Skip to content

feat: Add keyvault copy command#32742

Closed
jcassanji-southworks wants to merge 24 commits intoAzure:devfrom
jcassanji-southworks:jcassanji-southworks/feature-keyvault-copy
Closed

feat: Add keyvault copy command#32742
jcassanji-southworks wants to merge 24 commits intoAzure:devfrom
jcassanji-southworks:jcassanji-southworks/feature-keyvault-copy

Conversation

@jcassanji-southworks
Copy link
Contributor

@jcassanji-southworks jcassanji-southworks commented Feb 4, 2026
edited
Loading

Summary

This PR introduces a new command az keyvault secret copy to simplify the process of copying secrets from one Key Vault to another. It supports copying individual secrets or all secrets in bulk, with options to control overwrite behavior.

Description

The new command allows users to:

  • Copy a single secret (value and properties) from a source vault to a destination vault.
  • Copy all secrets from a source vault to a destination vault using the --all flag.
  • Preserve secret metadata during the copy (Content Type, Tags, Enabled Status, Activation/Expiration Dates).
  • Prevent accidental overwrites by default (skips existing secrets).
  • Force overwrites using the --overwrite flag.
  • Filter out managed secrets automatically during bulk copy operations.

Syntax:

# Copy a single secret
az keyvault secret copy --source-vault <SourceKV> --destination-vault <DestKV> --name <SecretName>

# Copy all secrets
az keyvault secret copy --source-vault <SourceKV> --destination-vault <DestKV> --all

# Force copy (overwrite existing)
az keyvault secret copy --source-vault <SourceKV> --destination-vault <DestKV> --name <SecretName> --overwrite

Motivation and Benefits

Currently, users needing to migrate or replicate secrets between Key Vaults (e.g., promoting from Dev to Prod, or replicating for DR) must write complex scripts to:

  1. List secrets from source.
  2. Iterate and download each secret value.
  3. Upload each secret to the destination.
  4. Manually handle metadata transfer (tags, dates).

This new command standardizes and simplifies this common workflow into a single CLI operation.

Key Benefits:

  • Productivity: Reduces multi-step scripting to a single command.
  • Accuracy: Ensures all metadata (tags, content-type) is preserved exactly as it is in the source.
  • Safety: Built-in protection against accidental overwrites and automatic filtering of Azure-managed secrets.

Implementation Details

  • Registered copy command under keyvault secret group in commands.py.
  • Defined arguments in _params.py adhering to CLI standards using get_three_state_flag.
  • Implemented core logic in custom.py using azure-keyvault-secrets track2 SDK.
  • Added comprehensive unit tests in test_keyvault_commands.py covering:
    • Single copy.
    • Bulk copy.
    • Overwrite protection logic.
    • Metadata preservation verification.
  • Added command documentation and examples in _help.py.

Testing

  • Added new unit tests KeyVaultCopyScenarioTest in test_keyvault_commands.py.
  • Verified locally using python -m azure.cli.
  • Tested against live Azure Key Vault resources.

@azure-client-tools-bot-prd
Copy link

azure-client-tools-bot-prd bot commented Feb 4, 2026
edited
Loading

❌AzureCLI-FullTest
️✔️acr
️✔️latest
️✔️3.12
️✔️3.13
️✔️acs
️✔️latest
️✔️3.12
️✔️3.13
️✔️advisor
️✔️latest
️✔️3.12
️✔️3.13
️✔️ams
️✔️latest
️✔️3.12
️✔️3.13
️✔️apim
️✔️latest
️✔️3.12
️✔️3.13
️✔️appconfig
️✔️latest
️✔️3.12
️✔️3.13
️✔️appservice
️✔️latest
️✔️3.12
️✔️3.13
️✔️aro
️✔️latest
️✔️3.12
️✔️3.13
️✔️backup
️✔️latest
️✔️3.12
️✔️3.13
️✔️batch
️✔️latest
️✔️3.12
️✔️3.13
️✔️batchai
️✔️latest
️✔️3.12
️✔️3.13
️✔️billing
️✔️latest
️✔️3.12
️✔️3.13
️✔️botservice
️✔️latest
️✔️3.12
️✔️3.13
️✔️cdn
️✔️latest
️✔️3.12
️✔️3.13
️✔️cloud
️✔️latest
️✔️3.12
️✔️3.13
️✔️cognitiveservices
️✔️latest
️✔️3.12
️✔️3.13
️✔️compute_recommender
️✔️latest
️✔️3.12
️✔️3.13
️✔️computefleet
️✔️latest
️✔️3.12
️✔️3.13
️✔️config
️✔️latest
️✔️3.12
️✔️3.13
️✔️configure
️✔️latest
️✔️3.12
️✔️3.13
️✔️consumption
️✔️latest
️✔️3.12
️✔️3.13
️✔️container
️✔️latest
️✔️3.12
️✔️3.13
️✔️containerapp
️✔️latest
️✔️3.12
️✔️3.13
️✔️core
️✔️latest
️✔️3.12
️✔️3.13
️✔️cosmosdb
️✔️latest
️✔️3.12
️✔️3.13
️✔️databoxedge
️✔️latest
️✔️3.12
️✔️3.13
️✔️dls
️✔️latest
️✔️3.12
️✔️3.13
️✔️dms
️✔️latest
️✔️3.12
️✔️3.13
️✔️eventgrid
️✔️latest
️✔️3.12
️✔️3.13
️✔️eventhubs
️✔️latest
️✔️3.12
️✔️3.13
️✔️feedback
️✔️latest
️✔️3.12
️✔️3.13
️✔️find
️✔️latest
️✔️3.12
️✔️3.13
️✔️hdinsight
️✔️latest
️✔️3.12
️✔️3.13
️✔️identity
️✔️latest
️✔️3.12
️✔️3.13
️✔️iot
️✔️latest
️✔️3.12
️✔️3.13
❌keyvault
❌latest
❌3.12
Type Test Case Error Message Line
Failed test_keyvault_secret_copy self = <azure.cli.testsdk.base.ExecutionResult object at 0x7f1575051970>
cli_ctx = <azure.cli.core.mock.DummyCli object at 0x7f15768e4320>
command = 'group create --location westus --name cli_test_keyvault_copyj6tcierx3ibo6jdgvr76fow5pvujwznl2tjuseoes6vcg2pdn5n2u --tag product=azurecli cause=automation test date=2026-02-05T21:53:30Z test=test_keyvault_secret_copy module=keyvault'
expect_failure = False

    def in_process_execute(self, cli_ctx, command, expect_failure=False):
        from io import StringIO
        from vcr.errors import CannotOverwriteExistingCassetteException
    
        if command.startswith('az '):
            command = command[3:]
    
        stdout_buf = StringIO()
        logging_buf = StringIO()
        try:
            # issue: stderr cannot be redirect in this form, as a result some failure information
            # is lost when command fails.
>           self.exit_code = cli_ctx.invoke(shlex.split(command), out_file=stdout_buf) or 0
                             ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

src/azure-cli-testsdk/azure/cli/testsdk/base.py:303: 
                                        
env/lib/python3.12/site-packages/knack/cli.py:245: in invoke
    exit_code = self.exception_handler(ex)
                ^^^^^^^^^^^^^^^^^^^^^^^^^^
src/azure-cli-core/azure/cli/core/init.py:135: in exception_handler
    return handle_exception(ex)
           ^^^^^^^^^^^^^^^^^^^^
                                        

ex = CLIError("Please run 'az login' to setup account."), args = (), kwargs = {}

    def handle_main_exception(ex, *args, **kwargs):  # pylint: disable=unused-argument
        if isinstance(ex, CannotOverwriteExistingCassetteException):
            # This exception usually caused by a no match HTTP request. This is a product error
            # that is caused by change of SDK invocation.
            raise ex
    
>       raise CliExecutionError(ex)
E       azure.cli.testsdk.exceptions.CliExecutionError: The CLI throws exception CLIError during execution and fails the command.

src/azure-cli-testsdk/azure/cli/testsdk/patches.py:35: CliExecutionError

During handling of the above exception, another exception occurred:
src/azure-cli-testsdk/azure/cli/testsdk/scenario_tests/preparers.py:39: in preparer_wrapper
    parameter_update = self.create_resource(
src/azure-cli-testsdk/azure/cli/testsdk/preparers.py:99: in create_resource
    self.live_only_execute(self.cli_ctx, template.format(self.location, name))
src/azure-cli-testsdk/azure/cli/testsdk/preparers.py:39: in live_only_execute
    return self.raw_execute(cli_ctx, command, expect_failure)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
src/azure-cli-testsdk/azure/cli/testsdk/base.py:252: in init
    self.in_process_execute(cli_ctx, command, expect_failure=expect_failure)
src/azure-cli-testsdk/azure/cli/testsdk/base.py:315: in in_process_execute
    raise ex.exception
env/lib/python3.12/site-packages/knack/cli.py:233: in invoke
    cmd_result = self.invocation.execute(args)
                 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
src/azure-cli-core/azure/cli/core/commands/init.py:669: in execute
    raise ex
src/azure-cli-core/azure/cli/core/commands/init.py:737: in run_jobs_serially
    results.append(self.run_job(expanded_arg, cmd_copy))
                   ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
src/azure-cli-core/azure/cli/core/commands/init.py:706: in run_job
    result = cmd_copy(params)
             ^^^^^^^^^^^^^^^^
src/azure-cli-core/azure/cli/core/commands/init.py:336: in call
    return self.handler(*args, **kwargs)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
src/azure-cli-core/azure/cli/core/commands/command_operation.py:120: in handler
    return op(**command_args)
           ^^^^^^^^^^^^^^^^^^
src/azure-cli/azure/cli/command_modules/resource/custom.py:1619: in create_resource_group
    rcf = resource_client_factory(cmd.cli_ctx)
          ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
src/azure-cli/azure/cli/command_modules/resource/client_factory.py:10: in resource_client_factory
    return get_mgmt_service_client(cli_ctx, ResourceType.MGMT_RESOURCE_RESOURCES)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
src/azure-cli-core/azure/cli/core/commands/client_factory.py:83: in get_mgmt_service_client
    client,  = get_mgmt_service_client(cli_ctx, client_type, subscription_id=subscription_id,
src/azure-cli-core/azure/cli/core/commands/client_factory.py:234: in get_mgmt_service_client
    credential, subscription_id,  = profile.get_login_credentials(
src/azure-cli-core/azure/cli/core/profile.py:308: in get_login_credentials
    account = self.get_subscription(subscription_id)
              ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
                                       _ 

self = <azure.cli.core._profile.Profile object at 0x7f15746b41d0>
subscription = None

    def get_subscription(self, subscription=None):  # take id or name
        subscriptions = self.load_cached_subscriptions()
        if not subscriptions:
>           raise CLIError(_AZ_LOGIN_MESSAGE)
E           knack.util.CLIError: Please run 'az login' to setup account.

src/azure-cli-core/azure/cli/core/_profile.py:558: CLIError		 azure/cli/command_modules/keyvault/tests/latest/test_keyvault_commands.py:2784
❌3.13
Type Test Case Error Message Line
Failed test_keyvault_secret_copy self = <azure.cli.testsdk.base.ExecutionResult object at 0x7f34217b8c20>
cli_ctx = <azure.cli.core.mock.DummyCli object at 0x7f3423292fd0>
command = 'group create --location westus --name cli_test_keyvault_copyizdvrzuf4dvite4pvpjy2ehjnguogn24wibdzxnhxkwx7wrktygsg --tag product=azurecli cause=automation test date=2026-02-05T21:53:09Z test=test_keyvault_secret_copy module=keyvault'
expect_failure = False

    def in_process_execute(self, cli_ctx, command, expect_failure=False):
        from io import StringIO
        from vcr.errors import CannotOverwriteExistingCassetteException
    
        if command.startswith('az '):
            command = command[3:]
    
        stdout_buf = StringIO()
        logging_buf = StringIO()
        try:
            # issue: stderr cannot be redirect in this form, as a result some failure information
            # is lost when command fails.
>           self.exit_code = cli_ctx.invoke(shlex.split(command), out_file=stdout_buf) or 0
                             ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

src/azure-cli-testsdk/azure/cli/testsdk/base.py:303: 
                                        
env/lib/python3.13/site-packages/knack/cli.py:245: in invoke
    exit_code = self.exception_handler(ex)
                ^^^^^^^^^^^^^^^^^^^^^^^^^^
src/azure-cli-core/azure/cli/core/init.py:135: in exception_handler
    return handle_exception(ex)
           ^^^^^^^^^^^^^^^^^^^^
                                        

ex = CLIError("Please run 'az login' to setup account."), args = (), kwargs = {}

    def handle_main_exception(ex, *args, **kwargs):  # pylint: disable=unused-argument
        if isinstance(ex, CannotOverwriteExistingCassetteException):
            # This exception usually caused by a no match HTTP request. This is a product error
            # that is caused by change of SDK invocation.
            raise ex
    
>       raise CliExecutionError(ex)
E       azure.cli.testsdk.exceptions.CliExecutionError: The CLI throws exception CLIError during execution and fails the command.

src/azure-cli-testsdk/azure/cli/testsdk/patches.py:35: CliExecutionError

During handling of the above exception, another exception occurred:
src/azure-cli-testsdk/azure/cli/testsdk/scenario_tests/preparers.py:39: in preparer_wrapper
    parameter_update = self.create_resource(
src/azure-cli-testsdk/azure/cli/testsdk/preparers.py:99: in create_resource
    self.live_only_execute(self.cli_ctx, template.format(self.location, name))
src/azure-cli-testsdk/azure/cli/testsdk/preparers.py:39: in live_only_execute
    return self.raw_execute(cli_ctx, command, expect_failure)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
src/azure-cli-testsdk/azure/cli/testsdk/base.py:252: in init
    self.in_process_execute(cli_ctx, command, expect_failure=expect_failure)
src/azure-cli-testsdk/azure/cli/testsdk/base.py:315: in in_process_execute
    raise ex.exception
env/lib/python3.13/site-packages/knack/cli.py:233: in invoke
    cmd_result = self.invocation.execute(args)
                 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
src/azure-cli-core/azure/cli/core/commands/init.py:669: in execute
    raise ex
src/azure-cli-core/azure/cli/core/commands/init.py:737: in run_jobs_serially
    results.append(self.run_job(expanded_arg, cmd_copy))
                   ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
src/azure-cli-core/azure/cli/core/commands/init.py:706: in run_job
    result = cmd_copy(params)
             ^^^^^^^^^^^^^^^^
src/azure-cli-core/azure/cli/core/commands/init.py:336: in call
    return self.handler(*args, **kwargs)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
src/azure-cli-core/azure/cli/core/commands/command_operation.py:120: in handler
    return op(**command_args)
           ^^^^^^^^^^^^^^^^^^
src/azure-cli/azure/cli/command_modules/resource/custom.py:1619: in create_resource_group
    rcf = resource_client_factory(cmd.cli_ctx)
          ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
src/azure-cli/azure/cli/command_modules/resource/client_factory.py:10: in resource_client_factory
    return get_mgmt_service_client(cli_ctx, ResourceType.MGMT_RESOURCE_RESOURCES)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
src/azure-cli-core/azure/cli/core/commands/client_factory.py:83: in get_mgmt_service_client
    client,  = get_mgmt_service_client(cli_ctx, client_type, subscription_id=subscription_id,
src/azure-cli-core/azure/cli/core/commands/client_factory.py:234: in get_mgmt_service_client
    credential, subscription_id,  = profile.get_login_credentials(
src/azure-cli-core/azure/cli/core/profile.py:308: in get_login_credentials
    account = self.get_subscription(subscription_id)
              ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
                                       _ 

self = <azure.cli.core._profile.Profile object at 0x7f342969acf0>
subscription = None

    def get_subscription(self, subscription=None):  # take id or name
        subscriptions = self.load_cached_subscriptions()
        if not subscriptions:
>           raise CLIError(_AZ_LOGIN_MESSAGE)
E           knack.util.CLIError: Please run 'az login' to setup account.

src/azure-cli-core/azure/cli/core/_profile.py:558: CLIError		 azure/cli/command_modules/keyvault/tests/latest/test_keyvault_commands.py:2784
️✔️lab
️✔️latest
️✔️3.12
️✔️3.13
️✔️managedservices
️✔️latest
️✔️3.12
️✔️3.13
️✔️maps
️✔️latest
️✔️3.12
️✔️3.13
️✔️marketplaceordering
️✔️latest
️✔️3.12
️✔️3.13
️✔️monitor
️✔️latest
️✔️3.12
️✔️3.13
️✔️mysql
️✔️latest
️✔️3.12
️✔️3.13
️✔️netappfiles
️✔️latest
️✔️3.12
️✔️3.13
️✔️network
️✔️latest
️✔️3.12
️✔️3.13
️✔️policyinsights
️✔️latest
️✔️3.12
️✔️3.13
️✔️postgresql
️✔️latest
️✔️3.12
️✔️3.13
️✔️privatedns
️✔️latest
️✔️3.12
️✔️3.13
️✔️profile
️✔️latest
️✔️3.12
️✔️3.13
️✔️rdbms
️✔️latest
️✔️3.12
️✔️3.13
️✔️redis
️✔️latest
️✔️3.12
️✔️3.13
️✔️relay
️✔️latest
️✔️3.12
️✔️3.13
️✔️resource
️✔️latest
️✔️3.12
️✔️3.13
️✔️role
️✔️latest
️✔️3.12
️✔️3.13
️✔️search
️✔️latest
️✔️3.12
️✔️3.13
️✔️security
️✔️latest
️✔️3.12
️✔️3.13
️✔️servicebus
️✔️latest
️✔️3.12
️✔️3.13
️✔️serviceconnector
️✔️latest
️✔️3.12
️✔️3.13
️✔️servicefabric
️✔️latest
️✔️3.12
️✔️3.13
️✔️signalr
️✔️latest
️✔️3.12
️✔️3.13
️✔️sql
️✔️latest
️✔️3.12
️✔️3.13
️✔️sqlvm
️✔️latest
️✔️3.12
️✔️3.13
️✔️storage
️✔️latest
️✔️3.12
️✔️3.13
️✔️synapse
️✔️latest
️✔️3.12
️✔️3.13
️✔️telemetry
️✔️latest
️✔️3.12
️✔️3.13
️✔️util
️✔️latest
️✔️3.12
️✔️3.13
️✔️vm
️✔️latest
️✔️3.12
️✔️3.13

@azure-client-tools-bot-prd
Copy link

azure-client-tools-bot-prd bot commented Feb 4, 2026
edited
Loading

⚠️AzureCLI-BreakingChangeTest
⚠️keyvault
rule cmd_name rule_message suggest_message
⚠️ 1001 - CmdAdd keyvault secret copy cmd keyvault secret copy added

@yonzhan
Copy link
Collaborator

yonzhan commented Feb 4, 2026

Thank you for your contribution! We will review the pull request and get back to you soon.

@github-actions
Copy link

github-actions bot commented Feb 4, 2026

The git hooks are available for azure-cli and azure-cli-extensions repos. They could help you run required checks before creating the PR.

Please sync the latest code with latest dev branch (for azure-cli) or main branch (for azure-cli-extensions).
After that please run the following commands to enable git hooks:

pip install azdev --upgrade
azdev setup -c <your azure-cli repo path> -r <your azure-cli-extensions repo path>

@microsoft-github-policy-service microsoft-github-policy-service bot added the customer-reported Issues that are reported by GitHub users external to the Azure organization. label Feb 4, 2026
@microsoft-github-policy-service
Copy link
Contributor

microsoft-github-policy-service bot commented Feb 4, 2026

Thank you for your contribution @jcassanji-southworks! We will review the pull request and get back to you soon.

@microsoft-github-policy-service microsoft-github-policy-service bot added the Auto-Assign Auto assign by bot label Feb 4, 2026
@jcassanji-southworks jcassanji-southworks marked this pull request as ready for review February 4, 2026 23:48
Copilot AI review requested due to automatic review settings February 4, 2026 23:48
Copilot AI reviewed Feb 4, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR introduces a new az keyvault secret copy command to simplify copying secrets between Azure Key Vaults. The implementation adds functionality to copy individual secrets or all secrets in bulk, with support for metadata preservation and overwrite control.

Changes:

  • Added copy_secret function in custom.py with core logic for copying secrets between vaults
  • Registered the copy command under the keyvault secret group in commands.py
  • Defined command parameters (source-vault, destination-vault, name, all, overwrite) in _params.py
  • Added comprehensive help documentation with usage examples in _help.py
  • Created integration test suite KeyVaultCopyScenarioTest in test_keyvault_commands.py

Reviewed changes

Copilot reviewed 5 out of 5 changed files in this pull request and generated 11 comments.

Show a summary per file
File Description
src/azure-cli/azure/cli/command_modules/keyvault/custom.py Implements the core copy_secret function with secret retrieval, metadata preservation, and bulk/single copy logic
src/azure-cli/azure/cli/command_modules/keyvault/commands.py Registers the new copy command under the keyvault secret command group
src/azure-cli/azure/cli/command_modules/keyvault/_params.py Defines CLI arguments for source-vault, destination-vault, name, all, and overwrite parameters
src/azure-cli/azure/cli/command_modules/keyvault/_help.py Provides command documentation including short/long summaries and usage examples
src/azure-cli/azure/cli/command_modules/keyvault/tests/latest/test_keyvault_commands.py Adds integration tests covering single copy, bulk copy, overwrite protection, and metadata preservation

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@yonzhan yonzhan assigned notyashhh and unassigned evelyn-ys Feb 5, 2026
@yonzhan yonzhan removed the request for review from evelyn-ys February 5, 2026 00:21
Copilot AI reviewed Feb 5, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 5 out of 5 changed files in this pull request and generated 10 comments.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@jcassanji-southworks
Update src/azure-cli/azure/cli/command_modules/keyvault/tests/latest/…
ad02119 
…test_keyvault_commands.py

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
jcassanji-southworks and others added 6 commits February 4, 2026 23:06
@jcassanji-southworks
Update src/azure-cli/azure/cli/command_modules/keyvault/custom.py
0b8e4cc 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
@jcassanji-southworks
Update src/azure-cli/azure/cli/command_modules/keyvault/custom.py
e90b9bd 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
@jcassanji-southworks
Update src/azure-cli/azure/cli/command_modules/keyvault/tests/latest/…
e9722b8 
…test_keyvault_commands.py

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
@jcassanji-southworks
Update src/azure-cli/azure/cli/command_modules/keyvault/_params.py
90c664f 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
@jcassanji-southworks
Apply PR feedback
a140d6c
@jcassanji-southworks
Merge branch 'jcassanji-southworks/feature-keyvault-copy' of https://…
c44cf06 
…github.com/jcassanji-southworks/azure-cli into jcassanji-southworks/feature-keyvault-copy
Copilot AI reviewed Feb 5, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 5 out of 5 changed files in this pull request and generated 7 comments.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

jcassanji-southworks and others added 13 commits February 4, 2026 23:23
@jcassanji-southworks
Update src/azure-cli/azure/cli/command_modules/keyvault/_params.py
de2f265 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
@jcassanji-southworks
Update src/azure-cli/azure/cli/command_modules/keyvault/custom.py
4fc1c56 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
@jcassanji-southworks
Update src/azure-cli/azure/cli/command_modules/keyvault/custom.py
429bfcc 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
@jcassanji-southworks
Update src/azure-cli/azure/cli/command_modules/keyvault/custom.py
9b3b669 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
@jcassanji-southworks
Enhance keyvault secret copy command: update overwrite flag to store_…
69e3d2c 
…true and add test for default behavior
@jcassanji-southworks
Merge branch 'jcassanji-southworks/feature-keyvault-copy' of https://…
f241f0a 
…github.com/jcassanji-southworks/azure-cli into jcassanji-southworks/feature-keyvault-copy
@jcassanji-southworks
Fix copy_secret function: remove http_logging_policy from client kwar…
8b11ea1 
…gs and update dummy secret validation call
@jcassanji-southworks
Implement secret copying functionality: add _copy_single_secret funct…
3376e7d 
…ion and refactor copy_secret to utilize it
@jcassanji-southworks
Add unit tests for keyvault secret copying functionality
56bf92a
@jcassanji-southworks
Merge remote-tracking branch 'upstream/dev' into jcassanji-southworks…
41ad995 
…/feature-keyvault-copy
@jcassanji-southworks
Update KeyVault preparation to disable RBAC authorization for copy tests
e3e8f0e
@jcassanji-southworks
Add User-Agent filter to prevent recording mismatch in KeyVault copy …
398c73a 
…tests
@jcassanji-southworks
Fix unused import in keyvault custom.py
2a79899
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@yonzhan yonzhan Awaiting requested review from yonzhan

@notyashhh notyashhh Awaiting requested review from notyashhh notyashhh is a code owner

@jiasli jiasli Awaiting requested review from jiasli jiasli is a code owner

@calvinhzy calvinhzy Awaiting requested review from calvinhzy calvinhzy is a code owner

Assignees

@notyashhh notyashhh

Labels

Auto-Assign Auto assign by bot customer-reported Issues that are reported by GitHub users external to the Azure organization. KeyVault az keyvault

Projects

None yet

Milestone

March 2026 (2026-03-03)

Development

Successfully merging this pull request may close these issues.

4 participants

@jcassanji-southworks @yonzhan @evelyn-ys @notyashhh