Key Vault: Certificate review (AzureSDKAutomation#7880)

* renamed certificate getters

* restore_certificate -> restore_certificate_backup

* changed default certificate policy to only have subject name and issuer name

* renamed create_certificate to begin_create_certificate and made policy a required parameter

* appended _on to expires, created, and updated

* working on moving LifetimeAction

* changed ActionType to CertificatePolicyAction

* Contact -> CertificateContact

* Error -> CertificateError

* Issuer -> CertificateIssuer

* moved unnecessary positional parameters to kwargs

* added changelog

* fixed usage of CertificateError

* reverted some mentions of KeyVaultCertificate

* fixed references in tests to async begin_create_certificate

sdk/keyvault/azure-keyvault-certificates/HISTORY.md

@@ -3,7 +3,23 @@
 ## 4.0.0b5
 ### Breaking changes
 - Removed redundant method `get_pending_certificate_signing_request()`. A pending CSR can be retrieved via `get_certificate_operation()`.
-- Renamed `create_certificate` to `begin_create_certificate`
+- Renamed the sync method `create_certificate` to `begin_create_certificate`
+- Renamed `restore_certificate` to `restore_certificate_backup`
+- Renamed `get_certificate` to `get_certificate_version`
+- Renamed `get_certificate_with_policy` to `get_certificate`
+- `create_certificate` now has policy as a required parameter
+- All optional positional parameters besides `version` have been moved to kwargs
+
+- Renamed enum `ActionType` to `CertificatePolicyAction`
+- Renamed `Certificate` to `KeyVaultCertificate`
+- Renamed `Contact` to `CertificateContact`
+- Renamed `Issuer` to `CertificateIssuer`
+- Renamed `expires` property of `CertificateProperties` and `CertificatePolicy` to `expires_on`
+- Renamed `created` property of `CertificateProperties`, `CertificatePolicy`, and `CertificateIssuer` to `created_on`
+- Renamed `updated` property of `CertificateProperties`, `CertificatePolicy`, and `CertificateIssuer` to `updated_on`
+
+### New Features
+- `CertificatePolicy` now has a public class method `get_default` allowing users to get the default `CertificatePolicy`
 
 ## 4.0.0b4 (2019-10-08)
 ### Breaking changes

sdk/keyvault/azure-keyvault-certificates/README.md

@@ -124,61 +124,51 @@ new versions of existing certificates, update certificate metadata, and delete c
 can also manage certificate issuers, contacts, and management policies of certificates. This is
 illustrated in the [examples](#examples) below.
 
-### Certificate
-  A certificate is the fundamental resource within Azure KeyVault. From a developer's perspective,
-  Key Vault APIs accept and return certificates as the Certificate type. In addition to the
-  certificate data, the following attributes may be specified:
-* expires: Identifies the expiration time on or after which the certificate data should not be retrieved.
-* not_before: Identifies the time after which the certificate will be active.
-* enabled: Specifies whether the certificate data can be retrieved.
-* created: Indicates when this version of the certificate was created.
-* updated: Indicates when this version of the certificate was updated.
-
 ### Certificate Client:
 
 ## Examples
 This section contains code snippets covering common tasks:
 * [Create a Certificate](#create-a-certificate)
 * [Retrieve a Certificate](#retrieve-a-certificate)
-* [Update an existing Certificate](#update-an-existing-certificate)
+* [Update Properties of an existing Certificate](#update-properties-of-an-existing-certificate)
 * [Delete a Certificate](#delete-a-certificate)
-* [List Certificates](#list-certificates)
+* [List Properites of Certificates](#list-properties-of-certificates)
 * [Asynchronously create a Certificate](#asynchronously-create-a-certificate)
-* [Asynchronously list certificates](#asynchronously-list-certificates)
+* [Asynchronously list properties of Certificates](#asynchronously-list-properties-of-certificates)
 
 ### Create a Certificate
-`begin_create_certificate` creates a Certificate to be stored in the Azure Key Vault. If a certificate with
+`begin_create_certificate` creates a certificate to be stored in the Azure Key Vault. If a certificate with
 the same name already exists, then a new version of the certificate is created.
 Before creating a certificate, a management policy for the certificate can be created or our default
 policy will be used. The `begin_create_certificate` operation returns a long running operation poller.
 ```python
-create_certificate_poller = certificate_client.begin_create_certificate(name="cert-name")
+create_certificate_poller = certificate_client.begin_create_certificate(name="cert-name", policy=CertificatePolicy.get_default())
 
 print(create_certificate_poller.result())
 ```
 
 ### Retrieve a Certificate
-`get_certificate_with_policy` retrieves a certificate previously stored in the Key Vault without
+`get_certificate` retrieves a certificate previously stored in the Key Vault without
 having to specify version.
 ```python
-certificate = certificate_client.get_certificate_with_policy(name="cert-name")
+certificate = certificate_client.get_certificate(name="cert-name")
 
 print(certificate.name)
 print(certificate.properties.version)
 print(certificate.policy.id)
 ```
 
-`get_certificate` retrieves a certificate based on the certificate name and the version of the certificate.
+`get_certificate_version` retrieves a certificate based on the certificate name and the version of the certificate.
 Version is required.
 ```python
-certificate = certificate_client.get_certificate(name="cert-name", version="cert-version")
+certificate = certificate_client.get_certificate_version(name="cert-name", version="cert-version")
 
 print(certificate.name)
 print(certificate.properties.version)
 ```
 
-### Update an existing Certificate
-`update_certificate` updates a certificate previously stored in the Key Vault.
+### Update properties of an existing Certificate]
+`update_certificate_properties` updates a certificate previously stored in the Key Vault.
 ```python
 # You can specify additional application-specific metadata in the form of tags.
 tags = {"foo": "updated tag"}
@@ -187,7 +177,7 @@ updated_certificate= certificate_client.update_certificate_properties(name="cert
 
 print(updated_certificate.name)
 print(updated_certificate.properties.version)
-print(updated_certificate.properties.updated)
+print(updated_certificate.properties.updated_on)
 print(updated_certificate.properties.tags)
 
 ```
@@ -201,10 +191,10 @@ deleted_certificate = certificate_client.delete_certificate(name="cert-name")
 print(deleted_certificate.name)
 print(deleted_certificate.deleted_date)
 ```
-### List Certificates
-This example lists all the certificates in the specified Key Vault.
+### List properties of Certificates
+This example lists the properties of all certificates in the specified Key Vault.
 ```python
-certificates = certificate_client.list_certificates()
+certificates = certificate_client.list_properites_of_certificates()
 
 for certificate in certificates:
     # this list doesn't include versions of the certificates
@@ -219,16 +209,17 @@ See
 for more information.
 
 ### Asynchronously create a Certificate
-`create_certificate` creates a Certificate to be stored in the Azure Key Vault. If a certificate with the
+`create_certificate` creates a certificate to be stored in the Azure Key Vault. If a certificate with the
 same name already exists, then a new version of the certificate is created.
 Before creating a certificate, a management policy for the certificate can be created or our default policy
-will be used. The `create_certificate` operation is a coroutine.
+will be used. Awaiting the call to `create_certificate` returns your created certificate if creation is successful,
+and a `CertificateOperation` if creation is not.
 ```python
-create_certificate_result = await certificate_client.create_certificate(name="cert-name")
+create_certificate_result = await certificate_client.create_certificate(name="cert-name", policy=CertificatePolicy.get_default())
 print(create_certificate_result)
 ```
 
-### Asynchronously list certificates
+### Asynchronously list properties of Certificates
 This example lists all the certificates in the client's vault:
 ```python
 certificates = certificate_client.list_certificates()
@@ -247,7 +238,7 @@ displaying additional information about the error.
 ```python
 from azure.core.exceptions import ResourceNotFoundError
 try:
-    certificate_client.get_certificate(name="deleted_certificate", version="deleted_certificate_version")
+    certificate_client.get_certificate(name="deleted_certificate")
 except ResourceNotFoundError as e:
     print(e.message)
 
@@ -281,7 +272,7 @@ client = CertificateClient(vault_endpoint=url, credential=credential, logging_en
 
 Network trace logging can also be enabled for any single operation:
  ```python
-certificate = certificate_client.get_certificate_with_policy(name="cert-name", logging_enable=True)
+certificate = certificate_client.get_certificate(name="cert-name", logging_enable=True)
 ```
 
 ## Next steps

sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/__init__.py

@@ -3,15 +3,15 @@
 # Licensed under the MIT License.
 # ------------------------------------
 from .client import CertificateClient
-from .enums import ActionType, KeyCurveName, KeyType, SecretContentType, KeyUsageType
-from .models import AdministratorDetails, CertificatePolicy, Contact, LifetimeAction
+from .enums import CertificatePolicyAction, KeyCurveName, KeyType, SecretContentType, KeyUsageType
+from .models import AdministratorDetails, CertificatePolicy, CertificateContact, LifetimeAction
 
 __all__ = [
-    "ActionType",
+    "CertificatePolicyAction",
     "AdministratorDetails",
     "CertificateClient",
     "CertificatePolicy",
-    "Contact",
+    "CertificateContact",
     "KeyCurveName",
     "KeyType",
     "KeyUsageType",

sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_polling.py

@@ -48,7 +48,7 @@ def finished(self):
         return self._pending_certificate_op.status.lower() != "inprogress"
 
     def resource(self):
-        # type: () -> Union[Certificate, CertificateOperation]
+        # type: () -> Union[KeyVaultCertificate, CertificateOperation]
         return self._resource
 
     def status(self):

sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_shared/client_base.py

@@ -4,7 +4,6 @@
 # ------------------------------------
 from typing import TYPE_CHECKING
 
-from azure.core.configuration import Configuration
 from azure.core.pipeline import Pipeline
 from azure.core.pipeline.policies import UserAgentPolicy, DistributedTracingPolicy
 from azure.core.pipeline.transport import RequestsTransport

sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/aio/_polling_async.py

@@ -7,7 +7,7 @@
 import logging
 from typing import Any, Callable, Union
 from azure.core.polling import AsyncPollingMethod
-from ..models import Certificate, CertificateOperation
+from ..models import KeyVaultCertificate, CertificateOperation
 
 
 logger = logging.getLogger(__name__)
@@ -46,7 +46,7 @@ def finished(self) -> bool:
             return True
         return self._pending_certificate_op.status.lower() != "inprogress"
 
-    def resource(self) -> Union[Certificate, CertificateOperation]:
+    def resource(self) -> Union[KeyVaultCertificate, CertificateOperation]:
         return self._resource
 
     def status(self) -> str: