    The major issue is:

    To get the next set of NextWithContext() is called. For managed hsm vaults this returns the first set of keys again, so a never ending loop situation is created.

    I had to make it work for our product so I wrote custom GetNextKeys() function and this is what I found.

    In the sdk the prepare function for NextKeys is keyListResultPreparer() and it initializes the http request as per:
    return autorest.Prepare((&http.Request{}).WithContext(ctx),
    autorest.AsJSON(),
    autorest.AsGet(),
    autorest.WithBaseURL(to.String(klr.NextLink)))

    In the custom function I wrote I initialized the http request in the same way as per:

    req, err := autorest.Prepare((&http.Request{}).WithContext(ctx),
    autorest.AsJSON(),
    autorest.AsGet(),
    autorest.WithBaseURL(to.String(nextLink)),
)

    and proceeded to use go lang's http library calls to fetch the keys but this still gave the same result ie: it fetched the first set of keys again.

    To make it work properly I had to change the initialisation of the request to:

    req, err := autorest.Prepare((&http.Request{}).WithContext(ctx),
    autorest.AsJSON(),
    autorest.AsGet(),
    //autorest.WithBaseURL(to.String(nextLink)),
)

    and assign the url to the request with:

    u, err = url.Parse(*keys.Response.NextLink)
req.URL = u

    Now I can fetch successive pages of keys.

    The difference in the URL between the two requests is:

    So the same function, keys.NextKeys(), works fine for non-managed hsm vaults as does our custom function.

    It would seem that non-managed hsm vaults are OK with the url's created by azure-sdk-for-go but managed-hsm vaults are not.

    The same thing applies to fetching successive pages of deleted keys for managed-hsm vaults.

    Appreciate any help on this as it would be preferable to be using the sdk for this call.

    I am hoping someone reaches out to me on slack but there might be a terrible time difference as I'm gmt +10.

    Thanks Sarah