protected override void ProcessRecord()
{
if (ShouldProcess(Name, Properties.Resources.SetCertificatePolicy))
{
KeyVaultCertificatePolicy policy;
switch (ParameterSetName)
{
case ExpandedParameterSet:
// Validate input parameters
ValidateSubjectName();
ValidateDnsNames();
ValidateKeyUsage();
ValidateEkus();
ValidateRenewAtNumberOfDaysBeforeExpiry();
ValidateRenewAtPercentageLifetime();
// Validate combinations of parameters
ValidateBothPercentageAndNumberOfDaysAreNotPresent();
policy = new KeyVaultCertificatePolicy
{
DnsNames = DnsNames,
KeyUsage = KeyUsage,
Ekus = Ekus,
Enabled = !Disabled.IsPresent,
IssuerName = IssuerName,
CertificateType = CertificateType,
RenewAtNumberOfDaysBeforeExpiry = RenewAtNumberOfDaysBeforeExpiry,
RenewAtPercentageLifetime = RenewAtPercentageLifetime,
EmailAtNumberOfDaysBeforeExpiry = EmailAtNumberOfDaysBeforeExpiry,
EmailAtPercentageLifetime = EmailAtPercentageLifetime,
SecretContentType = SecretContentType,
SubjectName = SubjectName,
ValidityInMonths = ValidityInMonths,
Kty = KeyType,
Exportable = KeyNotExportable.IsPresent ? !KeyNotExportable.IsPresent : (bool?)null
};
if (ReuseKeyOnRenewal.HasValue)
{
policy.ReuseKeyOnRenewal = ReuseKeyOnRenewal.Value;
}
break;
case ByValueParameterSet:
policy = CertificatePolicy;
break;
default:
throw new ArgumentException(PSKeyVaultProperties.Resources.BadParameterSetName);
}
var resultantPolicy = DataServiceClient.UpdateCertificatePolicy(VaultName, Name, policy.ToCertificatePolicy());
if (PassThru.IsPresent)
{
this.WriteObject(KeyVaultCertificatePolicy.FromCertificatePolicy(resultantPolicy));
}
}
}