com.azure.security.attestation.AttestationAdministrationClient Maven / Gradle / Ivy
// Copyright (c) Microsoft Corporation. All rights reserved.
// Licensed under the MIT License.
package com.azure.security.attestation;
import com.azure.core.annotation.ReturnType;
import com.azure.core.annotation.ServiceClient;
import com.azure.core.annotation.ServiceMethod;
import com.azure.core.exception.HttpResponseException;
import com.azure.core.http.rest.Response;
import com.azure.core.util.BinaryData;
import com.azure.core.util.Context;
import com.azure.security.attestation.models.AttestationPolicySetOptions;
import com.azure.security.attestation.models.AttestationResponse;
import com.azure.security.attestation.models.AttestationSignerCollection;
import com.azure.security.attestation.models.AttestationSigningKey;
import com.azure.security.attestation.models.AttestationTokenValidationOptions;
import com.azure.security.attestation.models.AttestationType;
import com.azure.security.attestation.models.PolicyCertificatesModificationResult;
import com.azure.security.attestation.models.PolicyManagementCertificateOptions;
import com.azure.security.attestation.models.PolicyResult;
/**
*
* The AttestationAdministrationClient provides access to the administrative policy APIs
* implemented by the Attestation Service.
*
* More information on attestation policies can be found here
*
*
* There are two main families of APIs available from the Administration client.
*
* - Attestation Policy Management
* - Policy Management Certificate Management
*
*
* Attestation service instances operate in three different modes:
*
* - Shared - a shared instance is a regional instance which is available to all customers.
* It does NOT support customer specified policy documents - there is only a default policy available
* for each attestation type
* - AAD - An attestation instance where the customer trusts Azure Active Directory (and Azure
* Role Based Access Control) to manage the security of their enclave.
* - Isolated - an attestation instance where the customer does *not* trust Azure Active Directory
* (and RBAC) to manage the security of their enclave
*
*
*
* When an attestation instance is in Isolated mode, additional proof needs to be provided by the customer
* to verify that they are authorized to perform the operation specified.
*
*
* When an Isolated mode attestation instance is created, the creator provides an X.509 certificate
* which forms the set of policy management certificates. Under the covers, each {@link AttestationAdministrationAsyncClient#setAttestationPolicy(AttestationType, AttestationPolicySetOptions)}.
* API call must be signed with the private key which is associated with one of the policy management
* certificates. This signing operation allows the attestation service to verify that the caller is
* in possession of a private key which has been authorized to add or reset policies, or to modify
* the set of attestation policy certificates.
*
* */
@ServiceClient(builder = AttestationAdministrationClientBuilder.class)
public final class AttestationAdministrationClient {
private final AttestationAdministrationAsyncClient asyncClient;
AttestationAdministrationClient(AttestationAdministrationAsyncClient asyncClient) {
this.asyncClient = asyncClient;
}
/**
* Retrieves the current policy for an attestation type.
*
* NOTE:
* The {@link AttestationAdministrationAsyncClient#getAttestationPolicyWithResponse(AttestationType, AttestationTokenValidationOptions, Context)} API returns the underlying
* attestation policy specified by the user. This is NOT the full attestation policy maintained by
* the attestation service. Specifically it does not include the signing certificates used to verify the attestation
* policy.
*
*
* To retrieve the signing certificates used to sign the policy, {@link Response} object returned from this API
* is an instance of an {@link com.azure.security.attestation.models.AttestationResponse} object
* and the caller can retrieve the full policy object maintained by the service by calling the
* {@link AttestationResponse#getToken()} method.
* The returned {@link com.azure.security.attestation.models.AttestationToken} object will be
* the value stored by the attestation service.
*
*
* Retrieve the current attestation policy for SGX enclaves.
*
*
* String policy = client.getAttestationPolicy(AttestationType.SGX_ENCLAVE);
*
*
*
* @param attestationType Specifies the trusted execution environment whose policy should be retrieved.
* @throws IllegalArgumentException thrown if parameters fail the validation.
* @throws HttpResponseException thrown if the request is rejected by server.
* @throws RuntimeException all other wrapped checked exceptions if the request fails to be sent.
* @return the response to an attestation policy operation.
*/
@ServiceMethod(returns = ReturnType.SINGLE)
public String getAttestationPolicy(AttestationType attestationType) {
return asyncClient.getAttestationPolicy(attestationType).block();
}
/**
* Retrieves the current policy for an attestation type.
*
* NOTE:
* The {@link AttestationAdministrationAsyncClient#getAttestationPolicyWithResponse(AttestationType, AttestationTokenValidationOptions, Context)} API returns the underlying
* attestation policy specified by the user. This is NOT the full attestation policy maintained by
* the attestation service. Specifically it does not include the signing certificates used to verify the attestation
* policy.
*
*
* To retrieve the signing certificates used to sign the policy, {@link Response} object returned from this API
* is an instance of an {@link com.azure.security.attestation.models.AttestationResponse} object
* and the caller can retrieve the full policy object maintained by the service by calling the
* {@link AttestationResponse#getToken()} method.
* The returned {@link com.azure.security.attestation.models.AttestationToken} object will be
* the value stored by the attestation service.
*
*
* Retrieve the current attestation policy for SGX enclaves.
*
*
* Response<String> response = client.getAttestationPolicyWithResponse(AttestationType.SGX_ENCLAVE, null,
* Context.NONE);
*
*
*
* @param attestationType Specifies the trusted execution environment whose policy should be retrieved.
* @param options Options used when validating the attestation token.
* @throws IllegalArgumentException thrown if parameters fail the validation.
* @throws HttpResponseException thrown if the request is rejected by server.
* @throws RuntimeException all other wrapped checked exceptions if the request fails to be sent.
* @return the response to an attestation policy operation.
*/
@ServiceMethod(returns = ReturnType.SINGLE)
public String getAttestationPolicy(AttestationType attestationType, AttestationTokenValidationOptions options) {
return asyncClient.getAttestationPolicy(attestationType, options).block();
}
/**
* Retrieves the current policy for an attestation type.
*
* NOTE:
* The {@link AttestationAdministrationAsyncClient#getAttestationPolicyWithResponse(AttestationType, AttestationTokenValidationOptions, Context)} API returns the underlying
* attestation policy specified by the user. This is NOT the full attestation policy maintained by
* the attestation service. Specifically it does not include the signing certificates used to verify the attestation
* policy.
*
*
* To retrieve the signing certificates used to sign the policy, {@link Response} object returned from this API
* is an instance of an {@link com.azure.security.attestation.models.AttestationResponse} object
* and the caller can retrieve the full policy object maintained by the service by calling the
* {@link AttestationResponse#getToken()} method.
* The returned {@link com.azure.security.attestation.models.AttestationToken} object will be
* the value stored by the attestation service.
*
*
* Retrieve the current attestation policy for SGX enclaves.
*
*
* Response<String> response = client.getAttestationPolicyWithResponse(AttestationType.SGX_ENCLAVE, null,
* Context.NONE);
*
*
*
* @param attestationType Specifies the trusted execution environment whose policy should be retrieved.
* @param validationOptions Options used when validating the token returned by the attestation service.
* @param context Context for the operation.
* @throws IllegalArgumentException thrown if parameters fail the validation.
* @throws HttpResponseException thrown if the request is rejected by server.
* @throws RuntimeException all other wrapped checked exceptions if the request fails to be sent.
* @return the attestation policy expressed as a string.
*/
@ServiceMethod(returns = ReturnType.SINGLE)
public AttestationResponse getAttestationPolicyWithResponse(AttestationType attestationType,
AttestationTokenValidationOptions validationOptions, Context context) {
return asyncClient.getAttestationPolicyWithResponse(attestationType, validationOptions, context).block();
}
/**
* Sets the attestation policy for the specified attestation type for an AAD mode attestation instance.
*
* Note that this function will only work on AAD mode attestation instances, because there is
* no key signing certificate provided.
*
* More information about Attestation Policy can be found here.
*
* Set attestation policy to a constant value.
*
*
* String policyToSet = "version=1.0; authorizationrules{=> permit();}; issuancerules{};";
* PolicyResult result = client.setAttestationPolicy(AttestationType.OPEN_ENCLAVE, policyToSet);
*
*
*
* @param attestationType The {@link AttestationType} to be updated.
* @param policyToSet Attestation Policy to set on the instance.
* @return {@link PolicyResult} expressing the result of the attestation operation.
*/
@ServiceMethod(returns = ReturnType.SINGLE)
public PolicyResult setAttestationPolicy(AttestationType attestationType, String policyToSet) {
return asyncClient.setAttestationPolicy(attestationType, policyToSet).block();
}
/**
* Sets the attestation policy for the specified attestation type, with policy and signing key.
* Sets the current policy for an attestation type.
*
* Setting the attestation requires that the caller provide an {@link AttestationPolicySetOptions} object
* which provides the options for setting the policy. There are two major components to a setPolicy
* request:
*
* - The policy to set
* - A signing key used to sign the policy sent to the service (OPTIONAL)
*
*
* On Isolated mode attestation instances, the signing key MUST be one of the configured policy signing
* certificates.
*
*
*
* String policyToSet = "version=1.0; authorizationrules{=> permit();}; issuancerules{};";
* PolicyResult result = client.setAttestationPolicy(AttestationType.OPEN_ENCLAVE,
* new AttestationPolicySetOptions()
* .setAttestationPolicy(policyToSet)
* .setAttestationSigner(new AttestationSigningKey(certificate, privateKey)));
*
*
*
* @param attestationType The {@link AttestationType} to be updated.
* @param options {@link AttestationPolicySetOptions} for the request.
* @return {@link PolicyResult} expressing the result of the attestation operation.
*/
@ServiceMethod(returns = ReturnType.SINGLE)
public PolicyResult setAttestationPolicy(AttestationType attestationType, AttestationPolicySetOptions options) {
return asyncClient.setAttestationPolicy(attestationType, options).block();
}
/**
* Sets the attestation policy for the specified attestation type.
*
* Setting the attestation requires that the caller provide an {@link AttestationPolicySetOptions} object
* which provides the options for setting the policy. There are two major components to a setPolicy
* request:
*
* - The policy to set
* - A signing key used to sign the policy sent to the service (OPTIONAL)
*
*
* On Isolated mode attestation instances, the signing key MUST include one of the configured policy signing
* certificates.
*
*
*
* Response<PolicyResult> response = client.setAttestationPolicyWithResponse(AttestationType.OPEN_ENCLAVE,
* new AttestationPolicySetOptions()
* .setAttestationPolicy(policyToSet)
* .setAttestationSigner(new AttestationSigningKey(certificate, privateKey)), Context.NONE);
*
*
*
*
*
* @param attestationType The {@link AttestationType} to be updated.
* @param options {@link AttestationPolicySetOptions} for the request.
* @param context Context for the operation.
* @return {@link PolicyResult} expressing the result of the attestation operation.
*/
@ServiceMethod(returns = ReturnType.SINGLE)
public AttestationResponse setAttestationPolicyWithResponse(AttestationType attestationType,
AttestationPolicySetOptions options, Context context) {
return asyncClient.setAttestationPolicyWithResponse(attestationType, options, context).block();
}
/**
* Calculates the PolicyTokenHash for a given policy string.
*
* The policyTokenHash claim in the {@link PolicyResult} class is the SHA-256 hash
* of the underlying policy set JSON Web Token sent to the attestation service.
*
* This helper API allows the caller to independently calculate SHA-256 hash of an
* attestation token corresponding to the value which would be sent to the attestation
* service.
*
* The value returned by this API must always match the value in the {@link PolicyResult} object,
* if it does not, it means that the attestation policy received by the service is NOT the one
* which the customer specified.
*
* For an example of how to check the policy token hash:
*
*
* BinaryData expectedHash = client.calculatePolicyTokenHash(policyToSet, null);
* BinaryData actualHash = result.getPolicyTokenHash();
* String expectedString = Hex.toHexString(expectedHash.toBytes());
* String actualString = Hex.toHexString(actualHash.toBytes());
* if (!expectedString.equals(actualString)) {
* throw new RuntimeException("Policy was set but not received!!!");
* }
*
*
*
* @param policy AttestationPolicy document use in the underlying JWT.
* @param signer Optional signing key used to sign the underlying JWT.
* @return A {@link BinaryData} containing the SHA-256 hash of the attestation policy token generated
* using the specified policy and signer.
*/
public BinaryData calculatePolicyTokenHash(String policy, AttestationSigningKey signer) {
return asyncClient.calculatePolicyTokenHash(policy, signer);
}
/**
* Resets the attestation policy for the specified attestation type to the default value.
* Resets the current policy for an attestation type to the default policy.
*
* Note: This is a convenience method that will only work on attestation service instances in AAD mode.
*
* Each AttestationType has a "default" attestation policy, the resetAttestationPolicy API resets the value
* of the attestation policy to the "default" policy.
*
* This API allows an attestation instance owner to undo the result of a
* {@link AttestationAdministrationAsyncClient#setAttestationPolicy(AttestationType, AttestationPolicySetOptions)} API call.
*
* Reset an attestation policy to its defaults on an AAD instance
*
*
* PolicyResult result = client.resetAttestationPolicy(AttestationType.OPEN_ENCLAVE);
*
*
*
* @param attestationType The {@link AttestationType} to be updated.
* @return {@link PolicyResult} expressing the result of the attestation operation.
*/
@ServiceMethod(returns = ReturnType.SINGLE)
public PolicyResult resetAttestationPolicy(AttestationType attestationType) {
return asyncClient.resetAttestationPolicy(attestationType).block();
}
/**
* Resets the current policy for an attestation type to the default policy.
*
* Each AttestationType has a "default" attestation policy, the resetAttestationPolicy API resets the value
* of the attestation policy to the "default" policy.
*
* This API allows an attestation instance owner to undo the result of a
* {@link AttestationAdministrationAsyncClient#setAttestationPolicy(AttestationType, AttestationPolicySetOptions)} API call.
*
* Reset an attestation policy to its defaults
*
*
* PolicyResult result = client.resetAttestationPolicy(AttestationType.OPEN_ENCLAVE,
* new AttestationPolicySetOptions()
* .setAttestationSigner(new AttestationSigningKey(certificate, privateKey)));
*
*
*
* @param attestationType The {@link AttestationType} to be updated.
* @param options {@link AttestationPolicySetOptions} for the request.
* @return {@link PolicyResult} expressing the result of the attestation operation.
*/
@ServiceMethod(returns = ReturnType.SINGLE)
public PolicyResult resetAttestationPolicy(AttestationType attestationType, AttestationPolicySetOptions options) {
return asyncClient.resetAttestationPolicy(attestationType, options).block();
}
/**
* Resets the current policy for an attestation type to the default policy.
*
* Each AttestationType has a "default" attestation policy, the resetAttestationPolicy API resets the value
* of the attestation policy to the "default" policy.
*
* This API allows an attestation instance owner to undo the result of a
* {@link AttestationAdministrationAsyncClient#setAttestationPolicy(AttestationType, AttestationPolicySetOptions)} API call.
*
* Reset an attestation policy to its defaults
*
*
* Response<PolicyResult> response = client.resetAttestationPolicyWithResponse(AttestationType.OPEN_ENCLAVE,
* new AttestationPolicySetOptions()
* .setAttestationSigner(new AttestationSigningKey(certificate, privateKey)), Context.NONE);
*
*
*
*
* @param attestationType The {@link AttestationType} to be updated.
* @param options {@link AttestationPolicySetOptions} for the request.
* @param context Context for the operation.
* @return {@link PolicyResult} expressing the result of the attestation operation.
*/
@ServiceMethod(returns = ReturnType.SINGLE)
public AttestationResponse resetAttestationPolicyWithResponse(AttestationType attestationType,
AttestationPolicySetOptions options, Context context) {
return asyncClient.resetAttestationPolicyWithResponse(attestationType, options, context).block();
}
/**
* Retrieves the current set of attestation policy signing certificates for this instance.
*
*
* On an Isolated attestation instance, each {@link AttestationAdministrationAsyncClient#setAttestationPolicy(AttestationType, AttestationPolicySetOptions)}
* or {@link AttestationAdministrationAsyncClient#resetAttestationPolicy(AttestationType, AttestationPolicySetOptions)} API call
* must be signed with the private key corresponding to one of the certificates in the list returned
* by this API.
*
*
* This establishes that the sender is in possession of the private key associated with the
* configured attestation policy management certificates, and thus the sender is authorized
* to perform the API operation.
*
* Retrieve the set of policy management certificates for this instance.
*
*
* AttestationSignerCollection signers = client.listPolicyManagementCertificates();
* System.out.printf("There are %d signers on the instance\n", signers.getAttestationSigners().size());
*
*
*
* @throws IllegalArgumentException thrown if parameters fail the validation.
* @throws HttpResponseException thrown if the request is rejected by server.
* @throws RuntimeException all other wrapped checked exceptions if the request fails to be sent.
* @return the response to an attestation policy operation.
*/
@ServiceMethod(returns = ReturnType.SINGLE)
public AttestationSignerCollection listPolicyManagementCertificates() {
return asyncClient.listPolicyManagementCertificates().block();
}
/**
* Retrieves the current set of attestation policy signing certificates for this instance.
*
*
* On an Isolated attestation instance, each {@link AttestationAdministrationAsyncClient#setAttestationPolicy(AttestationType, AttestationPolicySetOptions)}
* or {@link AttestationAdministrationAsyncClient#resetAttestationPolicy(AttestationType, AttestationPolicySetOptions)} API call
* must be signed with the private key corresponding to one of the certificates in the list returned
* by this API.
*
*
* This establishes that the sender is in possession of the private key associated with the
* configured attestation policy management certificates, and thus the sender is authorized
* to perform the API operation.
*
* Retrieve the set of policy management certificates for this instance.
*
*
* AttestationResponse<AttestationSignerCollection> signersResponse =
* client.listPolicyManagementCertificatesWithResponse(
* new AttestationTokenValidationOptions().setValidationSlack(Duration.ofSeconds(10)), Context.NONE);
* System.out.printf("There are %d signers on the instance\n",
* signersResponse.getValue().getAttestationSigners().size());
*
*
*
* @param tokenValidationOptions Options to be used validating the token returned by the attestation service.
* @param context Context for the operation.
* @throws IllegalArgumentException thrown if parameters fail the validation.
* @throws HttpResponseException thrown if the request is rejected by server.
* @throws RuntimeException all other wrapped checked exceptions if the request fails to be sent.
* @return the attestation policy expressed as a string.
*/
@ServiceMethod(returns = ReturnType.SINGLE)
public AttestationResponse listPolicyManagementCertificatesWithResponse(
AttestationTokenValidationOptions tokenValidationOptions, Context context) {
return asyncClient.listPolicyManagementCertificatesWithResponse(tokenValidationOptions, context).block();
}
/**
* Adds a new certificate to the set of policy management certificates on this instance.
*
* Each Isolated mode attestation service instance maintains a set of certificates which can be used to authorize
* policy modification operations (in Isolated mode, each policy modification request needs to be signed with
* the private key associated with one of the policy management certificates).
*
*
* This API allows the caller to add a new certificate to the set of policy management certificates.
*
*
* The request to add a new certificate must be signed with one of the existing policy management certificates,
* so the {@link PolicyManagementCertificateOptions} object requires both the new certificate to be added and
* a {@link AttestationSigningKey} to sign the add request.
*
* Add a new certificate to the set of policy management certificates for this instance.
*
*
* PolicyCertificatesModificationResult addResult = client.addPolicyManagementCertificate(
* new PolicyManagementCertificateOptions(certificateToAdd, new AttestationSigningKey(certificate, privateKey)));
* System.out.printf(" Result: %s\n", addResult.getCertificateResolution().toString());
*
*
*
* Note: It is not considered an error to add the same certificate twice. If
* the same certificate is added twice, the service ignores the second add request.
*
* @param options Options for this API call, encapsulating both the X.509 certificate to add to the set of policy
* signing certificates and the signing key used to sign the request to the service.
* @throws IllegalArgumentException thrown if parameters fail the validation.
* @throws HttpResponseException thrown if the request is rejected by server.
* @throws RuntimeException all other wrapped checked exceptions if the request fails to be sent.
* @return the response to an attestation policy operation.
*/
@ServiceMethod(returns = ReturnType.SINGLE)
public PolicyCertificatesModificationResult
addPolicyManagementCertificate(PolicyManagementCertificateOptions options) {
return asyncClient.addPolicyManagementCertificate(options).block();
}
/**
* Adds a new certificate to the set of policy management certificates on this instance.
*
* Each Isolated mode attestation service instance maintains a set of certificates which can be used to authorize
* policy modification operations (in Isolated mode, each policy modification request needs to be signed with
* the private key associated with one of the policy management certificates).
*
* This API allows the caller to add a new certificate to the set of policy management certificates.
*
* The request to add a new certificate must be signed with one of the existing policy management certificates,
* so the {@link PolicyManagementCertificateOptions} object requires both the new certificate to be added and
* a {@link AttestationSigningKey} to sign the add request.
*
* Add a new certificate to the set of policy management certificates for this instance.
*
*
* Response<PolicyCertificatesModificationResult> addResponse = client.addPolicyManagementCertificateWithResponse(
* new PolicyManagementCertificateOptions(certificateToAdd, new AttestationSigningKey(certificate, privateKey)),
* Context.NONE);
* System.out.printf(" Result: %s\n", addResponse.getValue().getCertificateResolution().toString());
*
*
* Note: It is not considered an error to add the same certificate twice. If
* the same certificate is added twice, the service ignores the second add request.
*
* @param options Options for this API call, encapsulating both the X.509 certificate to add to the set of policy
* signing certificates and the signing key used to sign the request to the service.
* @param context Context for the operation.
* @throws IllegalArgumentException thrown if parameters fail the validation.
* @throws HttpResponseException thrown if the request is rejected by server.
* @throws RuntimeException all other wrapped checked exceptions if the request fails to be sent.
* @return the response to an attestation policy operation.
*/
@ServiceMethod(returns = ReturnType.SINGLE)
public AttestationResponse
addPolicyManagementCertificateWithResponse(PolicyManagementCertificateOptions options, Context context) {
return asyncClient.addPolicyManagementCertificateWithResponse(options, context).block();
}
/**
* Deletes a policy management certificate from the set of policy management certificates.
*
* Each Isolated mode attestation service instance maintains a set of certificates which can be used to authorize
* policy modification operations (in Isolated mode, each policy modification request needs to be signed with
* the private key associated with one of the policy management certificates).
*
*
* This API allows the caller to remove an existing certificate from the set of policy management certificates.
*
*
* The request to add a new certificate must be signed with one of the existing policy management certificates,
* so the {@link PolicyManagementCertificateOptions} object requires both the new certificate to be added and
* a {@link AttestationSigningKey} to sign the add request.
*
* Add a new certificate to the set of policy management certificates for this instance.
*
*
* PolicyCertificatesModificationResult removeResult = client.deletePolicyManagementCertificate(
* new PolicyManagementCertificateOptions(certificateToAdd, new AttestationSigningKey(certificate, privateKey)));
* System.out.printf(" Result: %s\n", removeResult.getCertificateResolution().toString());
*
*
*
* Note: It is not considered an error to removethe same certificate twice. If
* the same certificate is removed twice, the service ignores the second remove request. This also means that
* it is not an error to remove a certificate which was not actually in the set of policy certificates.
*
* @param options Options for this API call, encapsulating both the X.509 certificate to remove from the set of policy
* signing certificates and the signing key used to sign the request to the service.
* @throws IllegalArgumentException thrown if parameters fail the validation.
* @throws HttpResponseException thrown if the request is rejected by server.
* @throws RuntimeException all other wrapped checked exceptions if the request fails to be sent.
* @return the response to an attestation policy operation.
*/
@ServiceMethod(returns = ReturnType.SINGLE)
public PolicyCertificatesModificationResult
deletePolicyManagementCertificate(PolicyManagementCertificateOptions options) {
return asyncClient.deletePolicyManagementCertificate(options).block();
}
/**
* Removes a policy management certificate from the set of policy management certificates.
*
* Each Isolated mode attestation service instance maintains a set of certificates which can be used to authorize
* policy modification operations (in Isolated mode, each policy modification request needs to be signed with
* the private key associated with one of the policy management certificates).
*
*
* This API allows the caller to remove an existing certificate from the set of policy management certificates.
*
*
* The request to add a new certificate must be signed with one of the existing policy management certificates,
* so the {@link PolicyManagementCertificateOptions} object requires both the new certificate to be added and
* a {@link AttestationSigningKey} to sign the add request.
*
* Add a new certificate to the set of policy management certificates for this instance.
*
*
* Response<PolicyCertificatesModificationResult> removeResponse = client.addPolicyManagementCertificateWithResponse(
* new PolicyManagementCertificateOptions(certificateToAdd, new AttestationSigningKey(certificate, privateKey)),
* Context.NONE);
* System.out.printf(" Result: %s\n", removeResponse.getValue().getCertificateResolution().toString());
*
*
*
* Note: It is not considered an error to remove the same certificate twice. If
* the same certificate is removed twice, the service ignores the second remove request. This also means that
* it is not an error to remove a certificate which was not actually in the set of policy certificates.
*
* @param options Options for this API call, encapsulating both the X.509 certificate to remove from the set of policy
* signing certificates and the signing key used to sign the request to the service.
* @param context Context for the operation.
* @throws IllegalArgumentException thrown if parameters fail the validation.
* @throws HttpResponseException thrown if the request is rejected by server.
* @throws RuntimeException all other wrapped checked exceptions if the request fails to be sent.
* @return the response to an attestation policy operation.
*/
@ServiceMethod(returns = ReturnType.SINGLE)
public AttestationResponse
deletePolicyManagementCertificateWithResponse(PolicyManagementCertificateOptions options, Context context) {
return asyncClient.deletePolicyManagementCertificateWithResponse(options, context).block();
}
}