[Key Vault] Regenerated Keys and Administration SDK with new folder structure and API version 2025-07-01

sdk/keyvault/azure-keyvault-administration/CHANGELOG.md

@@ -4,6 +4,8 @@
 
 ### Features Added
 
+- Added support for service API version `2025-07-01` [#46352](https://github.com/Azure/azure-sdk-for-python/pull/46352)
+
 ### Breaking Changes
 
 - Changed the continuation token format. Continuation tokens generated by previous versions of

sdk/keyvault/azure-keyvault-administration/MANIFEST.in

@@ -1,7 +1,8 @@
 include *.md
 include LICENSE
-include azure/keyvault/administration/py.typed
+include azure/keyvault/administration/_generated/py.typed
 recursive-include tests *.py
 recursive-include samples *.py *.md
 include azure/__init__.py
 include azure/keyvault/__init__.py
+include azure/keyvault/administration/__init__.py

sdk/keyvault/azure-keyvault-administration/README.md

@@ -193,8 +193,7 @@ role_definition = client.set_role_definition(scope=scope, role_name=role_name, p
 ```python
 new_permissions = [
     KeyVaultPermission(
-        data_actions=[KeyVaultDataAction.READ_HSM_KEY],
-        not_data_actions=[KeyVaultDataAction.CREATE_HSM_KEY]
+        data_actions=[KeyVaultDataAction.READ_HSM_KEY], not_data_actions=[KeyVaultDataAction.CREATE_HSM_KEY]
     )
 ]
 unique_definition_name = role_definition.name

sdk/keyvault/azure-keyvault-administration/_metadata.json

@@ -0,0 +1,6 @@
+{
+  "apiVersion": "2025-07-01",
+  "apiVersions": {
+    "KeyVault": "2025-07-01"
+  }
+}

sdk/keyvault/azure-keyvault-administration/apiview-properties.json

@@ -0,0 +1,70 @@
+{
+    "CrossLanguagePackageId": "KeyVault",
+    "CrossLanguageDefinitionId": {
+        "azure.keyvault.administration._generated.models.FullBackupOperation": "KeyVault.FullBackupOperation",
+        "azure.keyvault.administration._generated.models.FullBackupOperationError": "KeyVault.FullBackupOperation.error.anonymous",
+        "azure.keyvault.administration._generated.models.KeyVaultError": "KeyVaultError",
+        "azure.keyvault.administration._generated.models.Permission": "KeyVault.Permission",
+        "azure.keyvault.administration._generated.models.PreBackupOperationParameters": "KeyVault.PreBackupOperationParameters",
+        "azure.keyvault.administration._generated.models.PreRestoreOperationParameters": "KeyVault.PreRestoreOperationParameters",
+        "azure.keyvault.administration._generated.models.RestoreOperation": "KeyVault.RestoreOperation",
+        "azure.keyvault.administration._generated.models.RestoreOperationParameters": "KeyVault.RestoreOperationParameters",
+        "azure.keyvault.administration._generated.models.RoleAssignment": "KeyVault.RoleAssignment",
+        "azure.keyvault.administration._generated.models.RoleAssignmentCreateParameters": "KeyVault.RoleAssignmentCreateParameters",
+        "azure.keyvault.administration._generated.models.RoleAssignmentProperties": "KeyVault.RoleAssignmentProperties",
+        "azure.keyvault.administration._generated.models.RoleAssignmentPropertiesWithScope": "KeyVault.RoleAssignmentPropertiesWithScope",
+        "azure.keyvault.administration._generated.models.RoleDefinition": "KeyVault.RoleDefinition",
+        "azure.keyvault.administration._generated.models.RoleDefinitionCreateParameters": "KeyVault.RoleDefinitionCreateParameters",
+        "azure.keyvault.administration._generated.models.RoleDefinitionProperties": "KeyVault.RoleDefinitionProperties",
+        "azure.keyvault.administration._generated.models.SASTokenParameter": "KeyVault.SASTokenParameter",
+        "azure.keyvault.administration._generated.models.SelectiveKeyRestoreOperation": "KeyVault.SelectiveKeyRestoreOperation",
+        "azure.keyvault.administration._generated.models.SelectiveKeyRestoreOperationParameters": "KeyVault.SelectiveKeyRestoreOperationParameters",
+        "azure.keyvault.administration._generated.models.Setting": "KeyVault.Setting",
+        "azure.keyvault.administration._generated.models.SettingsListResult": "KeyVault.SettingsListResult",
+        "azure.keyvault.administration._generated.models.UpdateSettingRequest": "KeyVault.UpdateSettingRequest",
+        "azure.keyvault.administration._generated.models.RoleDefinitionType": "KeyVault.RoleDefinitionType",
+        "azure.keyvault.administration._generated.models.RoleType": "KeyVault.RoleType",
+        "azure.keyvault.administration._generated.models.DataAction": "KeyVault.DataAction",
+        "azure.keyvault.administration._generated.models.RoleScope": "KeyVault.RoleScope",
+        "azure.keyvault.administration._generated.models.OperationStatus": "KeyVault.OperationStatus",
+        "azure.keyvault.administration._generated.models.SettingTypeEnum": "KeyVault.SettingTypeEnum",
+        "azure.keyvault.administration._generated.operations.RoleDefinitionsOperations.delete": "KeyVault.RoleDefinitions.delete",
+        "azure.keyvault.administration._generated.aio.operations.RoleDefinitionsOperations.delete": "KeyVault.RoleDefinitions.delete",
+        "azure.keyvault.administration._generated.operations.RoleDefinitionsOperations.create_or_update": "KeyVault.RoleDefinitions.createOrUpdate",
+        "azure.keyvault.administration._generated.aio.operations.RoleDefinitionsOperations.create_or_update": "KeyVault.RoleDefinitions.createOrUpdate",
+        "azure.keyvault.administration._generated.operations.RoleDefinitionsOperations.get": "KeyVault.RoleDefinitions.get",
+        "azure.keyvault.administration._generated.aio.operations.RoleDefinitionsOperations.get": "KeyVault.RoleDefinitions.get",
+        "azure.keyvault.administration._generated.operations.RoleDefinitionsOperations.list": "KeyVault.RoleDefinitions.list",
+        "azure.keyvault.administration._generated.aio.operations.RoleDefinitionsOperations.list": "KeyVault.RoleDefinitions.list",
+        "azure.keyvault.administration._generated.operations.RoleAssignmentsOperations.delete": "KeyVault.RoleAssignments.delete",
+        "azure.keyvault.administration._generated.aio.operations.RoleAssignmentsOperations.delete": "KeyVault.RoleAssignments.delete",
+        "azure.keyvault.administration._generated.operations.RoleAssignmentsOperations.create": "KeyVault.RoleAssignments.create",
+        "azure.keyvault.administration._generated.aio.operations.RoleAssignmentsOperations.create": "KeyVault.RoleAssignments.create",
+        "azure.keyvault.administration._generated.operations.RoleAssignmentsOperations.get": "KeyVault.RoleAssignments.get",
+        "azure.keyvault.administration._generated.aio.operations.RoleAssignmentsOperations.get": "KeyVault.RoleAssignments.get",
+        "azure.keyvault.administration._generated.operations.RoleAssignmentsOperations.list_for_scope": "KeyVault.RoleAssignments.listForScope",
+        "azure.keyvault.administration._generated.aio.operations.RoleAssignmentsOperations.list_for_scope": "KeyVault.RoleAssignments.listForScope",
+        "azure.keyvault.administration._generated.KeyVaultClient.full_backup_status": "KeyVault.fullBackupStatus",
+        "azure.keyvault.administration._generated.aio.KeyVaultClient.full_backup_status": "KeyVault.fullBackupStatus",
+        "azure.keyvault.administration._generated.KeyVaultClient.begin_full_backup": "KeyVault.fullBackup",
+        "azure.keyvault.administration._generated.aio.KeyVaultClient.begin_full_backup": "KeyVault.fullBackup",
+        "azure.keyvault.administration._generated.KeyVaultClient.begin_pre_full_backup": "KeyVault.preFullBackup",
+        "azure.keyvault.administration._generated.aio.KeyVaultClient.begin_pre_full_backup": "KeyVault.preFullBackup",
+        "azure.keyvault.administration._generated.KeyVaultClient.restore_status": "KeyVault.restoreStatus",
+        "azure.keyvault.administration._generated.aio.KeyVaultClient.restore_status": "KeyVault.restoreStatus",
+        "azure.keyvault.administration._generated.KeyVaultClient.begin_full_restore_operation": "KeyVault.fullRestoreOperation",
+        "azure.keyvault.administration._generated.aio.KeyVaultClient.begin_full_restore_operation": "KeyVault.fullRestoreOperation",
+        "azure.keyvault.administration._generated.KeyVaultClient.begin_pre_full_restore_operation": "KeyVault.preFullRestoreOperation",
+        "azure.keyvault.administration._generated.aio.KeyVaultClient.begin_pre_full_restore_operation": "KeyVault.preFullRestoreOperation",
+        "azure.keyvault.administration._generated.KeyVaultClient.selective_key_restore_status": "KeyVault.selectiveKeyRestoreStatus",
+        "azure.keyvault.administration._generated.aio.KeyVaultClient.selective_key_restore_status": "KeyVault.selectiveKeyRestoreStatus",
+        "azure.keyvault.administration._generated.KeyVaultClient.begin_selective_key_restore_operation": "KeyVault.selectiveKeyRestoreOperation",
+        "azure.keyvault.administration._generated.aio.KeyVaultClient.begin_selective_key_restore_operation": "KeyVault.selectiveKeyRestoreOperation",
+        "azure.keyvault.administration._generated.KeyVaultClient.update_setting": "KeyVault.updateSetting",
+        "azure.keyvault.administration._generated.aio.KeyVaultClient.update_setting": "KeyVault.updateSetting",
+        "azure.keyvault.administration._generated.KeyVaultClient.get_setting": "KeyVault.getSetting",
+        "azure.keyvault.administration._generated.aio.KeyVaultClient.get_setting": "KeyVault.getSetting",
+        "azure.keyvault.administration._generated.KeyVaultClient.get_settings": "KeyVault.getSettings",
+        "azure.keyvault.administration._generated.aio.KeyVaultClient.get_settings": "KeyVault.getSettings"
+    }
+}

sdk/keyvault/azure-keyvault-administration/assets.json

@@ -2,5 +2,5 @@
   "AssetsRepo": "Azure/azure-sdk-assets",
   "AssetsRepoPrefixPath": "python",
   "TagPrefix": "python/keyvault/azure-keyvault-administration",
-  "Tag": "python/keyvault/azure-keyvault-administration_ab4ab43926"
+  "Tag": "python/keyvault/azure-keyvault-administration_007a803c2c"
 }

sdk/keyvault/azure-keyvault-administration/azure/__init__.py

@@ -1,5 +1 @@
-# ------------------------------------
-# Copyright (c) Microsoft Corporation.
-# Licensed under the MIT License.
-# ------------------------------------
 __path__ = __import__("pkgutil").extend_path(__path__, __name__)  # type: ignore

sdk/keyvault/azure-keyvault-administration/azure/keyvault/__init__.py

@@ -1,5 +1 @@
-# ------------------------------------
-# Copyright (c) Microsoft Corporation.
-# Licensed under the MIT License.
-# ------------------------------------
 __path__ = __import__("pkgutil").extend_path(__path__, __name__)  # type: ignore

sdk/keyvault/azure-keyvault-administration/azure/keyvault/administration/_access_control_client.py

@@ -67,15 +67,10 @@ def create_role_assignment(
         assignment_name = name or uuid4()
 
         create_parameters = RoleAssignmentCreateParameters(
-            properties=RoleAssignmentProperties(
-                principal_id=principal_id, role_definition_id=str(definition_id)
-            )
+            properties=RoleAssignmentProperties(principal_id=principal_id, role_definition_id=str(definition_id))
         )
         assignment = self._client.role_assignments.create(
-            scope=scope,
-            role_assignment_name=str(assignment_name),
-            parameters=create_parameters,
-            **kwargs
+            scope=scope, role_assignment_name=str(assignment_name), parameters=create_parameters, **kwargs
         )
         return KeyVaultRoleAssignment._from_generated(assignment)
 
@@ -95,9 +90,7 @@ def delete_role_assignment(
         :rtype: None
         """
         try:
-            self._client.role_assignments.delete(
-                scope=scope, role_assignment_name=str(name), **kwargs
-            )
+            self._client.role_assignments.delete(scope=scope, role_assignment_name=str(name), **kwargs)
         except ResourceNotFoundError:
             pass
 
@@ -116,9 +109,7 @@ def get_role_assignment(
         :returns: The fetched role assignment.
         :rtype: ~azure.keyvault.administration.KeyVaultRoleAssignment
         """
-        assignment = self._client.role_assignments.get(
-            scope=scope, role_assignment_name=str(name), **kwargs
-        )
+        assignment = self._client.role_assignments.get(scope=scope, role_assignment_name=str(name), **kwargs)
         return KeyVaultRoleAssignment._from_generated(assignment)
 
     @distributed_trace
@@ -135,9 +126,7 @@ def list_role_assignments(
         :rtype: ~azure.core.paging.ItemPaged[~azure.keyvault.administration.KeyVaultRoleAssignment]
         """
         return self._client.role_assignments.list_for_scope(
-            scope=scope,
-            cls=lambda result: [KeyVaultRoleAssignment._from_generated(a) for a in result],
-            **kwargs
+            scope=scope, cls=lambda result: [KeyVaultRoleAssignment._from_generated(a) for a in result], **kwargs
         )
 
     @distributed_trace
@@ -198,10 +187,7 @@ def set_role_definition(
         parameters = RoleDefinitionCreateParameters(properties=properties)
 
         definition = self._client.role_definitions.create_or_update(
-            scope=scope,
-            role_definition_name=str(name or uuid4()),
-            parameters=parameters,
-            **kwargs
+            scope=scope, role_definition_name=str(name or uuid4()), parameters=parameters, **kwargs
         )
         return KeyVaultRoleDefinition._from_generated(definition)
 
@@ -220,9 +206,7 @@ def get_role_definition(
         :returns: The fetched role definition.
         :rtype: ~azure.keyvault.administration.KeyVaultRoleDefinition
         """
-        definition = self._client.role_definitions.get(
-            scope=scope, role_definition_name=str(name), **kwargs
-        )
+        definition = self._client.role_definitions.get(scope=scope, role_definition_name=str(name), **kwargs)
         return KeyVaultRoleDefinition._from_generated(definition)
 
     @distributed_trace
@@ -241,9 +225,7 @@ def delete_role_definition(
         :rtype: None
         """
         try:
-            self._client.role_definitions.delete(
-                scope=scope, role_definition_name=str(name), **kwargs
-            )
+            self._client.role_definitions.delete(scope=scope, role_definition_name=str(name), **kwargs)
         except ResourceNotFoundError:
             pass
 
@@ -261,9 +243,7 @@ def list_role_definitions(
         :rtype: ~azure.core.paging.ItemPaged[~azure.keyvault.administration.KeyVaultRoleDefinition]
         """
         return self._client.role_definitions.list(
-            scope=scope,
-            cls=lambda result: [KeyVaultRoleDefinition._from_generated(d) for d in result],
-            **kwargs
+            scope=scope, cls=lambda result: [KeyVaultRoleDefinition._from_generated(d) for d in result], **kwargs
         )
 
     def __enter__(self) -> "KeyVaultAccessControlClient":

sdk/keyvault/azure-keyvault-administration/azure/keyvault/administration/_backup_client.py

@@ -101,9 +101,7 @@ def _use_continuation_token(self, continuation_token: str, status_method: Callab
                 + "operation poller's continuation_token() method"
             ) from ex
 
-        pipeline_response = status_method(
-            job_id=job_id, cls=lambda pipeline_response, _, __: pipeline_response
-        )
+        pipeline_response = status_method(job_id=job_id, cls=lambda pipeline_response, _, __: pipeline_response)
         if "azure-asyncoperation" not in pipeline_response.http_response.headers:
             pipeline_response.http_response.headers["azure-asyncoperation"] = status_url
         return _get_continuation_token(pipeline_response)
@@ -116,8 +114,7 @@ def begin_backup(
         use_managed_identity: Literal[True],
         continuation_token: Optional[str] = None,
         **kwargs: Any,
-    ) -> LROPoller[KeyVaultBackupResult]:
-        ...
+    ) -> LROPoller[KeyVaultBackupResult]: ...
 
     @overload
     def begin_backup(
@@ -127,8 +124,7 @@ def begin_backup(
         sas_token: str,
         continuation_token: Optional[str] = None,
         **kwargs: Any,
-    ) -> LROPoller[KeyVaultBackupResult]:
-        ...
+    ) -> LROPoller[KeyVaultBackupResult]: ...
 
     # Disabling pylint checks because they don't correctly handle overloads
     @distributed_trace
@@ -195,8 +191,7 @@ def begin_restore(
         key_name: Optional[str] = None,
         continuation_token: Optional[str] = None,
         **kwargs: Any,
-    ) -> LROPoller[None]:
-        ...
+    ) -> LROPoller[None]: ...
 
     @overload
     def begin_restore(
@@ -207,8 +202,7 @@ def begin_restore(
         key_name: Optional[str] = None,
         continuation_token: Optional[str] = None,
         **kwargs: Any,
-    ) -> LROPoller[None]:
-        ...
+    ) -> LROPoller[None]: ...
 
     # Disabling pylint checks because they don't correctly handle overloads
     @distributed_trace
@@ -300,8 +294,7 @@ def begin_pre_backup(
         use_managed_identity: Literal[True],
         continuation_token: Optional[str] = None,
         **kwargs: Any,
-    ) -> LROPoller[None]:
-        ...
+    ) -> LROPoller[None]: ...
 
     @overload
     def begin_pre_backup(
@@ -311,8 +304,7 @@ def begin_pre_backup(
         sas_token: str,
         continuation_token: Optional[str] = None,
         **kwargs: Any,
-    ) -> LROPoller[None]:
-        ...
+    ) -> LROPoller[None]: ...
 
     @distributed_trace
     def begin_pre_backup(  # pylint: disable=docstring-keyword-should-match-keyword-only
@@ -368,8 +360,7 @@ def begin_pre_restore(
         use_managed_identity: Literal[True],
         continuation_token: Optional[str] = None,
         **kwargs: Any,
-    ) -> LROPoller[None]:
-        ...
+    ) -> LROPoller[None]: ...
 
     @overload
     def begin_pre_restore(
@@ -379,8 +370,7 @@ def begin_pre_restore(
         sas_token: str,
         continuation_token: Optional[str] = None,
         **kwargs: Any,
-    ) -> LROPoller[None]:
-        ...
+    ) -> LROPoller[None]: ...
 
     @distributed_trace
     def begin_pre_restore(  # pylint: disable=docstring-keyword-should-match-keyword-only

sdk/keyvault/azure-keyvault-administration/azure/keyvault/administration/_generated/_client.py

@@ -16,28 +16,30 @@
 
 from ._configuration import KeyVaultClientConfiguration
 from ._utils.serialization import Deserializer, Serializer
-from .operations import KeyVaultClientOperationsMixin, RoleAssignmentsOperations, RoleDefinitionsOperations
+from .operations import RoleAssignmentsOperations, RoleDefinitionsOperations, _KeyVaultClientOperationsMixin
 
 if TYPE_CHECKING:
     from azure.core.credentials import TokenCredential
 
 
-class KeyVaultClient(KeyVaultClientOperationsMixin):
-    """The key vault client performs cryptographic key operations and vault operations against the Key
-    Vault service.
+class KeyVaultClient(_KeyVaultClientOperationsMixin):
+    """The Azure Key Vault Administration service client performs administrative operations including
+    RBAC, BackupRestore, and settings management against the Azure Key Vault service.
 
     :ivar role_definitions: RoleDefinitionsOperations operations
     :vartype role_definitions:
      azure.keyvault.administration._generated.operations.RoleDefinitionsOperations
     :ivar role_assignments: RoleAssignmentsOperations operations
     :vartype role_assignments:
      azure.keyvault.administration._generated.operations.RoleAssignmentsOperations
-    :param vault_base_url: Required.
+    :param vault_base_url: The base URL of the Key Vault instance (e.g.
+     `https://myvault.vault.azure.net/ <https://myvault.vault.azure.net/>`_). Required.
     :type vault_base_url: str
     :param credential: Credential used to authenticate requests to the service. Required.
     :type credential: ~azure.core.credentials.TokenCredential
-    :keyword api_version: The API version to use for this operation. Default value is "7.6". Note
-     that overriding this default value may result in unsupported behavior.
+    :keyword api_version: The API version to use for this operation. Known values are "2025-07-01".
+     Default value is "2025-07-01". Note that overriding this default value may result in
+     unsupported behavior.
     :paramtype api_version: str
     :keyword int polling_interval: Default waiting time between two polls for LRO operations if no
      Retry-After header is present.