Azure · seankane-msft · Jan 19, 2022 · Jan 19, 2022 · Jan 19, 2022 · Jan 19, 2022
@@ -1,12 +1,14 @@
 # Release History
 
-## 0.2.1 (Unreleased)
+## 0.3.0 (Unreleased)
 
 ### Features Added
 
 ### Breaking Changes
+* Changed the `Tags` properties from `map[string]*string` to `map[string]string`
 
 ### Bugs Fixed
+* Fixed a bug in `UpdateKeyProperties` where the `KeyOps` would be deleted if the `UpdateKeyProperties.KeyOps` value was left empty.
 
 ### Other Changes
 

@@ -217,8 +217,8 @@ func ExampleClient_UpdateKeyProperties() {
 	}
 
 	resp, err := client.UpdateKeyProperties(context.TODO(), "key-to-update", &azkeys.UpdateKeyPropertiesOptions{
-		Tags: map[string]*string{
-			"Tag1": to.StringPtr("val1"),
+		Tags: map[string]string{
+			"Tag1": "val1",
 		},
 		KeyAttributes: &azkeys.KeyAttributes{
 			RecoveryLevel: azkeys.CustomizedRecoverablePurgeable.ToPtr(),

@@ -82,7 +82,7 @@ type CreateKeyOptions struct {
 	PublicExponent *int32 `json:"public_exponent,omitempty"`
 
 	// Application specific metadata in the form of key-value pairs.
-	Tags map[string]*string `json:"tags,omitempty"`
+	Tags map[string]string `json:"tags,omitempty"`
 }
 
 // convert CreateKeyOptions to *generated.KeyVaultClientCreateKeyOptions
@@ -97,7 +97,7 @@ func (c *CreateKeyOptions) toKeyCreateParameters(keyType KeyType) generated.KeyC
 		attribs = c.KeyAttributes.toGenerated()
 	}
 
-	ops := make([]*generated.JSONWebKeyOperation, 0)
+	var ops []*generated.JSONWebKeyOperation
 	for _, o := range c.KeyOps {
 		ops = append(ops, (*generated.JSONWebKeyOperation)(o))
 	}
@@ -109,7 +109,7 @@ func (c *CreateKeyOptions) toKeyCreateParameters(keyType KeyType) generated.KeyC
 		KeyOps:         ops,
 		KeySize:        c.KeySize,
 		PublicExponent: c.PublicExponent,
-		Tags:           c.Tags,
+		Tags:           convertToGeneratedMap(c.Tags),
 	}
 }
 
@@ -127,7 +127,7 @@ func createKeyResponseFromGenerated(g generated.KeyVaultClientCreateKeyResponse)
 		KeyBundle: KeyBundle{
 			Attributes: keyAttributesFromGenerated(g.Attributes),
 			Key:        jsonWebKeyFromGenerated(g.Key),
-			Tags:       g.Tags,
+			Tags:       convertGeneratedMap(g.Tags),
 			Managed:    g.Managed,
 		},
 	}
@@ -155,7 +155,7 @@ type CreateECKeyOptions struct {
 	CurveName *JSONWebKeyCurveName `json:"crv,omitempty"`
 
 	// Application specific metadata in the form of key-value pairs.
-	Tags map[string]*string `json:"tags,omitempty"`
+	Tags map[string]string `json:"tags,omitempty"`
 
 	// Whether to create an EC key with HSM protection
 	HardwareProtected bool
@@ -166,7 +166,7 @@ func (c *CreateECKeyOptions) toKeyCreateParameters(keyType KeyType) generated.Ke
 	return generated.KeyCreateParameters{
 		Kty:   keyType.toGenerated(),
 		Curve: (*generated.JSONWebKeyCurveName)(c.CurveName),
-		Tags:  c.Tags,
+		Tags:  convertToGeneratedMap(c.Tags),
 	}
 }
 
@@ -184,7 +184,7 @@ func createECKeyResponseFromGenerated(g generated.KeyVaultClientCreateKeyRespons
 		KeyBundle: KeyBundle{
 			Attributes: keyAttributesFromGenerated(g.Attributes),
 			Key:        jsonWebKeyFromGenerated(g.Key),
-			Tags:       g.Tags,
+			Tags:       convertGeneratedMap(g.Tags),
 			Managed:    g.Managed,
 		},
 	}
@@ -219,15 +219,15 @@ type CreateOCTKeyOptions struct {
 	KeySize *int32 `json:"key_size,omitempty"`
 
 	// Application specific metadata in the form of key-value pairs.
-	Tags map[string]*string `json:"tags,omitempty"`
+	Tags map[string]string `json:"tags,omitempty"`
 }
 
 // conver the CreateOCTKeyOptions to generated.KeyCreateParameters
 func (c *CreateOCTKeyOptions) toKeyCreateParameters(keyType KeyType) generated.KeyCreateParameters {
 	return generated.KeyCreateParameters{
 		Kty:     keyType.toGenerated(),
 		KeySize: c.KeySize,
-		Tags:    c.Tags,
+		Tags:    convertToGeneratedMap(c.Tags),
 	}
 }
 
@@ -245,7 +245,7 @@ func createOCTKeyResponseFromGenerated(i generated.KeyVaultClientCreateKeyRespon
 		KeyBundle: KeyBundle{
 			Attributes: keyAttributesFromGenerated(i.Attributes),
 			Key:        jsonWebKeyFromGenerated(i.Key),
-			Tags:       i.Tags,
+			Tags:       convertGeneratedMap(i.Tags),
 			Managed:    i.Managed,
 		},
 	}
@@ -283,7 +283,7 @@ type CreateRSAKeyOptions struct {
 	PublicExponent *int32 `json:"public_exponent,omitempty"`
 
 	// Application specific metadata in the form of key-value pairs.
-	Tags map[string]*string `json:"tags,omitempty"`
+	Tags map[string]string `json:"tags,omitempty"`
 }
 
 // convert CreateRSAKeyOptions to generated.KeyCreateParameters
@@ -292,7 +292,7 @@ func (c CreateRSAKeyOptions) toKeyCreateParameters(k KeyType) generated.KeyCreat
 		Kty:            k.toGenerated(),
 		KeySize:        c.KeySize,
 		PublicExponent: c.PublicExponent,
-		Tags:           c.Tags,
+		Tags:           convertToGeneratedMap(c.Tags),
 	}
 }
 
@@ -310,7 +310,7 @@ func createRSAKeyResponseFromGenerated(i generated.KeyVaultClientCreateKeyRespon
 		KeyBundle: KeyBundle{
 			Attributes: keyAttributesFromGenerated(i.Attributes),
 			Key:        jsonWebKeyFromGenerated(i.Key),
-			Tags:       i.Tags,
+			Tags:       convertGeneratedMap(i.Tags),
 			Managed:    i.Managed,
 		},
 	}
@@ -438,7 +438,7 @@ func getKeyResponseFromGenerated(i generated.KeyVaultClientGetKeyResponse) GetKe
 		KeyBundle: KeyBundle{
 			Attributes: keyAttributesFromGenerated(i.Attributes),
 			Key:        jsonWebKeyFromGenerated(i.Key),
-			Tags:       i.Tags,
+			Tags:       convertGeneratedMap(i.Tags),
 			Managed:    i.Managed,
 		},
 	}
@@ -482,7 +482,7 @@ func getDeletedKeyResponseFromGenerated(i generated.KeyVaultClientGetDeletedKeyR
 			KeyBundle: KeyBundle{
 				Attributes: keyAttributesFromGenerated(i.Attributes),
 				Key:        jsonWebKeyFromGenerated(i.Key),
-				Tags:       i.Tags,
+				Tags:       convertGeneratedMap(i.Tags),
 				Managed:    i.Managed,
 			},
 			RecoveryID:         i.RecoveryID,
@@ -816,7 +816,7 @@ func recoverDeletedKeyResponseFromGenerated(i generated.KeyVaultClientRecoverDel
 		KeyBundle: KeyBundle{
 			Attributes: keyAttributesFromGenerated(i.Attributes),
 			Key:        jsonWebKeyFromGenerated(i.Key),
-			Tags:       i.Tags,
+			Tags:       convertGeneratedMap(i.Tags),
 			Managed:    i.Managed,
 		},
 	}
@@ -881,7 +881,7 @@ type UpdateKeyPropertiesOptions struct {
 	KeyOps []*JSONWebKeyOperation `json:"key_ops,omitempty"`
 
 	// Application specific metadata in the form of key-value pairs.
-	Tags map[string]*string `json:"tags,omitempty"`
+	Tags map[string]string `json:"tags,omitempty"`
 }
 
 // convert the options to generated.KeyUpdateParameters struct
@@ -891,15 +891,15 @@ func (u UpdateKeyPropertiesOptions) toKeyUpdateParameters() generated.KeyUpdateP
 		attribs = u.KeyAttributes.toGenerated()
 	}
 
-	ops := make([]*generated.JSONWebKeyOperation, 0)
+	var ops []*generated.JSONWebKeyOperation
 	for _, o := range u.KeyOps {
 		ops = append(ops, (*generated.JSONWebKeyOperation)(o))
 	}
 
 	return generated.KeyUpdateParameters{
 		KeyOps:        ops,
 		KeyAttributes: attribs,
-		Tags:          u.Tags,
+		Tags:          convertToGeneratedMap(u.Tags),
 	}
 }
 
@@ -922,7 +922,7 @@ func updateKeyPropertiesFromGenerated(i generated.KeyVaultClientUpdateKeyRespons
 		KeyBundle: KeyBundle{
 			Attributes: keyAttributesFromGenerated(i.Attributes),
 			Key:        jsonWebKeyFromGenerated(i.Key),
-			Tags:       i.Tags,
+			Tags:       convertGeneratedMap(i.Tags),
 			Managed:    i.Managed,
 		},
 	}
@@ -1144,7 +1144,7 @@ func restoreKeyBackupResponseFromGenerated(i generated.KeyVaultClientRestoreKeyR
 		KeyBundle: KeyBundle{
 			Attributes: keyAttributesFromGenerated(i.Attributes),
 			Key:        jsonWebKeyFromGenerated(i.Key),
-			Tags:       i.Tags,
+			Tags:       convertGeneratedMap(i.Tags),
 			Managed:    i.Managed,
 		},
 	}
@@ -1174,7 +1174,7 @@ type ImportKeyOptions struct {
 	KeyAttributes *KeyAttributes `json:"attributes,omitempty"`
 
 	// Application specific metadata in the form of key-value pairs.
-	Tags map[string]*string `json:"tags,omitempty"`
+	Tags map[string]string `json:"tags,omitempty"`
 }
 
 func (i ImportKeyOptions) toImportKeyParameters(key JSONWebKey) generated.KeyImportParameters {
@@ -1186,7 +1186,7 @@ func (i ImportKeyOptions) toImportKeyParameters(key JSONWebKey) generated.KeyImp
 		Key:           key.toGenerated(),
 		Hsm:           i.Hsm,
 		KeyAttributes: attribs,
-		Tags:          i.Tags,
+		Tags:          convertToGeneratedMap(i.Tags),
 	}
 }
 
@@ -1204,7 +1204,7 @@ func importKeyResponseFromGenerated(i generated.KeyVaultClientImportKeyResponse)
 		KeyBundle: KeyBundle{
 			Attributes: keyAttributesFromGenerated(i.Attributes),
 			Key:        jsonWebKeyFromGenerated(i.Key),
-			Tags:       i.Tags,
+			Tags:       convertGeneratedMap(i.Tags),
 			Managed:    i.Managed,
 		},
 	}
@@ -1299,7 +1299,7 @@ func (c *Client) RotateKey(ctx context.Context, name string, options *RotateKeyO
 			Attributes:    keyAttributesFromGenerated(resp.Attributes),
 			Key:           jsonWebKeyFromGenerated(resp.Key),
 			ReleasePolicy: keyReleasePolicyFromGenerated(resp.ReleasePolicy),
-			Tags:          resp.Tags,
+			Tags:          convertGeneratedMap(resp.Tags),
 			Managed:       resp.Managed,
 		},
 	}, nil

@@ -65,6 +65,33 @@ func TestCreateKeyRSA(t *testing.T) {
 		})
 	}
 }
+func TestCreateKeyRSATags(t *testing.T) {
+	stop := startTest(t)
+	defer stop()
+
+	client, err := createClient(t, REGULARTEST)
+	require.NoError(t, err)
+
+	key, err := createRandomName(t, "key")
+	require.NoError(t, err)
+
+	resp, err := client.CreateRSAKey(ctx, key, &CreateRSAKeyOptions{
+		Tags: map[string]string{
+			"Tag1": "Val1",
+		},
+	})
+	defer cleanUpKey(t, client, key)
+	require.NoError(t, err)
+	require.NotNil(t, resp.Key)
+	require.Equal(t, 1, len(resp.Tags))
+
+	// Remove the tag
+	resp2, err := client.UpdateKeyProperties(ctx, key, &UpdateKeyPropertiesOptions{
+		Tags: map[string]string{},
+	})
+	require.NoError(t, err)
+	require.Equal(t, 0, len(resp2.Tags))
+}
 
 func TestCreateECKey(t *testing.T) {
 	for _, testType := range testTypes {
@@ -364,8 +391,8 @@ func TestUpdateKeyProperties(t *testing.T) {
 			defer cleanUpKey(t, client, key)
 
 			resp, err := client.UpdateKeyProperties(ctx, key, &UpdateKeyPropertiesOptions{
-				Tags: map[string]*string{
-					"Tag1": to.StringPtr("Val1"),
+				Tags: map[string]string{
+					"Tag1": "Val1",
 				},
 				KeyAttributes: &KeyAttributes{
 					Attributes: Attributes{
@@ -375,7 +402,7 @@ func TestUpdateKeyProperties(t *testing.T) {
 			})
 			require.NoError(t, err)
 			require.NotNil(t, resp.Attributes)
-			require.Equal(t, *resp.Tags["Tag1"], "Val1")
+			require.Equal(t, resp.Tags["Tag1"], "Val1")
 			require.NotNil(t, resp.Attributes.Updated)
 
 			invalid, err := client.UpdateKeyProperties(ctx, "doesnotexist", nil)

@@ -104,8 +104,8 @@ func ExampleClient_UpdateKeyProperties() {
 	}
 
 	resp, err := client.UpdateKeyProperties(context.TODO(), "key-to-update", &azkeys.UpdateKeyPropertiesOptions{
-		Tags: map[string]*string{
-			"Tag1": to.StringPtr("val1"),
+		Tags: map[string]string{
+			"Tag1": "val1",
 		},
 		KeyAttributes: &azkeys.KeyAttributes{
 			RecoveryLevel: azkeys.DeletionRecoveryLevelCustomizedRecoverablePurgeable.ToPtr(),
@@ -114,7 +114,7 @@ func ExampleClient_UpdateKeyProperties() {
 	if err != nil {
 		panic(err)
 	}
-	fmt.Println(*resp.Attributes.RecoveryLevel, *resp.Tags["Tag1"])
+	fmt.Println(*resp.Attributes.RecoveryLevel, resp.Tags["Tag1"])
 }
 
 func ExampleClient_BeginDeleteKey() {

@@ -86,7 +86,7 @@ type KeyBundle struct {
 	ReleasePolicy *KeyReleasePolicy `json:"release_policy,omitempty"`
 
 	// Application specific metadata in the form of key-value pairs.
-	Tags map[string]*string `json:"tags,omitempty"`
+	Tags map[string]string `json:"tags,omitempty"`
 
 	// READ-ONLY; True if the key's lifetime is managed by key vault. If this is a key backing a certificate, then managed will be true.
 	Managed *bool `json:"managed,omitempty" azure:"ro"`
@@ -226,7 +226,7 @@ type KeyItem struct {
 	KID *string `json:"kid,omitempty"`
 
 	// Application specific metadata in the form of key-value pairs.
-	Tags map[string]*string `json:"tags,omitempty"`
+	Tags map[string]string `json:"tags,omitempty"`
 
 	// READ-ONLY; True if the key's lifetime is managed by key vault. If this is a key backing a certificate, then managed will be true.
 	Managed *bool `json:"managed,omitempty" azure:"ro"`
@@ -241,7 +241,7 @@ func keyItemFromGenerated(i *generated.KeyItem) *KeyItem {
 	return &KeyItem{
 		Attributes: keyAttributesFromGenerated(i.Attributes),
 		KID:        i.Kid,
-		Tags:       i.Tags,
+		Tags:       convertGeneratedMap(i.Tags),
 		Managed:    i.Managed,
 	}
 }
@@ -295,7 +295,7 @@ func deletedKeyItemFromGenerated(i *generated.DeletedKeyItem) *DeletedKeyItem {
 				RecoveryLevel:   (*DeletionRecoveryLevel)(i.Attributes.RecoveryLevel),
 			},
 			KID:     i.Kid,
-			Tags:    i.Tags,
+			Tags:    convertGeneratedMap(i.Tags),
 			Managed: i.Managed,
 		},
 	}
@@ -404,3 +404,27 @@ type LifetimeActionsTrigger struct {
 	// Time before expiry to attempt to rotate or notify. It will be in ISO 8601 duration format. Example: 90 days : "P90D"
 	TimeBeforeExpiry *string `json:"timeBeforeExpiry,omitempty"`
 }
+
+func convertToGeneratedMap(m map[string]string) map[string]*string {
+	if m == nil {
+		return nil
+	}
+
+	ret := make(map[string]*string)
+	for k, v := range m {
+		ret[k] = &v
+	}
+	return ret
+}
+
+func convertGeneratedMap(m map[string]*string) map[string]string {
+	if m == nil {
+		return nil
+	}
+
+	ret := make(map[string]string)
+	for k, v := range m {
+		ret[k] = *v
+	}
+	return ret
+}