From 06d3fd4ed6222a347fba30a9f155c1f30bf330d4 Mon Sep 17 00:00:00 2001
From: SDKAuto <sdkautomation@microsoft.com>
Date: Mon, 24 Feb 2025 19:47:59 +0000
Subject: [PATCH] CodeGen from PR 32784 in Azure/azure-rest-api-specs Merge
 746d9a67f9aaae1fd3613f7070cc9c97e95ec726 into
 26fd65cccb68f47484c4403b69cc5c4b6bc28ce0

---
 ...KeyVaultAdministrationFullBackupHeaders.cs |   24 -
 ...ministrationFullRestoreOperationHeaders.cs |   24 -
 ...tionSelectiveKeyRestoreOperationHeaders.cs |   24 -
 .../src/Generated/BackupRestoreRestClient.cs  |  417 -----
 .../MultipartFormDataRequestContent.cs        |  203 ---
 .../Internal/RequestContentHelper.cs          |  136 --
 .../KeyVaultAdministrationModelFactory.cs     |   77 +-
 .../src/Generated/KeyVaultClient.cs           | 1409 +++++++++++++++++
 .../src/Generated/KeyVaultClientOptions.cs    |   40 +
 ...FullBackupDetailsInternal.Serialization.cs |   12 +-
 .../Models/FullBackupDetailsInternal.cs       |    6 +-
 ...FullBackupOperationError.Serialization.cs} |   14 +-
 ...ceError.cs => FullBackupOperationError.cs} |   14 +-
 .../Models/KeyVaultError.Serialization.cs     |   45 -
 .../src/Generated/Models/KeyVaultError.cs     |   28 -
 .../Models/KeyVaultRoleDefinitionType.cs      |    2 +-
 .../src/Generated/Models/KeyVaultSetting.cs   |    2 +-
 .../Generated/Models/KeyVaultSettingType.cs   |    2 +-
 .../src/Generated/Models/OperationStatus.cs   |   57 +
 ...BackupOperationParameters.Serialization.cs |   44 +
 .../Models/PreBackupOperationParameters.cs    |   36 +
 ...estoreOperationParameters.Serialization.cs |   39 +
 .../Models/PreRestoreOperationParameters.cs   |   32 +
 .../RestoreDetailsInternal.Serialization.cs   |   12 +-
 .../Models/RestoreDetailsInternal.cs          |    6 +-
 .../Models/RestoreOperationParameters.cs      |    6 +-
 .../Generated/Models/RoleAssignmentFilter.cs  |   28 -
 .../Generated/Models/RoleDefinitionFilter.cs  |   28 -
 .../RoleDefinitionProperties.Serialization.cs |   73 +
 .../src/Generated/Models/SASTokenParameter.cs |    2 +-
 ...KeyRestoreDetailsInternal.Serialization.cs |   12 +-
 .../SelectiveKeyRestoreDetailsInternal.cs     |    6 +-
 .../SelectiveKeyRestoreOperationParameters.cs |    6 +-
 .../Models/Versions.Serialization.cs          |   28 +
 .../src/Generated/Models/Versions.cs          |   18 +
 .../src/Generated/RoleAssignments.cs          |  598 +++++++
 .../Generated/RoleAssignmentsRestClient.cs    |  492 ------
 .../src/Generated/RoleDefinitions.cs          |  598 +++++++
 .../Generated/RoleDefinitionsRestClient.cs    |  492 ------
 ...ltAdministrationClientBuilderExtensions.cs |   35 +
 .../src/Generated/SettingsRestClient.cs       |  285 ----
 .../src/autorest.md                           |   90 --
 .../tsp-location.yaml                         |    8 +
 43 files changed, 3111 insertions(+), 2399 deletions(-)
 delete mode 100644 sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/AzureSecurityKeyVaultAdministrationFullBackupHeaders.cs
 delete mode 100644 sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/AzureSecurityKeyVaultAdministrationFullRestoreOperationHeaders.cs
 delete mode 100644 sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/AzureSecurityKeyVaultAdministrationSelectiveKeyRestoreOperationHeaders.cs
 delete mode 100644 sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/BackupRestoreRestClient.cs
 delete mode 100644 sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Internal/MultipartFormDataRequestContent.cs
 delete mode 100644 sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Internal/RequestContentHelper.cs
 create mode 100644 sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/KeyVaultClient.cs
 create mode 100644 sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/KeyVaultClientOptions.cs
 rename sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/{KeyVaultServiceError.Serialization.cs => FullBackupOperationError.Serialization.cs} (73%)
 rename sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/{KeyVaultServiceError.cs => FullBackupOperationError.cs} (59%)
 delete mode 100644 sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/KeyVaultError.Serialization.cs
 delete mode 100644 sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/KeyVaultError.cs
 create mode 100644 sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/OperationStatus.cs
 create mode 100644 sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/PreBackupOperationParameters.Serialization.cs
 create mode 100644 sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/PreBackupOperationParameters.cs
 create mode 100644 sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/PreRestoreOperationParameters.Serialization.cs
 create mode 100644 sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/PreRestoreOperationParameters.cs
 delete mode 100644 sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/RoleAssignmentFilter.cs
 delete mode 100644 sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/RoleDefinitionFilter.cs
 create mode 100644 sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/Versions.Serialization.cs
 create mode 100644 sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/Versions.cs
 create mode 100644 sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/RoleAssignments.cs
 delete mode 100644 sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/RoleAssignmentsRestClient.cs
 create mode 100644 sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/RoleDefinitions.cs
 delete mode 100644 sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/RoleDefinitionsRestClient.cs
 create mode 100644 sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/SecurityKeyVaultAdministrationClientBuilderExtensions.cs
 delete mode 100644 sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/SettingsRestClient.cs
 delete mode 100644 sdk/keyvault/Azure.Security.KeyVault.Administration/src/autorest.md
 create mode 100644 sdk/keyvault/Azure.Security.KeyVault.Administration/tsp-location.yaml

diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/AzureSecurityKeyVaultAdministrationFullBackupHeaders.cs b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/AzureSecurityKeyVaultAdministrationFullBackupHeaders.cs
deleted file mode 100644
index 541632c0807f..000000000000
--- a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/AzureSecurityKeyVaultAdministrationFullBackupHeaders.cs
+++ /dev/null
@@ -1,24 +0,0 @@
-// Copyright (c) Microsoft Corporation. All rights reserved.
-// Licensed under the MIT License.
-
-// <auto-generated/>
-
-#nullable disable
-
-using Azure.Core;
-
-namespace Azure.Security.KeyVault.Administration
-{
-    internal partial class AzureSecurityKeyVaultAdministrationFullBackupHeaders
-    {
-        private readonly Response _response;
-        public AzureSecurityKeyVaultAdministrationFullBackupHeaders(Response response)
-        {
-            _response = response;
-        }
-        /// <summary> The recommended number of seconds to wait before calling the URI specified in Azure-AsyncOperation. </summary>
-        public int? RetryAfter => _response.Headers.TryGetValue("Retry-After", out int? value) ? value : null;
-        /// <summary> The URI to poll for completion status. </summary>
-        public string AzureAsyncOperation => _response.Headers.TryGetValue("Azure-AsyncOperation", out string value) ? value : null;
-    }
-}
diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/AzureSecurityKeyVaultAdministrationFullRestoreOperationHeaders.cs b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/AzureSecurityKeyVaultAdministrationFullRestoreOperationHeaders.cs
deleted file mode 100644
index ed710c7534ec..000000000000
--- a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/AzureSecurityKeyVaultAdministrationFullRestoreOperationHeaders.cs
+++ /dev/null
@@ -1,24 +0,0 @@
-// Copyright (c) Microsoft Corporation. All rights reserved.
-// Licensed under the MIT License.
-
-// <auto-generated/>
-
-#nullable disable
-
-using Azure.Core;
-
-namespace Azure.Security.KeyVault.Administration
-{
-    internal partial class AzureSecurityKeyVaultAdministrationFullRestoreOperationHeaders
-    {
-        private readonly Response _response;
-        public AzureSecurityKeyVaultAdministrationFullRestoreOperationHeaders(Response response)
-        {
-            _response = response;
-        }
-        /// <summary> The recommended number of seconds to wait before calling the URI specified in Azure-AsyncOperation. </summary>
-        public int? RetryAfter => _response.Headers.TryGetValue("Retry-After", out int? value) ? value : null;
-        /// <summary> The URI to poll for completion status. </summary>
-        public string AzureAsyncOperation => _response.Headers.TryGetValue("Azure-AsyncOperation", out string value) ? value : null;
-    }
-}
diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/AzureSecurityKeyVaultAdministrationSelectiveKeyRestoreOperationHeaders.cs b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/AzureSecurityKeyVaultAdministrationSelectiveKeyRestoreOperationHeaders.cs
deleted file mode 100644
index 80dfb65bef95..000000000000
--- a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/AzureSecurityKeyVaultAdministrationSelectiveKeyRestoreOperationHeaders.cs
+++ /dev/null
@@ -1,24 +0,0 @@
-// Copyright (c) Microsoft Corporation. All rights reserved.
-// Licensed under the MIT License.
-
-// <auto-generated/>
-
-#nullable disable
-
-using Azure.Core;
-
-namespace Azure.Security.KeyVault.Administration
-{
-    internal partial class AzureSecurityKeyVaultAdministrationSelectiveKeyRestoreOperationHeaders
-    {
-        private readonly Response _response;
-        public AzureSecurityKeyVaultAdministrationSelectiveKeyRestoreOperationHeaders(Response response)
-        {
-            _response = response;
-        }
-        /// <summary> The recommended number of seconds to wait before calling the URI specified in Azure-AsyncOperation. </summary>
-        public int? RetryAfter => _response.Headers.TryGetValue("Retry-After", out int? value) ? value : null;
-        /// <summary> The URI to poll for completion status. </summary>
-        public string AzureAsyncOperation => _response.Headers.TryGetValue("Azure-AsyncOperation", out string value) ? value : null;
-    }
-}
diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/BackupRestoreRestClient.cs b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/BackupRestoreRestClient.cs
deleted file mode 100644
index b30181ba2e98..000000000000
--- a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/BackupRestoreRestClient.cs
+++ /dev/null
@@ -1,417 +0,0 @@
-// Copyright (c) Microsoft Corporation. All rights reserved.
-// Licensed under the MIT License.
-
-// <auto-generated/>
-
-#nullable disable
-
-using System;
-using System.Text.Json;
-using System.Threading;
-using System.Threading.Tasks;
-using Azure.Core;
-using Azure.Core.Pipeline;
-using Azure.Security.KeyVault.Administration.Models;
-
-namespace Azure.Security.KeyVault.Administration
-{
-    internal partial class BackupRestoreRestClient
-    {
-        private readonly HttpPipeline _pipeline;
-        private readonly string _apiVersion;
-
-        /// <summary> The ClientDiagnostics is used to provide tracing support for the client library. </summary>
-        internal ClientDiagnostics ClientDiagnostics { get; }
-
-        /// <summary> Initializes a new instance of BackupRestoreRestClient. </summary>
-        /// <param name="clientDiagnostics"> The handler for diagnostic messaging in the client. </param>
-        /// <param name="pipeline"> The HTTP pipeline for sending and receiving REST requests and responses. </param>
-        /// <param name="apiVersion"> Api Version. </param>
-        /// <exception cref="ArgumentNullException"> <paramref name="clientDiagnostics"/>, <paramref name="pipeline"/> or <paramref name="apiVersion"/> is null. </exception>
-        public BackupRestoreRestClient(ClientDiagnostics clientDiagnostics, HttpPipeline pipeline, string apiVersion = "7.5")
-        {
-            ClientDiagnostics = clientDiagnostics ?? throw new ArgumentNullException(nameof(clientDiagnostics));
-            _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline));
-            _apiVersion = apiVersion ?? throw new ArgumentNullException(nameof(apiVersion));
-        }
-
-        internal HttpMessage CreateFullBackupRequest(string vaultBaseUrl, SASTokenParameter azureStorageBlobContainerUri)
-        {
-            var message = _pipeline.CreateMessage();
-            var request = message.Request;
-            request.Method = RequestMethod.Post;
-            var uri = new RawRequestUriBuilder();
-            uri.AppendRaw(vaultBaseUrl, false);
-            uri.AppendPath("/backup", false);
-            uri.AppendQuery("api-version", _apiVersion, true);
-            request.Uri = uri;
-            request.Headers.Add("Accept", "application/json");
-            if (azureStorageBlobContainerUri != null)
-            {
-                request.Headers.Add("Content-Type", "application/json");
-                var content = new Utf8JsonRequestContent();
-                content.JsonWriter.WriteObjectValue(azureStorageBlobContainerUri);
-                request.Content = content;
-            }
-            return message;
-        }
-
-        /// <summary> Creates a full backup using a user-provided SAS token to an Azure blob storage container. </summary>
-        /// <param name="vaultBaseUrl"> The vault name, for example https://myvault.vault.azure.net. </param>
-        /// <param name="azureStorageBlobContainerUri"> Azure blob shared access signature token pointing to a valid Azure blob container where full backup needs to be stored. This token needs to be valid for at least next 24 hours from the time of making this call. </param>
-        /// <param name="cancellationToken"> The cancellation token to use. </param>
-        /// <exception cref="ArgumentNullException"> <paramref name="vaultBaseUrl"/> is null. </exception>
-        public async Task<ResponseWithHeaders<AzureSecurityKeyVaultAdministrationFullBackupHeaders>> FullBackupAsync(string vaultBaseUrl, SASTokenParameter azureStorageBlobContainerUri = null, CancellationToken cancellationToken = default)
-        {
-            if (vaultBaseUrl == null)
-            {
-                throw new ArgumentNullException(nameof(vaultBaseUrl));
-            }
-
-            using var message = CreateFullBackupRequest(vaultBaseUrl, azureStorageBlobContainerUri);
-            await _pipeline.SendAsync(message, cancellationToken).ConfigureAwait(false);
-            var headers = new AzureSecurityKeyVaultAdministrationFullBackupHeaders(message.Response);
-            switch (message.Response.Status)
-            {
-                case 202:
-                    return ResponseWithHeaders.FromValue(headers, message.Response);
-                default:
-                    throw new RequestFailedException(message.Response);
-            }
-        }
-
-        /// <summary> Creates a full backup using a user-provided SAS token to an Azure blob storage container. </summary>
-        /// <param name="vaultBaseUrl"> The vault name, for example https://myvault.vault.azure.net. </param>
-        /// <param name="azureStorageBlobContainerUri"> Azure blob shared access signature token pointing to a valid Azure blob container where full backup needs to be stored. This token needs to be valid for at least next 24 hours from the time of making this call. </param>
-        /// <param name="cancellationToken"> The cancellation token to use. </param>
-        /// <exception cref="ArgumentNullException"> <paramref name="vaultBaseUrl"/> is null. </exception>
-        public ResponseWithHeaders<AzureSecurityKeyVaultAdministrationFullBackupHeaders> FullBackup(string vaultBaseUrl, SASTokenParameter azureStorageBlobContainerUri = null, CancellationToken cancellationToken = default)
-        {
-            if (vaultBaseUrl == null)
-            {
-                throw new ArgumentNullException(nameof(vaultBaseUrl));
-            }
-
-            using var message = CreateFullBackupRequest(vaultBaseUrl, azureStorageBlobContainerUri);
-            _pipeline.Send(message, cancellationToken);
-            var headers = new AzureSecurityKeyVaultAdministrationFullBackupHeaders(message.Response);
-            switch (message.Response.Status)
-            {
-                case 202:
-                    return ResponseWithHeaders.FromValue(headers, message.Response);
-                default:
-                    throw new RequestFailedException(message.Response);
-            }
-        }
-
-        internal HttpMessage CreateFullBackupStatusRequest(string vaultBaseUrl, string jobId)
-        {
-            var message = _pipeline.CreateMessage();
-            var request = message.Request;
-            request.Method = RequestMethod.Get;
-            var uri = new RawRequestUriBuilder();
-            uri.AppendRaw(vaultBaseUrl, false);
-            uri.AppendPath("/backup/", false);
-            uri.AppendPath(jobId, true);
-            uri.AppendPath("/pending", false);
-            uri.AppendQuery("api-version", _apiVersion, true);
-            request.Uri = uri;
-            request.Headers.Add("Accept", "application/json");
-            return message;
-        }
-
-        /// <summary> Returns the status of full backup operation. </summary>
-        /// <param name="vaultBaseUrl"> The vault name, for example https://myvault.vault.azure.net. </param>
-        /// <param name="jobId"> The id returned as part of the backup request. </param>
-        /// <param name="cancellationToken"> The cancellation token to use. </param>
-        /// <exception cref="ArgumentNullException"> <paramref name="vaultBaseUrl"/> or <paramref name="jobId"/> is null. </exception>
-        public async Task<Response<FullBackupDetailsInternal>> FullBackupStatusAsync(string vaultBaseUrl, string jobId, CancellationToken cancellationToken = default)
-        {
-            if (vaultBaseUrl == null)
-            {
-                throw new ArgumentNullException(nameof(vaultBaseUrl));
-            }
-            if (jobId == null)
-            {
-                throw new ArgumentNullException(nameof(jobId));
-            }
-
-            using var message = CreateFullBackupStatusRequest(vaultBaseUrl, jobId);
-            await _pipeline.SendAsync(message, cancellationToken).ConfigureAwait(false);
-            switch (message.Response.Status)
-            {
-                case 200:
-                    {
-                        FullBackupDetailsInternal value = default;
-                        using var document = await JsonDocument.ParseAsync(message.Response.ContentStream, default, cancellationToken).ConfigureAwait(false);
-                        value = FullBackupDetailsInternal.DeserializeFullBackupDetailsInternal(document.RootElement);
-                        return Response.FromValue(value, message.Response);
-                    }
-                default:
-                    throw new RequestFailedException(message.Response);
-            }
-        }
-
-        /// <summary> Returns the status of full backup operation. </summary>
-        /// <param name="vaultBaseUrl"> The vault name, for example https://myvault.vault.azure.net. </param>
-        /// <param name="jobId"> The id returned as part of the backup request. </param>
-        /// <param name="cancellationToken"> The cancellation token to use. </param>
-        /// <exception cref="ArgumentNullException"> <paramref name="vaultBaseUrl"/> or <paramref name="jobId"/> is null. </exception>
-        public Response<FullBackupDetailsInternal> FullBackupStatus(string vaultBaseUrl, string jobId, CancellationToken cancellationToken = default)
-        {
-            if (vaultBaseUrl == null)
-            {
-                throw new ArgumentNullException(nameof(vaultBaseUrl));
-            }
-            if (jobId == null)
-            {
-                throw new ArgumentNullException(nameof(jobId));
-            }
-
-            using var message = CreateFullBackupStatusRequest(vaultBaseUrl, jobId);
-            _pipeline.Send(message, cancellationToken);
-            switch (message.Response.Status)
-            {
-                case 200:
-                    {
-                        FullBackupDetailsInternal value = default;
-                        using var document = JsonDocument.Parse(message.Response.ContentStream);
-                        value = FullBackupDetailsInternal.DeserializeFullBackupDetailsInternal(document.RootElement);
-                        return Response.FromValue(value, message.Response);
-                    }
-                default:
-                    throw new RequestFailedException(message.Response);
-            }
-        }
-
-        internal HttpMessage CreateFullRestoreOperationRequest(string vaultBaseUrl, RestoreOperationParameters restoreBlobDetails)
-        {
-            var message = _pipeline.CreateMessage();
-            var request = message.Request;
-            request.Method = RequestMethod.Put;
-            var uri = new RawRequestUriBuilder();
-            uri.AppendRaw(vaultBaseUrl, false);
-            uri.AppendPath("/restore", false);
-            uri.AppendQuery("api-version", _apiVersion, true);
-            request.Uri = uri;
-            request.Headers.Add("Accept", "application/json");
-            if (restoreBlobDetails != null)
-            {
-                request.Headers.Add("Content-Type", "application/json");
-                var content = new Utf8JsonRequestContent();
-                content.JsonWriter.WriteObjectValue(restoreBlobDetails);
-                request.Content = content;
-            }
-            return message;
-        }
-
-        /// <summary> Restores all key materials using the SAS token pointing to a previously stored Azure Blob storage backup folder. </summary>
-        /// <param name="vaultBaseUrl"> The vault name, for example https://myvault.vault.azure.net. </param>
-        /// <param name="restoreBlobDetails"> The Azure blob SAS token pointing to a folder where the previous successful full backup was stored. </param>
-        /// <param name="cancellationToken"> The cancellation token to use. </param>
-        /// <exception cref="ArgumentNullException"> <paramref name="vaultBaseUrl"/> is null. </exception>
-        public async Task<ResponseWithHeaders<AzureSecurityKeyVaultAdministrationFullRestoreOperationHeaders>> FullRestoreOperationAsync(string vaultBaseUrl, RestoreOperationParameters restoreBlobDetails = null, CancellationToken cancellationToken = default)
-        {
-            if (vaultBaseUrl == null)
-            {
-                throw new ArgumentNullException(nameof(vaultBaseUrl));
-            }
-
-            using var message = CreateFullRestoreOperationRequest(vaultBaseUrl, restoreBlobDetails);
-            await _pipeline.SendAsync(message, cancellationToken).ConfigureAwait(false);
-            var headers = new AzureSecurityKeyVaultAdministrationFullRestoreOperationHeaders(message.Response);
-            switch (message.Response.Status)
-            {
-                case 202:
-                    return ResponseWithHeaders.FromValue(headers, message.Response);
-                default:
-                    throw new RequestFailedException(message.Response);
-            }
-        }
-
-        /// <summary> Restores all key materials using the SAS token pointing to a previously stored Azure Blob storage backup folder. </summary>
-        /// <param name="vaultBaseUrl"> The vault name, for example https://myvault.vault.azure.net. </param>
-        /// <param name="restoreBlobDetails"> The Azure blob SAS token pointing to a folder where the previous successful full backup was stored. </param>
-        /// <param name="cancellationToken"> The cancellation token to use. </param>
-        /// <exception cref="ArgumentNullException"> <paramref name="vaultBaseUrl"/> is null. </exception>
-        public ResponseWithHeaders<AzureSecurityKeyVaultAdministrationFullRestoreOperationHeaders> FullRestoreOperation(string vaultBaseUrl, RestoreOperationParameters restoreBlobDetails = null, CancellationToken cancellationToken = default)
-        {
-            if (vaultBaseUrl == null)
-            {
-                throw new ArgumentNullException(nameof(vaultBaseUrl));
-            }
-
-            using var message = CreateFullRestoreOperationRequest(vaultBaseUrl, restoreBlobDetails);
-            _pipeline.Send(message, cancellationToken);
-            var headers = new AzureSecurityKeyVaultAdministrationFullRestoreOperationHeaders(message.Response);
-            switch (message.Response.Status)
-            {
-                case 202:
-                    return ResponseWithHeaders.FromValue(headers, message.Response);
-                default:
-                    throw new RequestFailedException(message.Response);
-            }
-        }
-
-        internal HttpMessage CreateRestoreStatusRequest(string vaultBaseUrl, string jobId)
-        {
-            var message = _pipeline.CreateMessage();
-            var request = message.Request;
-            request.Method = RequestMethod.Get;
-            var uri = new RawRequestUriBuilder();
-            uri.AppendRaw(vaultBaseUrl, false);
-            uri.AppendPath("/restore/", false);
-            uri.AppendPath(jobId, true);
-            uri.AppendPath("/pending", false);
-            uri.AppendQuery("api-version", _apiVersion, true);
-            request.Uri = uri;
-            request.Headers.Add("Accept", "application/json");
-            return message;
-        }
-
-        /// <summary> Returns the status of restore operation. </summary>
-        /// <param name="vaultBaseUrl"> The vault name, for example https://myvault.vault.azure.net. </param>
-        /// <param name="jobId"> The Job Id returned part of the restore operation. </param>
-        /// <param name="cancellationToken"> The cancellation token to use. </param>
-        /// <exception cref="ArgumentNullException"> <paramref name="vaultBaseUrl"/> or <paramref name="jobId"/> is null. </exception>
-        public async Task<Response<RestoreDetailsInternal>> RestoreStatusAsync(string vaultBaseUrl, string jobId, CancellationToken cancellationToken = default)
-        {
-            if (vaultBaseUrl == null)
-            {
-                throw new ArgumentNullException(nameof(vaultBaseUrl));
-            }
-            if (jobId == null)
-            {
-                throw new ArgumentNullException(nameof(jobId));
-            }
-
-            using var message = CreateRestoreStatusRequest(vaultBaseUrl, jobId);
-            await _pipeline.SendAsync(message, cancellationToken).ConfigureAwait(false);
-            switch (message.Response.Status)
-            {
-                case 200:
-                    {
-                        RestoreDetailsInternal value = default;
-                        using var document = await JsonDocument.ParseAsync(message.Response.ContentStream, default, cancellationToken).ConfigureAwait(false);
-                        value = RestoreDetailsInternal.DeserializeRestoreDetailsInternal(document.RootElement);
-                        return Response.FromValue(value, message.Response);
-                    }
-                default:
-                    throw new RequestFailedException(message.Response);
-            }
-        }
-
-        /// <summary> Returns the status of restore operation. </summary>
-        /// <param name="vaultBaseUrl"> The vault name, for example https://myvault.vault.azure.net. </param>
-        /// <param name="jobId"> The Job Id returned part of the restore operation. </param>
-        /// <param name="cancellationToken"> The cancellation token to use. </param>
-        /// <exception cref="ArgumentNullException"> <paramref name="vaultBaseUrl"/> or <paramref name="jobId"/> is null. </exception>
-        public Response<RestoreDetailsInternal> RestoreStatus(string vaultBaseUrl, string jobId, CancellationToken cancellationToken = default)
-        {
-            if (vaultBaseUrl == null)
-            {
-                throw new ArgumentNullException(nameof(vaultBaseUrl));
-            }
-            if (jobId == null)
-            {
-                throw new ArgumentNullException(nameof(jobId));
-            }
-
-            using var message = CreateRestoreStatusRequest(vaultBaseUrl, jobId);
-            _pipeline.Send(message, cancellationToken);
-            switch (message.Response.Status)
-            {
-                case 200:
-                    {
-                        RestoreDetailsInternal value = default;
-                        using var document = JsonDocument.Parse(message.Response.ContentStream);
-                        value = RestoreDetailsInternal.DeserializeRestoreDetailsInternal(document.RootElement);
-                        return Response.FromValue(value, message.Response);
-                    }
-                default:
-                    throw new RequestFailedException(message.Response);
-            }
-        }
-
-        internal HttpMessage CreateSelectiveKeyRestoreOperationRequest(string vaultBaseUrl, string keyName, SelectiveKeyRestoreOperationParameters restoreBlobDetails)
-        {
-            var message = _pipeline.CreateMessage();
-            var request = message.Request;
-            request.Method = RequestMethod.Put;
-            var uri = new RawRequestUriBuilder();
-            uri.AppendRaw(vaultBaseUrl, false);
-            uri.AppendPath("/keys/", false);
-            uri.AppendPath(keyName, true);
-            uri.AppendPath("/restore", false);
-            uri.AppendQuery("api-version", _apiVersion, true);
-            request.Uri = uri;
-            request.Headers.Add("Accept", "application/json");
-            if (restoreBlobDetails != null)
-            {
-                request.Headers.Add("Content-Type", "application/json");
-                var content = new Utf8JsonRequestContent();
-                content.JsonWriter.WriteObjectValue(restoreBlobDetails);
-                request.Content = content;
-            }
-            return message;
-        }
-
-        /// <summary> Restores all key versions of a given key using user supplied SAS token pointing to a previously stored Azure Blob storage backup folder. </summary>
-        /// <param name="vaultBaseUrl"> The vault name, for example https://myvault.vault.azure.net. </param>
-        /// <param name="keyName"> The name of the key to be restored from the user supplied backup. </param>
-        /// <param name="restoreBlobDetails"> The Azure blob SAS token pointing to a folder where the previous successful full backup was stored. </param>
-        /// <param name="cancellationToken"> The cancellation token to use. </param>
-        /// <exception cref="ArgumentNullException"> <paramref name="vaultBaseUrl"/> or <paramref name="keyName"/> is null. </exception>
-        public async Task<ResponseWithHeaders<AzureSecurityKeyVaultAdministrationSelectiveKeyRestoreOperationHeaders>> SelectiveKeyRestoreOperationAsync(string vaultBaseUrl, string keyName, SelectiveKeyRestoreOperationParameters restoreBlobDetails = null, CancellationToken cancellationToken = default)
-        {
-            if (vaultBaseUrl == null)
-            {
-                throw new ArgumentNullException(nameof(vaultBaseUrl));
-            }
-            if (keyName == null)
-            {
-                throw new ArgumentNullException(nameof(keyName));
-            }
-
-            using var message = CreateSelectiveKeyRestoreOperationRequest(vaultBaseUrl, keyName, restoreBlobDetails);
-            await _pipeline.SendAsync(message, cancellationToken).ConfigureAwait(false);
-            var headers = new AzureSecurityKeyVaultAdministrationSelectiveKeyRestoreOperationHeaders(message.Response);
-            switch (message.Response.Status)
-            {
-                case 202:
-                    return ResponseWithHeaders.FromValue(headers, message.Response);
-                default:
-                    throw new RequestFailedException(message.Response);
-            }
-        }
-
-        /// <summary> Restores all key versions of a given key using user supplied SAS token pointing to a previously stored Azure Blob storage backup folder. </summary>
-        /// <param name="vaultBaseUrl"> The vault name, for example https://myvault.vault.azure.net. </param>
-        /// <param name="keyName"> The name of the key to be restored from the user supplied backup. </param>
-        /// <param name="restoreBlobDetails"> The Azure blob SAS token pointing to a folder where the previous successful full backup was stored. </param>
-        /// <param name="cancellationToken"> The cancellation token to use. </param>
-        /// <exception cref="ArgumentNullException"> <paramref name="vaultBaseUrl"/> or <paramref name="keyName"/> is null. </exception>
-        public ResponseWithHeaders<AzureSecurityKeyVaultAdministrationSelectiveKeyRestoreOperationHeaders> SelectiveKeyRestoreOperation(string vaultBaseUrl, string keyName, SelectiveKeyRestoreOperationParameters restoreBlobDetails = null, CancellationToken cancellationToken = default)
-        {
-            if (vaultBaseUrl == null)
-            {
-                throw new ArgumentNullException(nameof(vaultBaseUrl));
-            }
-            if (keyName == null)
-            {
-                throw new ArgumentNullException(nameof(keyName));
-            }
-
-            using var message = CreateSelectiveKeyRestoreOperationRequest(vaultBaseUrl, keyName, restoreBlobDetails);
-            _pipeline.Send(message, cancellationToken);
-            var headers = new AzureSecurityKeyVaultAdministrationSelectiveKeyRestoreOperationHeaders(message.Response);
-            switch (message.Response.Status)
-            {
-                case 202:
-                    return ResponseWithHeaders.FromValue(headers, message.Response);
-                default:
-                    throw new RequestFailedException(message.Response);
-            }
-        }
-    }
-}
diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Internal/MultipartFormDataRequestContent.cs b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Internal/MultipartFormDataRequestContent.cs
deleted file mode 100644
index ad07cca72ac7..000000000000
--- a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Internal/MultipartFormDataRequestContent.cs
+++ /dev/null
@@ -1,203 +0,0 @@
-// Copyright (c) Microsoft Corporation. All rights reserved.
-// Licensed under the MIT License.
-
-// <auto-generated/>
-
-#nullable disable
-
-using System;
-using System.Globalization;
-using System.IO;
-using System.Net.Http;
-using System.Net.Http.Headers;
-using System.Threading;
-using System.Threading.Tasks;
-using Azure.Core;
-using Azure.Core.Pipeline;
-
-namespace Azure.Security.KeyVault.Administration
-{
-    internal class MultipartFormDataRequestContent : RequestContent
-    {
-        private readonly System.Net.Http.MultipartFormDataContent _multipartContent;
-        private static readonly Random _random = new Random();
-        private static readonly char[] _boundaryValues = "0123456789=ABCDEFGHIJKLMNOPQRSTUVWXYZ_abcdefghijklmnopqrstuvwxyz".ToCharArray();
-
-        public MultipartFormDataRequestContent()
-        {
-            _multipartContent = new System.Net.Http.MultipartFormDataContent(CreateBoundary());
-        }
-
-        public string ContentType
-        {
-            get
-            {
-                return _multipartContent.Headers.ContentType.ToString();
-            }
-        }
-
-        internal HttpContent HttpContent => _multipartContent;
-
-        private static string CreateBoundary()
-        {
-            Span<char> chars = new char[70];
-            byte[] random = new byte[70];
-            _random.NextBytes(random);
-            int mask = 255 >> 2;
-            for (int i = 0; i < 70; i++)
-            {
-                chars[i] = _boundaryValues[random[i] & mask];
-            }
-            return chars.ToString();
-        }
-
-        public void Add(string content, string name, string filename = null, string contentType = null)
-        {
-            Argument.AssertNotNull(content, nameof(content));
-            Argument.AssertNotNullOrEmpty(name, nameof(name));
-
-            Add(new StringContent(content), name, filename, contentType);
-        }
-
-        public void Add(int content, string name, string filename = null, string contentType = null)
-        {
-            Argument.AssertNotNull(content, nameof(content));
-            Argument.AssertNotNullOrEmpty(name, nameof(name));
-
-            string value = content.ToString("G", CultureInfo.InvariantCulture);
-            Add(new StringContent(value), name, filename, contentType);
-        }
-
-        public void Add(long content, string name, string filename = null, string contentType = null)
-        {
-            Argument.AssertNotNull(content, nameof(content));
-            Argument.AssertNotNullOrEmpty(name, nameof(name));
-
-            string value = content.ToString("G", CultureInfo.InvariantCulture);
-            Add(new StringContent(value), name, filename, contentType);
-        }
-
-        public void Add(float content, string name, string filename = null, string contentType = null)
-        {
-            Argument.AssertNotNull(content, nameof(content));
-            Argument.AssertNotNullOrEmpty(name, nameof(name));
-
-            string value = content.ToString("G", CultureInfo.InvariantCulture);
-            Add(new StringContent(value), name, filename, contentType);
-        }
-
-        public void Add(double content, string name, string filename = null, string contentType = null)
-        {
-            Argument.AssertNotNull(content, nameof(content));
-            Argument.AssertNotNullOrEmpty(name, nameof(name));
-
-            string value = content.ToString("G", CultureInfo.InvariantCulture);
-            Add(new StringContent(value), name, filename, contentType);
-        }
-
-        public void Add(decimal content, string name, string filename = null, string contentType = null)
-        {
-            Argument.AssertNotNull(content, nameof(content));
-            Argument.AssertNotNullOrEmpty(name, nameof(name));
-
-            string value = content.ToString("G", CultureInfo.InvariantCulture);
-            Add(new StringContent(value), name, filename, contentType);
-        }
-
-        public void Add(bool content, string name, string filename = null, string contentType = null)
-        {
-            Argument.AssertNotNull(content, nameof(content));
-            Argument.AssertNotNullOrEmpty(name, nameof(name));
-
-            string value = content ? "true" : "false";
-            Add(new StringContent(value), name, filename, contentType);
-        }
-
-        public void Add(Stream content, string name, string filename = null, string contentType = null)
-        {
-            Argument.AssertNotNull(content, nameof(content));
-            Argument.AssertNotNullOrEmpty(name, nameof(name));
-
-            Add(new StreamContent(content), name, filename, contentType);
-        }
-
-        public void Add(byte[] content, string name, string filename = null, string contentType = null)
-        {
-            Argument.AssertNotNull(content, nameof(content));
-            Argument.AssertNotNullOrEmpty(name, nameof(name));
-
-            Add(new ByteArrayContent(content), name, filename, contentType);
-        }
-
-        public void Add(BinaryData content, string name, string filename = null, string contentType = null)
-        {
-            Argument.AssertNotNull(content, nameof(content));
-            Argument.AssertNotNullOrEmpty(name, nameof(name));
-
-            Add(new ByteArrayContent(content.ToArray()), name, filename, contentType);
-        }
-
-        private void Add(HttpContent content, string name, string filename, string contentType)
-        {
-            if (filename != null)
-            {
-                Argument.AssertNotNullOrEmpty(filename, nameof(filename));
-                AddFilenameHeader(content, name, filename);
-            }
-            if (contentType != null)
-            {
-                Argument.AssertNotNullOrEmpty(contentType, nameof(contentType));
-                AddContentTypeHeader(content, contentType);
-            }
-            _multipartContent.Add(content, name);
-        }
-
-        public static void AddFilenameHeader(HttpContent content, string name, string filename)
-        {
-            ContentDispositionHeaderValue header = new ContentDispositionHeaderValue("form-data") { Name = name, FileName = filename };
-            content.Headers.ContentDisposition = header;
-        }
-
-        public static void AddContentTypeHeader(HttpContent content, string contentType)
-        {
-            MediaTypeHeaderValue header = new MediaTypeHeaderValue(contentType);
-            content.Headers.ContentType = header;
-        }
-
-        public override bool TryComputeLength(out long length)
-        {
-            if (_multipartContent.Headers.ContentLength is long contentLength)
-            {
-                length = contentLength;
-                return true;
-            }
-            length = 0;
-            return false;
-        }
-
-        public override void WriteTo(Stream stream, CancellationToken cancellationToken = default)
-        {
-#if NET6_0_OR_GREATER
-				_multipartContent.CopyTo(stream, default, cancellationToken);
-#else
-#pragma warning disable AZC0107
-            _multipartContent.CopyToAsync(stream).EnsureCompleted();
-#pragma warning restore AZC0107
-#endif
-        }
-
-        public override async Task WriteToAsync(Stream stream, CancellationToken cancellationToken = default)
-        {
-#if NET6_0_OR_GREATER
-				await _multipartContent.CopyToAsync(stream, cancellationToken).ConfigureAwait(false);
-#else
-            await _multipartContent.CopyToAsync(stream).ConfigureAwait(false);
-#endif
-        }
-
-        public override void Dispose()
-        {
-            _multipartContent.Dispose();
-        }
-    }
-}
diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Internal/RequestContentHelper.cs b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Internal/RequestContentHelper.cs
deleted file mode 100644
index 482217bba2c2..000000000000
--- a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Internal/RequestContentHelper.cs
+++ /dev/null
@@ -1,136 +0,0 @@
-// Copyright (c) Microsoft Corporation. All rights reserved.
-// Licensed under the MIT License.
-
-// <auto-generated/>
-
-#nullable disable
-
-using System;
-using System.Collections.Generic;
-using System.Text.Json;
-using Azure.Core;
-
-namespace Azure.Security.KeyVault.Administration
-{
-    internal static class RequestContentHelper
-    {
-        public static RequestContent FromEnumerable<T>(IEnumerable<T> enumerable)
-        where T : notnull
-        {
-            Utf8JsonRequestContent content = new Utf8JsonRequestContent();
-            content.JsonWriter.WriteStartArray();
-            foreach (var item in enumerable)
-            {
-                content.JsonWriter.WriteObjectValue(item);
-            }
-            content.JsonWriter.WriteEndArray();
-
-            return content;
-        }
-
-        public static RequestContent FromEnumerable(IEnumerable<BinaryData> enumerable)
-        {
-            Utf8JsonRequestContent content = new Utf8JsonRequestContent();
-            content.JsonWriter.WriteStartArray();
-            foreach (var item in enumerable)
-            {
-                if (item == null)
-                {
-                    content.JsonWriter.WriteNullValue();
-                }
-                else
-                {
-#if NET6_0_OR_GREATER
-				content.JsonWriter.WriteRawValue(item);
-#else
-                    using (JsonDocument document = JsonDocument.Parse(item))
-                    {
-                        JsonSerializer.Serialize(content.JsonWriter, document.RootElement);
-                    }
-#endif
-                }
-            }
-            content.JsonWriter.WriteEndArray();
-
-            return content;
-        }
-
-        public static RequestContent FromEnumerable<T>(ReadOnlySpan<T> span)
-        where T : notnull
-        {
-            Utf8JsonRequestContent content = new Utf8JsonRequestContent();
-            content.JsonWriter.WriteStartArray();
-            for (int i = 0; i < span.Length; i++)
-            {
-                content.JsonWriter.WriteObjectValue(span[i]);
-            }
-            content.JsonWriter.WriteEndArray();
-
-            return content;
-        }
-
-        public static RequestContent FromDictionary<TValue>(IDictionary<string, TValue> dictionary)
-        where TValue : notnull
-        {
-            Utf8JsonRequestContent content = new Utf8JsonRequestContent();
-            content.JsonWriter.WriteStartObject();
-            foreach (var item in dictionary)
-            {
-                content.JsonWriter.WritePropertyName(item.Key);
-                content.JsonWriter.WriteObjectValue(item.Value);
-            }
-            content.JsonWriter.WriteEndObject();
-
-            return content;
-        }
-
-        public static RequestContent FromDictionary(IDictionary<string, BinaryData> dictionary)
-        {
-            Utf8JsonRequestContent content = new Utf8JsonRequestContent();
-            content.JsonWriter.WriteStartObject();
-            foreach (var item in dictionary)
-            {
-                content.JsonWriter.WritePropertyName(item.Key);
-                if (item.Value == null)
-                {
-                    content.JsonWriter.WriteNullValue();
-                }
-                else
-                {
-#if NET6_0_OR_GREATER
-				content.JsonWriter.WriteRawValue(item.Value);
-#else
-                    using (JsonDocument document = JsonDocument.Parse(item.Value))
-                    {
-                        JsonSerializer.Serialize(content.JsonWriter, document.RootElement);
-                    }
-#endif
-                }
-            }
-            content.JsonWriter.WriteEndObject();
-
-            return content;
-        }
-
-        public static RequestContent FromObject(object value)
-        {
-            Utf8JsonRequestContent content = new Utf8JsonRequestContent();
-            content.JsonWriter.WriteObjectValue<object>(value);
-            return content;
-        }
-
-        public static RequestContent FromObject(BinaryData value)
-        {
-            Utf8JsonRequestContent content = new Utf8JsonRequestContent();
-#if NET6_0_OR_GREATER
-				content.JsonWriter.WriteRawValue(value);
-#else
-            using (JsonDocument document = JsonDocument.Parse(value))
-            {
-                JsonSerializer.Serialize(content.JsonWriter, document.RootElement);
-            }
-#endif
-            return content;
-        }
-    }
-}
diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/KeyVaultAdministrationModelFactory.cs b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/KeyVaultAdministrationModelFactory.cs
index 27a113c903c5..97267d41ebdf 100644
--- a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/KeyVaultAdministrationModelFactory.cs
+++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/KeyVaultAdministrationModelFactory.cs
@@ -7,36 +7,31 @@
 
 using System.Collections.Generic;
 using System.Linq;
+using Azure.Security.KeyVault.Administration.Models;
 
 namespace Azure.Security.KeyVault.Administration
 {
     /// <summary> Model factory for models. </summary>
     public static partial class KeyVaultAdministrationModelFactory
     {
-        /// <summary> Initializes a new instance of <see cref="Administration.KeyVaultRoleDefinition"/>. </summary>
-        /// <param name="id"> The role definition ID. </param>
-        /// <param name="name"> The role definition name. </param>
-        /// <param name="type"> The role definition type. </param>
-        /// <param name="roleName"> The role name. </param>
-        /// <param name="description"> The role definition description. </param>
-        /// <param name="roleType"> The role type. </param>
-        /// <param name="permissions"> Role definition permissions. </param>
-        /// <param name="assignableScopes"> Role definition assignable scopes. </param>
-        /// <returns> A new <see cref="Administration.KeyVaultRoleDefinition"/> instance for mocking. </returns>
-        public static KeyVaultRoleDefinition KeyVaultRoleDefinition(string id = null, string name = null, KeyVaultRoleDefinitionType? type = null, string roleName = null, string description = null, KeyVaultRoleType? roleType = null, IEnumerable<KeyVaultPermission> permissions = null, IEnumerable<KeyVaultRoleScope> assignableScopes = null)
+        /// <summary> Initializes a new instance of <see cref="Administration.KeyVaultSetting"/>. </summary>
+        /// <param name="name"> The account setting to be updated. </param>
+        /// <param name="content"> The value of the pool setting. </param>
+        /// <param name="settingType"> The type specifier of the value. </param>
+        /// <returns> A new <see cref="Administration.KeyVaultSetting"/> instance for mocking. </returns>
+        public static KeyVaultSetting KeyVaultSetting(string name = null, string content = null, KeyVaultSettingType? settingType = null)
         {
-            permissions ??= new List<KeyVaultPermission>();
-            assignableScopes ??= new List<KeyVaultRoleScope>();
+            return new KeyVaultSetting(name, content, settingType);
+        }
 
-            return new KeyVaultRoleDefinition(
-                id,
-                name,
-                type,
-                roleName,
-                description,
-                roleType,
-                permissions?.ToList(),
-                assignableScopes?.ToList());
+        /// <summary> Initializes a new instance of <see cref="Administration.GetSettingsResult"/>. </summary>
+        /// <param name="settings"> A response message containing a list of account settings with their associated value. </param>
+        /// <returns> A new <see cref="Administration.GetSettingsResult"/> instance for mocking. </returns>
+        public static GetSettingsResult GetSettingsResult(IEnumerable<KeyVaultSetting> settings = null)
+        {
+            settings ??= new List<KeyVaultSetting>();
+
+            return new GetSettingsResult(settings?.ToList());
         }
 
         /// <summary> Initializes a new instance of <see cref="Administration.KeyVaultRoleAssignment"/>. </summary>
@@ -60,24 +55,30 @@ public static KeyVaultRoleAssignmentProperties KeyVaultRoleAssignmentProperties(
             return new KeyVaultRoleAssignmentProperties(scope, roleDefinitionId, principalId);
         }
 
-        /// <summary> Initializes a new instance of <see cref="Administration.KeyVaultSetting"/>. </summary>
-        /// <param name="name"> The account setting to be updated. </param>
-        /// <param name="content"> The value of the pool setting. </param>
-        /// <param name="settingType"> The type specifier of the value. </param>
-        /// <returns> A new <see cref="Administration.KeyVaultSetting"/> instance for mocking. </returns>
-        public static KeyVaultSetting KeyVaultSetting(string name = null, string content = null, KeyVaultSettingType? settingType = null)
-        {
-            return new KeyVaultSetting(name, content, settingType);
-        }
-
-        /// <summary> Initializes a new instance of <see cref="Administration.GetSettingsResult"/>. </summary>
-        /// <param name="settings"> A response message containing a list of account settings with their associated value. </param>
-        /// <returns> A new <see cref="Administration.GetSettingsResult"/> instance for mocking. </returns>
-        public static GetSettingsResult GetSettingsResult(IEnumerable<KeyVaultSetting> settings = null)
+        /// <summary> Initializes a new instance of <see cref="Administration.KeyVaultRoleDefinition"/>. </summary>
+        /// <param name="id"> The role definition ID. </param>
+        /// <param name="name"> The role definition name. </param>
+        /// <param name="type"> The role definition type. </param>
+        /// <param name="roleName"> The role name. </param>
+        /// <param name="description"> The role definition description. </param>
+        /// <param name="roleType"> The role type. </param>
+        /// <param name="permissions"> Role definition permissions. </param>
+        /// <param name="assignableScopes"> Role definition assignable scopes. </param>
+        /// <returns> A new <see cref="Administration.KeyVaultRoleDefinition"/> instance for mocking. </returns>
+        public static KeyVaultRoleDefinition KeyVaultRoleDefinition(string id = null, string name = null, KeyVaultRoleDefinitionType? type = null, string roleName = null, string description = null, KeyVaultRoleType? roleType = null, IEnumerable<KeyVaultPermission> permissions = null, IEnumerable<KeyVaultRoleScope> assignableScopes = null)
         {
-            settings ??= new List<KeyVaultSetting>();
+            permissions ??= new List<KeyVaultPermission>();
+            assignableScopes ??= new List<KeyVaultRoleScope>();
 
-            return new GetSettingsResult(settings?.ToList());
+            return new KeyVaultRoleDefinition(
+                id,
+                name,
+                type,
+                roleName,
+                description,
+                roleType,
+                permissions?.ToList(),
+                assignableScopes?.ToList());
         }
     }
 }
diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/KeyVaultClient.cs b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/KeyVaultClient.cs
new file mode 100644
index 000000000000..2be78c363867
--- /dev/null
+++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/KeyVaultClient.cs
@@ -0,0 +1,1409 @@
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License.
+
+// <auto-generated/>
+
+#nullable disable
+
+using System;
+using System.Threading;
+using System.Threading.Tasks;
+using Azure.Core;
+using Azure.Core.Pipeline;
+using Azure.Security.KeyVault.Administration.Models;
+
+namespace Azure.Security.KeyVault.Administration
+{
+    // Data plane generated client.
+    /// <summary> The key vault client performs cryptographic key operations and vault operations against the Key Vault service. </summary>
+    public partial class KeyVaultClient
+    {
+        private static readonly string[] AuthorizationScopes = new string[] { "https://vault.azure.net/.default" };
+        private readonly TokenCredential _tokenCredential;
+        private readonly HttpPipeline _pipeline;
+        private readonly Uri _endpoint;
+        private readonly string _apiVersion;
+
+        /// <summary> The ClientDiagnostics is used to provide tracing support for the client library. </summary>
+        internal ClientDiagnostics ClientDiagnostics { get; }
+
+        /// <summary> The HTTP pipeline for sending and receiving REST requests and responses. </summary>
+        public virtual HttpPipeline Pipeline => _pipeline;
+
+        /// <summary> Initializes a new instance of KeyVaultClient for mocking. </summary>
+        protected KeyVaultClient()
+        {
+        }
+
+        /// <summary> Initializes a new instance of KeyVaultClient. </summary>
+        /// <param name="endpoint"> The <see cref="Uri"/> to use. </param>
+        /// <param name="credential"> A credential used to authenticate to an Azure Service. </param>
+        /// <exception cref="ArgumentNullException"> <paramref name="endpoint"/> or <paramref name="credential"/> is null. </exception>
+        public KeyVaultClient(Uri endpoint, TokenCredential credential) : this(endpoint, credential, new KeyVaultClientOptions())
+        {
+        }
+
+        /// <summary> Initializes a new instance of KeyVaultClient. </summary>
+        /// <param name="endpoint"> The <see cref="Uri"/> to use. </param>
+        /// <param name="credential"> A credential used to authenticate to an Azure Service. </param>
+        /// <param name="options"> The options for configuring the client. </param>
+        /// <exception cref="ArgumentNullException"> <paramref name="endpoint"/> or <paramref name="credential"/> is null. </exception>
+        public KeyVaultClient(Uri endpoint, TokenCredential credential, KeyVaultClientOptions options)
+        {
+            Argument.AssertNotNull(endpoint, nameof(endpoint));
+            Argument.AssertNotNull(credential, nameof(credential));
+            options ??= new KeyVaultClientOptions();
+
+            ClientDiagnostics = new ClientDiagnostics(options, true);
+            _tokenCredential = credential;
+            _pipeline = HttpPipelineBuilder.Build(options, Array.Empty<HttpPipelinePolicy>(), new HttpPipelinePolicy[] { new BearerTokenAuthenticationPolicy(_tokenCredential, AuthorizationScopes) }, new ResponseClassifier());
+            _endpoint = endpoint;
+            _apiVersion = options.Version;
+        }
+
+        /// <summary> Returns the status of full backup operation. </summary>
+        /// <param name="jobId"> The id returned as part of the backup request. </param>
+        /// <param name="cancellationToken"> The cancellation token to use. </param>
+        /// <exception cref="ArgumentNullException"> <paramref name="jobId"/> is null. </exception>
+        /// <exception cref="ArgumentException"> <paramref name="jobId"/> is an empty string, and was expected to be non-empty. </exception>
+        internal virtual async Task<Response<FullBackupDetailsInternal>> FullBackupStatusAsync(string jobId, CancellationToken cancellationToken = default)
+        {
+            Argument.AssertNotNullOrEmpty(jobId, nameof(jobId));
+
+            RequestContext context = FromCancellationToken(cancellationToken);
+            Response response = await FullBackupStatusAsync(jobId, context).ConfigureAwait(false);
+            return Response.FromValue(FullBackupDetailsInternal.FromResponse(response), response);
+        }
+
+        /// <summary> Returns the status of full backup operation. </summary>
+        /// <param name="jobId"> The id returned as part of the backup request. </param>
+        /// <param name="cancellationToken"> The cancellation token to use. </param>
+        /// <exception cref="ArgumentNullException"> <paramref name="jobId"/> is null. </exception>
+        /// <exception cref="ArgumentException"> <paramref name="jobId"/> is an empty string, and was expected to be non-empty. </exception>
+        internal virtual Response<FullBackupDetailsInternal> FullBackupStatus(string jobId, CancellationToken cancellationToken = default)
+        {
+            Argument.AssertNotNullOrEmpty(jobId, nameof(jobId));
+
+            RequestContext context = FromCancellationToken(cancellationToken);
+            Response response = FullBackupStatus(jobId, context);
+            return Response.FromValue(FullBackupDetailsInternal.FromResponse(response), response);
+        }
+
+        /// <summary>
+        /// [Protocol Method] Returns the status of full backup operation
+        /// <list type="bullet">
+        /// <item>
+        /// <description>
+        /// This <see href="https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/core/Azure.Core/samples/ProtocolMethods.md">protocol method</see> allows explicit creation of the request and processing of the response for advanced scenarios.
+        /// </description>
+        /// </item>
+        /// <item>
+        /// <description>
+        /// Please try the simpler <see cref="FullBackupStatusAsync(string,CancellationToken)"/> convenience overload with strongly typed models first.
+        /// </description>
+        /// </item>
+        /// </list>
+        /// </summary>
+        /// <param name="jobId"> The id returned as part of the backup request. </param>
+        /// <param name="context"> The request context, which can override default behaviors of the client pipeline on a per-call basis. </param>
+        /// <exception cref="ArgumentNullException"> <paramref name="jobId"/> is null. </exception>
+        /// <exception cref="ArgumentException"> <paramref name="jobId"/> is an empty string, and was expected to be non-empty. </exception>
+        /// <exception cref="RequestFailedException"> Service returned a non-success status code. </exception>
+        /// <returns> The response returned from the service. </returns>
+        internal virtual async Task<Response> FullBackupStatusAsync(string jobId, RequestContext context)
+        {
+            Argument.AssertNotNullOrEmpty(jobId, nameof(jobId));
+
+            using var scope = ClientDiagnostics.CreateScope("KeyVaultClient.FullBackupStatus");
+            scope.Start();
+            try
+            {
+                using HttpMessage message = CreateFullBackupStatusRequest(jobId, context);
+                return await _pipeline.ProcessMessageAsync(message, context).ConfigureAwait(false);
+            }
+            catch (Exception e)
+            {
+                scope.Failed(e);
+                throw;
+            }
+        }
+
+        /// <summary>
+        /// [Protocol Method] Returns the status of full backup operation
+        /// <list type="bullet">
+        /// <item>
+        /// <description>
+        /// This <see href="https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/core/Azure.Core/samples/ProtocolMethods.md">protocol method</see> allows explicit creation of the request and processing of the response for advanced scenarios.
+        /// </description>
+        /// </item>
+        /// <item>
+        /// <description>
+        /// Please try the simpler <see cref="FullBackupStatus(string,CancellationToken)"/> convenience overload with strongly typed models first.
+        /// </description>
+        /// </item>
+        /// </list>
+        /// </summary>
+        /// <param name="jobId"> The id returned as part of the backup request. </param>
+        /// <param name="context"> The request context, which can override default behaviors of the client pipeline on a per-call basis. </param>
+        /// <exception cref="ArgumentNullException"> <paramref name="jobId"/> is null. </exception>
+        /// <exception cref="ArgumentException"> <paramref name="jobId"/> is an empty string, and was expected to be non-empty. </exception>
+        /// <exception cref="RequestFailedException"> Service returned a non-success status code. </exception>
+        /// <returns> The response returned from the service. </returns>
+        internal virtual Response FullBackupStatus(string jobId, RequestContext context)
+        {
+            Argument.AssertNotNullOrEmpty(jobId, nameof(jobId));
+
+            using var scope = ClientDiagnostics.CreateScope("KeyVaultClient.FullBackupStatus");
+            scope.Start();
+            try
+            {
+                using HttpMessage message = CreateFullBackupStatusRequest(jobId, context);
+                return _pipeline.ProcessMessage(message, context);
+            }
+            catch (Exception e)
+            {
+                scope.Failed(e);
+                throw;
+            }
+        }
+
+        /// <summary> Returns the status of restore operation. </summary>
+        /// <param name="jobId"> The Job Id returned part of the restore operation. </param>
+        /// <param name="cancellationToken"> The cancellation token to use. </param>
+        /// <exception cref="ArgumentNullException"> <paramref name="jobId"/> is null. </exception>
+        /// <exception cref="ArgumentException"> <paramref name="jobId"/> is an empty string, and was expected to be non-empty. </exception>
+        internal virtual async Task<Response<RestoreDetailsInternal>> RestoreStatusAsync(string jobId, CancellationToken cancellationToken = default)
+        {
+            Argument.AssertNotNullOrEmpty(jobId, nameof(jobId));
+
+            RequestContext context = FromCancellationToken(cancellationToken);
+            Response response = await RestoreStatusAsync(jobId, context).ConfigureAwait(false);
+            return Response.FromValue(RestoreDetailsInternal.FromResponse(response), response);
+        }
+
+        /// <summary> Returns the status of restore operation. </summary>
+        /// <param name="jobId"> The Job Id returned part of the restore operation. </param>
+        /// <param name="cancellationToken"> The cancellation token to use. </param>
+        /// <exception cref="ArgumentNullException"> <paramref name="jobId"/> is null. </exception>
+        /// <exception cref="ArgumentException"> <paramref name="jobId"/> is an empty string, and was expected to be non-empty. </exception>
+        internal virtual Response<RestoreDetailsInternal> RestoreStatus(string jobId, CancellationToken cancellationToken = default)
+        {
+            Argument.AssertNotNullOrEmpty(jobId, nameof(jobId));
+
+            RequestContext context = FromCancellationToken(cancellationToken);
+            Response response = RestoreStatus(jobId, context);
+            return Response.FromValue(RestoreDetailsInternal.FromResponse(response), response);
+        }
+
+        /// <summary>
+        /// [Protocol Method] Returns the status of restore operation
+        /// <list type="bullet">
+        /// <item>
+        /// <description>
+        /// This <see href="https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/core/Azure.Core/samples/ProtocolMethods.md">protocol method</see> allows explicit creation of the request and processing of the response for advanced scenarios.
+        /// </description>
+        /// </item>
+        /// <item>
+        /// <description>
+        /// Please try the simpler <see cref="RestoreStatusAsync(string,CancellationToken)"/> convenience overload with strongly typed models first.
+        /// </description>
+        /// </item>
+        /// </list>
+        /// </summary>
+        /// <param name="jobId"> The Job Id returned part of the restore operation. </param>
+        /// <param name="context"> The request context, which can override default behaviors of the client pipeline on a per-call basis. </param>
+        /// <exception cref="ArgumentNullException"> <paramref name="jobId"/> is null. </exception>
+        /// <exception cref="ArgumentException"> <paramref name="jobId"/> is an empty string, and was expected to be non-empty. </exception>
+        /// <exception cref="RequestFailedException"> Service returned a non-success status code. </exception>
+        /// <returns> The response returned from the service. </returns>
+        internal virtual async Task<Response> RestoreStatusAsync(string jobId, RequestContext context)
+        {
+            Argument.AssertNotNullOrEmpty(jobId, nameof(jobId));
+
+            using var scope = ClientDiagnostics.CreateScope("KeyVaultClient.RestoreStatus");
+            scope.Start();
+            try
+            {
+                using HttpMessage message = CreateRestoreStatusRequest(jobId, context);
+                return await _pipeline.ProcessMessageAsync(message, context).ConfigureAwait(false);
+            }
+            catch (Exception e)
+            {
+                scope.Failed(e);
+                throw;
+            }
+        }
+
+        /// <summary>
+        /// [Protocol Method] Returns the status of restore operation
+        /// <list type="bullet">
+        /// <item>
+        /// <description>
+        /// This <see href="https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/core/Azure.Core/samples/ProtocolMethods.md">protocol method</see> allows explicit creation of the request and processing of the response for advanced scenarios.
+        /// </description>
+        /// </item>
+        /// <item>
+        /// <description>
+        /// Please try the simpler <see cref="RestoreStatus(string,CancellationToken)"/> convenience overload with strongly typed models first.
+        /// </description>
+        /// </item>
+        /// </list>
+        /// </summary>
+        /// <param name="jobId"> The Job Id returned part of the restore operation. </param>
+        /// <param name="context"> The request context, which can override default behaviors of the client pipeline on a per-call basis. </param>
+        /// <exception cref="ArgumentNullException"> <paramref name="jobId"/> is null. </exception>
+        /// <exception cref="ArgumentException"> <paramref name="jobId"/> is an empty string, and was expected to be non-empty. </exception>
+        /// <exception cref="RequestFailedException"> Service returned a non-success status code. </exception>
+        /// <returns> The response returned from the service. </returns>
+        internal virtual Response RestoreStatus(string jobId, RequestContext context)
+        {
+            Argument.AssertNotNullOrEmpty(jobId, nameof(jobId));
+
+            using var scope = ClientDiagnostics.CreateScope("KeyVaultClient.RestoreStatus");
+            scope.Start();
+            try
+            {
+                using HttpMessage message = CreateRestoreStatusRequest(jobId, context);
+                return _pipeline.ProcessMessage(message, context);
+            }
+            catch (Exception e)
+            {
+                scope.Failed(e);
+                throw;
+            }
+        }
+
+        /// <summary> Returns the status of the selective key restore operation. </summary>
+        /// <param name="jobId"> The Job Id returned part of the restore operation. </param>
+        /// <param name="cancellationToken"> The cancellation token to use. </param>
+        /// <exception cref="ArgumentNullException"> <paramref name="jobId"/> is null. </exception>
+        /// <exception cref="ArgumentException"> <paramref name="jobId"/> is an empty string, and was expected to be non-empty. </exception>
+        internal virtual async Task<Response<SelectiveKeyRestoreDetailsInternal>> SelectiveKeyRestoreStatusAsync(string jobId, CancellationToken cancellationToken = default)
+        {
+            Argument.AssertNotNullOrEmpty(jobId, nameof(jobId));
+
+            RequestContext context = FromCancellationToken(cancellationToken);
+            Response response = await SelectiveKeyRestoreStatusAsync(jobId, context).ConfigureAwait(false);
+            return Response.FromValue(SelectiveKeyRestoreDetailsInternal.FromResponse(response), response);
+        }
+
+        /// <summary> Returns the status of the selective key restore operation. </summary>
+        /// <param name="jobId"> The Job Id returned part of the restore operation. </param>
+        /// <param name="cancellationToken"> The cancellation token to use. </param>
+        /// <exception cref="ArgumentNullException"> <paramref name="jobId"/> is null. </exception>
+        /// <exception cref="ArgumentException"> <paramref name="jobId"/> is an empty string, and was expected to be non-empty. </exception>
+        internal virtual Response<SelectiveKeyRestoreDetailsInternal> SelectiveKeyRestoreStatus(string jobId, CancellationToken cancellationToken = default)
+        {
+            Argument.AssertNotNullOrEmpty(jobId, nameof(jobId));
+
+            RequestContext context = FromCancellationToken(cancellationToken);
+            Response response = SelectiveKeyRestoreStatus(jobId, context);
+            return Response.FromValue(SelectiveKeyRestoreDetailsInternal.FromResponse(response), response);
+        }
+
+        /// <summary>
+        /// [Protocol Method] Returns the status of the selective key restore operation
+        /// <list type="bullet">
+        /// <item>
+        /// <description>
+        /// This <see href="https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/core/Azure.Core/samples/ProtocolMethods.md">protocol method</see> allows explicit creation of the request and processing of the response for advanced scenarios.
+        /// </description>
+        /// </item>
+        /// <item>
+        /// <description>
+        /// Please try the simpler <see cref="SelectiveKeyRestoreStatusAsync(string,CancellationToken)"/> convenience overload with strongly typed models first.
+        /// </description>
+        /// </item>
+        /// </list>
+        /// </summary>
+        /// <param name="jobId"> The Job Id returned part of the restore operation. </param>
+        /// <param name="context"> The request context, which can override default behaviors of the client pipeline on a per-call basis. </param>
+        /// <exception cref="ArgumentNullException"> <paramref name="jobId"/> is null. </exception>
+        /// <exception cref="ArgumentException"> <paramref name="jobId"/> is an empty string, and was expected to be non-empty. </exception>
+        /// <exception cref="RequestFailedException"> Service returned a non-success status code. </exception>
+        /// <returns> The response returned from the service. </returns>
+        internal virtual async Task<Response> SelectiveKeyRestoreStatusAsync(string jobId, RequestContext context)
+        {
+            Argument.AssertNotNullOrEmpty(jobId, nameof(jobId));
+
+            using var scope = ClientDiagnostics.CreateScope("KeyVaultClient.SelectiveKeyRestoreStatus");
+            scope.Start();
+            try
+            {
+                using HttpMessage message = CreateSelectiveKeyRestoreStatusRequest(jobId, context);
+                return await _pipeline.ProcessMessageAsync(message, context).ConfigureAwait(false);
+            }
+            catch (Exception e)
+            {
+                scope.Failed(e);
+                throw;
+            }
+        }
+
+        /// <summary>
+        /// [Protocol Method] Returns the status of the selective key restore operation
+        /// <list type="bullet">
+        /// <item>
+        /// <description>
+        /// This <see href="https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/core/Azure.Core/samples/ProtocolMethods.md">protocol method</see> allows explicit creation of the request and processing of the response for advanced scenarios.
+        /// </description>
+        /// </item>
+        /// <item>
+        /// <description>
+        /// Please try the simpler <see cref="SelectiveKeyRestoreStatus(string,CancellationToken)"/> convenience overload with strongly typed models first.
+        /// </description>
+        /// </item>
+        /// </list>
+        /// </summary>
+        /// <param name="jobId"> The Job Id returned part of the restore operation. </param>
+        /// <param name="context"> The request context, which can override default behaviors of the client pipeline on a per-call basis. </param>
+        /// <exception cref="ArgumentNullException"> <paramref name="jobId"/> is null. </exception>
+        /// <exception cref="ArgumentException"> <paramref name="jobId"/> is an empty string, and was expected to be non-empty. </exception>
+        /// <exception cref="RequestFailedException"> Service returned a non-success status code. </exception>
+        /// <returns> The response returned from the service. </returns>
+        internal virtual Response SelectiveKeyRestoreStatus(string jobId, RequestContext context)
+        {
+            Argument.AssertNotNullOrEmpty(jobId, nameof(jobId));
+
+            using var scope = ClientDiagnostics.CreateScope("KeyVaultClient.SelectiveKeyRestoreStatus");
+            scope.Start();
+            try
+            {
+                using HttpMessage message = CreateSelectiveKeyRestoreStatusRequest(jobId, context);
+                return _pipeline.ProcessMessage(message, context);
+            }
+            catch (Exception e)
+            {
+                scope.Failed(e);
+                throw;
+            }
+        }
+
+        /// <summary>
+        /// [Protocol Method] Updates key vault account setting, stores it, then returns the setting name and value to the client.
+        /// <list type="bullet">
+        /// <item>
+        /// <description>
+        /// This <see href="https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/core/Azure.Core/samples/ProtocolMethods.md">protocol method</see> allows explicit creation of the request and processing of the response for advanced scenarios.
+        /// </description>
+        /// </item>
+        /// </list>
+        /// </summary>
+        /// <param name="settingName"> The name of the account setting. Must be a valid settings option. </param>
+        /// <param name="content"> The content to send as the body of the request. </param>
+        /// <param name="context"> The request context, which can override default behaviors of the client pipeline on a per-call basis. </param>
+        /// <exception cref="ArgumentNullException"> <paramref name="settingName"/> or <paramref name="content"/> is null. </exception>
+        /// <exception cref="ArgumentException"> <paramref name="settingName"/> is an empty string, and was expected to be non-empty. </exception>
+        /// <exception cref="RequestFailedException"> Service returned a non-success status code. </exception>
+        /// <returns> The response returned from the service. </returns>
+        internal virtual async Task<Response> UpdateSettingAsync(string settingName, RequestContent content, RequestContext context = null)
+        {
+            Argument.AssertNotNullOrEmpty(settingName, nameof(settingName));
+            Argument.AssertNotNull(content, nameof(content));
+
+            using var scope = ClientDiagnostics.CreateScope("KeyVaultClient.UpdateSetting");
+            scope.Start();
+            try
+            {
+                using HttpMessage message = CreateUpdateSettingRequest(settingName, content, context);
+                return await _pipeline.ProcessMessageAsync(message, context).ConfigureAwait(false);
+            }
+            catch (Exception e)
+            {
+                scope.Failed(e);
+                throw;
+            }
+        }
+
+        /// <summary>
+        /// [Protocol Method] Updates key vault account setting, stores it, then returns the setting name and value to the client.
+        /// <list type="bullet">
+        /// <item>
+        /// <description>
+        /// This <see href="https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/core/Azure.Core/samples/ProtocolMethods.md">protocol method</see> allows explicit creation of the request and processing of the response for advanced scenarios.
+        /// </description>
+        /// </item>
+        /// </list>
+        /// </summary>
+        /// <param name="settingName"> The name of the account setting. Must be a valid settings option. </param>
+        /// <param name="content"> The content to send as the body of the request. </param>
+        /// <param name="context"> The request context, which can override default behaviors of the client pipeline on a per-call basis. </param>
+        /// <exception cref="ArgumentNullException"> <paramref name="settingName"/> or <paramref name="content"/> is null. </exception>
+        /// <exception cref="ArgumentException"> <paramref name="settingName"/> is an empty string, and was expected to be non-empty. </exception>
+        /// <exception cref="RequestFailedException"> Service returned a non-success status code. </exception>
+        /// <returns> The response returned from the service. </returns>
+        internal virtual Response UpdateSetting(string settingName, RequestContent content, RequestContext context = null)
+        {
+            Argument.AssertNotNullOrEmpty(settingName, nameof(settingName));
+            Argument.AssertNotNull(content, nameof(content));
+
+            using var scope = ClientDiagnostics.CreateScope("KeyVaultClient.UpdateSetting");
+            scope.Start();
+            try
+            {
+                using HttpMessage message = CreateUpdateSettingRequest(settingName, content, context);
+                return _pipeline.ProcessMessage(message, context);
+            }
+            catch (Exception e)
+            {
+                scope.Failed(e);
+                throw;
+            }
+        }
+
+        /// <summary> Get specified account setting object. </summary>
+        /// <param name="settingName"> The name of the account setting. Must be a valid settings option. </param>
+        /// <param name="cancellationToken"> The cancellation token to use. </param>
+        /// <exception cref="ArgumentNullException"> <paramref name="settingName"/> is null. </exception>
+        /// <exception cref="ArgumentException"> <paramref name="settingName"/> is an empty string, and was expected to be non-empty. </exception>
+        /// <remarks> Retrieves the setting object of a specified setting name. </remarks>
+        internal virtual async Task<Response<KeyVaultSetting>> GetSettingAsync(string settingName, CancellationToken cancellationToken = default)
+        {
+            Argument.AssertNotNullOrEmpty(settingName, nameof(settingName));
+
+            RequestContext context = FromCancellationToken(cancellationToken);
+            Response response = await GetSettingAsync(settingName, context).ConfigureAwait(false);
+            return Response.FromValue(KeyVaultSetting.FromResponse(response), response);
+        }
+
+        /// <summary> Get specified account setting object. </summary>
+        /// <param name="settingName"> The name of the account setting. Must be a valid settings option. </param>
+        /// <param name="cancellationToken"> The cancellation token to use. </param>
+        /// <exception cref="ArgumentNullException"> <paramref name="settingName"/> is null. </exception>
+        /// <exception cref="ArgumentException"> <paramref name="settingName"/> is an empty string, and was expected to be non-empty. </exception>
+        /// <remarks> Retrieves the setting object of a specified setting name. </remarks>
+        internal virtual Response<KeyVaultSetting> GetSetting(string settingName, CancellationToken cancellationToken = default)
+        {
+            Argument.AssertNotNullOrEmpty(settingName, nameof(settingName));
+
+            RequestContext context = FromCancellationToken(cancellationToken);
+            Response response = GetSetting(settingName, context);
+            return Response.FromValue(KeyVaultSetting.FromResponse(response), response);
+        }
+
+        /// <summary>
+        /// [Protocol Method] Get specified account setting object.
+        /// <list type="bullet">
+        /// <item>
+        /// <description>
+        /// This <see href="https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/core/Azure.Core/samples/ProtocolMethods.md">protocol method</see> allows explicit creation of the request and processing of the response for advanced scenarios.
+        /// </description>
+        /// </item>
+        /// <item>
+        /// <description>
+        /// Please try the simpler <see cref="GetSettingAsync(string,CancellationToken)"/> convenience overload with strongly typed models first.
+        /// </description>
+        /// </item>
+        /// </list>
+        /// </summary>
+        /// <param name="settingName"> The name of the account setting. Must be a valid settings option. </param>
+        /// <param name="context"> The request context, which can override default behaviors of the client pipeline on a per-call basis. </param>
+        /// <exception cref="ArgumentNullException"> <paramref name="settingName"/> is null. </exception>
+        /// <exception cref="ArgumentException"> <paramref name="settingName"/> is an empty string, and was expected to be non-empty. </exception>
+        /// <exception cref="RequestFailedException"> Service returned a non-success status code. </exception>
+        /// <returns> The response returned from the service. </returns>
+        internal virtual async Task<Response> GetSettingAsync(string settingName, RequestContext context)
+        {
+            Argument.AssertNotNullOrEmpty(settingName, nameof(settingName));
+
+            using var scope = ClientDiagnostics.CreateScope("KeyVaultClient.GetSetting");
+            scope.Start();
+            try
+            {
+                using HttpMessage message = CreateGetSettingRequest(settingName, context);
+                return await _pipeline.ProcessMessageAsync(message, context).ConfigureAwait(false);
+            }
+            catch (Exception e)
+            {
+                scope.Failed(e);
+                throw;
+            }
+        }
+
+        /// <summary>
+        /// [Protocol Method] Get specified account setting object.
+        /// <list type="bullet">
+        /// <item>
+        /// <description>
+        /// This <see href="https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/core/Azure.Core/samples/ProtocolMethods.md">protocol method</see> allows explicit creation of the request and processing of the response for advanced scenarios.
+        /// </description>
+        /// </item>
+        /// <item>
+        /// <description>
+        /// Please try the simpler <see cref="GetSetting(string,CancellationToken)"/> convenience overload with strongly typed models first.
+        /// </description>
+        /// </item>
+        /// </list>
+        /// </summary>
+        /// <param name="settingName"> The name of the account setting. Must be a valid settings option. </param>
+        /// <param name="context"> The request context, which can override default behaviors of the client pipeline on a per-call basis. </param>
+        /// <exception cref="ArgumentNullException"> <paramref name="settingName"/> is null. </exception>
+        /// <exception cref="ArgumentException"> <paramref name="settingName"/> is an empty string, and was expected to be non-empty. </exception>
+        /// <exception cref="RequestFailedException"> Service returned a non-success status code. </exception>
+        /// <returns> The response returned from the service. </returns>
+        internal virtual Response GetSetting(string settingName, RequestContext context)
+        {
+            Argument.AssertNotNullOrEmpty(settingName, nameof(settingName));
+
+            using var scope = ClientDiagnostics.CreateScope("KeyVaultClient.GetSetting");
+            scope.Start();
+            try
+            {
+                using HttpMessage message = CreateGetSettingRequest(settingName, context);
+                return _pipeline.ProcessMessage(message, context);
+            }
+            catch (Exception e)
+            {
+                scope.Failed(e);
+                throw;
+            }
+        }
+
+        /// <summary> List account settings. </summary>
+        /// <param name="cancellationToken"> The cancellation token to use. </param>
+        /// <remarks> Retrieves a list of all the available account settings that can be configured. </remarks>
+        internal virtual async Task<Response<GetSettingsResult>> GetSettingsAsync(CancellationToken cancellationToken = default)
+        {
+            RequestContext context = FromCancellationToken(cancellationToken);
+            Response response = await GetSettingsAsync(context).ConfigureAwait(false);
+            return Response.FromValue(GetSettingsResult.FromResponse(response), response);
+        }
+
+        /// <summary> List account settings. </summary>
+        /// <param name="cancellationToken"> The cancellation token to use. </param>
+        /// <remarks> Retrieves a list of all the available account settings that can be configured. </remarks>
+        internal virtual Response<GetSettingsResult> GetSettings(CancellationToken cancellationToken = default)
+        {
+            RequestContext context = FromCancellationToken(cancellationToken);
+            Response response = GetSettings(context);
+            return Response.FromValue(GetSettingsResult.FromResponse(response), response);
+        }
+
+        /// <summary>
+        /// [Protocol Method] List account settings.
+        /// <list type="bullet">
+        /// <item>
+        /// <description>
+        /// This <see href="https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/core/Azure.Core/samples/ProtocolMethods.md">protocol method</see> allows explicit creation of the request and processing of the response for advanced scenarios.
+        /// </description>
+        /// </item>
+        /// <item>
+        /// <description>
+        /// Please try the simpler <see cref="GetSettingsAsync(CancellationToken)"/> convenience overload with strongly typed models first.
+        /// </description>
+        /// </item>
+        /// </list>
+        /// </summary>
+        /// <param name="context"> The request context, which can override default behaviors of the client pipeline on a per-call basis. </param>
+        /// <exception cref="RequestFailedException"> Service returned a non-success status code. </exception>
+        /// <returns> The response returned from the service. </returns>
+        internal virtual async Task<Response> GetSettingsAsync(RequestContext context)
+        {
+            using var scope = ClientDiagnostics.CreateScope("KeyVaultClient.GetSettings");
+            scope.Start();
+            try
+            {
+                using HttpMessage message = CreateGetSettingsRequest(context);
+                return await _pipeline.ProcessMessageAsync(message, context).ConfigureAwait(false);
+            }
+            catch (Exception e)
+            {
+                scope.Failed(e);
+                throw;
+            }
+        }
+
+        /// <summary>
+        /// [Protocol Method] List account settings.
+        /// <list type="bullet">
+        /// <item>
+        /// <description>
+        /// This <see href="https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/core/Azure.Core/samples/ProtocolMethods.md">protocol method</see> allows explicit creation of the request and processing of the response for advanced scenarios.
+        /// </description>
+        /// </item>
+        /// <item>
+        /// <description>
+        /// Please try the simpler <see cref="GetSettings(CancellationToken)"/> convenience overload with strongly typed models first.
+        /// </description>
+        /// </item>
+        /// </list>
+        /// </summary>
+        /// <param name="context"> The request context, which can override default behaviors of the client pipeline on a per-call basis. </param>
+        /// <exception cref="RequestFailedException"> Service returned a non-success status code. </exception>
+        /// <returns> The response returned from the service. </returns>
+        internal virtual Response GetSettings(RequestContext context)
+        {
+            using var scope = ClientDiagnostics.CreateScope("KeyVaultClient.GetSettings");
+            scope.Start();
+            try
+            {
+                using HttpMessage message = CreateGetSettingsRequest(context);
+                return _pipeline.ProcessMessage(message, context);
+            }
+            catch (Exception e)
+            {
+                scope.Failed(e);
+                throw;
+            }
+        }
+
+        /// <summary> Creates a full backup using a user-provided SAS token to an Azure blob storage container. </summary>
+        /// <param name="waitUntil"> <see cref="WaitUntil.Completed"/> if the method should wait to return until the long-running operation has completed on the service; <see cref="WaitUntil.Started"/> if it should return after starting the operation. For more information on long-running operations, please see <see href="https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/core/Azure.Core/samples/LongRunningOperations.md"> Azure.Core Long-Running Operation samples</see>. </param>
+        /// <param name="azureStorageBlobContainerUri"> Azure blob shared access signature token pointing to a valid Azure blob container where full backup needs to be stored. This token needs to be valid for at least next 24 hours from the time of making this call. </param>
+        /// <param name="cancellationToken"> The cancellation token to use. </param>
+        /// <exception cref="ArgumentNullException"> <paramref name="azureStorageBlobContainerUri"/> is null. </exception>
+        internal virtual async Task<Operation<FullBackupDetailsInternal>> FullBackupAsync(WaitUntil waitUntil, SASTokenParameter azureStorageBlobContainerUri, CancellationToken cancellationToken = default)
+        {
+            Argument.AssertNotNull(azureStorageBlobContainerUri, nameof(azureStorageBlobContainerUri));
+
+            using RequestContent content = azureStorageBlobContainerUri.ToRequestContent();
+            RequestContext context = FromCancellationToken(cancellationToken);
+            Operation<BinaryData> response = await FullBackupAsync(waitUntil, content, context).ConfigureAwait(false);
+            return ProtocolOperationHelpers.Convert(response, FullBackupDetailsInternal.FromResponse, ClientDiagnostics, "KeyVaultClient.FullBackup");
+        }
+
+        /// <summary> Creates a full backup using a user-provided SAS token to an Azure blob storage container. </summary>
+        /// <param name="waitUntil"> <see cref="WaitUntil.Completed"/> if the method should wait to return until the long-running operation has completed on the service; <see cref="WaitUntil.Started"/> if it should return after starting the operation. For more information on long-running operations, please see <see href="https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/core/Azure.Core/samples/LongRunningOperations.md"> Azure.Core Long-Running Operation samples</see>. </param>
+        /// <param name="azureStorageBlobContainerUri"> Azure blob shared access signature token pointing to a valid Azure blob container where full backup needs to be stored. This token needs to be valid for at least next 24 hours from the time of making this call. </param>
+        /// <param name="cancellationToken"> The cancellation token to use. </param>
+        /// <exception cref="ArgumentNullException"> <paramref name="azureStorageBlobContainerUri"/> is null. </exception>
+        internal virtual Operation<FullBackupDetailsInternal> FullBackup(WaitUntil waitUntil, SASTokenParameter azureStorageBlobContainerUri, CancellationToken cancellationToken = default)
+        {
+            Argument.AssertNotNull(azureStorageBlobContainerUri, nameof(azureStorageBlobContainerUri));
+
+            using RequestContent content = azureStorageBlobContainerUri.ToRequestContent();
+            RequestContext context = FromCancellationToken(cancellationToken);
+            Operation<BinaryData> response = FullBackup(waitUntil, content, context);
+            return ProtocolOperationHelpers.Convert(response, FullBackupDetailsInternal.FromResponse, ClientDiagnostics, "KeyVaultClient.FullBackup");
+        }
+
+        /// <summary>
+        /// [Protocol Method] Creates a full backup using a user-provided SAS token to an Azure blob storage container.
+        /// <list type="bullet">
+        /// <item>
+        /// <description>
+        /// This <see href="https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/core/Azure.Core/samples/ProtocolMethods.md">protocol method</see> allows explicit creation of the request and processing of the response for advanced scenarios.
+        /// </description>
+        /// </item>
+        /// <item>
+        /// <description>
+        /// Please try the simpler <see cref="FullBackupAsync(WaitUntil,SASTokenParameter,CancellationToken)"/> convenience overload with strongly typed models first.
+        /// </description>
+        /// </item>
+        /// </list>
+        /// </summary>
+        /// <param name="waitUntil"> <see cref="WaitUntil.Completed"/> if the method should wait to return until the long-running operation has completed on the service; <see cref="WaitUntil.Started"/> if it should return after starting the operation. For more information on long-running operations, please see <see href="https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/core/Azure.Core/samples/LongRunningOperations.md"> Azure.Core Long-Running Operation samples</see>. </param>
+        /// <param name="content"> The content to send as the body of the request. </param>
+        /// <param name="context"> The request context, which can override default behaviors of the client pipeline on a per-call basis. </param>
+        /// <exception cref="ArgumentNullException"> <paramref name="content"/> is null. </exception>
+        /// <exception cref="RequestFailedException"> Service returned a non-success status code. </exception>
+        /// <returns> The <see cref="Operation"/> representing an asynchronous operation on the service. </returns>
+        internal virtual async Task<Operation<BinaryData>> FullBackupAsync(WaitUntil waitUntil, RequestContent content, RequestContext context = null)
+        {
+            Argument.AssertNotNull(content, nameof(content));
+
+            using var scope = ClientDiagnostics.CreateScope("KeyVaultClient.FullBackup");
+            scope.Start();
+            try
+            {
+                using HttpMessage message = CreateFullBackupRequest(content, context);
+                return await ProtocolOperationHelpers.ProcessMessageAsync(_pipeline, message, ClientDiagnostics, "KeyVaultClient.FullBackup", OperationFinalStateVia.AzureAsyncOperation, context, waitUntil).ConfigureAwait(false);
+            }
+            catch (Exception e)
+            {
+                scope.Failed(e);
+                throw;
+            }
+        }
+
+        /// <summary>
+        /// [Protocol Method] Creates a full backup using a user-provided SAS token to an Azure blob storage container.
+        /// <list type="bullet">
+        /// <item>
+        /// <description>
+        /// This <see href="https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/core/Azure.Core/samples/ProtocolMethods.md">protocol method</see> allows explicit creation of the request and processing of the response for advanced scenarios.
+        /// </description>
+        /// </item>
+        /// <item>
+        /// <description>
+        /// Please try the simpler <see cref="FullBackup(WaitUntil,SASTokenParameter,CancellationToken)"/> convenience overload with strongly typed models first.
+        /// </description>
+        /// </item>
+        /// </list>
+        /// </summary>
+        /// <param name="waitUntil"> <see cref="WaitUntil.Completed"/> if the method should wait to return until the long-running operation has completed on the service; <see cref="WaitUntil.Started"/> if it should return after starting the operation. For more information on long-running operations, please see <see href="https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/core/Azure.Core/samples/LongRunningOperations.md"> Azure.Core Long-Running Operation samples</see>. </param>
+        /// <param name="content"> The content to send as the body of the request. </param>
+        /// <param name="context"> The request context, which can override default behaviors of the client pipeline on a per-call basis. </param>
+        /// <exception cref="ArgumentNullException"> <paramref name="content"/> is null. </exception>
+        /// <exception cref="RequestFailedException"> Service returned a non-success status code. </exception>
+        /// <returns> The <see cref="Operation"/> representing an asynchronous operation on the service. </returns>
+        internal virtual Operation<BinaryData> FullBackup(WaitUntil waitUntil, RequestContent content, RequestContext context = null)
+        {
+            Argument.AssertNotNull(content, nameof(content));
+
+            using var scope = ClientDiagnostics.CreateScope("KeyVaultClient.FullBackup");
+            scope.Start();
+            try
+            {
+                using HttpMessage message = CreateFullBackupRequest(content, context);
+                return ProtocolOperationHelpers.ProcessMessage(_pipeline, message, ClientDiagnostics, "KeyVaultClient.FullBackup", OperationFinalStateVia.AzureAsyncOperation, context, waitUntil);
+            }
+            catch (Exception e)
+            {
+                scope.Failed(e);
+                throw;
+            }
+        }
+
+        /// <summary> Pre-backup operation for checking whether the customer can perform a full backup operation. </summary>
+        /// <param name="waitUntil"> <see cref="WaitUntil.Completed"/> if the method should wait to return until the long-running operation has completed on the service; <see cref="WaitUntil.Started"/> if it should return after starting the operation. For more information on long-running operations, please see <see href="https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/core/Azure.Core/samples/LongRunningOperations.md"> Azure.Core Long-Running Operation samples</see>. </param>
+        /// <param name="preBackupOperationParameters"> Optional parameters to validate prior to performing a full backup operation. </param>
+        /// <param name="cancellationToken"> The cancellation token to use. </param>
+        /// <exception cref="ArgumentNullException"> <paramref name="preBackupOperationParameters"/> is null. </exception>
+        internal virtual async Task<Operation<FullBackupDetailsInternal>> PreFullBackupAsync(WaitUntil waitUntil, PreBackupOperationParameters preBackupOperationParameters, CancellationToken cancellationToken = default)
+        {
+            Argument.AssertNotNull(preBackupOperationParameters, nameof(preBackupOperationParameters));
+
+            using RequestContent content = preBackupOperationParameters.ToRequestContent();
+            RequestContext context = FromCancellationToken(cancellationToken);
+            Operation<BinaryData> response = await PreFullBackupAsync(waitUntil, content, context).ConfigureAwait(false);
+            return ProtocolOperationHelpers.Convert(response, FullBackupDetailsInternal.FromResponse, ClientDiagnostics, "KeyVaultClient.PreFullBackup");
+        }
+
+        /// <summary> Pre-backup operation for checking whether the customer can perform a full backup operation. </summary>
+        /// <param name="waitUntil"> <see cref="WaitUntil.Completed"/> if the method should wait to return until the long-running operation has completed on the service; <see cref="WaitUntil.Started"/> if it should return after starting the operation. For more information on long-running operations, please see <see href="https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/core/Azure.Core/samples/LongRunningOperations.md"> Azure.Core Long-Running Operation samples</see>. </param>
+        /// <param name="preBackupOperationParameters"> Optional parameters to validate prior to performing a full backup operation. </param>
+        /// <param name="cancellationToken"> The cancellation token to use. </param>
+        /// <exception cref="ArgumentNullException"> <paramref name="preBackupOperationParameters"/> is null. </exception>
+        internal virtual Operation<FullBackupDetailsInternal> PreFullBackup(WaitUntil waitUntil, PreBackupOperationParameters preBackupOperationParameters, CancellationToken cancellationToken = default)
+        {
+            Argument.AssertNotNull(preBackupOperationParameters, nameof(preBackupOperationParameters));
+
+            using RequestContent content = preBackupOperationParameters.ToRequestContent();
+            RequestContext context = FromCancellationToken(cancellationToken);
+            Operation<BinaryData> response = PreFullBackup(waitUntil, content, context);
+            return ProtocolOperationHelpers.Convert(response, FullBackupDetailsInternal.FromResponse, ClientDiagnostics, "KeyVaultClient.PreFullBackup");
+        }
+
+        /// <summary>
+        /// [Protocol Method] Pre-backup operation for checking whether the customer can perform a full backup operation.
+        /// <list type="bullet">
+        /// <item>
+        /// <description>
+        /// This <see href="https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/core/Azure.Core/samples/ProtocolMethods.md">protocol method</see> allows explicit creation of the request and processing of the response for advanced scenarios.
+        /// </description>
+        /// </item>
+        /// <item>
+        /// <description>
+        /// Please try the simpler <see cref="PreFullBackupAsync(WaitUntil,PreBackupOperationParameters,CancellationToken)"/> convenience overload with strongly typed models first.
+        /// </description>
+        /// </item>
+        /// </list>
+        /// </summary>
+        /// <param name="waitUntil"> <see cref="WaitUntil.Completed"/> if the method should wait to return until the long-running operation has completed on the service; <see cref="WaitUntil.Started"/> if it should return after starting the operation. For more information on long-running operations, please see <see href="https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/core/Azure.Core/samples/LongRunningOperations.md"> Azure.Core Long-Running Operation samples</see>. </param>
+        /// <param name="content"> The content to send as the body of the request. </param>
+        /// <param name="context"> The request context, which can override default behaviors of the client pipeline on a per-call basis. </param>
+        /// <exception cref="ArgumentNullException"> <paramref name="content"/> is null. </exception>
+        /// <exception cref="RequestFailedException"> Service returned a non-success status code. </exception>
+        /// <returns> The <see cref="Operation"/> representing an asynchronous operation on the service. </returns>
+        internal virtual async Task<Operation<BinaryData>> PreFullBackupAsync(WaitUntil waitUntil, RequestContent content, RequestContext context = null)
+        {
+            Argument.AssertNotNull(content, nameof(content));
+
+            using var scope = ClientDiagnostics.CreateScope("KeyVaultClient.PreFullBackup");
+            scope.Start();
+            try
+            {
+                using HttpMessage message = CreatePreFullBackupRequest(content, context);
+                return await ProtocolOperationHelpers.ProcessMessageAsync(_pipeline, message, ClientDiagnostics, "KeyVaultClient.PreFullBackup", OperationFinalStateVia.AzureAsyncOperation, context, waitUntil).ConfigureAwait(false);
+            }
+            catch (Exception e)
+            {
+                scope.Failed(e);
+                throw;
+            }
+        }
+
+        /// <summary>
+        /// [Protocol Method] Pre-backup operation for checking whether the customer can perform a full backup operation.
+        /// <list type="bullet">
+        /// <item>
+        /// <description>
+        /// This <see href="https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/core/Azure.Core/samples/ProtocolMethods.md">protocol method</see> allows explicit creation of the request and processing of the response for advanced scenarios.
+        /// </description>
+        /// </item>
+        /// <item>
+        /// <description>
+        /// Please try the simpler <see cref="PreFullBackup(WaitUntil,PreBackupOperationParameters,CancellationToken)"/> convenience overload with strongly typed models first.
+        /// </description>
+        /// </item>
+        /// </list>
+        /// </summary>
+        /// <param name="waitUntil"> <see cref="WaitUntil.Completed"/> if the method should wait to return until the long-running operation has completed on the service; <see cref="WaitUntil.Started"/> if it should return after starting the operation. For more information on long-running operations, please see <see href="https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/core/Azure.Core/samples/LongRunningOperations.md"> Azure.Core Long-Running Operation samples</see>. </param>
+        /// <param name="content"> The content to send as the body of the request. </param>
+        /// <param name="context"> The request context, which can override default behaviors of the client pipeline on a per-call basis. </param>
+        /// <exception cref="ArgumentNullException"> <paramref name="content"/> is null. </exception>
+        /// <exception cref="RequestFailedException"> Service returned a non-success status code. </exception>
+        /// <returns> The <see cref="Operation"/> representing an asynchronous operation on the service. </returns>
+        internal virtual Operation<BinaryData> PreFullBackup(WaitUntil waitUntil, RequestContent content, RequestContext context = null)
+        {
+            Argument.AssertNotNull(content, nameof(content));
+
+            using var scope = ClientDiagnostics.CreateScope("KeyVaultClient.PreFullBackup");
+            scope.Start();
+            try
+            {
+                using HttpMessage message = CreatePreFullBackupRequest(content, context);
+                return ProtocolOperationHelpers.ProcessMessage(_pipeline, message, ClientDiagnostics, "KeyVaultClient.PreFullBackup", OperationFinalStateVia.AzureAsyncOperation, context, waitUntil);
+            }
+            catch (Exception e)
+            {
+                scope.Failed(e);
+                throw;
+            }
+        }
+
+        /// <summary> Pre-restore operation for checking whether the customer can perform a full restore operation. </summary>
+        /// <param name="waitUntil"> <see cref="WaitUntil.Completed"/> if the method should wait to return until the long-running operation has completed on the service; <see cref="WaitUntil.Started"/> if it should return after starting the operation. For more information on long-running operations, please see <see href="https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/core/Azure.Core/samples/LongRunningOperations.md"> Azure.Core Long-Running Operation samples</see>. </param>
+        /// <param name="preRestoreOperationParameters"> Optional pre restore parameters to validate prior to performing a full restore operation. </param>
+        /// <param name="cancellationToken"> The cancellation token to use. </param>
+        /// <exception cref="ArgumentNullException"> <paramref name="preRestoreOperationParameters"/> is null. </exception>
+        internal virtual async Task<Operation<RestoreDetailsInternal>> PreFullRestoreOperationAsync(WaitUntil waitUntil, PreRestoreOperationParameters preRestoreOperationParameters, CancellationToken cancellationToken = default)
+        {
+            Argument.AssertNotNull(preRestoreOperationParameters, nameof(preRestoreOperationParameters));
+
+            using RequestContent content = preRestoreOperationParameters.ToRequestContent();
+            RequestContext context = FromCancellationToken(cancellationToken);
+            Operation<BinaryData> response = await PreFullRestoreOperationAsync(waitUntil, content, context).ConfigureAwait(false);
+            return ProtocolOperationHelpers.Convert(response, RestoreDetailsInternal.FromResponse, ClientDiagnostics, "KeyVaultClient.PreFullRestoreOperation");
+        }
+
+        /// <summary> Pre-restore operation for checking whether the customer can perform a full restore operation. </summary>
+        /// <param name="waitUntil"> <see cref="WaitUntil.Completed"/> if the method should wait to return until the long-running operation has completed on the service; <see cref="WaitUntil.Started"/> if it should return after starting the operation. For more information on long-running operations, please see <see href="https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/core/Azure.Core/samples/LongRunningOperations.md"> Azure.Core Long-Running Operation samples</see>. </param>
+        /// <param name="preRestoreOperationParameters"> Optional pre restore parameters to validate prior to performing a full restore operation. </param>
+        /// <param name="cancellationToken"> The cancellation token to use. </param>
+        /// <exception cref="ArgumentNullException"> <paramref name="preRestoreOperationParameters"/> is null. </exception>
+        internal virtual Operation<RestoreDetailsInternal> PreFullRestoreOperation(WaitUntil waitUntil, PreRestoreOperationParameters preRestoreOperationParameters, CancellationToken cancellationToken = default)
+        {
+            Argument.AssertNotNull(preRestoreOperationParameters, nameof(preRestoreOperationParameters));
+
+            using RequestContent content = preRestoreOperationParameters.ToRequestContent();
+            RequestContext context = FromCancellationToken(cancellationToken);
+            Operation<BinaryData> response = PreFullRestoreOperation(waitUntil, content, context);
+            return ProtocolOperationHelpers.Convert(response, RestoreDetailsInternal.FromResponse, ClientDiagnostics, "KeyVaultClient.PreFullRestoreOperation");
+        }
+
+        /// <summary>
+        /// [Protocol Method] Pre-restore operation for checking whether the customer can perform a full restore operation.
+        /// <list type="bullet">
+        /// <item>
+        /// <description>
+        /// This <see href="https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/core/Azure.Core/samples/ProtocolMethods.md">protocol method</see> allows explicit creation of the request and processing of the response for advanced scenarios.
+        /// </description>
+        /// </item>
+        /// <item>
+        /// <description>
+        /// Please try the simpler <see cref="PreFullRestoreOperationAsync(WaitUntil,PreRestoreOperationParameters,CancellationToken)"/> convenience overload with strongly typed models first.
+        /// </description>
+        /// </item>
+        /// </list>
+        /// </summary>
+        /// <param name="waitUntil"> <see cref="WaitUntil.Completed"/> if the method should wait to return until the long-running operation has completed on the service; <see cref="WaitUntil.Started"/> if it should return after starting the operation. For more information on long-running operations, please see <see href="https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/core/Azure.Core/samples/LongRunningOperations.md"> Azure.Core Long-Running Operation samples</see>. </param>
+        /// <param name="content"> The content to send as the body of the request. </param>
+        /// <param name="context"> The request context, which can override default behaviors of the client pipeline on a per-call basis. </param>
+        /// <exception cref="ArgumentNullException"> <paramref name="content"/> is null. </exception>
+        /// <exception cref="RequestFailedException"> Service returned a non-success status code. </exception>
+        /// <returns> The <see cref="Operation"/> representing an asynchronous operation on the service. </returns>
+        internal virtual async Task<Operation<BinaryData>> PreFullRestoreOperationAsync(WaitUntil waitUntil, RequestContent content, RequestContext context = null)
+        {
+            Argument.AssertNotNull(content, nameof(content));
+
+            using var scope = ClientDiagnostics.CreateScope("KeyVaultClient.PreFullRestoreOperation");
+            scope.Start();
+            try
+            {
+                using HttpMessage message = CreatePreFullRestoreOperationRequest(content, context);
+                return await ProtocolOperationHelpers.ProcessMessageAsync(_pipeline, message, ClientDiagnostics, "KeyVaultClient.PreFullRestoreOperation", OperationFinalStateVia.AzureAsyncOperation, context, waitUntil).ConfigureAwait(false);
+            }
+            catch (Exception e)
+            {
+                scope.Failed(e);
+                throw;
+            }
+        }
+
+        /// <summary>
+        /// [Protocol Method] Pre-restore operation for checking whether the customer can perform a full restore operation.
+        /// <list type="bullet">
+        /// <item>
+        /// <description>
+        /// This <see href="https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/core/Azure.Core/samples/ProtocolMethods.md">protocol method</see> allows explicit creation of the request and processing of the response for advanced scenarios.
+        /// </description>
+        /// </item>
+        /// <item>
+        /// <description>
+        /// Please try the simpler <see cref="PreFullRestoreOperation(WaitUntil,PreRestoreOperationParameters,CancellationToken)"/> convenience overload with strongly typed models first.
+        /// </description>
+        /// </item>
+        /// </list>
+        /// </summary>
+        /// <param name="waitUntil"> <see cref="WaitUntil.Completed"/> if the method should wait to return until the long-running operation has completed on the service; <see cref="WaitUntil.Started"/> if it should return after starting the operation. For more information on long-running operations, please see <see href="https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/core/Azure.Core/samples/LongRunningOperations.md"> Azure.Core Long-Running Operation samples</see>. </param>
+        /// <param name="content"> The content to send as the body of the request. </param>
+        /// <param name="context"> The request context, which can override default behaviors of the client pipeline on a per-call basis. </param>
+        /// <exception cref="ArgumentNullException"> <paramref name="content"/> is null. </exception>
+        /// <exception cref="RequestFailedException"> Service returned a non-success status code. </exception>
+        /// <returns> The <see cref="Operation"/> representing an asynchronous operation on the service. </returns>
+        internal virtual Operation<BinaryData> PreFullRestoreOperation(WaitUntil waitUntil, RequestContent content, RequestContext context = null)
+        {
+            Argument.AssertNotNull(content, nameof(content));
+
+            using var scope = ClientDiagnostics.CreateScope("KeyVaultClient.PreFullRestoreOperation");
+            scope.Start();
+            try
+            {
+                using HttpMessage message = CreatePreFullRestoreOperationRequest(content, context);
+                return ProtocolOperationHelpers.ProcessMessage(_pipeline, message, ClientDiagnostics, "KeyVaultClient.PreFullRestoreOperation", OperationFinalStateVia.AzureAsyncOperation, context, waitUntil);
+            }
+            catch (Exception e)
+            {
+                scope.Failed(e);
+                throw;
+            }
+        }
+
+        /// <summary> Restores all key materials using the SAS token pointing to a previously stored Azure Blob storage backup folder. </summary>
+        /// <param name="waitUntil"> <see cref="WaitUntil.Completed"/> if the method should wait to return until the long-running operation has completed on the service; <see cref="WaitUntil.Started"/> if it should return after starting the operation. For more information on long-running operations, please see <see href="https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/core/Azure.Core/samples/LongRunningOperations.md"> Azure.Core Long-Running Operation samples</see>. </param>
+        /// <param name="restoreBlobDetails"> The Azure blob SAS token pointing to a folder where the previous successful full backup was stored. </param>
+        /// <param name="cancellationToken"> The cancellation token to use. </param>
+        /// <exception cref="ArgumentNullException"> <paramref name="restoreBlobDetails"/> is null. </exception>
+        internal virtual async Task<Operation<RestoreDetailsInternal>> FullRestoreOperationAsync(WaitUntil waitUntil, RestoreOperationParameters restoreBlobDetails, CancellationToken cancellationToken = default)
+        {
+            Argument.AssertNotNull(restoreBlobDetails, nameof(restoreBlobDetails));
+
+            using RequestContent content = restoreBlobDetails.ToRequestContent();
+            RequestContext context = FromCancellationToken(cancellationToken);
+            Operation<BinaryData> response = await FullRestoreOperationAsync(waitUntil, content, context).ConfigureAwait(false);
+            return ProtocolOperationHelpers.Convert(response, RestoreDetailsInternal.FromResponse, ClientDiagnostics, "KeyVaultClient.FullRestoreOperation");
+        }
+
+        /// <summary> Restores all key materials using the SAS token pointing to a previously stored Azure Blob storage backup folder. </summary>
+        /// <param name="waitUntil"> <see cref="WaitUntil.Completed"/> if the method should wait to return until the long-running operation has completed on the service; <see cref="WaitUntil.Started"/> if it should return after starting the operation. For more information on long-running operations, please see <see href="https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/core/Azure.Core/samples/LongRunningOperations.md"> Azure.Core Long-Running Operation samples</see>. </param>
+        /// <param name="restoreBlobDetails"> The Azure blob SAS token pointing to a folder where the previous successful full backup was stored. </param>
+        /// <param name="cancellationToken"> The cancellation token to use. </param>
+        /// <exception cref="ArgumentNullException"> <paramref name="restoreBlobDetails"/> is null. </exception>
+        internal virtual Operation<RestoreDetailsInternal> FullRestoreOperation(WaitUntil waitUntil, RestoreOperationParameters restoreBlobDetails, CancellationToken cancellationToken = default)
+        {
+            Argument.AssertNotNull(restoreBlobDetails, nameof(restoreBlobDetails));
+
+            using RequestContent content = restoreBlobDetails.ToRequestContent();
+            RequestContext context = FromCancellationToken(cancellationToken);
+            Operation<BinaryData> response = FullRestoreOperation(waitUntil, content, context);
+            return ProtocolOperationHelpers.Convert(response, RestoreDetailsInternal.FromResponse, ClientDiagnostics, "KeyVaultClient.FullRestoreOperation");
+        }
+
+        /// <summary>
+        /// [Protocol Method] Restores all key materials using the SAS token pointing to a previously stored Azure Blob storage backup folder
+        /// <list type="bullet">
+        /// <item>
+        /// <description>
+        /// This <see href="https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/core/Azure.Core/samples/ProtocolMethods.md">protocol method</see> allows explicit creation of the request and processing of the response for advanced scenarios.
+        /// </description>
+        /// </item>
+        /// <item>
+        /// <description>
+        /// Please try the simpler <see cref="FullRestoreOperationAsync(WaitUntil,RestoreOperationParameters,CancellationToken)"/> convenience overload with strongly typed models first.
+        /// </description>
+        /// </item>
+        /// </list>
+        /// </summary>
+        /// <param name="waitUntil"> <see cref="WaitUntil.Completed"/> if the method should wait to return until the long-running operation has completed on the service; <see cref="WaitUntil.Started"/> if it should return after starting the operation. For more information on long-running operations, please see <see href="https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/core/Azure.Core/samples/LongRunningOperations.md"> Azure.Core Long-Running Operation samples</see>. </param>
+        /// <param name="content"> The content to send as the body of the request. </param>
+        /// <param name="context"> The request context, which can override default behaviors of the client pipeline on a per-call basis. </param>
+        /// <exception cref="ArgumentNullException"> <paramref name="content"/> is null. </exception>
+        /// <exception cref="RequestFailedException"> Service returned a non-success status code. </exception>
+        /// <returns> The <see cref="Operation"/> representing an asynchronous operation on the service. </returns>
+        internal virtual async Task<Operation<BinaryData>> FullRestoreOperationAsync(WaitUntil waitUntil, RequestContent content, RequestContext context = null)
+        {
+            Argument.AssertNotNull(content, nameof(content));
+
+            using var scope = ClientDiagnostics.CreateScope("KeyVaultClient.FullRestoreOperation");
+            scope.Start();
+            try
+            {
+                using HttpMessage message = CreateFullRestoreOperationRequest(content, context);
+                return await ProtocolOperationHelpers.ProcessMessageAsync(_pipeline, message, ClientDiagnostics, "KeyVaultClient.FullRestoreOperation", OperationFinalStateVia.AzureAsyncOperation, context, waitUntil).ConfigureAwait(false);
+            }
+            catch (Exception e)
+            {
+                scope.Failed(e);
+                throw;
+            }
+        }
+
+        /// <summary>
+        /// [Protocol Method] Restores all key materials using the SAS token pointing to a previously stored Azure Blob storage backup folder
+        /// <list type="bullet">
+        /// <item>
+        /// <description>
+        /// This <see href="https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/core/Azure.Core/samples/ProtocolMethods.md">protocol method</see> allows explicit creation of the request and processing of the response for advanced scenarios.
+        /// </description>
+        /// </item>
+        /// <item>
+        /// <description>
+        /// Please try the simpler <see cref="FullRestoreOperation(WaitUntil,RestoreOperationParameters,CancellationToken)"/> convenience overload with strongly typed models first.
+        /// </description>
+        /// </item>
+        /// </list>
+        /// </summary>
+        /// <param name="waitUntil"> <see cref="WaitUntil.Completed"/> if the method should wait to return until the long-running operation has completed on the service; <see cref="WaitUntil.Started"/> if it should return after starting the operation. For more information on long-running operations, please see <see href="https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/core/Azure.Core/samples/LongRunningOperations.md"> Azure.Core Long-Running Operation samples</see>. </param>
+        /// <param name="content"> The content to send as the body of the request. </param>
+        /// <param name="context"> The request context, which can override default behaviors of the client pipeline on a per-call basis. </param>
+        /// <exception cref="ArgumentNullException"> <paramref name="content"/> is null. </exception>
+        /// <exception cref="RequestFailedException"> Service returned a non-success status code. </exception>
+        /// <returns> The <see cref="Operation"/> representing an asynchronous operation on the service. </returns>
+        internal virtual Operation<BinaryData> FullRestoreOperation(WaitUntil waitUntil, RequestContent content, RequestContext context = null)
+        {
+            Argument.AssertNotNull(content, nameof(content));
+
+            using var scope = ClientDiagnostics.CreateScope("KeyVaultClient.FullRestoreOperation");
+            scope.Start();
+            try
+            {
+                using HttpMessage message = CreateFullRestoreOperationRequest(content, context);
+                return ProtocolOperationHelpers.ProcessMessage(_pipeline, message, ClientDiagnostics, "KeyVaultClient.FullRestoreOperation", OperationFinalStateVia.AzureAsyncOperation, context, waitUntil);
+            }
+            catch (Exception e)
+            {
+                scope.Failed(e);
+                throw;
+            }
+        }
+
+        /// <summary> Restores all key versions of a given key using user supplied SAS token pointing to a previously stored Azure Blob storage backup folder. </summary>
+        /// <param name="waitUntil"> <see cref="WaitUntil.Completed"/> if the method should wait to return until the long-running operation has completed on the service; <see cref="WaitUntil.Started"/> if it should return after starting the operation. For more information on long-running operations, please see <see href="https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/core/Azure.Core/samples/LongRunningOperations.md"> Azure.Core Long-Running Operation samples</see>. </param>
+        /// <param name="keyName"> The name of the key to be restored from the user supplied backup. </param>
+        /// <param name="restoreBlobDetails"> The Azure blob SAS token pointing to a folder where the previous successful full backup was stored. </param>
+        /// <param name="cancellationToken"> The cancellation token to use. </param>
+        /// <exception cref="ArgumentNullException"> <paramref name="keyName"/> or <paramref name="restoreBlobDetails"/> is null. </exception>
+        /// <exception cref="ArgumentException"> <paramref name="keyName"/> is an empty string, and was expected to be non-empty. </exception>
+        internal virtual async Task<Operation<SelectiveKeyRestoreDetailsInternal>> SelectiveKeyRestoreOperationAsync(WaitUntil waitUntil, string keyName, SelectiveKeyRestoreOperationParameters restoreBlobDetails, CancellationToken cancellationToken = default)
+        {
+            Argument.AssertNotNullOrEmpty(keyName, nameof(keyName));
+            Argument.AssertNotNull(restoreBlobDetails, nameof(restoreBlobDetails));
+
+            using RequestContent content = restoreBlobDetails.ToRequestContent();
+            RequestContext context = FromCancellationToken(cancellationToken);
+            Operation<BinaryData> response = await SelectiveKeyRestoreOperationAsync(waitUntil, keyName, content, context).ConfigureAwait(false);
+            return ProtocolOperationHelpers.Convert(response, SelectiveKeyRestoreDetailsInternal.FromResponse, ClientDiagnostics, "KeyVaultClient.SelectiveKeyRestoreOperation");
+        }
+
+        /// <summary> Restores all key versions of a given key using user supplied SAS token pointing to a previously stored Azure Blob storage backup folder. </summary>
+        /// <param name="waitUntil"> <see cref="WaitUntil.Completed"/> if the method should wait to return until the long-running operation has completed on the service; <see cref="WaitUntil.Started"/> if it should return after starting the operation. For more information on long-running operations, please see <see href="https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/core/Azure.Core/samples/LongRunningOperations.md"> Azure.Core Long-Running Operation samples</see>. </param>
+        /// <param name="keyName"> The name of the key to be restored from the user supplied backup. </param>
+        /// <param name="restoreBlobDetails"> The Azure blob SAS token pointing to a folder where the previous successful full backup was stored. </param>
+        /// <param name="cancellationToken"> The cancellation token to use. </param>
+        /// <exception cref="ArgumentNullException"> <paramref name="keyName"/> or <paramref name="restoreBlobDetails"/> is null. </exception>
+        /// <exception cref="ArgumentException"> <paramref name="keyName"/> is an empty string, and was expected to be non-empty. </exception>
+        internal virtual Operation<SelectiveKeyRestoreDetailsInternal> SelectiveKeyRestoreOperation(WaitUntil waitUntil, string keyName, SelectiveKeyRestoreOperationParameters restoreBlobDetails, CancellationToken cancellationToken = default)
+        {
+            Argument.AssertNotNullOrEmpty(keyName, nameof(keyName));
+            Argument.AssertNotNull(restoreBlobDetails, nameof(restoreBlobDetails));
+
+            using RequestContent content = restoreBlobDetails.ToRequestContent();
+            RequestContext context = FromCancellationToken(cancellationToken);
+            Operation<BinaryData> response = SelectiveKeyRestoreOperation(waitUntil, keyName, content, context);
+            return ProtocolOperationHelpers.Convert(response, SelectiveKeyRestoreDetailsInternal.FromResponse, ClientDiagnostics, "KeyVaultClient.SelectiveKeyRestoreOperation");
+        }
+
+        /// <summary>
+        /// [Protocol Method] Restores all key versions of a given key using user supplied SAS token pointing to a previously stored Azure Blob storage backup folder
+        /// <list type="bullet">
+        /// <item>
+        /// <description>
+        /// This <see href="https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/core/Azure.Core/samples/ProtocolMethods.md">protocol method</see> allows explicit creation of the request and processing of the response for advanced scenarios.
+        /// </description>
+        /// </item>
+        /// <item>
+        /// <description>
+        /// Please try the simpler <see cref="SelectiveKeyRestoreOperationAsync(WaitUntil,string,SelectiveKeyRestoreOperationParameters,CancellationToken)"/> convenience overload with strongly typed models first.
+        /// </description>
+        /// </item>
+        /// </list>
+        /// </summary>
+        /// <param name="waitUntil"> <see cref="WaitUntil.Completed"/> if the method should wait to return until the long-running operation has completed on the service; <see cref="WaitUntil.Started"/> if it should return after starting the operation. For more information on long-running operations, please see <see href="https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/core/Azure.Core/samples/LongRunningOperations.md"> Azure.Core Long-Running Operation samples</see>. </param>
+        /// <param name="keyName"> The name of the key to be restored from the user supplied backup. </param>
+        /// <param name="content"> The content to send as the body of the request. </param>
+        /// <param name="context"> The request context, which can override default behaviors of the client pipeline on a per-call basis. </param>
+        /// <exception cref="ArgumentNullException"> <paramref name="keyName"/> or <paramref name="content"/> is null. </exception>
+        /// <exception cref="ArgumentException"> <paramref name="keyName"/> is an empty string, and was expected to be non-empty. </exception>
+        /// <exception cref="RequestFailedException"> Service returned a non-success status code. </exception>
+        /// <returns> The <see cref="Operation"/> representing an asynchronous operation on the service. </returns>
+        internal virtual async Task<Operation<BinaryData>> SelectiveKeyRestoreOperationAsync(WaitUntil waitUntil, string keyName, RequestContent content, RequestContext context = null)
+        {
+            Argument.AssertNotNullOrEmpty(keyName, nameof(keyName));
+            Argument.AssertNotNull(content, nameof(content));
+
+            using var scope = ClientDiagnostics.CreateScope("KeyVaultClient.SelectiveKeyRestoreOperation");
+            scope.Start();
+            try
+            {
+                using HttpMessage message = CreateSelectiveKeyRestoreOperationRequest(keyName, content, context);
+                return await ProtocolOperationHelpers.ProcessMessageAsync(_pipeline, message, ClientDiagnostics, "KeyVaultClient.SelectiveKeyRestoreOperation", OperationFinalStateVia.AzureAsyncOperation, context, waitUntil).ConfigureAwait(false);
+            }
+            catch (Exception e)
+            {
+                scope.Failed(e);
+                throw;
+            }
+        }
+
+        /// <summary>
+        /// [Protocol Method] Restores all key versions of a given key using user supplied SAS token pointing to a previously stored Azure Blob storage backup folder
+        /// <list type="bullet">
+        /// <item>
+        /// <description>
+        /// This <see href="https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/core/Azure.Core/samples/ProtocolMethods.md">protocol method</see> allows explicit creation of the request and processing of the response for advanced scenarios.
+        /// </description>
+        /// </item>
+        /// <item>
+        /// <description>
+        /// Please try the simpler <see cref="SelectiveKeyRestoreOperation(WaitUntil,string,SelectiveKeyRestoreOperationParameters,CancellationToken)"/> convenience overload with strongly typed models first.
+        /// </description>
+        /// </item>
+        /// </list>
+        /// </summary>
+        /// <param name="waitUntil"> <see cref="WaitUntil.Completed"/> if the method should wait to return until the long-running operation has completed on the service; <see cref="WaitUntil.Started"/> if it should return after starting the operation. For more information on long-running operations, please see <see href="https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/core/Azure.Core/samples/LongRunningOperations.md"> Azure.Core Long-Running Operation samples</see>. </param>
+        /// <param name="keyName"> The name of the key to be restored from the user supplied backup. </param>
+        /// <param name="content"> The content to send as the body of the request. </param>
+        /// <param name="context"> The request context, which can override default behaviors of the client pipeline on a per-call basis. </param>
+        /// <exception cref="ArgumentNullException"> <paramref name="keyName"/> or <paramref name="content"/> is null. </exception>
+        /// <exception cref="ArgumentException"> <paramref name="keyName"/> is an empty string, and was expected to be non-empty. </exception>
+        /// <exception cref="RequestFailedException"> Service returned a non-success status code. </exception>
+        /// <returns> The <see cref="Operation"/> representing an asynchronous operation on the service. </returns>
+        internal virtual Operation<BinaryData> SelectiveKeyRestoreOperation(WaitUntil waitUntil, string keyName, RequestContent content, RequestContext context = null)
+        {
+            Argument.AssertNotNullOrEmpty(keyName, nameof(keyName));
+            Argument.AssertNotNull(content, nameof(content));
+
+            using var scope = ClientDiagnostics.CreateScope("KeyVaultClient.SelectiveKeyRestoreOperation");
+            scope.Start();
+            try
+            {
+                using HttpMessage message = CreateSelectiveKeyRestoreOperationRequest(keyName, content, context);
+                return ProtocolOperationHelpers.ProcessMessage(_pipeline, message, ClientDiagnostics, "KeyVaultClient.SelectiveKeyRestoreOperation", OperationFinalStateVia.AzureAsyncOperation, context, waitUntil);
+            }
+            catch (Exception e)
+            {
+                scope.Failed(e);
+                throw;
+            }
+        }
+
+        private RoleDefinitions _cachedRoleDefinitions;
+        private RoleAssignments _cachedRoleAssignments;
+
+        /// <summary> Initializes a new instance of RoleDefinitions. </summary>
+        public virtual RoleDefinitions GetRoleDefinitionsClient()
+        {
+            return Volatile.Read(ref _cachedRoleDefinitions) ?? Interlocked.CompareExchange(ref _cachedRoleDefinitions, new RoleDefinitions(ClientDiagnostics, _pipeline, _tokenCredential, _endpoint, _apiVersion), null) ?? _cachedRoleDefinitions;
+        }
+
+        /// <summary> Initializes a new instance of RoleAssignments. </summary>
+        public virtual RoleAssignments GetRoleAssignmentsClient()
+        {
+            return Volatile.Read(ref _cachedRoleAssignments) ?? Interlocked.CompareExchange(ref _cachedRoleAssignments, new RoleAssignments(ClientDiagnostics, _pipeline, _tokenCredential, _endpoint, _apiVersion), null) ?? _cachedRoleAssignments;
+        }
+
+        internal HttpMessage CreateFullBackupStatusRequest(string jobId, RequestContext context)
+        {
+            var message = _pipeline.CreateMessage(context, ResponseClassifier200);
+            var request = message.Request;
+            request.Method = RequestMethod.Get;
+            var uri = new RawRequestUriBuilder();
+            uri.Reset(_endpoint);
+            uri.AppendPath("/backup/", false);
+            uri.AppendPath(jobId, true);
+            uri.AppendPath("/pending", false);
+            uri.AppendQuery("api-version", _apiVersion, true);
+            request.Uri = uri;
+            request.Headers.Add("Accept", "application/json");
+            return message;
+        }
+
+        internal HttpMessage CreateFullBackupRequest(RequestContent content, RequestContext context)
+        {
+            var message = _pipeline.CreateMessage(context, ResponseClassifier202);
+            var request = message.Request;
+            request.Method = RequestMethod.Post;
+            var uri = new RawRequestUriBuilder();
+            uri.Reset(_endpoint);
+            uri.AppendPath("/backup", false);
+            uri.AppendQuery("api-version", _apiVersion, true);
+            request.Uri = uri;
+            request.Headers.Add("Accept", "application/json");
+            request.Headers.Add("Content-Type", "application/json");
+            request.Content = content;
+            return message;
+        }
+
+        internal HttpMessage CreatePreFullBackupRequest(RequestContent content, RequestContext context)
+        {
+            var message = _pipeline.CreateMessage(context, ResponseClassifier202);
+            var request = message.Request;
+            request.Method = RequestMethod.Post;
+            var uri = new RawRequestUriBuilder();
+            uri.Reset(_endpoint);
+            uri.AppendPath("/prebackup", false);
+            uri.AppendQuery("api-version", _apiVersion, true);
+            request.Uri = uri;
+            request.Headers.Add("Accept", "application/json");
+            request.Headers.Add("Content-Type", "application/json");
+            request.Content = content;
+            return message;
+        }
+
+        internal HttpMessage CreateRestoreStatusRequest(string jobId, RequestContext context)
+        {
+            var message = _pipeline.CreateMessage(context, ResponseClassifier200);
+            var request = message.Request;
+            request.Method = RequestMethod.Get;
+            var uri = new RawRequestUriBuilder();
+            uri.Reset(_endpoint);
+            uri.AppendPath("/restore/", false);
+            uri.AppendPath(jobId, true);
+            uri.AppendPath("/pending", false);
+            uri.AppendQuery("api-version", _apiVersion, true);
+            request.Uri = uri;
+            request.Headers.Add("Accept", "application/json");
+            return message;
+        }
+
+        internal HttpMessage CreatePreFullRestoreOperationRequest(RequestContent content, RequestContext context)
+        {
+            var message = _pipeline.CreateMessage(context, ResponseClassifier202);
+            var request = message.Request;
+            request.Method = RequestMethod.Put;
+            var uri = new RawRequestUriBuilder();
+            uri.Reset(_endpoint);
+            uri.AppendPath("/prerestore", false);
+            uri.AppendQuery("api-version", _apiVersion, true);
+            request.Uri = uri;
+            request.Headers.Add("Accept", "application/json");
+            request.Headers.Add("Content-Type", "application/json");
+            request.Content = content;
+            return message;
+        }
+
+        internal HttpMessage CreateFullRestoreOperationRequest(RequestContent content, RequestContext context)
+        {
+            var message = _pipeline.CreateMessage(context, ResponseClassifier202);
+            var request = message.Request;
+            request.Method = RequestMethod.Put;
+            var uri = new RawRequestUriBuilder();
+            uri.Reset(_endpoint);
+            uri.AppendPath("/restore", false);
+            uri.AppendQuery("api-version", _apiVersion, true);
+            request.Uri = uri;
+            request.Headers.Add("Accept", "application/json");
+            request.Headers.Add("Content-Type", "application/json");
+            request.Content = content;
+            return message;
+        }
+
+        internal HttpMessage CreateSelectiveKeyRestoreStatusRequest(string jobId, RequestContext context)
+        {
+            var message = _pipeline.CreateMessage(context, ResponseClassifier200);
+            var request = message.Request;
+            request.Method = RequestMethod.Get;
+            var uri = new RawRequestUriBuilder();
+            uri.Reset(_endpoint);
+            uri.AppendPath("/restore/", false);
+            uri.AppendPath(jobId, true);
+            uri.AppendPath("/pending", false);
+            uri.AppendQuery("api-version", _apiVersion, true);
+            request.Uri = uri;
+            request.Headers.Add("Accept", "application/json");
+            return message;
+        }
+
+        internal HttpMessage CreateSelectiveKeyRestoreOperationRequest(string keyName, RequestContent content, RequestContext context)
+        {
+            var message = _pipeline.CreateMessage(context, ResponseClassifier202);
+            var request = message.Request;
+            request.Method = RequestMethod.Put;
+            var uri = new RawRequestUriBuilder();
+            uri.Reset(_endpoint);
+            uri.AppendPath("/keys/", false);
+            uri.AppendPath(keyName, true);
+            uri.AppendPath("/restore", false);
+            uri.AppendQuery("api-version", _apiVersion, true);
+            request.Uri = uri;
+            request.Headers.Add("Accept", "application/json");
+            request.Headers.Add("Content-Type", "application/json");
+            request.Content = content;
+            return message;
+        }
+
+        internal HttpMessage CreateUpdateSettingRequest(string settingName, RequestContent content, RequestContext context)
+        {
+            var message = _pipeline.CreateMessage(context, ResponseClassifier200);
+            var request = message.Request;
+            request.Method = RequestMethod.Patch;
+            var uri = new RawRequestUriBuilder();
+            uri.Reset(_endpoint);
+            uri.AppendPath("/settings/", false);
+            uri.AppendPath(settingName, true);
+            uri.AppendQuery("api-version", _apiVersion, true);
+            request.Uri = uri;
+            request.Headers.Add("Accept", "application/json");
+            request.Headers.Add("Content-Type", "application/json");
+            request.Content = content;
+            return message;
+        }
+
+        internal HttpMessage CreateGetSettingRequest(string settingName, RequestContext context)
+        {
+            var message = _pipeline.CreateMessage(context, ResponseClassifier200);
+            var request = message.Request;
+            request.Method = RequestMethod.Get;
+            var uri = new RawRequestUriBuilder();
+            uri.Reset(_endpoint);
+            uri.AppendPath("/settings/", false);
+            uri.AppendPath(settingName, true);
+            uri.AppendQuery("api-version", _apiVersion, true);
+            request.Uri = uri;
+            request.Headers.Add("Accept", "application/json");
+            return message;
+        }
+
+        internal HttpMessage CreateGetSettingsRequest(RequestContext context)
+        {
+            var message = _pipeline.CreateMessage(context, ResponseClassifier200);
+            var request = message.Request;
+            request.Method = RequestMethod.Get;
+            var uri = new RawRequestUriBuilder();
+            uri.Reset(_endpoint);
+            uri.AppendPath("/settings", false);
+            uri.AppendQuery("api-version", _apiVersion, true);
+            request.Uri = uri;
+            request.Headers.Add("Accept", "application/json");
+            return message;
+        }
+
+        private static RequestContext DefaultRequestContext = new RequestContext();
+        internal static RequestContext FromCancellationToken(CancellationToken cancellationToken = default)
+        {
+            if (!cancellationToken.CanBeCanceled)
+            {
+                return DefaultRequestContext;
+            }
+
+            return new RequestContext() { CancellationToken = cancellationToken };
+        }
+
+        private static ResponseClassifier _responseClassifier200;
+        private static ResponseClassifier ResponseClassifier200 => _responseClassifier200 ??= new StatusCodeClassifier(stackalloc ushort[] { 200 });
+        private static ResponseClassifier _responseClassifier202;
+        private static ResponseClassifier ResponseClassifier202 => _responseClassifier202 ??= new StatusCodeClassifier(stackalloc ushort[] { 202 });
+    }
+}
diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/KeyVaultClientOptions.cs b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/KeyVaultClientOptions.cs
new file mode 100644
index 000000000000..f85f9bc39d38
--- /dev/null
+++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/KeyVaultClientOptions.cs
@@ -0,0 +1,40 @@
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License.
+
+// <auto-generated/>
+
+#nullable disable
+
+using System;
+using Azure.Core;
+
+namespace Azure.Security.KeyVault.Administration
+{
+    /// <summary> Client options for KeyVaultClient. </summary>
+    public partial class KeyVaultClientOptions : ClientOptions
+    {
+        private const ServiceVersion LatestVersion = ServiceVersion.V7_6_Preview_2;
+
+        /// <summary> The version of the service to use. </summary>
+        public enum ServiceVersion
+        {
+            /// <summary> Service version "7.5". </summary>
+            V7_5 = 1,
+            /// <summary> Service version "7.6-preview.2". </summary>
+            V7_6_Preview_2 = 2,
+        }
+
+        internal string Version { get; }
+
+        /// <summary> Initializes new instance of KeyVaultClientOptions. </summary>
+        public KeyVaultClientOptions(ServiceVersion version = LatestVersion)
+        {
+            Version = version switch
+            {
+                ServiceVersion.V7_5 => "7.5",
+                ServiceVersion.V7_6_Preview_2 => "7.6-preview.2",
+                _ => throw new NotSupportedException()
+            };
+        }
+    }
+}
diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/FullBackupDetailsInternal.Serialization.cs b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/FullBackupDetailsInternal.Serialization.cs
index bc7ee692a33c..78b3d71136c8 100644
--- a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/FullBackupDetailsInternal.Serialization.cs
+++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/FullBackupDetailsInternal.Serialization.cs
@@ -18,9 +18,9 @@ internal static FullBackupDetailsInternal DeserializeFullBackupDetailsInternal(J
             {
                 return null;
             }
-            string status = default;
+            OperationStatus? status = default;
             string statusDetails = default;
-            KeyVaultServiceError error = default;
+            FullBackupOperationError error = default;
             DateTimeOffset? startTime = default;
             DateTimeOffset? endTime = default;
             string jobId = default;
@@ -29,7 +29,11 @@ internal static FullBackupDetailsInternal DeserializeFullBackupDetailsInternal(J
             {
                 if (property.NameEquals("status"u8))
                 {
-                    status = property.Value.GetString();
+                    if (property.Value.ValueKind == JsonValueKind.Null)
+                    {
+                        continue;
+                    }
+                    status = new OperationStatus(property.Value.GetString());
                     continue;
                 }
                 if (property.NameEquals("statusDetails"u8))
@@ -44,7 +48,7 @@ internal static FullBackupDetailsInternal DeserializeFullBackupDetailsInternal(J
                         error = null;
                         continue;
                     }
-                    error = KeyVaultServiceError.DeserializeKeyVaultServiceError(property.Value);
+                    error = FullBackupOperationError.DeserializeFullBackupOperationError(property.Value);
                     continue;
                 }
                 if (property.NameEquals("startTime"u8))
diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/FullBackupDetailsInternal.cs b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/FullBackupDetailsInternal.cs
index a68cc89219df..82fed2c9bd65 100644
--- a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/FullBackupDetailsInternal.cs
+++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/FullBackupDetailsInternal.cs
@@ -25,7 +25,7 @@ internal FullBackupDetailsInternal()
         /// <param name="endTime"> The end time of the backup operation in UTC. </param>
         /// <param name="jobId"> Identifier for the full backup operation. </param>
         /// <param name="azureStorageBlobContainerUri"> The Azure blob storage container Uri which contains the full backup. </param>
-        internal FullBackupDetailsInternal(string status, string statusDetails, KeyVaultServiceError error, DateTimeOffset? startTime, DateTimeOffset? endTime, string jobId, string azureStorageBlobContainerUri)
+        internal FullBackupDetailsInternal(OperationStatus? status, string statusDetails, FullBackupOperationError error, DateTimeOffset? startTime, DateTimeOffset? endTime, string jobId, string azureStorageBlobContainerUri)
         {
             Status = status;
             StatusDetails = statusDetails;
@@ -37,11 +37,11 @@ internal FullBackupDetailsInternal(string status, string statusDetails, KeyVault
         }
 
         /// <summary> Status of the backup operation. </summary>
-        public string Status { get; }
+        public OperationStatus? Status { get; }
         /// <summary> The status details of backup operation. </summary>
         public string StatusDetails { get; }
         /// <summary> Error encountered, if any, during the full backup operation. </summary>
-        public KeyVaultServiceError Error { get; }
+        public FullBackupOperationError Error { get; }
         /// <summary> The start time of the backup operation in UTC. </summary>
         public DateTimeOffset? StartTime { get; }
         /// <summary> The end time of the backup operation in UTC. </summary>
diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/KeyVaultServiceError.Serialization.cs b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/FullBackupOperationError.Serialization.cs
similarity index 73%
rename from sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/KeyVaultServiceError.Serialization.cs
rename to sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/FullBackupOperationError.Serialization.cs
index 3015799edd33..a7a98b1dbf22 100644
--- a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/KeyVaultServiceError.Serialization.cs
+++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/FullBackupOperationError.Serialization.cs
@@ -9,9 +9,9 @@
 
 namespace Azure.Security.KeyVault.Administration.Models
 {
-    internal partial class KeyVaultServiceError
+    internal partial class FullBackupOperationError
     {
-        internal static KeyVaultServiceError DeserializeKeyVaultServiceError(JsonElement element)
+        internal static FullBackupOperationError DeserializeFullBackupOperationError(JsonElement element)
         {
             if (element.ValueKind == JsonValueKind.Null)
             {
@@ -19,7 +19,7 @@ internal static KeyVaultServiceError DeserializeKeyVaultServiceError(JsonElement
             }
             string code = default;
             string message = default;
-            KeyVaultServiceError innererror = default;
+            FullBackupOperationError innererror = default;
             foreach (var property in element.EnumerateObject())
             {
                 if (property.NameEquals("code"u8))
@@ -39,19 +39,19 @@ internal static KeyVaultServiceError DeserializeKeyVaultServiceError(JsonElement
                         innererror = null;
                         continue;
                     }
-                    innererror = DeserializeKeyVaultServiceError(property.Value);
+                    innererror = DeserializeFullBackupOperationError(property.Value);
                     continue;
                 }
             }
-            return new KeyVaultServiceError(code, message, innererror);
+            return new FullBackupOperationError(code, message, innererror);
         }
 
         /// <summary> Deserializes the model from a raw response. </summary>
         /// <param name="response"> The response to deserialize the model from. </param>
-        internal static KeyVaultServiceError FromResponse(Response response)
+        internal static FullBackupOperationError FromResponse(Response response)
         {
             using var document = JsonDocument.Parse(response.Content);
-            return DeserializeKeyVaultServiceError(document.RootElement);
+            return DeserializeFullBackupOperationError(document.RootElement);
         }
     }
 }
diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/KeyVaultServiceError.cs b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/FullBackupOperationError.cs
similarity index 59%
rename from sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/KeyVaultServiceError.cs
rename to sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/FullBackupOperationError.cs
index e44390a71e17..d095dc983e11 100644
--- a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/KeyVaultServiceError.cs
+++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/FullBackupOperationError.cs
@@ -7,19 +7,19 @@
 
 namespace Azure.Security.KeyVault.Administration.Models
 {
-    /// <summary> The key vault server error. </summary>
-    internal partial class KeyVaultServiceError
+    /// <summary> The FullBackupOperationError. </summary>
+    internal partial class FullBackupOperationError
     {
-        /// <summary> Initializes a new instance of <see cref="KeyVaultServiceError"/>. </summary>
-        internal KeyVaultServiceError()
+        /// <summary> Initializes a new instance of <see cref="FullBackupOperationError"/>. </summary>
+        internal FullBackupOperationError()
         {
         }
 
-        /// <summary> Initializes a new instance of <see cref="KeyVaultServiceError"/>. </summary>
+        /// <summary> Initializes a new instance of <see cref="FullBackupOperationError"/>. </summary>
         /// <param name="code"> The error code. </param>
         /// <param name="message"> The error message. </param>
         /// <param name="innerError"> The key vault server error. </param>
-        internal KeyVaultServiceError(string code, string message, KeyVaultServiceError innerError)
+        internal FullBackupOperationError(string code, string message, FullBackupOperationError innerError)
         {
             Code = code;
             Message = message;
@@ -31,6 +31,6 @@ internal KeyVaultServiceError(string code, string message, KeyVaultServiceError
         /// <summary> The error message. </summary>
         public string Message { get; }
         /// <summary> The key vault server error. </summary>
-        public KeyVaultServiceError InnerError { get; }
+        public FullBackupOperationError InnerError { get; }
     }
 }
diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/KeyVaultError.Serialization.cs b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/KeyVaultError.Serialization.cs
deleted file mode 100644
index 4f5d042a8bc9..000000000000
--- a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/KeyVaultError.Serialization.cs
+++ /dev/null
@@ -1,45 +0,0 @@
-// Copyright (c) Microsoft Corporation. All rights reserved.
-// Licensed under the MIT License.
-
-// <auto-generated/>
-
-#nullable disable
-
-using System.Text.Json;
-
-namespace Azure.Security.KeyVault.Administration.Models
-{
-    internal partial class KeyVaultError
-    {
-        internal static KeyVaultError DeserializeKeyVaultError(JsonElement element)
-        {
-            if (element.ValueKind == JsonValueKind.Null)
-            {
-                return null;
-            }
-            KeyVaultServiceError error = default;
-            foreach (var property in element.EnumerateObject())
-            {
-                if (property.NameEquals("error"u8))
-                {
-                    if (property.Value.ValueKind == JsonValueKind.Null)
-                    {
-                        error = null;
-                        continue;
-                    }
-                    error = KeyVaultServiceError.DeserializeKeyVaultServiceError(property.Value);
-                    continue;
-                }
-            }
-            return new KeyVaultError(error);
-        }
-
-        /// <summary> Deserializes the model from a raw response. </summary>
-        /// <param name="response"> The response to deserialize the model from. </param>
-        internal static KeyVaultError FromResponse(Response response)
-        {
-            using var document = JsonDocument.Parse(response.Content);
-            return DeserializeKeyVaultError(document.RootElement);
-        }
-    }
-}
diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/KeyVaultError.cs b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/KeyVaultError.cs
deleted file mode 100644
index 2ccfeb949fac..000000000000
--- a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/KeyVaultError.cs
+++ /dev/null
@@ -1,28 +0,0 @@
-// Copyright (c) Microsoft Corporation. All rights reserved.
-// Licensed under the MIT License.
-
-// <auto-generated/>
-
-#nullable disable
-
-namespace Azure.Security.KeyVault.Administration.Models
-{
-    /// <summary> The key vault error exception. </summary>
-    internal partial class KeyVaultError
-    {
-        /// <summary> Initializes a new instance of <see cref="KeyVaultError"/>. </summary>
-        internal KeyVaultError()
-        {
-        }
-
-        /// <summary> Initializes a new instance of <see cref="KeyVaultError"/>. </summary>
-        /// <param name="error"> The key vault server error. </param>
-        internal KeyVaultError(KeyVaultServiceError error)
-        {
-            Error = error;
-        }
-
-        /// <summary> The key vault server error. </summary>
-        public KeyVaultServiceError Error { get; }
-    }
-}
diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/KeyVaultRoleDefinitionType.cs b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/KeyVaultRoleDefinitionType.cs
index 3442a1472797..6e193daf9b54 100644
--- a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/KeyVaultRoleDefinitionType.cs
+++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/KeyVaultRoleDefinitionType.cs
@@ -24,7 +24,7 @@ public KeyVaultRoleDefinitionType(string value)
 
         private const string MicrosoftAuthorizationRoleDefinitionsValue = "Microsoft.Authorization/roleDefinitions";
 
-        /// <summary> Microsoft.Authorization/roleDefinitions. </summary>
+        /// <summary> Microsoft-defined role definitions. </summary>
         public static KeyVaultRoleDefinitionType MicrosoftAuthorizationRoleDefinitions { get; } = new KeyVaultRoleDefinitionType(MicrosoftAuthorizationRoleDefinitionsValue);
         /// <summary> Determines if two <see cref="KeyVaultRoleDefinitionType"/> values are the same. </summary>
         public static bool operator ==(KeyVaultRoleDefinitionType left, KeyVaultRoleDefinitionType right) => left.Equals(right);
diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/KeyVaultSetting.cs b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/KeyVaultSetting.cs
index 43a533a4a45b..c17133ab8c83 100644
--- a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/KeyVaultSetting.cs
+++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/KeyVaultSetting.cs
@@ -9,7 +9,7 @@
 
 namespace Azure.Security.KeyVault.Administration
 {
-    /// <summary> The Setting. </summary>
+    /// <summary> A Key Vault account setting. </summary>
     public partial class KeyVaultSetting
     {
         /// <summary> The account setting to be updated. </summary>
diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/KeyVaultSettingType.cs b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/KeyVaultSettingType.cs
index 9c9bc2bf1580..aaeea14a3133 100644
--- a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/KeyVaultSettingType.cs
+++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/KeyVaultSettingType.cs
@@ -24,7 +24,7 @@ public KeyVaultSettingType(string value)
 
         private const string BooleanValue = "boolean";
 
-        /// <summary> boolean. </summary>
+        /// <summary> A boolean setting value. </summary>
         public static KeyVaultSettingType Boolean { get; } = new KeyVaultSettingType(BooleanValue);
         /// <summary> Determines if two <see cref="KeyVaultSettingType"/> values are the same. </summary>
         public static bool operator ==(KeyVaultSettingType left, KeyVaultSettingType right) => left.Equals(right);
diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/OperationStatus.cs b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/OperationStatus.cs
new file mode 100644
index 000000000000..c9bac3540a67
--- /dev/null
+++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/OperationStatus.cs
@@ -0,0 +1,57 @@
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License.
+
+// <auto-generated/>
+
+#nullable disable
+
+using System;
+using System.ComponentModel;
+
+namespace Azure.Security.KeyVault.Administration.Models
+{
+    /// <summary> The status of a long-running operation. </summary>
+    internal readonly partial struct OperationStatus : IEquatable<OperationStatus>
+    {
+        private readonly string _value;
+
+        /// <summary> Initializes a new instance of <see cref="OperationStatus"/>. </summary>
+        /// <exception cref="ArgumentNullException"> <paramref name="value"/> is null. </exception>
+        public OperationStatus(string value)
+        {
+            _value = value ?? throw new ArgumentNullException(nameof(value));
+        }
+
+        private const string InProgressValue = "InProgress";
+        private const string SucceededValue = "Succeeded";
+        private const string CanceledValue = "Canceled";
+        private const string FailedValue = "Failed";
+
+        /// <summary> The operation is in progress. </summary>
+        public static OperationStatus InProgress { get; } = new OperationStatus(InProgressValue);
+        /// <summary> The operation successfully completed. </summary>
+        public static OperationStatus Succeeded { get; } = new OperationStatus(SucceededValue);
+        /// <summary> The operation was canceled. </summary>
+        public static OperationStatus Canceled { get; } = new OperationStatus(CanceledValue);
+        /// <summary> The operation failed. </summary>
+        public static OperationStatus Failed { get; } = new OperationStatus(FailedValue);
+        /// <summary> Determines if two <see cref="OperationStatus"/> values are the same. </summary>
+        public static bool operator ==(OperationStatus left, OperationStatus right) => left.Equals(right);
+        /// <summary> Determines if two <see cref="OperationStatus"/> values are not the same. </summary>
+        public static bool operator !=(OperationStatus left, OperationStatus right) => !left.Equals(right);
+        /// <summary> Converts a <see cref="string"/> to a <see cref="OperationStatus"/>. </summary>
+        public static implicit operator OperationStatus(string value) => new OperationStatus(value);
+
+        /// <inheritdoc />
+        [EditorBrowsable(EditorBrowsableState.Never)]
+        public override bool Equals(object obj) => obj is OperationStatus other && Equals(other);
+        /// <inheritdoc />
+        public bool Equals(OperationStatus other) => string.Equals(_value, other._value, StringComparison.InvariantCultureIgnoreCase);
+
+        /// <inheritdoc />
+        [EditorBrowsable(EditorBrowsableState.Never)]
+        public override int GetHashCode() => _value != null ? StringComparer.InvariantCultureIgnoreCase.GetHashCode(_value) : 0;
+        /// <inheritdoc />
+        public override string ToString() => _value;
+    }
+}
diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/PreBackupOperationParameters.Serialization.cs b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/PreBackupOperationParameters.Serialization.cs
new file mode 100644
index 000000000000..8c01f2786297
--- /dev/null
+++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/PreBackupOperationParameters.Serialization.cs
@@ -0,0 +1,44 @@
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License.
+
+// <auto-generated/>
+
+#nullable disable
+
+using System.Text.Json;
+using Azure.Core;
+
+namespace Azure.Security.KeyVault.Administration.Models
+{
+    internal partial class PreBackupOperationParameters : IUtf8JsonSerializable
+    {
+        void IUtf8JsonSerializable.Write(Utf8JsonWriter writer)
+        {
+            writer.WriteStartObject();
+            if (Optional.IsDefined(StorageResourceUri))
+            {
+                writer.WritePropertyName("storageResourceUri"u8);
+                writer.WriteStringValue(StorageResourceUri);
+            }
+            if (Optional.IsDefined(Token))
+            {
+                writer.WritePropertyName("token"u8);
+                writer.WriteStringValue(Token);
+            }
+            if (Optional.IsDefined(UseManagedIdentity))
+            {
+                writer.WritePropertyName("useManagedIdentity"u8);
+                writer.WriteBooleanValue(UseManagedIdentity.Value);
+            }
+            writer.WriteEndObject();
+        }
+
+        /// <summary> Convert into a <see cref="RequestContent"/>. </summary>
+        internal virtual RequestContent ToRequestContent()
+        {
+            var content = new Utf8JsonRequestContent();
+            content.JsonWriter.WriteObjectValue(this);
+            return content;
+        }
+    }
+}
diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/PreBackupOperationParameters.cs b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/PreBackupOperationParameters.cs
new file mode 100644
index 000000000000..b97e43c337e7
--- /dev/null
+++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/PreBackupOperationParameters.cs
@@ -0,0 +1,36 @@
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License.
+
+// <auto-generated/>
+
+#nullable disable
+
+namespace Azure.Security.KeyVault.Administration.Models
+{
+    /// <summary> The authentication method and location for the backup operation. </summary>
+    internal partial class PreBackupOperationParameters
+    {
+        /// <summary> Initializes a new instance of <see cref="PreBackupOperationParameters"/>. </summary>
+        public PreBackupOperationParameters()
+        {
+        }
+
+        /// <summary> Initializes a new instance of <see cref="PreBackupOperationParameters"/>. </summary>
+        /// <param name="storageResourceUri"> Azure Blob storage container Uri. </param>
+        /// <param name="token"> The SAS token pointing to an Azure Blob storage container. </param>
+        /// <param name="useManagedIdentity"> Indicates which authentication method should be used. If set to true, Managed HSM will use the configured user-assigned managed identity to authenticate with Azure Storage. Otherwise, a SAS token has to be specified. </param>
+        internal PreBackupOperationParameters(string storageResourceUri, string token, bool? useManagedIdentity)
+        {
+            StorageResourceUri = storageResourceUri;
+            Token = token;
+            UseManagedIdentity = useManagedIdentity;
+        }
+
+        /// <summary> Azure Blob storage container Uri. </summary>
+        public string StorageResourceUri { get; set; }
+        /// <summary> The SAS token pointing to an Azure Blob storage container. </summary>
+        public string Token { get; set; }
+        /// <summary> Indicates which authentication method should be used. If set to true, Managed HSM will use the configured user-assigned managed identity to authenticate with Azure Storage. Otherwise, a SAS token has to be specified. </summary>
+        public bool? UseManagedIdentity { get; set; }
+    }
+}
diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/PreRestoreOperationParameters.Serialization.cs b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/PreRestoreOperationParameters.Serialization.cs
new file mode 100644
index 000000000000..45d6d2d44270
--- /dev/null
+++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/PreRestoreOperationParameters.Serialization.cs
@@ -0,0 +1,39 @@
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License.
+
+// <auto-generated/>
+
+#nullable disable
+
+using System.Text.Json;
+using Azure.Core;
+
+namespace Azure.Security.KeyVault.Administration.Models
+{
+    internal partial class PreRestoreOperationParameters : IUtf8JsonSerializable
+    {
+        void IUtf8JsonSerializable.Write(Utf8JsonWriter writer)
+        {
+            writer.WriteStartObject();
+            if (Optional.IsDefined(SasTokenParameters))
+            {
+                writer.WritePropertyName("sasTokenParameters"u8);
+                writer.WriteObjectValue(SasTokenParameters);
+            }
+            if (Optional.IsDefined(FolderToRestore))
+            {
+                writer.WritePropertyName("folderToRestore"u8);
+                writer.WriteStringValue(FolderToRestore);
+            }
+            writer.WriteEndObject();
+        }
+
+        /// <summary> Convert into a <see cref="RequestContent"/>. </summary>
+        internal virtual RequestContent ToRequestContent()
+        {
+            var content = new Utf8JsonRequestContent();
+            content.JsonWriter.WriteObjectValue(this);
+            return content;
+        }
+    }
+}
diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/PreRestoreOperationParameters.cs b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/PreRestoreOperationParameters.cs
new file mode 100644
index 000000000000..9dbd287499ec
--- /dev/null
+++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/PreRestoreOperationParameters.cs
@@ -0,0 +1,32 @@
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License.
+
+// <auto-generated/>
+
+#nullable disable
+
+namespace Azure.Security.KeyVault.Administration.Models
+{
+    /// <summary> The authentication method and location for the restore operation. </summary>
+    internal partial class PreRestoreOperationParameters
+    {
+        /// <summary> Initializes a new instance of <see cref="PreRestoreOperationParameters"/>. </summary>
+        public PreRestoreOperationParameters()
+        {
+        }
+
+        /// <summary> Initializes a new instance of <see cref="PreRestoreOperationParameters"/>. </summary>
+        /// <param name="sasTokenParameters"> A user-provided SAS token to an Azure blob storage container. </param>
+        /// <param name="folderToRestore"> The Folder name of the blob where the previous successful full backup was stored. </param>
+        internal PreRestoreOperationParameters(SASTokenParameter sasTokenParameters, string folderToRestore)
+        {
+            SasTokenParameters = sasTokenParameters;
+            FolderToRestore = folderToRestore;
+        }
+
+        /// <summary> A user-provided SAS token to an Azure blob storage container. </summary>
+        public SASTokenParameter SasTokenParameters { get; set; }
+        /// <summary> The Folder name of the blob where the previous successful full backup was stored. </summary>
+        public string FolderToRestore { get; set; }
+    }
+}
diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/RestoreDetailsInternal.Serialization.cs b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/RestoreDetailsInternal.Serialization.cs
index 6ab86cb33866..2eab6ddb57ac 100644
--- a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/RestoreDetailsInternal.Serialization.cs
+++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/RestoreDetailsInternal.Serialization.cs
@@ -18,9 +18,9 @@ internal static RestoreDetailsInternal DeserializeRestoreDetailsInternal(JsonEle
             {
                 return null;
             }
-            string status = default;
+            OperationStatus? status = default;
             string statusDetails = default;
-            KeyVaultServiceError error = default;
+            FullBackupOperationError error = default;
             string jobId = default;
             DateTimeOffset? startTime = default;
             DateTimeOffset? endTime = default;
@@ -28,7 +28,11 @@ internal static RestoreDetailsInternal DeserializeRestoreDetailsInternal(JsonEle
             {
                 if (property.NameEquals("status"u8))
                 {
-                    status = property.Value.GetString();
+                    if (property.Value.ValueKind == JsonValueKind.Null)
+                    {
+                        continue;
+                    }
+                    status = new OperationStatus(property.Value.GetString());
                     continue;
                 }
                 if (property.NameEquals("statusDetails"u8))
@@ -43,7 +47,7 @@ internal static RestoreDetailsInternal DeserializeRestoreDetailsInternal(JsonEle
                         error = null;
                         continue;
                     }
-                    error = KeyVaultServiceError.DeserializeKeyVaultServiceError(property.Value);
+                    error = FullBackupOperationError.DeserializeFullBackupOperationError(property.Value);
                     continue;
                 }
                 if (property.NameEquals("jobId"u8))
diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/RestoreDetailsInternal.cs b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/RestoreDetailsInternal.cs
index 7173de76b4a7..e1ccdab87ce8 100644
--- a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/RestoreDetailsInternal.cs
+++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/RestoreDetailsInternal.cs
@@ -24,7 +24,7 @@ internal RestoreDetailsInternal()
         /// <param name="jobId"> Identifier for the restore operation. </param>
         /// <param name="startTime"> The start time of the restore operation. </param>
         /// <param name="endTime"> The end time of the restore operation. </param>
-        internal RestoreDetailsInternal(string status, string statusDetails, KeyVaultServiceError error, string jobId, DateTimeOffset? startTime, DateTimeOffset? endTime)
+        internal RestoreDetailsInternal(OperationStatus? status, string statusDetails, FullBackupOperationError error, string jobId, DateTimeOffset? startTime, DateTimeOffset? endTime)
         {
             Status = status;
             StatusDetails = statusDetails;
@@ -35,11 +35,11 @@ internal RestoreDetailsInternal(string status, string statusDetails, KeyVaultSer
         }
 
         /// <summary> Status of the restore operation. </summary>
-        public string Status { get; }
+        public OperationStatus? Status { get; }
         /// <summary> The status details of restore operation. </summary>
         public string StatusDetails { get; }
         /// <summary> Error encountered, if any, during the restore operation. </summary>
-        public KeyVaultServiceError Error { get; }
+        public FullBackupOperationError Error { get; }
         /// <summary> Identifier for the restore operation. </summary>
         public string JobId { get; }
         /// <summary> The start time of the restore operation. </summary>
diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/RestoreOperationParameters.cs b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/RestoreOperationParameters.cs
index 3e69b4754997..20902fe7c1c2 100644
--- a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/RestoreOperationParameters.cs
+++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/RestoreOperationParameters.cs
@@ -9,11 +9,11 @@
 
 namespace Azure.Security.KeyVault.Administration.Models
 {
-    /// <summary> The RestoreOperationParameters. </summary>
+    /// <summary> The authentication method and location for the restore operation. </summary>
     internal partial class RestoreOperationParameters
     {
         /// <summary> Initializes a new instance of <see cref="RestoreOperationParameters"/>. </summary>
-        /// <param name="sasTokenParameters"></param>
+        /// <param name="sasTokenParameters"> A user-provided SAS token to an Azure blob storage container. </param>
         /// <param name="folderToRestore"> The Folder name of the blob where the previous successful full backup was stored. </param>
         /// <exception cref="ArgumentNullException"> <paramref name="sasTokenParameters"/> or <paramref name="folderToRestore"/> is null. </exception>
         public RestoreOperationParameters(SASTokenParameter sasTokenParameters, string folderToRestore)
@@ -25,7 +25,7 @@ public RestoreOperationParameters(SASTokenParameter sasTokenParameters, string f
             FolderToRestore = folderToRestore;
         }
 
-        /// <summary> Gets the sas token parameters. </summary>
+        /// <summary> A user-provided SAS token to an Azure blob storage container. </summary>
         public SASTokenParameter SasTokenParameters { get; }
         /// <summary> The Folder name of the blob where the previous successful full backup was stored. </summary>
         public string FolderToRestore { get; }
diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/RoleAssignmentFilter.cs b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/RoleAssignmentFilter.cs
deleted file mode 100644
index 8a11843624d4..000000000000
--- a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/RoleAssignmentFilter.cs
+++ /dev/null
@@ -1,28 +0,0 @@
-// Copyright (c) Microsoft Corporation. All rights reserved.
-// Licensed under the MIT License.
-
-// <auto-generated/>
-
-#nullable disable
-
-namespace Azure.Security.KeyVault.Administration.Models
-{
-    /// <summary> Role Assignments filter. </summary>
-    internal partial class RoleAssignmentFilter
-    {
-        /// <summary> Initializes a new instance of <see cref="RoleAssignmentFilter"/>. </summary>
-        internal RoleAssignmentFilter()
-        {
-        }
-
-        /// <summary> Initializes a new instance of <see cref="RoleAssignmentFilter"/>. </summary>
-        /// <param name="principalId"> Returns role assignment of the specific principal. </param>
-        internal RoleAssignmentFilter(string principalId)
-        {
-            PrincipalId = principalId;
-        }
-
-        /// <summary> Returns role assignment of the specific principal. </summary>
-        public string PrincipalId { get; }
-    }
-}
diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/RoleDefinitionFilter.cs b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/RoleDefinitionFilter.cs
deleted file mode 100644
index 3b360c44c465..000000000000
--- a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/RoleDefinitionFilter.cs
+++ /dev/null
@@ -1,28 +0,0 @@
-// Copyright (c) Microsoft Corporation. All rights reserved.
-// Licensed under the MIT License.
-
-// <auto-generated/>
-
-#nullable disable
-
-namespace Azure.Security.KeyVault.Administration.Models
-{
-    /// <summary> Role Definitions filter. </summary>
-    internal partial class RoleDefinitionFilter
-    {
-        /// <summary> Initializes a new instance of <see cref="RoleDefinitionFilter"/>. </summary>
-        internal RoleDefinitionFilter()
-        {
-        }
-
-        /// <summary> Initializes a new instance of <see cref="RoleDefinitionFilter"/>. </summary>
-        /// <param name="roleName"> Returns role definition with the specific name. </param>
-        internal RoleDefinitionFilter(string roleName)
-        {
-            RoleName = roleName;
-        }
-
-        /// <summary> Returns role definition with the specific name. </summary>
-        public string RoleName { get; }
-    }
-}
diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/RoleDefinitionProperties.Serialization.cs b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/RoleDefinitionProperties.Serialization.cs
index 382f7a32558e..61aefb31c115 100644
--- a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/RoleDefinitionProperties.Serialization.cs
+++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/RoleDefinitionProperties.Serialization.cs
@@ -5,6 +5,7 @@
 
 #nullable disable
 
+using System.Collections.Generic;
 using System.Text.Json;
 using Azure.Core;
 
@@ -53,6 +54,78 @@ void IUtf8JsonSerializable.Write(Utf8JsonWriter writer)
             writer.WriteEndObject();
         }
 
+        internal static RoleDefinitionProperties DeserializeRoleDefinitionProperties(JsonElement element)
+        {
+            if (element.ValueKind == JsonValueKind.Null)
+            {
+                return null;
+            }
+            string roleName = default;
+            string description = default;
+            KeyVaultRoleType? type = default;
+            IList<KeyVaultPermission> permissions = default;
+            IList<KeyVaultRoleScope> assignableScopes = default;
+            foreach (var property in element.EnumerateObject())
+            {
+                if (property.NameEquals("roleName"u8))
+                {
+                    roleName = property.Value.GetString();
+                    continue;
+                }
+                if (property.NameEquals("description"u8))
+                {
+                    description = property.Value.GetString();
+                    continue;
+                }
+                if (property.NameEquals("type"u8))
+                {
+                    if (property.Value.ValueKind == JsonValueKind.Null)
+                    {
+                        continue;
+                    }
+                    type = new KeyVaultRoleType(property.Value.GetString());
+                    continue;
+                }
+                if (property.NameEquals("permissions"u8))
+                {
+                    if (property.Value.ValueKind == JsonValueKind.Null)
+                    {
+                        continue;
+                    }
+                    List<KeyVaultPermission> array = new List<KeyVaultPermission>();
+                    foreach (var item in property.Value.EnumerateArray())
+                    {
+                        array.Add(KeyVaultPermission.DeserializeKeyVaultPermission(item));
+                    }
+                    permissions = array;
+                    continue;
+                }
+                if (property.NameEquals("assignableScopes"u8))
+                {
+                    if (property.Value.ValueKind == JsonValueKind.Null)
+                    {
+                        continue;
+                    }
+                    List<KeyVaultRoleScope> array = new List<KeyVaultRoleScope>();
+                    foreach (var item in property.Value.EnumerateArray())
+                    {
+                        array.Add(new KeyVaultRoleScope(item.GetString()));
+                    }
+                    assignableScopes = array;
+                    continue;
+                }
+            }
+            return new RoleDefinitionProperties(roleName, description, type, permissions ?? new ChangeTrackingList<KeyVaultPermission>(), assignableScopes ?? new ChangeTrackingList<KeyVaultRoleScope>());
+        }
+
+        /// <summary> Deserializes the model from a raw response. </summary>
+        /// <param name="response"> The response to deserialize the model from. </param>
+        internal static RoleDefinitionProperties FromResponse(Response response)
+        {
+            using var document = JsonDocument.Parse(response.Content);
+            return DeserializeRoleDefinitionProperties(document.RootElement);
+        }
+
         /// <summary> Convert into a <see cref="RequestContent"/>. </summary>
         internal virtual RequestContent ToRequestContent()
         {
diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/SASTokenParameter.cs b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/SASTokenParameter.cs
index c503ec71dd27..b196ca070b88 100644
--- a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/SASTokenParameter.cs
+++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/SASTokenParameter.cs
@@ -9,7 +9,7 @@
 
 namespace Azure.Security.KeyVault.Administration.Models
 {
-    /// <summary> The SASTokenParameter. </summary>
+    /// <summary> An authentication method and location for the operation. </summary>
     internal partial class SASTokenParameter
     {
         /// <summary> Initializes a new instance of <see cref="SASTokenParameter"/>. </summary>
diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/SelectiveKeyRestoreDetailsInternal.Serialization.cs b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/SelectiveKeyRestoreDetailsInternal.Serialization.cs
index 2e2854411b24..98f67f2b7e77 100644
--- a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/SelectiveKeyRestoreDetailsInternal.Serialization.cs
+++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/SelectiveKeyRestoreDetailsInternal.Serialization.cs
@@ -18,9 +18,9 @@ internal static SelectiveKeyRestoreDetailsInternal DeserializeSelectiveKeyRestor
             {
                 return null;
             }
-            string status = default;
+            OperationStatus? status = default;
             string statusDetails = default;
-            KeyVaultServiceError error = default;
+            FullBackupOperationError error = default;
             string jobId = default;
             DateTimeOffset? startTime = default;
             DateTimeOffset? endTime = default;
@@ -28,7 +28,11 @@ internal static SelectiveKeyRestoreDetailsInternal DeserializeSelectiveKeyRestor
             {
                 if (property.NameEquals("status"u8))
                 {
-                    status = property.Value.GetString();
+                    if (property.Value.ValueKind == JsonValueKind.Null)
+                    {
+                        continue;
+                    }
+                    status = new OperationStatus(property.Value.GetString());
                     continue;
                 }
                 if (property.NameEquals("statusDetails"u8))
@@ -43,7 +47,7 @@ internal static SelectiveKeyRestoreDetailsInternal DeserializeSelectiveKeyRestor
                         error = null;
                         continue;
                     }
-                    error = KeyVaultServiceError.DeserializeKeyVaultServiceError(property.Value);
+                    error = FullBackupOperationError.DeserializeFullBackupOperationError(property.Value);
                     continue;
                 }
                 if (property.NameEquals("jobId"u8))
diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/SelectiveKeyRestoreDetailsInternal.cs b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/SelectiveKeyRestoreDetailsInternal.cs
index 02070cc29745..aa4466084a25 100644
--- a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/SelectiveKeyRestoreDetailsInternal.cs
+++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/SelectiveKeyRestoreDetailsInternal.cs
@@ -24,7 +24,7 @@ internal SelectiveKeyRestoreDetailsInternal()
         /// <param name="jobId"> Identifier for the selective key restore operation. </param>
         /// <param name="startTime"> The start time of the restore operation. </param>
         /// <param name="endTime"> The end time of the restore operation. </param>
-        internal SelectiveKeyRestoreDetailsInternal(string status, string statusDetails, KeyVaultServiceError error, string jobId, DateTimeOffset? startTime, DateTimeOffset? endTime)
+        internal SelectiveKeyRestoreDetailsInternal(OperationStatus? status, string statusDetails, FullBackupOperationError error, string jobId, DateTimeOffset? startTime, DateTimeOffset? endTime)
         {
             Status = status;
             StatusDetails = statusDetails;
@@ -35,11 +35,11 @@ internal SelectiveKeyRestoreDetailsInternal(string status, string statusDetails,
         }
 
         /// <summary> Status of the restore operation. </summary>
-        public string Status { get; }
+        public OperationStatus? Status { get; }
         /// <summary> The status details of restore operation. </summary>
         public string StatusDetails { get; }
         /// <summary> Error encountered, if any, during the selective key restore operation. </summary>
-        public KeyVaultServiceError Error { get; }
+        public FullBackupOperationError Error { get; }
         /// <summary> Identifier for the selective key restore operation. </summary>
         public string JobId { get; }
         /// <summary> The start time of the restore operation. </summary>
diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/SelectiveKeyRestoreOperationParameters.cs b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/SelectiveKeyRestoreOperationParameters.cs
index a933200c680b..efd9dfcfe769 100644
--- a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/SelectiveKeyRestoreOperationParameters.cs
+++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/SelectiveKeyRestoreOperationParameters.cs
@@ -9,11 +9,11 @@
 
 namespace Azure.Security.KeyVault.Administration.Models
 {
-    /// <summary> The SelectiveKeyRestoreOperationParameters. </summary>
+    /// <summary> The authentication method and location for the selective key restore operation. </summary>
     internal partial class SelectiveKeyRestoreOperationParameters
     {
         /// <summary> Initializes a new instance of <see cref="SelectiveKeyRestoreOperationParameters"/>. </summary>
-        /// <param name="sasTokenParameters"></param>
+        /// <param name="sasTokenParameters"> A user-provided SAS token to an Azure blob storage container. </param>
         /// <param name="folder"> The Folder name of the blob where the previous successful full backup was stored. </param>
         /// <exception cref="ArgumentNullException"> <paramref name="sasTokenParameters"/> or <paramref name="folder"/> is null. </exception>
         public SelectiveKeyRestoreOperationParameters(SASTokenParameter sasTokenParameters, string folder)
@@ -25,7 +25,7 @@ public SelectiveKeyRestoreOperationParameters(SASTokenParameter sasTokenParamete
             Folder = folder;
         }
 
-        /// <summary> Gets the sas token parameters. </summary>
+        /// <summary> A user-provided SAS token to an Azure blob storage container. </summary>
         public SASTokenParameter SasTokenParameters { get; }
         /// <summary> The Folder name of the blob where the previous successful full backup was stored. </summary>
         public string Folder { get; }
diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/Versions.Serialization.cs b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/Versions.Serialization.cs
new file mode 100644
index 000000000000..3871738c1c9a
--- /dev/null
+++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/Versions.Serialization.cs
@@ -0,0 +1,28 @@
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License.
+
+// <auto-generated/>
+
+#nullable disable
+
+using System;
+
+namespace Azure.Security.KeyVault.Administration.Models
+{
+    internal static partial class VersionsExtensions
+    {
+        public static string ToSerialString(this Versions value) => value switch
+        {
+            Versions.V75 => "7.5",
+            Versions.V76Preview2 => "7.6-preview.2",
+            _ => throw new ArgumentOutOfRangeException(nameof(value), value, "Unknown Versions value.")
+        };
+
+        public static Versions ToVersions(this string value)
+        {
+            if (StringComparer.OrdinalIgnoreCase.Equals(value, "7.5")) return Versions.V75;
+            if (StringComparer.OrdinalIgnoreCase.Equals(value, "7.6-preview.2")) return Versions.V76Preview2;
+            throw new ArgumentOutOfRangeException(nameof(value), value, "Unknown Versions value.");
+        }
+    }
+}
diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/Versions.cs b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/Versions.cs
new file mode 100644
index 000000000000..b0be38e96075
--- /dev/null
+++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/Models/Versions.cs
@@ -0,0 +1,18 @@
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License.
+
+// <auto-generated/>
+
+#nullable disable
+
+namespace Azure.Security.KeyVault.Administration.Models
+{
+    /// <summary> The available API versions. </summary>
+    internal enum Versions
+    {
+        /// <summary> The 7.5 API version. </summary>
+        V75,
+        /// <summary> The 7.6-preview.2 API version. </summary>
+        V76Preview2
+    }
+}
diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/RoleAssignments.cs b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/RoleAssignments.cs
new file mode 100644
index 000000000000..09196b88037c
--- /dev/null
+++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/RoleAssignments.cs
@@ -0,0 +1,598 @@
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License.
+
+// <auto-generated/>
+
+#nullable disable
+
+using System;
+using System.Threading;
+using System.Threading.Tasks;
+using Autorest.CSharp.Core;
+using Azure.Core;
+using Azure.Core.Pipeline;
+using Azure.Security.KeyVault.Administration.Models;
+
+namespace Azure.Security.KeyVault.Administration
+{
+    // Data plane generated sub-client.
+    /// <summary> The RoleAssignments sub-client. </summary>
+    public partial class RoleAssignments
+    {
+        private static readonly string[] AuthorizationScopes = new string[] { "https://vault.azure.net/.default" };
+        private readonly TokenCredential _tokenCredential;
+        private readonly HttpPipeline _pipeline;
+        private readonly Uri _endpoint;
+        private readonly string _apiVersion;
+
+        /// <summary> The ClientDiagnostics is used to provide tracing support for the client library. </summary>
+        internal ClientDiagnostics ClientDiagnostics { get; }
+
+        /// <summary> The HTTP pipeline for sending and receiving REST requests and responses. </summary>
+        public virtual HttpPipeline Pipeline => _pipeline;
+
+        /// <summary> Initializes a new instance of RoleAssignments for mocking. </summary>
+        protected RoleAssignments()
+        {
+        }
+
+        /// <summary> Initializes a new instance of RoleAssignments. </summary>
+        /// <param name="clientDiagnostics"> The handler for diagnostic messaging in the client. </param>
+        /// <param name="pipeline"> The HTTP pipeline for sending and receiving REST requests and responses. </param>
+        /// <param name="tokenCredential"> The token credential to copy. </param>
+        /// <param name="endpoint"> The <see cref="Uri"/> to use. </param>
+        /// <param name="apiVersion"> The API version to use for this operation. </param>
+        internal RoleAssignments(ClientDiagnostics clientDiagnostics, HttpPipeline pipeline, TokenCredential tokenCredential, Uri endpoint, string apiVersion)
+        {
+            ClientDiagnostics = clientDiagnostics;
+            _pipeline = pipeline;
+            _tokenCredential = tokenCredential;
+            _endpoint = endpoint;
+            _apiVersion = apiVersion;
+        }
+
+        /// <summary> Deletes a role assignment. </summary>
+        /// <param name="scope"> The scope of the role assignment to delete. </param>
+        /// <param name="roleAssignmentName"> The name of the role assignment to delete. </param>
+        /// <param name="cancellationToken"> The cancellation token to use. </param>
+        /// <exception cref="ArgumentNullException"> <paramref name="scope"/> or <paramref name="roleAssignmentName"/> is null. </exception>
+        /// <exception cref="ArgumentException"> <paramref name="roleAssignmentName"/> is an empty string, and was expected to be non-empty. </exception>
+        internal virtual async Task<Response<KeyVaultRoleAssignment>> DeleteAsync(string scope, string roleAssignmentName, CancellationToken cancellationToken = default)
+        {
+            Argument.AssertNotNull(scope, nameof(scope));
+            Argument.AssertNotNullOrEmpty(roleAssignmentName, nameof(roleAssignmentName));
+
+            RequestContext context = FromCancellationToken(cancellationToken);
+            Response response = await DeleteAsync(scope, roleAssignmentName, context).ConfigureAwait(false);
+            return Response.FromValue(KeyVaultRoleAssignment.FromResponse(response), response);
+        }
+
+        /// <summary> Deletes a role assignment. </summary>
+        /// <param name="scope"> The scope of the role assignment to delete. </param>
+        /// <param name="roleAssignmentName"> The name of the role assignment to delete. </param>
+        /// <param name="cancellationToken"> The cancellation token to use. </param>
+        /// <exception cref="ArgumentNullException"> <paramref name="scope"/> or <paramref name="roleAssignmentName"/> is null. </exception>
+        /// <exception cref="ArgumentException"> <paramref name="roleAssignmentName"/> is an empty string, and was expected to be non-empty. </exception>
+        internal virtual Response<KeyVaultRoleAssignment> Delete(string scope, string roleAssignmentName, CancellationToken cancellationToken = default)
+        {
+            Argument.AssertNotNull(scope, nameof(scope));
+            Argument.AssertNotNullOrEmpty(roleAssignmentName, nameof(roleAssignmentName));
+
+            RequestContext context = FromCancellationToken(cancellationToken);
+            Response response = Delete(scope, roleAssignmentName, context);
+            return Response.FromValue(KeyVaultRoleAssignment.FromResponse(response), response);
+        }
+
+        /// <summary>
+        /// [Protocol Method] Deletes a role assignment.
+        /// <list type="bullet">
+        /// <item>
+        /// <description>
+        /// This <see href="https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/core/Azure.Core/samples/ProtocolMethods.md">protocol method</see> allows explicit creation of the request and processing of the response for advanced scenarios.
+        /// </description>
+        /// </item>
+        /// <item>
+        /// <description>
+        /// Please try the simpler <see cref="DeleteAsync(string,string,CancellationToken)"/> convenience overload with strongly typed models first.
+        /// </description>
+        /// </item>
+        /// </list>
+        /// </summary>
+        /// <param name="scope"> The scope of the role assignment to delete. </param>
+        /// <param name="roleAssignmentName"> The name of the role assignment to delete. </param>
+        /// <param name="context"> The request context, which can override default behaviors of the client pipeline on a per-call basis. </param>
+        /// <exception cref="ArgumentNullException"> <paramref name="scope"/> or <paramref name="roleAssignmentName"/> is null. </exception>
+        /// <exception cref="ArgumentException"> <paramref name="roleAssignmentName"/> is an empty string, and was expected to be non-empty. </exception>
+        /// <exception cref="RequestFailedException"> Service returned a non-success status code. </exception>
+        /// <returns> The response returned from the service. </returns>
+        internal virtual async Task<Response> DeleteAsync(string scope, string roleAssignmentName, RequestContext context)
+        {
+            Argument.AssertNotNull(scope, nameof(scope));
+            Argument.AssertNotNullOrEmpty(roleAssignmentName, nameof(roleAssignmentName));
+
+            using var scope0 = ClientDiagnostics.CreateScope("RoleAssignments.Delete");
+            scope0.Start();
+            try
+            {
+                using HttpMessage message = CreateDeleteRequest(scope, roleAssignmentName, context);
+                return await _pipeline.ProcessMessageAsync(message, context).ConfigureAwait(false);
+            }
+            catch (Exception e)
+            {
+                scope0.Failed(e);
+                throw;
+            }
+        }
+
+        /// <summary>
+        /// [Protocol Method] Deletes a role assignment.
+        /// <list type="bullet">
+        /// <item>
+        /// <description>
+        /// This <see href="https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/core/Azure.Core/samples/ProtocolMethods.md">protocol method</see> allows explicit creation of the request and processing of the response for advanced scenarios.
+        /// </description>
+        /// </item>
+        /// <item>
+        /// <description>
+        /// Please try the simpler <see cref="Delete(string,string,CancellationToken)"/> convenience overload with strongly typed models first.
+        /// </description>
+        /// </item>
+        /// </list>
+        /// </summary>
+        /// <param name="scope"> The scope of the role assignment to delete. </param>
+        /// <param name="roleAssignmentName"> The name of the role assignment to delete. </param>
+        /// <param name="context"> The request context, which can override default behaviors of the client pipeline on a per-call basis. </param>
+        /// <exception cref="ArgumentNullException"> <paramref name="scope"/> or <paramref name="roleAssignmentName"/> is null. </exception>
+        /// <exception cref="ArgumentException"> <paramref name="roleAssignmentName"/> is an empty string, and was expected to be non-empty. </exception>
+        /// <exception cref="RequestFailedException"> Service returned a non-success status code. </exception>
+        /// <returns> The response returned from the service. </returns>
+        internal virtual Response Delete(string scope, string roleAssignmentName, RequestContext context)
+        {
+            Argument.AssertNotNull(scope, nameof(scope));
+            Argument.AssertNotNullOrEmpty(roleAssignmentName, nameof(roleAssignmentName));
+
+            using var scope0 = ClientDiagnostics.CreateScope("RoleAssignments.Delete");
+            scope0.Start();
+            try
+            {
+                using HttpMessage message = CreateDeleteRequest(scope, roleAssignmentName, context);
+                return _pipeline.ProcessMessage(message, context);
+            }
+            catch (Exception e)
+            {
+                scope0.Failed(e);
+                throw;
+            }
+        }
+
+        /// <summary> Creates a role assignment. </summary>
+        /// <param name="scope"> The scope of the role assignment to create. </param>
+        /// <param name="roleAssignmentName"> The name of the role assignment to create. It can be any valid GUID. </param>
+        /// <param name="parameters"> Parameters for the role assignment. </param>
+        /// <param name="cancellationToken"> The cancellation token to use. </param>
+        /// <exception cref="ArgumentNullException"> <paramref name="scope"/>, <paramref name="roleAssignmentName"/> or <paramref name="parameters"/> is null. </exception>
+        /// <exception cref="ArgumentException"> <paramref name="roleAssignmentName"/> is an empty string, and was expected to be non-empty. </exception>
+        internal virtual async Task<Response<KeyVaultRoleAssignment>> CreateAsync(string scope, string roleAssignmentName, RoleAssignmentCreateParameters parameters, CancellationToken cancellationToken = default)
+        {
+            Argument.AssertNotNull(scope, nameof(scope));
+            Argument.AssertNotNullOrEmpty(roleAssignmentName, nameof(roleAssignmentName));
+            Argument.AssertNotNull(parameters, nameof(parameters));
+
+            using RequestContent content = parameters.ToRequestContent();
+            RequestContext context = FromCancellationToken(cancellationToken);
+            Response response = await CreateAsync(scope, roleAssignmentName, content, context).ConfigureAwait(false);
+            return Response.FromValue(KeyVaultRoleAssignment.FromResponse(response), response);
+        }
+
+        /// <summary> Creates a role assignment. </summary>
+        /// <param name="scope"> The scope of the role assignment to create. </param>
+        /// <param name="roleAssignmentName"> The name of the role assignment to create. It can be any valid GUID. </param>
+        /// <param name="parameters"> Parameters for the role assignment. </param>
+        /// <param name="cancellationToken"> The cancellation token to use. </param>
+        /// <exception cref="ArgumentNullException"> <paramref name="scope"/>, <paramref name="roleAssignmentName"/> or <paramref name="parameters"/> is null. </exception>
+        /// <exception cref="ArgumentException"> <paramref name="roleAssignmentName"/> is an empty string, and was expected to be non-empty. </exception>
+        internal virtual Response<KeyVaultRoleAssignment> Create(string scope, string roleAssignmentName, RoleAssignmentCreateParameters parameters, CancellationToken cancellationToken = default)
+        {
+            Argument.AssertNotNull(scope, nameof(scope));
+            Argument.AssertNotNullOrEmpty(roleAssignmentName, nameof(roleAssignmentName));
+            Argument.AssertNotNull(parameters, nameof(parameters));
+
+            using RequestContent content = parameters.ToRequestContent();
+            RequestContext context = FromCancellationToken(cancellationToken);
+            Response response = Create(scope, roleAssignmentName, content, context);
+            return Response.FromValue(KeyVaultRoleAssignment.FromResponse(response), response);
+        }
+
+        /// <summary>
+        /// [Protocol Method] Creates a role assignment.
+        /// <list type="bullet">
+        /// <item>
+        /// <description>
+        /// This <see href="https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/core/Azure.Core/samples/ProtocolMethods.md">protocol method</see> allows explicit creation of the request and processing of the response for advanced scenarios.
+        /// </description>
+        /// </item>
+        /// <item>
+        /// <description>
+        /// Please try the simpler <see cref="CreateAsync(string,string,RoleAssignmentCreateParameters,CancellationToken)"/> convenience overload with strongly typed models first.
+        /// </description>
+        /// </item>
+        /// </list>
+        /// </summary>
+        /// <param name="scope"> The scope of the role assignment to create. </param>
+        /// <param name="roleAssignmentName"> The name of the role assignment to create. It can be any valid GUID. </param>
+        /// <param name="content"> The content to send as the body of the request. </param>
+        /// <param name="context"> The request context, which can override default behaviors of the client pipeline on a per-call basis. </param>
+        /// <exception cref="ArgumentNullException"> <paramref name="scope"/>, <paramref name="roleAssignmentName"/> or <paramref name="content"/> is null. </exception>
+        /// <exception cref="ArgumentException"> <paramref name="roleAssignmentName"/> is an empty string, and was expected to be non-empty. </exception>
+        /// <exception cref="RequestFailedException"> Service returned a non-success status code. </exception>
+        /// <returns> The response returned from the service. </returns>
+        internal virtual async Task<Response> CreateAsync(string scope, string roleAssignmentName, RequestContent content, RequestContext context = null)
+        {
+            Argument.AssertNotNull(scope, nameof(scope));
+            Argument.AssertNotNullOrEmpty(roleAssignmentName, nameof(roleAssignmentName));
+            Argument.AssertNotNull(content, nameof(content));
+
+            using var scope0 = ClientDiagnostics.CreateScope("RoleAssignments.Create");
+            scope0.Start();
+            try
+            {
+                using HttpMessage message = CreateCreateRequest(scope, roleAssignmentName, content, context);
+                return await _pipeline.ProcessMessageAsync(message, context).ConfigureAwait(false);
+            }
+            catch (Exception e)
+            {
+                scope0.Failed(e);
+                throw;
+            }
+        }
+
+        /// <summary>
+        /// [Protocol Method] Creates a role assignment.
+        /// <list type="bullet">
+        /// <item>
+        /// <description>
+        /// This <see href="https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/core/Azure.Core/samples/ProtocolMethods.md">protocol method</see> allows explicit creation of the request and processing of the response for advanced scenarios.
+        /// </description>
+        /// </item>
+        /// <item>
+        /// <description>
+        /// Please try the simpler <see cref="Create(string,string,RoleAssignmentCreateParameters,CancellationToken)"/> convenience overload with strongly typed models first.
+        /// </description>
+        /// </item>
+        /// </list>
+        /// </summary>
+        /// <param name="scope"> The scope of the role assignment to create. </param>
+        /// <param name="roleAssignmentName"> The name of the role assignment to create. It can be any valid GUID. </param>
+        /// <param name="content"> The content to send as the body of the request. </param>
+        /// <param name="context"> The request context, which can override default behaviors of the client pipeline on a per-call basis. </param>
+        /// <exception cref="ArgumentNullException"> <paramref name="scope"/>, <paramref name="roleAssignmentName"/> or <paramref name="content"/> is null. </exception>
+        /// <exception cref="ArgumentException"> <paramref name="roleAssignmentName"/> is an empty string, and was expected to be non-empty. </exception>
+        /// <exception cref="RequestFailedException"> Service returned a non-success status code. </exception>
+        /// <returns> The response returned from the service. </returns>
+        internal virtual Response Create(string scope, string roleAssignmentName, RequestContent content, RequestContext context = null)
+        {
+            Argument.AssertNotNull(scope, nameof(scope));
+            Argument.AssertNotNullOrEmpty(roleAssignmentName, nameof(roleAssignmentName));
+            Argument.AssertNotNull(content, nameof(content));
+
+            using var scope0 = ClientDiagnostics.CreateScope("RoleAssignments.Create");
+            scope0.Start();
+            try
+            {
+                using HttpMessage message = CreateCreateRequest(scope, roleAssignmentName, content, context);
+                return _pipeline.ProcessMessage(message, context);
+            }
+            catch (Exception e)
+            {
+                scope0.Failed(e);
+                throw;
+            }
+        }
+
+        /// <summary> Get the specified role assignment. </summary>
+        /// <param name="scope"> The scope of the role assignment. </param>
+        /// <param name="roleAssignmentName"> The name of the role assignment to get. </param>
+        /// <param name="cancellationToken"> The cancellation token to use. </param>
+        /// <exception cref="ArgumentNullException"> <paramref name="scope"/> or <paramref name="roleAssignmentName"/> is null. </exception>
+        /// <exception cref="ArgumentException"> <paramref name="roleAssignmentName"/> is an empty string, and was expected to be non-empty. </exception>
+        internal virtual async Task<Response<KeyVaultRoleAssignment>> GetRoleAssignmentAsync(string scope, string roleAssignmentName, CancellationToken cancellationToken = default)
+        {
+            Argument.AssertNotNull(scope, nameof(scope));
+            Argument.AssertNotNullOrEmpty(roleAssignmentName, nameof(roleAssignmentName));
+
+            RequestContext context = FromCancellationToken(cancellationToken);
+            Response response = await GetRoleAssignmentAsync(scope, roleAssignmentName, context).ConfigureAwait(false);
+            return Response.FromValue(KeyVaultRoleAssignment.FromResponse(response), response);
+        }
+
+        /// <summary> Get the specified role assignment. </summary>
+        /// <param name="scope"> The scope of the role assignment. </param>
+        /// <param name="roleAssignmentName"> The name of the role assignment to get. </param>
+        /// <param name="cancellationToken"> The cancellation token to use. </param>
+        /// <exception cref="ArgumentNullException"> <paramref name="scope"/> or <paramref name="roleAssignmentName"/> is null. </exception>
+        /// <exception cref="ArgumentException"> <paramref name="roleAssignmentName"/> is an empty string, and was expected to be non-empty. </exception>
+        internal virtual Response<KeyVaultRoleAssignment> GetRoleAssignment(string scope, string roleAssignmentName, CancellationToken cancellationToken = default)
+        {
+            Argument.AssertNotNull(scope, nameof(scope));
+            Argument.AssertNotNullOrEmpty(roleAssignmentName, nameof(roleAssignmentName));
+
+            RequestContext context = FromCancellationToken(cancellationToken);
+            Response response = GetRoleAssignment(scope, roleAssignmentName, context);
+            return Response.FromValue(KeyVaultRoleAssignment.FromResponse(response), response);
+        }
+
+        /// <summary>
+        /// [Protocol Method] Get the specified role assignment.
+        /// <list type="bullet">
+        /// <item>
+        /// <description>
+        /// This <see href="https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/core/Azure.Core/samples/ProtocolMethods.md">protocol method</see> allows explicit creation of the request and processing of the response for advanced scenarios.
+        /// </description>
+        /// </item>
+        /// <item>
+        /// <description>
+        /// Please try the simpler <see cref="GetRoleAssignmentAsync(string,string,CancellationToken)"/> convenience overload with strongly typed models first.
+        /// </description>
+        /// </item>
+        /// </list>
+        /// </summary>
+        /// <param name="scope"> The scope of the role assignment. </param>
+        /// <param name="roleAssignmentName"> The name of the role assignment to get. </param>
+        /// <param name="context"> The request context, which can override default behaviors of the client pipeline on a per-call basis. </param>
+        /// <exception cref="ArgumentNullException"> <paramref name="scope"/> or <paramref name="roleAssignmentName"/> is null. </exception>
+        /// <exception cref="ArgumentException"> <paramref name="roleAssignmentName"/> is an empty string, and was expected to be non-empty. </exception>
+        /// <exception cref="RequestFailedException"> Service returned a non-success status code. </exception>
+        /// <returns> The response returned from the service. </returns>
+        internal virtual async Task<Response> GetRoleAssignmentAsync(string scope, string roleAssignmentName, RequestContext context)
+        {
+            Argument.AssertNotNull(scope, nameof(scope));
+            Argument.AssertNotNullOrEmpty(roleAssignmentName, nameof(roleAssignmentName));
+
+            using var scope0 = ClientDiagnostics.CreateScope("RoleAssignments.GetRoleAssignment");
+            scope0.Start();
+            try
+            {
+                using HttpMessage message = CreateGetRoleAssignmentRequest(scope, roleAssignmentName, context);
+                return await _pipeline.ProcessMessageAsync(message, context).ConfigureAwait(false);
+            }
+            catch (Exception e)
+            {
+                scope0.Failed(e);
+                throw;
+            }
+        }
+
+        /// <summary>
+        /// [Protocol Method] Get the specified role assignment.
+        /// <list type="bullet">
+        /// <item>
+        /// <description>
+        /// This <see href="https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/core/Azure.Core/samples/ProtocolMethods.md">protocol method</see> allows explicit creation of the request and processing of the response for advanced scenarios.
+        /// </description>
+        /// </item>
+        /// <item>
+        /// <description>
+        /// Please try the simpler <see cref="GetRoleAssignment(string,string,CancellationToken)"/> convenience overload with strongly typed models first.
+        /// </description>
+        /// </item>
+        /// </list>
+        /// </summary>
+        /// <param name="scope"> The scope of the role assignment. </param>
+        /// <param name="roleAssignmentName"> The name of the role assignment to get. </param>
+        /// <param name="context"> The request context, which can override default behaviors of the client pipeline on a per-call basis. </param>
+        /// <exception cref="ArgumentNullException"> <paramref name="scope"/> or <paramref name="roleAssignmentName"/> is null. </exception>
+        /// <exception cref="ArgumentException"> <paramref name="roleAssignmentName"/> is an empty string, and was expected to be non-empty. </exception>
+        /// <exception cref="RequestFailedException"> Service returned a non-success status code. </exception>
+        /// <returns> The response returned from the service. </returns>
+        internal virtual Response GetRoleAssignment(string scope, string roleAssignmentName, RequestContext context)
+        {
+            Argument.AssertNotNull(scope, nameof(scope));
+            Argument.AssertNotNullOrEmpty(roleAssignmentName, nameof(roleAssignmentName));
+
+            using var scope0 = ClientDiagnostics.CreateScope("RoleAssignments.GetRoleAssignment");
+            scope0.Start();
+            try
+            {
+                using HttpMessage message = CreateGetRoleAssignmentRequest(scope, roleAssignmentName, context);
+                return _pipeline.ProcessMessage(message, context);
+            }
+            catch (Exception e)
+            {
+                scope0.Failed(e);
+                throw;
+            }
+        }
+
+        /// <summary> Gets role assignments for a scope. </summary>
+        /// <param name="scope"> The scope of the role assignments. </param>
+        /// <param name="filter"> The filter to apply on the operation. Use $filter=atScope() to return all role assignments at or above the scope. Use $filter=principalId eq {id} to return all role assignments at, above or below the scope for the specified principal. </param>
+        /// <param name="cancellationToken"> The cancellation token to use. </param>
+        /// <exception cref="ArgumentNullException"> <paramref name="scope"/> is null. </exception>
+        internal virtual AsyncPageable<KeyVaultRoleAssignment> GetForScopesAsync(string scope, string filter = null, CancellationToken cancellationToken = default)
+        {
+            Argument.AssertNotNull(scope, nameof(scope));
+
+            RequestContext context = cancellationToken.CanBeCanceled ? new RequestContext { CancellationToken = cancellationToken } : null;
+            HttpMessage FirstPageRequest(int? pageSizeHint) => CreateGetForScopesRequest(scope, filter, context);
+            HttpMessage NextPageRequest(int? pageSizeHint, string nextLink) => CreateGetForScopesNextPageRequest(nextLink, scope, filter, context);
+            return GeneratorPageableHelpers.CreateAsyncPageable(FirstPageRequest, NextPageRequest, KeyVaultRoleAssignment.DeserializeKeyVaultRoleAssignment, ClientDiagnostics, _pipeline, "RoleAssignments.GetForScopes", "value", "nextLink", context);
+        }
+
+        /// <summary> Gets role assignments for a scope. </summary>
+        /// <param name="scope"> The scope of the role assignments. </param>
+        /// <param name="filter"> The filter to apply on the operation. Use $filter=atScope() to return all role assignments at or above the scope. Use $filter=principalId eq {id} to return all role assignments at, above or below the scope for the specified principal. </param>
+        /// <param name="cancellationToken"> The cancellation token to use. </param>
+        /// <exception cref="ArgumentNullException"> <paramref name="scope"/> is null. </exception>
+        internal virtual Pageable<KeyVaultRoleAssignment> GetForScopes(string scope, string filter = null, CancellationToken cancellationToken = default)
+        {
+            Argument.AssertNotNull(scope, nameof(scope));
+
+            RequestContext context = cancellationToken.CanBeCanceled ? new RequestContext { CancellationToken = cancellationToken } : null;
+            HttpMessage FirstPageRequest(int? pageSizeHint) => CreateGetForScopesRequest(scope, filter, context);
+            HttpMessage NextPageRequest(int? pageSizeHint, string nextLink) => CreateGetForScopesNextPageRequest(nextLink, scope, filter, context);
+            return GeneratorPageableHelpers.CreatePageable(FirstPageRequest, NextPageRequest, KeyVaultRoleAssignment.DeserializeKeyVaultRoleAssignment, ClientDiagnostics, _pipeline, "RoleAssignments.GetForScopes", "value", "nextLink", context);
+        }
+
+        /// <summary>
+        /// [Protocol Method] Gets role assignments for a scope.
+        /// <list type="bullet">
+        /// <item>
+        /// <description>
+        /// This <see href="https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/core/Azure.Core/samples/ProtocolMethods.md">protocol method</see> allows explicit creation of the request and processing of the response for advanced scenarios.
+        /// </description>
+        /// </item>
+        /// <item>
+        /// <description>
+        /// Please try the simpler <see cref="GetForScopesAsync(string,string,CancellationToken)"/> convenience overload with strongly typed models first.
+        /// </description>
+        /// </item>
+        /// </list>
+        /// </summary>
+        /// <param name="scope"> The scope of the role assignments. </param>
+        /// <param name="filter"> The filter to apply on the operation. Use $filter=atScope() to return all role assignments at or above the scope. Use $filter=principalId eq {id} to return all role assignments at, above or below the scope for the specified principal. </param>
+        /// <param name="context"> The request context, which can override default behaviors of the client pipeline on a per-call basis. </param>
+        /// <exception cref="ArgumentNullException"> <paramref name="scope"/> is null. </exception>
+        /// <exception cref="RequestFailedException"> Service returned a non-success status code. </exception>
+        /// <returns> The <see cref="AsyncPageable{T}"/> from the service containing a list of <see cref="BinaryData"/> objects. Details of the body schema for each item in the collection are in the Remarks section below. </returns>
+        internal virtual AsyncPageable<BinaryData> GetForScopesAsync(string scope, string filter, RequestContext context)
+        {
+            Argument.AssertNotNull(scope, nameof(scope));
+
+            HttpMessage FirstPageRequest(int? pageSizeHint) => CreateGetForScopesRequest(scope, filter, context);
+            HttpMessage NextPageRequest(int? pageSizeHint, string nextLink) => CreateGetForScopesNextPageRequest(nextLink, scope, filter, context);
+            return GeneratorPageableHelpers.CreateAsyncPageable(FirstPageRequest, NextPageRequest, e => BinaryData.FromString(e.GetRawText()), ClientDiagnostics, _pipeline, "RoleAssignments.GetForScopes", "value", "nextLink", context);
+        }
+
+        /// <summary>
+        /// [Protocol Method] Gets role assignments for a scope.
+        /// <list type="bullet">
+        /// <item>
+        /// <description>
+        /// This <see href="https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/core/Azure.Core/samples/ProtocolMethods.md">protocol method</see> allows explicit creation of the request and processing of the response for advanced scenarios.
+        /// </description>
+        /// </item>
+        /// <item>
+        /// <description>
+        /// Please try the simpler <see cref="GetForScopes(string,string,CancellationToken)"/> convenience overload with strongly typed models first.
+        /// </description>
+        /// </item>
+        /// </list>
+        /// </summary>
+        /// <param name="scope"> The scope of the role assignments. </param>
+        /// <param name="filter"> The filter to apply on the operation. Use $filter=atScope() to return all role assignments at or above the scope. Use $filter=principalId eq {id} to return all role assignments at, above or below the scope for the specified principal. </param>
+        /// <param name="context"> The request context, which can override default behaviors of the client pipeline on a per-call basis. </param>
+        /// <exception cref="ArgumentNullException"> <paramref name="scope"/> is null. </exception>
+        /// <exception cref="RequestFailedException"> Service returned a non-success status code. </exception>
+        /// <returns> The <see cref="Pageable{T}"/> from the service containing a list of <see cref="BinaryData"/> objects. Details of the body schema for each item in the collection are in the Remarks section below. </returns>
+        internal virtual Pageable<BinaryData> GetForScopes(string scope, string filter, RequestContext context)
+        {
+            Argument.AssertNotNull(scope, nameof(scope));
+
+            HttpMessage FirstPageRequest(int? pageSizeHint) => CreateGetForScopesRequest(scope, filter, context);
+            HttpMessage NextPageRequest(int? pageSizeHint, string nextLink) => CreateGetForScopesNextPageRequest(nextLink, scope, filter, context);
+            return GeneratorPageableHelpers.CreatePageable(FirstPageRequest, NextPageRequest, e => BinaryData.FromString(e.GetRawText()), ClientDiagnostics, _pipeline, "RoleAssignments.GetForScopes", "value", "nextLink", context);
+        }
+
+        internal HttpMessage CreateDeleteRequest(string scope, string roleAssignmentName, RequestContext context)
+        {
+            var message = _pipeline.CreateMessage(context, ResponseClassifier200);
+            var request = message.Request;
+            request.Method = RequestMethod.Delete;
+            var uri = new RawRequestUriBuilder();
+            uri.Reset(_endpoint);
+            uri.AppendPath("/", false);
+            uri.AppendPath(scope, false);
+            uri.AppendPath("/providers/Microsoft.Authorization/roleAssignments/", false);
+            uri.AppendPath(roleAssignmentName, true);
+            uri.AppendQuery("api-version", _apiVersion, true);
+            request.Uri = uri;
+            request.Headers.Add("Accept", "application/json");
+            return message;
+        }
+
+        internal HttpMessage CreateCreateRequest(string scope, string roleAssignmentName, RequestContent content, RequestContext context)
+        {
+            var message = _pipeline.CreateMessage(context, ResponseClassifier201);
+            var request = message.Request;
+            request.Method = RequestMethod.Put;
+            var uri = new RawRequestUriBuilder();
+            uri.Reset(_endpoint);
+            uri.AppendPath("/", false);
+            uri.AppendPath(scope, false);
+            uri.AppendPath("/providers/Microsoft.Authorization/roleAssignments/", false);
+            uri.AppendPath(roleAssignmentName, true);
+            uri.AppendQuery("api-version", _apiVersion, true);
+            request.Uri = uri;
+            request.Headers.Add("Accept", "application/json");
+            request.Headers.Add("Content-Type", "application/json");
+            request.Content = content;
+            return message;
+        }
+
+        internal HttpMessage CreateGetRoleAssignmentRequest(string scope, string roleAssignmentName, RequestContext context)
+        {
+            var message = _pipeline.CreateMessage(context, ResponseClassifier200);
+            var request = message.Request;
+            request.Method = RequestMethod.Get;
+            var uri = new RawRequestUriBuilder();
+            uri.Reset(_endpoint);
+            uri.AppendPath("/", false);
+            uri.AppendPath(scope, false);
+            uri.AppendPath("/providers/Microsoft.Authorization/roleAssignments/", false);
+            uri.AppendPath(roleAssignmentName, true);
+            uri.AppendQuery("api-version", _apiVersion, true);
+            request.Uri = uri;
+            request.Headers.Add("Accept", "application/json");
+            return message;
+        }
+
+        internal HttpMessage CreateGetForScopesRequest(string scope, string filter, RequestContext context)
+        {
+            var message = _pipeline.CreateMessage(context, ResponseClassifier200);
+            var request = message.Request;
+            request.Method = RequestMethod.Get;
+            var uri = new RawRequestUriBuilder();
+            uri.Reset(_endpoint);
+            uri.AppendPath("/", false);
+            uri.AppendPath(scope, false);
+            uri.AppendPath("/providers/Microsoft.Authorization/roleAssignments", false);
+            uri.AppendQuery("api-version", _apiVersion, true);
+            if (filter != null)
+            {
+                uri.AppendQuery("$filter", filter, true);
+            }
+            request.Uri = uri;
+            request.Headers.Add("Accept", "application/json");
+            return message;
+        }
+
+        internal HttpMessage CreateGetForScopesNextPageRequest(string nextLink, string scope, string filter, RequestContext context)
+        {
+            var message = _pipeline.CreateMessage(context, ResponseClassifier200);
+            var request = message.Request;
+            request.Method = RequestMethod.Get;
+            var uri = new RawRequestUriBuilder();
+            uri.Reset(_endpoint);
+            uri.AppendRawNextLink(nextLink, false);
+            request.Uri = uri;
+            request.Headers.Add("Accept", "application/json");
+            return message;
+        }
+
+        private static RequestContext DefaultRequestContext = new RequestContext();
+        internal static RequestContext FromCancellationToken(CancellationToken cancellationToken = default)
+        {
+            if (!cancellationToken.CanBeCanceled)
+            {
+                return DefaultRequestContext;
+            }
+
+            return new RequestContext() { CancellationToken = cancellationToken };
+        }
+
+        private static ResponseClassifier _responseClassifier200;
+        private static ResponseClassifier ResponseClassifier200 => _responseClassifier200 ??= new StatusCodeClassifier(stackalloc ushort[] { 200 });
+        private static ResponseClassifier _responseClassifier201;
+        private static ResponseClassifier ResponseClassifier201 => _responseClassifier201 ??= new StatusCodeClassifier(stackalloc ushort[] { 201 });
+    }
+}
diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/RoleAssignmentsRestClient.cs b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/RoleAssignmentsRestClient.cs
deleted file mode 100644
index 8cdf96815723..000000000000
--- a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/RoleAssignmentsRestClient.cs
+++ /dev/null
@@ -1,492 +0,0 @@
-// Copyright (c) Microsoft Corporation. All rights reserved.
-// Licensed under the MIT License.
-
-// <auto-generated/>
-
-#nullable disable
-
-using System;
-using System.Text.Json;
-using System.Threading;
-using System.Threading.Tasks;
-using Azure.Core;
-using Azure.Core.Pipeline;
-using Azure.Security.KeyVault.Administration.Models;
-
-namespace Azure.Security.KeyVault.Administration
-{
-    internal partial class RoleAssignmentsRestClient
-    {
-        private readonly HttpPipeline _pipeline;
-        private readonly string _apiVersion;
-
-        /// <summary> The ClientDiagnostics is used to provide tracing support for the client library. </summary>
-        internal ClientDiagnostics ClientDiagnostics { get; }
-
-        /// <summary> Initializes a new instance of RoleAssignmentsRestClient. </summary>
-        /// <param name="clientDiagnostics"> The handler for diagnostic messaging in the client. </param>
-        /// <param name="pipeline"> The HTTP pipeline for sending and receiving REST requests and responses. </param>
-        /// <param name="apiVersion"> Api Version. </param>
-        /// <exception cref="ArgumentNullException"> <paramref name="clientDiagnostics"/>, <paramref name="pipeline"/> or <paramref name="apiVersion"/> is null. </exception>
-        public RoleAssignmentsRestClient(ClientDiagnostics clientDiagnostics, HttpPipeline pipeline, string apiVersion = "7.5")
-        {
-            ClientDiagnostics = clientDiagnostics ?? throw new ArgumentNullException(nameof(clientDiagnostics));
-            _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline));
-            _apiVersion = apiVersion ?? throw new ArgumentNullException(nameof(apiVersion));
-        }
-
-        internal HttpMessage CreateDeleteRequest(string vaultBaseUrl, string scope, string roleAssignmentName)
-        {
-            var message = _pipeline.CreateMessage();
-            var request = message.Request;
-            request.Method = RequestMethod.Delete;
-            var uri = new RawRequestUriBuilder();
-            uri.AppendRaw(vaultBaseUrl, false);
-            uri.AppendPath("/", false);
-            uri.AppendPath(scope, false);
-            uri.AppendPath("/providers/Microsoft.Authorization/roleAssignments/", false);
-            uri.AppendPath(roleAssignmentName, true);
-            uri.AppendQuery("api-version", _apiVersion, true);
-            request.Uri = uri;
-            request.Headers.Add("Accept", "application/json");
-            return message;
-        }
-
-        /// <summary> Deletes a role assignment. </summary>
-        /// <param name="vaultBaseUrl"> The vault name, for example https://myvault.vault.azure.net. </param>
-        /// <param name="scope"> The scope of the role assignment to delete. </param>
-        /// <param name="roleAssignmentName"> The name of the role assignment to delete. </param>
-        /// <param name="cancellationToken"> The cancellation token to use. </param>
-        /// <exception cref="ArgumentNullException"> <paramref name="vaultBaseUrl"/>, <paramref name="scope"/> or <paramref name="roleAssignmentName"/> is null. </exception>
-        public async Task<Response> DeleteAsync(string vaultBaseUrl, string scope, string roleAssignmentName, CancellationToken cancellationToken = default)
-        {
-            if (vaultBaseUrl == null)
-            {
-                throw new ArgumentNullException(nameof(vaultBaseUrl));
-            }
-            if (scope == null)
-            {
-                throw new ArgumentNullException(nameof(scope));
-            }
-            if (roleAssignmentName == null)
-            {
-                throw new ArgumentNullException(nameof(roleAssignmentName));
-            }
-
-            using var message = CreateDeleteRequest(vaultBaseUrl, scope, roleAssignmentName);
-            await _pipeline.SendAsync(message, cancellationToken).ConfigureAwait(false);
-            switch (message.Response.Status)
-            {
-                case 200:
-                case 404:
-                    return message.Response;
-                default:
-                    throw new RequestFailedException(message.Response);
-            }
-        }
-
-        /// <summary> Deletes a role assignment. </summary>
-        /// <param name="vaultBaseUrl"> The vault name, for example https://myvault.vault.azure.net. </param>
-        /// <param name="scope"> The scope of the role assignment to delete. </param>
-        /// <param name="roleAssignmentName"> The name of the role assignment to delete. </param>
-        /// <param name="cancellationToken"> The cancellation token to use. </param>
-        /// <exception cref="ArgumentNullException"> <paramref name="vaultBaseUrl"/>, <paramref name="scope"/> or <paramref name="roleAssignmentName"/> is null. </exception>
-        public Response Delete(string vaultBaseUrl, string scope, string roleAssignmentName, CancellationToken cancellationToken = default)
-        {
-            if (vaultBaseUrl == null)
-            {
-                throw new ArgumentNullException(nameof(vaultBaseUrl));
-            }
-            if (scope == null)
-            {
-                throw new ArgumentNullException(nameof(scope));
-            }
-            if (roleAssignmentName == null)
-            {
-                throw new ArgumentNullException(nameof(roleAssignmentName));
-            }
-
-            using var message = CreateDeleteRequest(vaultBaseUrl, scope, roleAssignmentName);
-            _pipeline.Send(message, cancellationToken);
-            switch (message.Response.Status)
-            {
-                case 200:
-                case 404:
-                    return message.Response;
-                default:
-                    throw new RequestFailedException(message.Response);
-            }
-        }
-
-        internal HttpMessage CreateCreateRequest(string vaultBaseUrl, string scope, string roleAssignmentName, RoleAssignmentCreateParameters parameters)
-        {
-            var message = _pipeline.CreateMessage();
-            var request = message.Request;
-            request.Method = RequestMethod.Put;
-            var uri = new RawRequestUriBuilder();
-            uri.AppendRaw(vaultBaseUrl, false);
-            uri.AppendPath("/", false);
-            uri.AppendPath(scope, false);
-            uri.AppendPath("/providers/Microsoft.Authorization/roleAssignments/", false);
-            uri.AppendPath(roleAssignmentName, true);
-            uri.AppendQuery("api-version", _apiVersion, true);
-            request.Uri = uri;
-            request.Headers.Add("Accept", "application/json");
-            request.Headers.Add("Content-Type", "application/json");
-            var content = new Utf8JsonRequestContent();
-            content.JsonWriter.WriteObjectValue(parameters);
-            request.Content = content;
-            return message;
-        }
-
-        /// <summary> Creates a role assignment. </summary>
-        /// <param name="vaultBaseUrl"> The vault name, for example https://myvault.vault.azure.net. </param>
-        /// <param name="scope"> The scope of the role assignment to create. </param>
-        /// <param name="roleAssignmentName"> The name of the role assignment to create. It can be any valid GUID. </param>
-        /// <param name="parameters"> Parameters for the role assignment. </param>
-        /// <param name="cancellationToken"> The cancellation token to use. </param>
-        /// <exception cref="ArgumentNullException"> <paramref name="vaultBaseUrl"/>, <paramref name="scope"/>, <paramref name="roleAssignmentName"/> or <paramref name="parameters"/> is null. </exception>
-        public async Task<Response<KeyVaultRoleAssignment>> CreateAsync(string vaultBaseUrl, string scope, string roleAssignmentName, RoleAssignmentCreateParameters parameters, CancellationToken cancellationToken = default)
-        {
-            if (vaultBaseUrl == null)
-            {
-                throw new ArgumentNullException(nameof(vaultBaseUrl));
-            }
-            if (scope == null)
-            {
-                throw new ArgumentNullException(nameof(scope));
-            }
-            if (roleAssignmentName == null)
-            {
-                throw new ArgumentNullException(nameof(roleAssignmentName));
-            }
-            if (parameters == null)
-            {
-                throw new ArgumentNullException(nameof(parameters));
-            }
-
-            using var message = CreateCreateRequest(vaultBaseUrl, scope, roleAssignmentName, parameters);
-            await _pipeline.SendAsync(message, cancellationToken).ConfigureAwait(false);
-            switch (message.Response.Status)
-            {
-                case 201:
-                    {
-                        KeyVaultRoleAssignment value = default;
-                        using var document = await JsonDocument.ParseAsync(message.Response.ContentStream, default, cancellationToken).ConfigureAwait(false);
-                        value = KeyVaultRoleAssignment.DeserializeKeyVaultRoleAssignment(document.RootElement);
-                        return Response.FromValue(value, message.Response);
-                    }
-                default:
-                    throw new RequestFailedException(message.Response);
-            }
-        }
-
-        /// <summary> Creates a role assignment. </summary>
-        /// <param name="vaultBaseUrl"> The vault name, for example https://myvault.vault.azure.net. </param>
-        /// <param name="scope"> The scope of the role assignment to create. </param>
-        /// <param name="roleAssignmentName"> The name of the role assignment to create. It can be any valid GUID. </param>
-        /// <param name="parameters"> Parameters for the role assignment. </param>
-        /// <param name="cancellationToken"> The cancellation token to use. </param>
-        /// <exception cref="ArgumentNullException"> <paramref name="vaultBaseUrl"/>, <paramref name="scope"/>, <paramref name="roleAssignmentName"/> or <paramref name="parameters"/> is null. </exception>
-        public Response<KeyVaultRoleAssignment> Create(string vaultBaseUrl, string scope, string roleAssignmentName, RoleAssignmentCreateParameters parameters, CancellationToken cancellationToken = default)
-        {
-            if (vaultBaseUrl == null)
-            {
-                throw new ArgumentNullException(nameof(vaultBaseUrl));
-            }
-            if (scope == null)
-            {
-                throw new ArgumentNullException(nameof(scope));
-            }
-            if (roleAssignmentName == null)
-            {
-                throw new ArgumentNullException(nameof(roleAssignmentName));
-            }
-            if (parameters == null)
-            {
-                throw new ArgumentNullException(nameof(parameters));
-            }
-
-            using var message = CreateCreateRequest(vaultBaseUrl, scope, roleAssignmentName, parameters);
-            _pipeline.Send(message, cancellationToken);
-            switch (message.Response.Status)
-            {
-                case 201:
-                    {
-                        KeyVaultRoleAssignment value = default;
-                        using var document = JsonDocument.Parse(message.Response.ContentStream);
-                        value = KeyVaultRoleAssignment.DeserializeKeyVaultRoleAssignment(document.RootElement);
-                        return Response.FromValue(value, message.Response);
-                    }
-                default:
-                    throw new RequestFailedException(message.Response);
-            }
-        }
-
-        internal HttpMessage CreateGetRequest(string vaultBaseUrl, string scope, string roleAssignmentName)
-        {
-            var message = _pipeline.CreateMessage();
-            var request = message.Request;
-            request.Method = RequestMethod.Get;
-            var uri = new RawRequestUriBuilder();
-            uri.AppendRaw(vaultBaseUrl, false);
-            uri.AppendPath("/", false);
-            uri.AppendPath(scope, false);
-            uri.AppendPath("/providers/Microsoft.Authorization/roleAssignments/", false);
-            uri.AppendPath(roleAssignmentName, true);
-            uri.AppendQuery("api-version", _apiVersion, true);
-            request.Uri = uri;
-            request.Headers.Add("Accept", "application/json");
-            return message;
-        }
-
-        /// <summary> Get the specified role assignment. </summary>
-        /// <param name="vaultBaseUrl"> The vault name, for example https://myvault.vault.azure.net. </param>
-        /// <param name="scope"> The scope of the role assignment. </param>
-        /// <param name="roleAssignmentName"> The name of the role assignment to get. </param>
-        /// <param name="cancellationToken"> The cancellation token to use. </param>
-        /// <exception cref="ArgumentNullException"> <paramref name="vaultBaseUrl"/>, <paramref name="scope"/> or <paramref name="roleAssignmentName"/> is null. </exception>
-        public async Task<Response<KeyVaultRoleAssignment>> GetAsync(string vaultBaseUrl, string scope, string roleAssignmentName, CancellationToken cancellationToken = default)
-        {
-            if (vaultBaseUrl == null)
-            {
-                throw new ArgumentNullException(nameof(vaultBaseUrl));
-            }
-            if (scope == null)
-            {
-                throw new ArgumentNullException(nameof(scope));
-            }
-            if (roleAssignmentName == null)
-            {
-                throw new ArgumentNullException(nameof(roleAssignmentName));
-            }
-
-            using var message = CreateGetRequest(vaultBaseUrl, scope, roleAssignmentName);
-            await _pipeline.SendAsync(message, cancellationToken).ConfigureAwait(false);
-            switch (message.Response.Status)
-            {
-                case 200:
-                    {
-                        KeyVaultRoleAssignment value = default;
-                        using var document = await JsonDocument.ParseAsync(message.Response.ContentStream, default, cancellationToken).ConfigureAwait(false);
-                        value = KeyVaultRoleAssignment.DeserializeKeyVaultRoleAssignment(document.RootElement);
-                        return Response.FromValue(value, message.Response);
-                    }
-                default:
-                    throw new RequestFailedException(message.Response);
-            }
-        }
-
-        /// <summary> Get the specified role assignment. </summary>
-        /// <param name="vaultBaseUrl"> The vault name, for example https://myvault.vault.azure.net. </param>
-        /// <param name="scope"> The scope of the role assignment. </param>
-        /// <param name="roleAssignmentName"> The name of the role assignment to get. </param>
-        /// <param name="cancellationToken"> The cancellation token to use. </param>
-        /// <exception cref="ArgumentNullException"> <paramref name="vaultBaseUrl"/>, <paramref name="scope"/> or <paramref name="roleAssignmentName"/> is null. </exception>
-        public Response<KeyVaultRoleAssignment> Get(string vaultBaseUrl, string scope, string roleAssignmentName, CancellationToken cancellationToken = default)
-        {
-            if (vaultBaseUrl == null)
-            {
-                throw new ArgumentNullException(nameof(vaultBaseUrl));
-            }
-            if (scope == null)
-            {
-                throw new ArgumentNullException(nameof(scope));
-            }
-            if (roleAssignmentName == null)
-            {
-                throw new ArgumentNullException(nameof(roleAssignmentName));
-            }
-
-            using var message = CreateGetRequest(vaultBaseUrl, scope, roleAssignmentName);
-            _pipeline.Send(message, cancellationToken);
-            switch (message.Response.Status)
-            {
-                case 200:
-                    {
-                        KeyVaultRoleAssignment value = default;
-                        using var document = JsonDocument.Parse(message.Response.ContentStream);
-                        value = KeyVaultRoleAssignment.DeserializeKeyVaultRoleAssignment(document.RootElement);
-                        return Response.FromValue(value, message.Response);
-                    }
-                default:
-                    throw new RequestFailedException(message.Response);
-            }
-        }
-
-        internal HttpMessage CreateListForScopeRequest(string vaultBaseUrl, string scope, string filter)
-        {
-            var message = _pipeline.CreateMessage();
-            var request = message.Request;
-            request.Method = RequestMethod.Get;
-            var uri = new RawRequestUriBuilder();
-            uri.AppendRaw(vaultBaseUrl, false);
-            uri.AppendPath("/", false);
-            uri.AppendPath(scope, false);
-            uri.AppendPath("/providers/Microsoft.Authorization/roleAssignments", false);
-            if (filter != null)
-            {
-                uri.AppendQuery("$filter", filter, true);
-            }
-            uri.AppendQuery("api-version", _apiVersion, true);
-            request.Uri = uri;
-            request.Headers.Add("Accept", "application/json");
-            return message;
-        }
-
-        /// <summary> Gets role assignments for a scope. </summary>
-        /// <param name="vaultBaseUrl"> The vault name, for example https://myvault.vault.azure.net. </param>
-        /// <param name="scope"> The scope of the role assignments. </param>
-        /// <param name="filter"> The filter to apply on the operation. Use $filter=atScope() to return all role assignments at or above the scope. Use $filter=principalId eq {id} to return all role assignments at, above or below the scope for the specified principal. </param>
-        /// <param name="cancellationToken"> The cancellation token to use. </param>
-        /// <exception cref="ArgumentNullException"> <paramref name="vaultBaseUrl"/> or <paramref name="scope"/> is null. </exception>
-        public async Task<Response<RoleAssignmentListResult>> ListForScopeAsync(string vaultBaseUrl, string scope, string filter = null, CancellationToken cancellationToken = default)
-        {
-            if (vaultBaseUrl == null)
-            {
-                throw new ArgumentNullException(nameof(vaultBaseUrl));
-            }
-            if (scope == null)
-            {
-                throw new ArgumentNullException(nameof(scope));
-            }
-
-            using var message = CreateListForScopeRequest(vaultBaseUrl, scope, filter);
-            await _pipeline.SendAsync(message, cancellationToken).ConfigureAwait(false);
-            switch (message.Response.Status)
-            {
-                case 200:
-                    {
-                        RoleAssignmentListResult value = default;
-                        using var document = await JsonDocument.ParseAsync(message.Response.ContentStream, default, cancellationToken).ConfigureAwait(false);
-                        value = RoleAssignmentListResult.DeserializeRoleAssignmentListResult(document.RootElement);
-                        return Response.FromValue(value, message.Response);
-                    }
-                default:
-                    throw new RequestFailedException(message.Response);
-            }
-        }
-
-        /// <summary> Gets role assignments for a scope. </summary>
-        /// <param name="vaultBaseUrl"> The vault name, for example https://myvault.vault.azure.net. </param>
-        /// <param name="scope"> The scope of the role assignments. </param>
-        /// <param name="filter"> The filter to apply on the operation. Use $filter=atScope() to return all role assignments at or above the scope. Use $filter=principalId eq {id} to return all role assignments at, above or below the scope for the specified principal. </param>
-        /// <param name="cancellationToken"> The cancellation token to use. </param>
-        /// <exception cref="ArgumentNullException"> <paramref name="vaultBaseUrl"/> or <paramref name="scope"/> is null. </exception>
-        public Response<RoleAssignmentListResult> ListForScope(string vaultBaseUrl, string scope, string filter = null, CancellationToken cancellationToken = default)
-        {
-            if (vaultBaseUrl == null)
-            {
-                throw new ArgumentNullException(nameof(vaultBaseUrl));
-            }
-            if (scope == null)
-            {
-                throw new ArgumentNullException(nameof(scope));
-            }
-
-            using var message = CreateListForScopeRequest(vaultBaseUrl, scope, filter);
-            _pipeline.Send(message, cancellationToken);
-            switch (message.Response.Status)
-            {
-                case 200:
-                    {
-                        RoleAssignmentListResult value = default;
-                        using var document = JsonDocument.Parse(message.Response.ContentStream);
-                        value = RoleAssignmentListResult.DeserializeRoleAssignmentListResult(document.RootElement);
-                        return Response.FromValue(value, message.Response);
-                    }
-                default:
-                    throw new RequestFailedException(message.Response);
-            }
-        }
-
-        internal HttpMessage CreateListForScopeNextPageRequest(string nextLink, string vaultBaseUrl, string scope, string filter)
-        {
-            var message = _pipeline.CreateMessage();
-            var request = message.Request;
-            request.Method = RequestMethod.Get;
-            var uri = new RawRequestUriBuilder();
-            uri.AppendRaw(vaultBaseUrl, false);
-            uri.AppendRawNextLink(nextLink, false);
-            request.Uri = uri;
-            request.Headers.Add("Accept", "application/json");
-            return message;
-        }
-
-        /// <summary> Gets role assignments for a scope. </summary>
-        /// <param name="nextLink"> The URL to the next page of results. </param>
-        /// <param name="vaultBaseUrl"> The vault name, for example https://myvault.vault.azure.net. </param>
-        /// <param name="scope"> The scope of the role assignments. </param>
-        /// <param name="filter"> The filter to apply on the operation. Use $filter=atScope() to return all role assignments at or above the scope. Use $filter=principalId eq {id} to return all role assignments at, above or below the scope for the specified principal. </param>
-        /// <param name="cancellationToken"> The cancellation token to use. </param>
-        /// <exception cref="ArgumentNullException"> <paramref name="nextLink"/>, <paramref name="vaultBaseUrl"/> or <paramref name="scope"/> is null. </exception>
-        public async Task<Response<RoleAssignmentListResult>> ListForScopeNextPageAsync(string nextLink, string vaultBaseUrl, string scope, string filter = null, CancellationToken cancellationToken = default)
-        {
-            if (nextLink == null)
-            {
-                throw new ArgumentNullException(nameof(nextLink));
-            }
-            if (vaultBaseUrl == null)
-            {
-                throw new ArgumentNullException(nameof(vaultBaseUrl));
-            }
-            if (scope == null)
-            {
-                throw new ArgumentNullException(nameof(scope));
-            }
-
-            using var message = CreateListForScopeNextPageRequest(nextLink, vaultBaseUrl, scope, filter);
-            await _pipeline.SendAsync(message, cancellationToken).ConfigureAwait(false);
-            switch (message.Response.Status)
-            {
-                case 200:
-                    {
-                        RoleAssignmentListResult value = default;
-                        using var document = await JsonDocument.ParseAsync(message.Response.ContentStream, default, cancellationToken).ConfigureAwait(false);
-                        value = RoleAssignmentListResult.DeserializeRoleAssignmentListResult(document.RootElement);
-                        return Response.FromValue(value, message.Response);
-                    }
-                default:
-                    throw new RequestFailedException(message.Response);
-            }
-        }
-
-        /// <summary> Gets role assignments for a scope. </summary>
-        /// <param name="nextLink"> The URL to the next page of results. </param>
-        /// <param name="vaultBaseUrl"> The vault name, for example https://myvault.vault.azure.net. </param>
-        /// <param name="scope"> The scope of the role assignments. </param>
-        /// <param name="filter"> The filter to apply on the operation. Use $filter=atScope() to return all role assignments at or above the scope. Use $filter=principalId eq {id} to return all role assignments at, above or below the scope for the specified principal. </param>
-        /// <param name="cancellationToken"> The cancellation token to use. </param>
-        /// <exception cref="ArgumentNullException"> <paramref name="nextLink"/>, <paramref name="vaultBaseUrl"/> or <paramref name="scope"/> is null. </exception>
-        public Response<RoleAssignmentListResult> ListForScopeNextPage(string nextLink, string vaultBaseUrl, string scope, string filter = null, CancellationToken cancellationToken = default)
-        {
-            if (nextLink == null)
-            {
-                throw new ArgumentNullException(nameof(nextLink));
-            }
-            if (vaultBaseUrl == null)
-            {
-                throw new ArgumentNullException(nameof(vaultBaseUrl));
-            }
-            if (scope == null)
-            {
-                throw new ArgumentNullException(nameof(scope));
-            }
-
-            using var message = CreateListForScopeNextPageRequest(nextLink, vaultBaseUrl, scope, filter);
-            _pipeline.Send(message, cancellationToken);
-            switch (message.Response.Status)
-            {
-                case 200:
-                    {
-                        RoleAssignmentListResult value = default;
-                        using var document = JsonDocument.Parse(message.Response.ContentStream);
-                        value = RoleAssignmentListResult.DeserializeRoleAssignmentListResult(document.RootElement);
-                        return Response.FromValue(value, message.Response);
-                    }
-                default:
-                    throw new RequestFailedException(message.Response);
-            }
-        }
-    }
-}
diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/RoleDefinitions.cs b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/RoleDefinitions.cs
new file mode 100644
index 000000000000..65f969db565f
--- /dev/null
+++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/RoleDefinitions.cs
@@ -0,0 +1,598 @@
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License.
+
+// <auto-generated/>
+
+#nullable disable
+
+using System;
+using System.Threading;
+using System.Threading.Tasks;
+using Autorest.CSharp.Core;
+using Azure.Core;
+using Azure.Core.Pipeline;
+using Azure.Security.KeyVault.Administration.Models;
+
+namespace Azure.Security.KeyVault.Administration
+{
+    // Data plane generated sub-client.
+    /// <summary> The RoleDefinitions sub-client. </summary>
+    public partial class RoleDefinitions
+    {
+        private static readonly string[] AuthorizationScopes = new string[] { "https://vault.azure.net/.default" };
+        private readonly TokenCredential _tokenCredential;
+        private readonly HttpPipeline _pipeline;
+        private readonly Uri _endpoint;
+        private readonly string _apiVersion;
+
+        /// <summary> The ClientDiagnostics is used to provide tracing support for the client library. </summary>
+        internal ClientDiagnostics ClientDiagnostics { get; }
+
+        /// <summary> The HTTP pipeline for sending and receiving REST requests and responses. </summary>
+        public virtual HttpPipeline Pipeline => _pipeline;
+
+        /// <summary> Initializes a new instance of RoleDefinitions for mocking. </summary>
+        protected RoleDefinitions()
+        {
+        }
+
+        /// <summary> Initializes a new instance of RoleDefinitions. </summary>
+        /// <param name="clientDiagnostics"> The handler for diagnostic messaging in the client. </param>
+        /// <param name="pipeline"> The HTTP pipeline for sending and receiving REST requests and responses. </param>
+        /// <param name="tokenCredential"> The token credential to copy. </param>
+        /// <param name="endpoint"> The <see cref="Uri"/> to use. </param>
+        /// <param name="apiVersion"> The API version to use for this operation. </param>
+        internal RoleDefinitions(ClientDiagnostics clientDiagnostics, HttpPipeline pipeline, TokenCredential tokenCredential, Uri endpoint, string apiVersion)
+        {
+            ClientDiagnostics = clientDiagnostics;
+            _pipeline = pipeline;
+            _tokenCredential = tokenCredential;
+            _endpoint = endpoint;
+            _apiVersion = apiVersion;
+        }
+
+        /// <summary> Deletes a custom role definition. </summary>
+        /// <param name="scope"> The scope of the role definition to delete. Managed HSM only supports '/'. </param>
+        /// <param name="roleDefinitionName"> The name (GUID) of the role definition to delete. </param>
+        /// <param name="cancellationToken"> The cancellation token to use. </param>
+        /// <exception cref="ArgumentNullException"> <paramref name="scope"/> or <paramref name="roleDefinitionName"/> is null. </exception>
+        /// <exception cref="ArgumentException"> <paramref name="roleDefinitionName"/> is an empty string, and was expected to be non-empty. </exception>
+        internal virtual async Task<Response<KeyVaultRoleDefinition>> DeleteAsync(string scope, string roleDefinitionName, CancellationToken cancellationToken = default)
+        {
+            Argument.AssertNotNull(scope, nameof(scope));
+            Argument.AssertNotNullOrEmpty(roleDefinitionName, nameof(roleDefinitionName));
+
+            RequestContext context = FromCancellationToken(cancellationToken);
+            Response response = await DeleteAsync(scope, roleDefinitionName, context).ConfigureAwait(false);
+            return Response.FromValue(KeyVaultRoleDefinition.FromResponse(response), response);
+        }
+
+        /// <summary> Deletes a custom role definition. </summary>
+        /// <param name="scope"> The scope of the role definition to delete. Managed HSM only supports '/'. </param>
+        /// <param name="roleDefinitionName"> The name (GUID) of the role definition to delete. </param>
+        /// <param name="cancellationToken"> The cancellation token to use. </param>
+        /// <exception cref="ArgumentNullException"> <paramref name="scope"/> or <paramref name="roleDefinitionName"/> is null. </exception>
+        /// <exception cref="ArgumentException"> <paramref name="roleDefinitionName"/> is an empty string, and was expected to be non-empty. </exception>
+        internal virtual Response<KeyVaultRoleDefinition> Delete(string scope, string roleDefinitionName, CancellationToken cancellationToken = default)
+        {
+            Argument.AssertNotNull(scope, nameof(scope));
+            Argument.AssertNotNullOrEmpty(roleDefinitionName, nameof(roleDefinitionName));
+
+            RequestContext context = FromCancellationToken(cancellationToken);
+            Response response = Delete(scope, roleDefinitionName, context);
+            return Response.FromValue(KeyVaultRoleDefinition.FromResponse(response), response);
+        }
+
+        /// <summary>
+        /// [Protocol Method] Deletes a custom role definition.
+        /// <list type="bullet">
+        /// <item>
+        /// <description>
+        /// This <see href="https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/core/Azure.Core/samples/ProtocolMethods.md">protocol method</see> allows explicit creation of the request and processing of the response for advanced scenarios.
+        /// </description>
+        /// </item>
+        /// <item>
+        /// <description>
+        /// Please try the simpler <see cref="DeleteAsync(string,string,CancellationToken)"/> convenience overload with strongly typed models first.
+        /// </description>
+        /// </item>
+        /// </list>
+        /// </summary>
+        /// <param name="scope"> The scope of the role definition to delete. Managed HSM only supports '/'. </param>
+        /// <param name="roleDefinitionName"> The name (GUID) of the role definition to delete. </param>
+        /// <param name="context"> The request context, which can override default behaviors of the client pipeline on a per-call basis. </param>
+        /// <exception cref="ArgumentNullException"> <paramref name="scope"/> or <paramref name="roleDefinitionName"/> is null. </exception>
+        /// <exception cref="ArgumentException"> <paramref name="roleDefinitionName"/> is an empty string, and was expected to be non-empty. </exception>
+        /// <exception cref="RequestFailedException"> Service returned a non-success status code. </exception>
+        /// <returns> The response returned from the service. </returns>
+        internal virtual async Task<Response> DeleteAsync(string scope, string roleDefinitionName, RequestContext context)
+        {
+            Argument.AssertNotNull(scope, nameof(scope));
+            Argument.AssertNotNullOrEmpty(roleDefinitionName, nameof(roleDefinitionName));
+
+            using var scope0 = ClientDiagnostics.CreateScope("RoleDefinitions.Delete");
+            scope0.Start();
+            try
+            {
+                using HttpMessage message = CreateDeleteRequest(scope, roleDefinitionName, context);
+                return await _pipeline.ProcessMessageAsync(message, context).ConfigureAwait(false);
+            }
+            catch (Exception e)
+            {
+                scope0.Failed(e);
+                throw;
+            }
+        }
+
+        /// <summary>
+        /// [Protocol Method] Deletes a custom role definition.
+        /// <list type="bullet">
+        /// <item>
+        /// <description>
+        /// This <see href="https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/core/Azure.Core/samples/ProtocolMethods.md">protocol method</see> allows explicit creation of the request and processing of the response for advanced scenarios.
+        /// </description>
+        /// </item>
+        /// <item>
+        /// <description>
+        /// Please try the simpler <see cref="Delete(string,string,CancellationToken)"/> convenience overload with strongly typed models first.
+        /// </description>
+        /// </item>
+        /// </list>
+        /// </summary>
+        /// <param name="scope"> The scope of the role definition to delete. Managed HSM only supports '/'. </param>
+        /// <param name="roleDefinitionName"> The name (GUID) of the role definition to delete. </param>
+        /// <param name="context"> The request context, which can override default behaviors of the client pipeline on a per-call basis. </param>
+        /// <exception cref="ArgumentNullException"> <paramref name="scope"/> or <paramref name="roleDefinitionName"/> is null. </exception>
+        /// <exception cref="ArgumentException"> <paramref name="roleDefinitionName"/> is an empty string, and was expected to be non-empty. </exception>
+        /// <exception cref="RequestFailedException"> Service returned a non-success status code. </exception>
+        /// <returns> The response returned from the service. </returns>
+        internal virtual Response Delete(string scope, string roleDefinitionName, RequestContext context)
+        {
+            Argument.AssertNotNull(scope, nameof(scope));
+            Argument.AssertNotNullOrEmpty(roleDefinitionName, nameof(roleDefinitionName));
+
+            using var scope0 = ClientDiagnostics.CreateScope("RoleDefinitions.Delete");
+            scope0.Start();
+            try
+            {
+                using HttpMessage message = CreateDeleteRequest(scope, roleDefinitionName, context);
+                return _pipeline.ProcessMessage(message, context);
+            }
+            catch (Exception e)
+            {
+                scope0.Failed(e);
+                throw;
+            }
+        }
+
+        /// <summary> Creates or updates a custom role definition. </summary>
+        /// <param name="scope"> The scope of the role definition to create or update. Managed HSM only supports '/'. </param>
+        /// <param name="roleDefinitionName"> The name of the role definition to create or update. It can be any valid GUID. </param>
+        /// <param name="parameters"> Parameters for the role definition. </param>
+        /// <param name="cancellationToken"> The cancellation token to use. </param>
+        /// <exception cref="ArgumentNullException"> <paramref name="scope"/>, <paramref name="roleDefinitionName"/> or <paramref name="parameters"/> is null. </exception>
+        /// <exception cref="ArgumentException"> <paramref name="roleDefinitionName"/> is an empty string, and was expected to be non-empty. </exception>
+        internal virtual async Task<Response<KeyVaultRoleDefinition>> CreateOrUpdateAsync(string scope, string roleDefinitionName, RoleDefinitionCreateParameters parameters, CancellationToken cancellationToken = default)
+        {
+            Argument.AssertNotNull(scope, nameof(scope));
+            Argument.AssertNotNullOrEmpty(roleDefinitionName, nameof(roleDefinitionName));
+            Argument.AssertNotNull(parameters, nameof(parameters));
+
+            using RequestContent content = parameters.ToRequestContent();
+            RequestContext context = FromCancellationToken(cancellationToken);
+            Response response = await CreateOrUpdateAsync(scope, roleDefinitionName, content, context).ConfigureAwait(false);
+            return Response.FromValue(KeyVaultRoleDefinition.FromResponse(response), response);
+        }
+
+        /// <summary> Creates or updates a custom role definition. </summary>
+        /// <param name="scope"> The scope of the role definition to create or update. Managed HSM only supports '/'. </param>
+        /// <param name="roleDefinitionName"> The name of the role definition to create or update. It can be any valid GUID. </param>
+        /// <param name="parameters"> Parameters for the role definition. </param>
+        /// <param name="cancellationToken"> The cancellation token to use. </param>
+        /// <exception cref="ArgumentNullException"> <paramref name="scope"/>, <paramref name="roleDefinitionName"/> or <paramref name="parameters"/> is null. </exception>
+        /// <exception cref="ArgumentException"> <paramref name="roleDefinitionName"/> is an empty string, and was expected to be non-empty. </exception>
+        internal virtual Response<KeyVaultRoleDefinition> CreateOrUpdate(string scope, string roleDefinitionName, RoleDefinitionCreateParameters parameters, CancellationToken cancellationToken = default)
+        {
+            Argument.AssertNotNull(scope, nameof(scope));
+            Argument.AssertNotNullOrEmpty(roleDefinitionName, nameof(roleDefinitionName));
+            Argument.AssertNotNull(parameters, nameof(parameters));
+
+            using RequestContent content = parameters.ToRequestContent();
+            RequestContext context = FromCancellationToken(cancellationToken);
+            Response response = CreateOrUpdate(scope, roleDefinitionName, content, context);
+            return Response.FromValue(KeyVaultRoleDefinition.FromResponse(response), response);
+        }
+
+        /// <summary>
+        /// [Protocol Method] Creates or updates a custom role definition.
+        /// <list type="bullet">
+        /// <item>
+        /// <description>
+        /// This <see href="https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/core/Azure.Core/samples/ProtocolMethods.md">protocol method</see> allows explicit creation of the request and processing of the response for advanced scenarios.
+        /// </description>
+        /// </item>
+        /// <item>
+        /// <description>
+        /// Please try the simpler <see cref="CreateOrUpdateAsync(string,string,RoleDefinitionCreateParameters,CancellationToken)"/> convenience overload with strongly typed models first.
+        /// </description>
+        /// </item>
+        /// </list>
+        /// </summary>
+        /// <param name="scope"> The scope of the role definition to create or update. Managed HSM only supports '/'. </param>
+        /// <param name="roleDefinitionName"> The name of the role definition to create or update. It can be any valid GUID. </param>
+        /// <param name="content"> The content to send as the body of the request. </param>
+        /// <param name="context"> The request context, which can override default behaviors of the client pipeline on a per-call basis. </param>
+        /// <exception cref="ArgumentNullException"> <paramref name="scope"/>, <paramref name="roleDefinitionName"/> or <paramref name="content"/> is null. </exception>
+        /// <exception cref="ArgumentException"> <paramref name="roleDefinitionName"/> is an empty string, and was expected to be non-empty. </exception>
+        /// <exception cref="RequestFailedException"> Service returned a non-success status code. </exception>
+        /// <returns> The response returned from the service. </returns>
+        internal virtual async Task<Response> CreateOrUpdateAsync(string scope, string roleDefinitionName, RequestContent content, RequestContext context = null)
+        {
+            Argument.AssertNotNull(scope, nameof(scope));
+            Argument.AssertNotNullOrEmpty(roleDefinitionName, nameof(roleDefinitionName));
+            Argument.AssertNotNull(content, nameof(content));
+
+            using var scope0 = ClientDiagnostics.CreateScope("RoleDefinitions.CreateOrUpdate");
+            scope0.Start();
+            try
+            {
+                using HttpMessage message = CreateCreateOrUpdateRequest(scope, roleDefinitionName, content, context);
+                return await _pipeline.ProcessMessageAsync(message, context).ConfigureAwait(false);
+            }
+            catch (Exception e)
+            {
+                scope0.Failed(e);
+                throw;
+            }
+        }
+
+        /// <summary>
+        /// [Protocol Method] Creates or updates a custom role definition.
+        /// <list type="bullet">
+        /// <item>
+        /// <description>
+        /// This <see href="https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/core/Azure.Core/samples/ProtocolMethods.md">protocol method</see> allows explicit creation of the request and processing of the response for advanced scenarios.
+        /// </description>
+        /// </item>
+        /// <item>
+        /// <description>
+        /// Please try the simpler <see cref="CreateOrUpdate(string,string,RoleDefinitionCreateParameters,CancellationToken)"/> convenience overload with strongly typed models first.
+        /// </description>
+        /// </item>
+        /// </list>
+        /// </summary>
+        /// <param name="scope"> The scope of the role definition to create or update. Managed HSM only supports '/'. </param>
+        /// <param name="roleDefinitionName"> The name of the role definition to create or update. It can be any valid GUID. </param>
+        /// <param name="content"> The content to send as the body of the request. </param>
+        /// <param name="context"> The request context, which can override default behaviors of the client pipeline on a per-call basis. </param>
+        /// <exception cref="ArgumentNullException"> <paramref name="scope"/>, <paramref name="roleDefinitionName"/> or <paramref name="content"/> is null. </exception>
+        /// <exception cref="ArgumentException"> <paramref name="roleDefinitionName"/> is an empty string, and was expected to be non-empty. </exception>
+        /// <exception cref="RequestFailedException"> Service returned a non-success status code. </exception>
+        /// <returns> The response returned from the service. </returns>
+        internal virtual Response CreateOrUpdate(string scope, string roleDefinitionName, RequestContent content, RequestContext context = null)
+        {
+            Argument.AssertNotNull(scope, nameof(scope));
+            Argument.AssertNotNullOrEmpty(roleDefinitionName, nameof(roleDefinitionName));
+            Argument.AssertNotNull(content, nameof(content));
+
+            using var scope0 = ClientDiagnostics.CreateScope("RoleDefinitions.CreateOrUpdate");
+            scope0.Start();
+            try
+            {
+                using HttpMessage message = CreateCreateOrUpdateRequest(scope, roleDefinitionName, content, context);
+                return _pipeline.ProcessMessage(message, context);
+            }
+            catch (Exception e)
+            {
+                scope0.Failed(e);
+                throw;
+            }
+        }
+
+        /// <summary> Get the specified role definition. </summary>
+        /// <param name="scope"> The scope of the role definition to get. Managed HSM only supports '/'. </param>
+        /// <param name="roleDefinitionName"> The name of the role definition to get. </param>
+        /// <param name="cancellationToken"> The cancellation token to use. </param>
+        /// <exception cref="ArgumentNullException"> <paramref name="scope"/> or <paramref name="roleDefinitionName"/> is null. </exception>
+        /// <exception cref="ArgumentException"> <paramref name="roleDefinitionName"/> is an empty string, and was expected to be non-empty. </exception>
+        internal virtual async Task<Response<KeyVaultRoleDefinition>> GetRoleDefinitionAsync(string scope, string roleDefinitionName, CancellationToken cancellationToken = default)
+        {
+            Argument.AssertNotNull(scope, nameof(scope));
+            Argument.AssertNotNullOrEmpty(roleDefinitionName, nameof(roleDefinitionName));
+
+            RequestContext context = FromCancellationToken(cancellationToken);
+            Response response = await GetRoleDefinitionAsync(scope, roleDefinitionName, context).ConfigureAwait(false);
+            return Response.FromValue(KeyVaultRoleDefinition.FromResponse(response), response);
+        }
+
+        /// <summary> Get the specified role definition. </summary>
+        /// <param name="scope"> The scope of the role definition to get. Managed HSM only supports '/'. </param>
+        /// <param name="roleDefinitionName"> The name of the role definition to get. </param>
+        /// <param name="cancellationToken"> The cancellation token to use. </param>
+        /// <exception cref="ArgumentNullException"> <paramref name="scope"/> or <paramref name="roleDefinitionName"/> is null. </exception>
+        /// <exception cref="ArgumentException"> <paramref name="roleDefinitionName"/> is an empty string, and was expected to be non-empty. </exception>
+        internal virtual Response<KeyVaultRoleDefinition> GetRoleDefinition(string scope, string roleDefinitionName, CancellationToken cancellationToken = default)
+        {
+            Argument.AssertNotNull(scope, nameof(scope));
+            Argument.AssertNotNullOrEmpty(roleDefinitionName, nameof(roleDefinitionName));
+
+            RequestContext context = FromCancellationToken(cancellationToken);
+            Response response = GetRoleDefinition(scope, roleDefinitionName, context);
+            return Response.FromValue(KeyVaultRoleDefinition.FromResponse(response), response);
+        }
+
+        /// <summary>
+        /// [Protocol Method] Get the specified role definition.
+        /// <list type="bullet">
+        /// <item>
+        /// <description>
+        /// This <see href="https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/core/Azure.Core/samples/ProtocolMethods.md">protocol method</see> allows explicit creation of the request and processing of the response for advanced scenarios.
+        /// </description>
+        /// </item>
+        /// <item>
+        /// <description>
+        /// Please try the simpler <see cref="GetRoleDefinitionAsync(string,string,CancellationToken)"/> convenience overload with strongly typed models first.
+        /// </description>
+        /// </item>
+        /// </list>
+        /// </summary>
+        /// <param name="scope"> The scope of the role definition to get. Managed HSM only supports '/'. </param>
+        /// <param name="roleDefinitionName"> The name of the role definition to get. </param>
+        /// <param name="context"> The request context, which can override default behaviors of the client pipeline on a per-call basis. </param>
+        /// <exception cref="ArgumentNullException"> <paramref name="scope"/> or <paramref name="roleDefinitionName"/> is null. </exception>
+        /// <exception cref="ArgumentException"> <paramref name="roleDefinitionName"/> is an empty string, and was expected to be non-empty. </exception>
+        /// <exception cref="RequestFailedException"> Service returned a non-success status code. </exception>
+        /// <returns> The response returned from the service. </returns>
+        internal virtual async Task<Response> GetRoleDefinitionAsync(string scope, string roleDefinitionName, RequestContext context)
+        {
+            Argument.AssertNotNull(scope, nameof(scope));
+            Argument.AssertNotNullOrEmpty(roleDefinitionName, nameof(roleDefinitionName));
+
+            using var scope0 = ClientDiagnostics.CreateScope("RoleDefinitions.GetRoleDefinition");
+            scope0.Start();
+            try
+            {
+                using HttpMessage message = CreateGetRoleDefinitionRequest(scope, roleDefinitionName, context);
+                return await _pipeline.ProcessMessageAsync(message, context).ConfigureAwait(false);
+            }
+            catch (Exception e)
+            {
+                scope0.Failed(e);
+                throw;
+            }
+        }
+
+        /// <summary>
+        /// [Protocol Method] Get the specified role definition.
+        /// <list type="bullet">
+        /// <item>
+        /// <description>
+        /// This <see href="https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/core/Azure.Core/samples/ProtocolMethods.md">protocol method</see> allows explicit creation of the request and processing of the response for advanced scenarios.
+        /// </description>
+        /// </item>
+        /// <item>
+        /// <description>
+        /// Please try the simpler <see cref="GetRoleDefinition(string,string,CancellationToken)"/> convenience overload with strongly typed models first.
+        /// </description>
+        /// </item>
+        /// </list>
+        /// </summary>
+        /// <param name="scope"> The scope of the role definition to get. Managed HSM only supports '/'. </param>
+        /// <param name="roleDefinitionName"> The name of the role definition to get. </param>
+        /// <param name="context"> The request context, which can override default behaviors of the client pipeline on a per-call basis. </param>
+        /// <exception cref="ArgumentNullException"> <paramref name="scope"/> or <paramref name="roleDefinitionName"/> is null. </exception>
+        /// <exception cref="ArgumentException"> <paramref name="roleDefinitionName"/> is an empty string, and was expected to be non-empty. </exception>
+        /// <exception cref="RequestFailedException"> Service returned a non-success status code. </exception>
+        /// <returns> The response returned from the service. </returns>
+        internal virtual Response GetRoleDefinition(string scope, string roleDefinitionName, RequestContext context)
+        {
+            Argument.AssertNotNull(scope, nameof(scope));
+            Argument.AssertNotNullOrEmpty(roleDefinitionName, nameof(roleDefinitionName));
+
+            using var scope0 = ClientDiagnostics.CreateScope("RoleDefinitions.GetRoleDefinition");
+            scope0.Start();
+            try
+            {
+                using HttpMessage message = CreateGetRoleDefinitionRequest(scope, roleDefinitionName, context);
+                return _pipeline.ProcessMessage(message, context);
+            }
+            catch (Exception e)
+            {
+                scope0.Failed(e);
+                throw;
+            }
+        }
+
+        /// <summary> Get all role definitions that are applicable at scope and above. </summary>
+        /// <param name="scope"> The scope of the role definition. </param>
+        /// <param name="filter"> The filter to apply on the operation. Use atScopeAndBelow filter to search below the given scope as well. </param>
+        /// <param name="cancellationToken"> The cancellation token to use. </param>
+        /// <exception cref="ArgumentNullException"> <paramref name="scope"/> is null. </exception>
+        internal virtual AsyncPageable<KeyVaultRoleDefinition> GetRoleDefinitionsAsync(string scope, string filter = null, CancellationToken cancellationToken = default)
+        {
+            Argument.AssertNotNull(scope, nameof(scope));
+
+            RequestContext context = cancellationToken.CanBeCanceled ? new RequestContext { CancellationToken = cancellationToken } : null;
+            HttpMessage FirstPageRequest(int? pageSizeHint) => CreateGetRoleDefinitionsRequest(scope, filter, context);
+            HttpMessage NextPageRequest(int? pageSizeHint, string nextLink) => CreateGetRoleDefinitionsNextPageRequest(nextLink, scope, filter, context);
+            return GeneratorPageableHelpers.CreateAsyncPageable(FirstPageRequest, NextPageRequest, KeyVaultRoleDefinition.DeserializeKeyVaultRoleDefinition, ClientDiagnostics, _pipeline, "RoleDefinitions.GetRoleDefinitions", "value", "nextLink", context);
+        }
+
+        /// <summary> Get all role definitions that are applicable at scope and above. </summary>
+        /// <param name="scope"> The scope of the role definition. </param>
+        /// <param name="filter"> The filter to apply on the operation. Use atScopeAndBelow filter to search below the given scope as well. </param>
+        /// <param name="cancellationToken"> The cancellation token to use. </param>
+        /// <exception cref="ArgumentNullException"> <paramref name="scope"/> is null. </exception>
+        internal virtual Pageable<KeyVaultRoleDefinition> GetRoleDefinitions(string scope, string filter = null, CancellationToken cancellationToken = default)
+        {
+            Argument.AssertNotNull(scope, nameof(scope));
+
+            RequestContext context = cancellationToken.CanBeCanceled ? new RequestContext { CancellationToken = cancellationToken } : null;
+            HttpMessage FirstPageRequest(int? pageSizeHint) => CreateGetRoleDefinitionsRequest(scope, filter, context);
+            HttpMessage NextPageRequest(int? pageSizeHint, string nextLink) => CreateGetRoleDefinitionsNextPageRequest(nextLink, scope, filter, context);
+            return GeneratorPageableHelpers.CreatePageable(FirstPageRequest, NextPageRequest, KeyVaultRoleDefinition.DeserializeKeyVaultRoleDefinition, ClientDiagnostics, _pipeline, "RoleDefinitions.GetRoleDefinitions", "value", "nextLink", context);
+        }
+
+        /// <summary>
+        /// [Protocol Method] Get all role definitions that are applicable at scope and above.
+        /// <list type="bullet">
+        /// <item>
+        /// <description>
+        /// This <see href="https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/core/Azure.Core/samples/ProtocolMethods.md">protocol method</see> allows explicit creation of the request and processing of the response for advanced scenarios.
+        /// </description>
+        /// </item>
+        /// <item>
+        /// <description>
+        /// Please try the simpler <see cref="GetRoleDefinitionsAsync(string,string,CancellationToken)"/> convenience overload with strongly typed models first.
+        /// </description>
+        /// </item>
+        /// </list>
+        /// </summary>
+        /// <param name="scope"> The scope of the role definition. </param>
+        /// <param name="filter"> The filter to apply on the operation. Use atScopeAndBelow filter to search below the given scope as well. </param>
+        /// <param name="context"> The request context, which can override default behaviors of the client pipeline on a per-call basis. </param>
+        /// <exception cref="ArgumentNullException"> <paramref name="scope"/> is null. </exception>
+        /// <exception cref="RequestFailedException"> Service returned a non-success status code. </exception>
+        /// <returns> The <see cref="AsyncPageable{T}"/> from the service containing a list of <see cref="BinaryData"/> objects. Details of the body schema for each item in the collection are in the Remarks section below. </returns>
+        internal virtual AsyncPageable<BinaryData> GetRoleDefinitionsAsync(string scope, string filter, RequestContext context)
+        {
+            Argument.AssertNotNull(scope, nameof(scope));
+
+            HttpMessage FirstPageRequest(int? pageSizeHint) => CreateGetRoleDefinitionsRequest(scope, filter, context);
+            HttpMessage NextPageRequest(int? pageSizeHint, string nextLink) => CreateGetRoleDefinitionsNextPageRequest(nextLink, scope, filter, context);
+            return GeneratorPageableHelpers.CreateAsyncPageable(FirstPageRequest, NextPageRequest, e => BinaryData.FromString(e.GetRawText()), ClientDiagnostics, _pipeline, "RoleDefinitions.GetRoleDefinitions", "value", "nextLink", context);
+        }
+
+        /// <summary>
+        /// [Protocol Method] Get all role definitions that are applicable at scope and above.
+        /// <list type="bullet">
+        /// <item>
+        /// <description>
+        /// This <see href="https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/core/Azure.Core/samples/ProtocolMethods.md">protocol method</see> allows explicit creation of the request and processing of the response for advanced scenarios.
+        /// </description>
+        /// </item>
+        /// <item>
+        /// <description>
+        /// Please try the simpler <see cref="GetRoleDefinitions(string,string,CancellationToken)"/> convenience overload with strongly typed models first.
+        /// </description>
+        /// </item>
+        /// </list>
+        /// </summary>
+        /// <param name="scope"> The scope of the role definition. </param>
+        /// <param name="filter"> The filter to apply on the operation. Use atScopeAndBelow filter to search below the given scope as well. </param>
+        /// <param name="context"> The request context, which can override default behaviors of the client pipeline on a per-call basis. </param>
+        /// <exception cref="ArgumentNullException"> <paramref name="scope"/> is null. </exception>
+        /// <exception cref="RequestFailedException"> Service returned a non-success status code. </exception>
+        /// <returns> The <see cref="Pageable{T}"/> from the service containing a list of <see cref="BinaryData"/> objects. Details of the body schema for each item in the collection are in the Remarks section below. </returns>
+        internal virtual Pageable<BinaryData> GetRoleDefinitions(string scope, string filter, RequestContext context)
+        {
+            Argument.AssertNotNull(scope, nameof(scope));
+
+            HttpMessage FirstPageRequest(int? pageSizeHint) => CreateGetRoleDefinitionsRequest(scope, filter, context);
+            HttpMessage NextPageRequest(int? pageSizeHint, string nextLink) => CreateGetRoleDefinitionsNextPageRequest(nextLink, scope, filter, context);
+            return GeneratorPageableHelpers.CreatePageable(FirstPageRequest, NextPageRequest, e => BinaryData.FromString(e.GetRawText()), ClientDiagnostics, _pipeline, "RoleDefinitions.GetRoleDefinitions", "value", "nextLink", context);
+        }
+
+        internal HttpMessage CreateDeleteRequest(string scope, string roleDefinitionName, RequestContext context)
+        {
+            var message = _pipeline.CreateMessage(context, ResponseClassifier200);
+            var request = message.Request;
+            request.Method = RequestMethod.Delete;
+            var uri = new RawRequestUriBuilder();
+            uri.Reset(_endpoint);
+            uri.AppendPath("/", false);
+            uri.AppendPath(scope, false);
+            uri.AppendPath("/providers/Microsoft.Authorization/roleDefinitions/", false);
+            uri.AppendPath(roleDefinitionName, true);
+            uri.AppendQuery("api-version", _apiVersion, true);
+            request.Uri = uri;
+            request.Headers.Add("Accept", "application/json");
+            return message;
+        }
+
+        internal HttpMessage CreateCreateOrUpdateRequest(string scope, string roleDefinitionName, RequestContent content, RequestContext context)
+        {
+            var message = _pipeline.CreateMessage(context, ResponseClassifier201);
+            var request = message.Request;
+            request.Method = RequestMethod.Put;
+            var uri = new RawRequestUriBuilder();
+            uri.Reset(_endpoint);
+            uri.AppendPath("/", false);
+            uri.AppendPath(scope, false);
+            uri.AppendPath("/providers/Microsoft.Authorization/roleDefinitions/", false);
+            uri.AppendPath(roleDefinitionName, true);
+            uri.AppendQuery("api-version", _apiVersion, true);
+            request.Uri = uri;
+            request.Headers.Add("Accept", "application/json");
+            request.Headers.Add("Content-Type", "application/json");
+            request.Content = content;
+            return message;
+        }
+
+        internal HttpMessage CreateGetRoleDefinitionRequest(string scope, string roleDefinitionName, RequestContext context)
+        {
+            var message = _pipeline.CreateMessage(context, ResponseClassifier200);
+            var request = message.Request;
+            request.Method = RequestMethod.Get;
+            var uri = new RawRequestUriBuilder();
+            uri.Reset(_endpoint);
+            uri.AppendPath("/", false);
+            uri.AppendPath(scope, false);
+            uri.AppendPath("/providers/Microsoft.Authorization/roleDefinitions/", false);
+            uri.AppendPath(roleDefinitionName, true);
+            uri.AppendQuery("api-version", _apiVersion, true);
+            request.Uri = uri;
+            request.Headers.Add("Accept", "application/json");
+            return message;
+        }
+
+        internal HttpMessage CreateGetRoleDefinitionsRequest(string scope, string filter, RequestContext context)
+        {
+            var message = _pipeline.CreateMessage(context, ResponseClassifier200);
+            var request = message.Request;
+            request.Method = RequestMethod.Get;
+            var uri = new RawRequestUriBuilder();
+            uri.Reset(_endpoint);
+            uri.AppendPath("/", false);
+            uri.AppendPath(scope, false);
+            uri.AppendPath("/providers/Microsoft.Authorization/roleDefinitions", false);
+            uri.AppendQuery("api-version", _apiVersion, true);
+            if (filter != null)
+            {
+                uri.AppendQuery("$filter", filter, true);
+            }
+            request.Uri = uri;
+            request.Headers.Add("Accept", "application/json");
+            return message;
+        }
+
+        internal HttpMessage CreateGetRoleDefinitionsNextPageRequest(string nextLink, string scope, string filter, RequestContext context)
+        {
+            var message = _pipeline.CreateMessage(context, ResponseClassifier200);
+            var request = message.Request;
+            request.Method = RequestMethod.Get;
+            var uri = new RawRequestUriBuilder();
+            uri.Reset(_endpoint);
+            uri.AppendRawNextLink(nextLink, false);
+            request.Uri = uri;
+            request.Headers.Add("Accept", "application/json");
+            return message;
+        }
+
+        private static RequestContext DefaultRequestContext = new RequestContext();
+        internal static RequestContext FromCancellationToken(CancellationToken cancellationToken = default)
+        {
+            if (!cancellationToken.CanBeCanceled)
+            {
+                return DefaultRequestContext;
+            }
+
+            return new RequestContext() { CancellationToken = cancellationToken };
+        }
+
+        private static ResponseClassifier _responseClassifier200;
+        private static ResponseClassifier ResponseClassifier200 => _responseClassifier200 ??= new StatusCodeClassifier(stackalloc ushort[] { 200 });
+        private static ResponseClassifier _responseClassifier201;
+        private static ResponseClassifier ResponseClassifier201 => _responseClassifier201 ??= new StatusCodeClassifier(stackalloc ushort[] { 201 });
+    }
+}
diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/RoleDefinitionsRestClient.cs b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/RoleDefinitionsRestClient.cs
deleted file mode 100644
index 6221ad1e783c..000000000000
--- a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/RoleDefinitionsRestClient.cs
+++ /dev/null
@@ -1,492 +0,0 @@
-// Copyright (c) Microsoft Corporation. All rights reserved.
-// Licensed under the MIT License.
-
-// <auto-generated/>
-
-#nullable disable
-
-using System;
-using System.Text.Json;
-using System.Threading;
-using System.Threading.Tasks;
-using Azure.Core;
-using Azure.Core.Pipeline;
-using Azure.Security.KeyVault.Administration.Models;
-
-namespace Azure.Security.KeyVault.Administration
-{
-    internal partial class RoleDefinitionsRestClient
-    {
-        private readonly HttpPipeline _pipeline;
-        private readonly string _apiVersion;
-
-        /// <summary> The ClientDiagnostics is used to provide tracing support for the client library. </summary>
-        internal ClientDiagnostics ClientDiagnostics { get; }
-
-        /// <summary> Initializes a new instance of RoleDefinitionsRestClient. </summary>
-        /// <param name="clientDiagnostics"> The handler for diagnostic messaging in the client. </param>
-        /// <param name="pipeline"> The HTTP pipeline for sending and receiving REST requests and responses. </param>
-        /// <param name="apiVersion"> Api Version. </param>
-        /// <exception cref="ArgumentNullException"> <paramref name="clientDiagnostics"/>, <paramref name="pipeline"/> or <paramref name="apiVersion"/> is null. </exception>
-        public RoleDefinitionsRestClient(ClientDiagnostics clientDiagnostics, HttpPipeline pipeline, string apiVersion = "7.5")
-        {
-            ClientDiagnostics = clientDiagnostics ?? throw new ArgumentNullException(nameof(clientDiagnostics));
-            _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline));
-            _apiVersion = apiVersion ?? throw new ArgumentNullException(nameof(apiVersion));
-        }
-
-        internal HttpMessage CreateDeleteRequest(string vaultBaseUrl, string scope, string roleDefinitionName)
-        {
-            var message = _pipeline.CreateMessage();
-            var request = message.Request;
-            request.Method = RequestMethod.Delete;
-            var uri = new RawRequestUriBuilder();
-            uri.AppendRaw(vaultBaseUrl, false);
-            uri.AppendPath("/", false);
-            uri.AppendPath(scope, false);
-            uri.AppendPath("/providers/Microsoft.Authorization/roleDefinitions/", false);
-            uri.AppendPath(roleDefinitionName, true);
-            uri.AppendQuery("api-version", _apiVersion, true);
-            request.Uri = uri;
-            request.Headers.Add("Accept", "application/json");
-            return message;
-        }
-
-        /// <summary> Deletes a custom role definition. </summary>
-        /// <param name="vaultBaseUrl"> The vault name, for example https://myvault.vault.azure.net. </param>
-        /// <param name="scope"> The scope of the role definition to delete. Managed HSM only supports '/'. </param>
-        /// <param name="roleDefinitionName"> The name (GUID) of the role definition to delete. </param>
-        /// <param name="cancellationToken"> The cancellation token to use. </param>
-        /// <exception cref="ArgumentNullException"> <paramref name="vaultBaseUrl"/>, <paramref name="scope"/> or <paramref name="roleDefinitionName"/> is null. </exception>
-        public async Task<Response> DeleteAsync(string vaultBaseUrl, string scope, string roleDefinitionName, CancellationToken cancellationToken = default)
-        {
-            if (vaultBaseUrl == null)
-            {
-                throw new ArgumentNullException(nameof(vaultBaseUrl));
-            }
-            if (scope == null)
-            {
-                throw new ArgumentNullException(nameof(scope));
-            }
-            if (roleDefinitionName == null)
-            {
-                throw new ArgumentNullException(nameof(roleDefinitionName));
-            }
-
-            using var message = CreateDeleteRequest(vaultBaseUrl, scope, roleDefinitionName);
-            await _pipeline.SendAsync(message, cancellationToken).ConfigureAwait(false);
-            switch (message.Response.Status)
-            {
-                case 200:
-                case 404:
-                    return message.Response;
-                default:
-                    throw new RequestFailedException(message.Response);
-            }
-        }
-
-        /// <summary> Deletes a custom role definition. </summary>
-        /// <param name="vaultBaseUrl"> The vault name, for example https://myvault.vault.azure.net. </param>
-        /// <param name="scope"> The scope of the role definition to delete. Managed HSM only supports '/'. </param>
-        /// <param name="roleDefinitionName"> The name (GUID) of the role definition to delete. </param>
-        /// <param name="cancellationToken"> The cancellation token to use. </param>
-        /// <exception cref="ArgumentNullException"> <paramref name="vaultBaseUrl"/>, <paramref name="scope"/> or <paramref name="roleDefinitionName"/> is null. </exception>
-        public Response Delete(string vaultBaseUrl, string scope, string roleDefinitionName, CancellationToken cancellationToken = default)
-        {
-            if (vaultBaseUrl == null)
-            {
-                throw new ArgumentNullException(nameof(vaultBaseUrl));
-            }
-            if (scope == null)
-            {
-                throw new ArgumentNullException(nameof(scope));
-            }
-            if (roleDefinitionName == null)
-            {
-                throw new ArgumentNullException(nameof(roleDefinitionName));
-            }
-
-            using var message = CreateDeleteRequest(vaultBaseUrl, scope, roleDefinitionName);
-            _pipeline.Send(message, cancellationToken);
-            switch (message.Response.Status)
-            {
-                case 200:
-                case 404:
-                    return message.Response;
-                default:
-                    throw new RequestFailedException(message.Response);
-            }
-        }
-
-        internal HttpMessage CreateCreateOrUpdateRequest(string vaultBaseUrl, string scope, string roleDefinitionName, RoleDefinitionCreateParameters parameters)
-        {
-            var message = _pipeline.CreateMessage();
-            var request = message.Request;
-            request.Method = RequestMethod.Put;
-            var uri = new RawRequestUriBuilder();
-            uri.AppendRaw(vaultBaseUrl, false);
-            uri.AppendPath("/", false);
-            uri.AppendPath(scope, false);
-            uri.AppendPath("/providers/Microsoft.Authorization/roleDefinitions/", false);
-            uri.AppendPath(roleDefinitionName, true);
-            uri.AppendQuery("api-version", _apiVersion, true);
-            request.Uri = uri;
-            request.Headers.Add("Accept", "application/json");
-            request.Headers.Add("Content-Type", "application/json");
-            var content = new Utf8JsonRequestContent();
-            content.JsonWriter.WriteObjectValue(parameters);
-            request.Content = content;
-            return message;
-        }
-
-        /// <summary> Creates or updates a custom role definition. </summary>
-        /// <param name="vaultBaseUrl"> The vault name, for example https://myvault.vault.azure.net. </param>
-        /// <param name="scope"> The scope of the role definition to create or update. Managed HSM only supports '/'. </param>
-        /// <param name="roleDefinitionName"> The name of the role definition to create or update. It can be any valid GUID. </param>
-        /// <param name="parameters"> Parameters for the role definition. </param>
-        /// <param name="cancellationToken"> The cancellation token to use. </param>
-        /// <exception cref="ArgumentNullException"> <paramref name="vaultBaseUrl"/>, <paramref name="scope"/>, <paramref name="roleDefinitionName"/> or <paramref name="parameters"/> is null. </exception>
-        public async Task<Response<KeyVaultRoleDefinition>> CreateOrUpdateAsync(string vaultBaseUrl, string scope, string roleDefinitionName, RoleDefinitionCreateParameters parameters, CancellationToken cancellationToken = default)
-        {
-            if (vaultBaseUrl == null)
-            {
-                throw new ArgumentNullException(nameof(vaultBaseUrl));
-            }
-            if (scope == null)
-            {
-                throw new ArgumentNullException(nameof(scope));
-            }
-            if (roleDefinitionName == null)
-            {
-                throw new ArgumentNullException(nameof(roleDefinitionName));
-            }
-            if (parameters == null)
-            {
-                throw new ArgumentNullException(nameof(parameters));
-            }
-
-            using var message = CreateCreateOrUpdateRequest(vaultBaseUrl, scope, roleDefinitionName, parameters);
-            await _pipeline.SendAsync(message, cancellationToken).ConfigureAwait(false);
-            switch (message.Response.Status)
-            {
-                case 201:
-                    {
-                        KeyVaultRoleDefinition value = default;
-                        using var document = await JsonDocument.ParseAsync(message.Response.ContentStream, default, cancellationToken).ConfigureAwait(false);
-                        value = KeyVaultRoleDefinition.DeserializeKeyVaultRoleDefinition(document.RootElement);
-                        return Response.FromValue(value, message.Response);
-                    }
-                default:
-                    throw new RequestFailedException(message.Response);
-            }
-        }
-
-        /// <summary> Creates or updates a custom role definition. </summary>
-        /// <param name="vaultBaseUrl"> The vault name, for example https://myvault.vault.azure.net. </param>
-        /// <param name="scope"> The scope of the role definition to create or update. Managed HSM only supports '/'. </param>
-        /// <param name="roleDefinitionName"> The name of the role definition to create or update. It can be any valid GUID. </param>
-        /// <param name="parameters"> Parameters for the role definition. </param>
-        /// <param name="cancellationToken"> The cancellation token to use. </param>
-        /// <exception cref="ArgumentNullException"> <paramref name="vaultBaseUrl"/>, <paramref name="scope"/>, <paramref name="roleDefinitionName"/> or <paramref name="parameters"/> is null. </exception>
-        public Response<KeyVaultRoleDefinition> CreateOrUpdate(string vaultBaseUrl, string scope, string roleDefinitionName, RoleDefinitionCreateParameters parameters, CancellationToken cancellationToken = default)
-        {
-            if (vaultBaseUrl == null)
-            {
-                throw new ArgumentNullException(nameof(vaultBaseUrl));
-            }
-            if (scope == null)
-            {
-                throw new ArgumentNullException(nameof(scope));
-            }
-            if (roleDefinitionName == null)
-            {
-                throw new ArgumentNullException(nameof(roleDefinitionName));
-            }
-            if (parameters == null)
-            {
-                throw new ArgumentNullException(nameof(parameters));
-            }
-
-            using var message = CreateCreateOrUpdateRequest(vaultBaseUrl, scope, roleDefinitionName, parameters);
-            _pipeline.Send(message, cancellationToken);
-            switch (message.Response.Status)
-            {
-                case 201:
-                    {
-                        KeyVaultRoleDefinition value = default;
-                        using var document = JsonDocument.Parse(message.Response.ContentStream);
-                        value = KeyVaultRoleDefinition.DeserializeKeyVaultRoleDefinition(document.RootElement);
-                        return Response.FromValue(value, message.Response);
-                    }
-                default:
-                    throw new RequestFailedException(message.Response);
-            }
-        }
-
-        internal HttpMessage CreateGetRequest(string vaultBaseUrl, string scope, string roleDefinitionName)
-        {
-            var message = _pipeline.CreateMessage();
-            var request = message.Request;
-            request.Method = RequestMethod.Get;
-            var uri = new RawRequestUriBuilder();
-            uri.AppendRaw(vaultBaseUrl, false);
-            uri.AppendPath("/", false);
-            uri.AppendPath(scope, false);
-            uri.AppendPath("/providers/Microsoft.Authorization/roleDefinitions/", false);
-            uri.AppendPath(roleDefinitionName, true);
-            uri.AppendQuery("api-version", _apiVersion, true);
-            request.Uri = uri;
-            request.Headers.Add("Accept", "application/json");
-            return message;
-        }
-
-        /// <summary> Get the specified role definition. </summary>
-        /// <param name="vaultBaseUrl"> The vault name, for example https://myvault.vault.azure.net. </param>
-        /// <param name="scope"> The scope of the role definition to get. Managed HSM only supports '/'. </param>
-        /// <param name="roleDefinitionName"> The name of the role definition to get. </param>
-        /// <param name="cancellationToken"> The cancellation token to use. </param>
-        /// <exception cref="ArgumentNullException"> <paramref name="vaultBaseUrl"/>, <paramref name="scope"/> or <paramref name="roleDefinitionName"/> is null. </exception>
-        public async Task<Response<KeyVaultRoleDefinition>> GetAsync(string vaultBaseUrl, string scope, string roleDefinitionName, CancellationToken cancellationToken = default)
-        {
-            if (vaultBaseUrl == null)
-            {
-                throw new ArgumentNullException(nameof(vaultBaseUrl));
-            }
-            if (scope == null)
-            {
-                throw new ArgumentNullException(nameof(scope));
-            }
-            if (roleDefinitionName == null)
-            {
-                throw new ArgumentNullException(nameof(roleDefinitionName));
-            }
-
-            using var message = CreateGetRequest(vaultBaseUrl, scope, roleDefinitionName);
-            await _pipeline.SendAsync(message, cancellationToken).ConfigureAwait(false);
-            switch (message.Response.Status)
-            {
-                case 200:
-                    {
-                        KeyVaultRoleDefinition value = default;
-                        using var document = await JsonDocument.ParseAsync(message.Response.ContentStream, default, cancellationToken).ConfigureAwait(false);
-                        value = KeyVaultRoleDefinition.DeserializeKeyVaultRoleDefinition(document.RootElement);
-                        return Response.FromValue(value, message.Response);
-                    }
-                default:
-                    throw new RequestFailedException(message.Response);
-            }
-        }
-
-        /// <summary> Get the specified role definition. </summary>
-        /// <param name="vaultBaseUrl"> The vault name, for example https://myvault.vault.azure.net. </param>
-        /// <param name="scope"> The scope of the role definition to get. Managed HSM only supports '/'. </param>
-        /// <param name="roleDefinitionName"> The name of the role definition to get. </param>
-        /// <param name="cancellationToken"> The cancellation token to use. </param>
-        /// <exception cref="ArgumentNullException"> <paramref name="vaultBaseUrl"/>, <paramref name="scope"/> or <paramref name="roleDefinitionName"/> is null. </exception>
-        public Response<KeyVaultRoleDefinition> Get(string vaultBaseUrl, string scope, string roleDefinitionName, CancellationToken cancellationToken = default)
-        {
-            if (vaultBaseUrl == null)
-            {
-                throw new ArgumentNullException(nameof(vaultBaseUrl));
-            }
-            if (scope == null)
-            {
-                throw new ArgumentNullException(nameof(scope));
-            }
-            if (roleDefinitionName == null)
-            {
-                throw new ArgumentNullException(nameof(roleDefinitionName));
-            }
-
-            using var message = CreateGetRequest(vaultBaseUrl, scope, roleDefinitionName);
-            _pipeline.Send(message, cancellationToken);
-            switch (message.Response.Status)
-            {
-                case 200:
-                    {
-                        KeyVaultRoleDefinition value = default;
-                        using var document = JsonDocument.Parse(message.Response.ContentStream);
-                        value = KeyVaultRoleDefinition.DeserializeKeyVaultRoleDefinition(document.RootElement);
-                        return Response.FromValue(value, message.Response);
-                    }
-                default:
-                    throw new RequestFailedException(message.Response);
-            }
-        }
-
-        internal HttpMessage CreateListRequest(string vaultBaseUrl, string scope, string filter)
-        {
-            var message = _pipeline.CreateMessage();
-            var request = message.Request;
-            request.Method = RequestMethod.Get;
-            var uri = new RawRequestUriBuilder();
-            uri.AppendRaw(vaultBaseUrl, false);
-            uri.AppendPath("/", false);
-            uri.AppendPath(scope, false);
-            uri.AppendPath("/providers/Microsoft.Authorization/roleDefinitions", false);
-            if (filter != null)
-            {
-                uri.AppendQuery("$filter", filter, true);
-            }
-            uri.AppendQuery("api-version", _apiVersion, true);
-            request.Uri = uri;
-            request.Headers.Add("Accept", "application/json");
-            return message;
-        }
-
-        /// <summary> Get all role definitions that are applicable at scope and above. </summary>
-        /// <param name="vaultBaseUrl"> The vault name, for example https://myvault.vault.azure.net. </param>
-        /// <param name="scope"> The scope of the role definition. </param>
-        /// <param name="filter"> The filter to apply on the operation. Use atScopeAndBelow filter to search below the given scope as well. </param>
-        /// <param name="cancellationToken"> The cancellation token to use. </param>
-        /// <exception cref="ArgumentNullException"> <paramref name="vaultBaseUrl"/> or <paramref name="scope"/> is null. </exception>
-        public async Task<Response<RoleDefinitionListResult>> ListAsync(string vaultBaseUrl, string scope, string filter = null, CancellationToken cancellationToken = default)
-        {
-            if (vaultBaseUrl == null)
-            {
-                throw new ArgumentNullException(nameof(vaultBaseUrl));
-            }
-            if (scope == null)
-            {
-                throw new ArgumentNullException(nameof(scope));
-            }
-
-            using var message = CreateListRequest(vaultBaseUrl, scope, filter);
-            await _pipeline.SendAsync(message, cancellationToken).ConfigureAwait(false);
-            switch (message.Response.Status)
-            {
-                case 200:
-                    {
-                        RoleDefinitionListResult value = default;
-                        using var document = await JsonDocument.ParseAsync(message.Response.ContentStream, default, cancellationToken).ConfigureAwait(false);
-                        value = RoleDefinitionListResult.DeserializeRoleDefinitionListResult(document.RootElement);
-                        return Response.FromValue(value, message.Response);
-                    }
-                default:
-                    throw new RequestFailedException(message.Response);
-            }
-        }
-
-        /// <summary> Get all role definitions that are applicable at scope and above. </summary>
-        /// <param name="vaultBaseUrl"> The vault name, for example https://myvault.vault.azure.net. </param>
-        /// <param name="scope"> The scope of the role definition. </param>
-        /// <param name="filter"> The filter to apply on the operation. Use atScopeAndBelow filter to search below the given scope as well. </param>
-        /// <param name="cancellationToken"> The cancellation token to use. </param>
-        /// <exception cref="ArgumentNullException"> <paramref name="vaultBaseUrl"/> or <paramref name="scope"/> is null. </exception>
-        public Response<RoleDefinitionListResult> List(string vaultBaseUrl, string scope, string filter = null, CancellationToken cancellationToken = default)
-        {
-            if (vaultBaseUrl == null)
-            {
-                throw new ArgumentNullException(nameof(vaultBaseUrl));
-            }
-            if (scope == null)
-            {
-                throw new ArgumentNullException(nameof(scope));
-            }
-
-            using var message = CreateListRequest(vaultBaseUrl, scope, filter);
-            _pipeline.Send(message, cancellationToken);
-            switch (message.Response.Status)
-            {
-                case 200:
-                    {
-                        RoleDefinitionListResult value = default;
-                        using var document = JsonDocument.Parse(message.Response.ContentStream);
-                        value = RoleDefinitionListResult.DeserializeRoleDefinitionListResult(document.RootElement);
-                        return Response.FromValue(value, message.Response);
-                    }
-                default:
-                    throw new RequestFailedException(message.Response);
-            }
-        }
-
-        internal HttpMessage CreateListNextPageRequest(string nextLink, string vaultBaseUrl, string scope, string filter)
-        {
-            var message = _pipeline.CreateMessage();
-            var request = message.Request;
-            request.Method = RequestMethod.Get;
-            var uri = new RawRequestUriBuilder();
-            uri.AppendRaw(vaultBaseUrl, false);
-            uri.AppendRawNextLink(nextLink, false);
-            request.Uri = uri;
-            request.Headers.Add("Accept", "application/json");
-            return message;
-        }
-
-        /// <summary> Get all role definitions that are applicable at scope and above. </summary>
-        /// <param name="nextLink"> The URL to the next page of results. </param>
-        /// <param name="vaultBaseUrl"> The vault name, for example https://myvault.vault.azure.net. </param>
-        /// <param name="scope"> The scope of the role definition. </param>
-        /// <param name="filter"> The filter to apply on the operation. Use atScopeAndBelow filter to search below the given scope as well. </param>
-        /// <param name="cancellationToken"> The cancellation token to use. </param>
-        /// <exception cref="ArgumentNullException"> <paramref name="nextLink"/>, <paramref name="vaultBaseUrl"/> or <paramref name="scope"/> is null. </exception>
-        public async Task<Response<RoleDefinitionListResult>> ListNextPageAsync(string nextLink, string vaultBaseUrl, string scope, string filter = null, CancellationToken cancellationToken = default)
-        {
-            if (nextLink == null)
-            {
-                throw new ArgumentNullException(nameof(nextLink));
-            }
-            if (vaultBaseUrl == null)
-            {
-                throw new ArgumentNullException(nameof(vaultBaseUrl));
-            }
-            if (scope == null)
-            {
-                throw new ArgumentNullException(nameof(scope));
-            }
-
-            using var message = CreateListNextPageRequest(nextLink, vaultBaseUrl, scope, filter);
-            await _pipeline.SendAsync(message, cancellationToken).ConfigureAwait(false);
-            switch (message.Response.Status)
-            {
-                case 200:
-                    {
-                        RoleDefinitionListResult value = default;
-                        using var document = await JsonDocument.ParseAsync(message.Response.ContentStream, default, cancellationToken).ConfigureAwait(false);
-                        value = RoleDefinitionListResult.DeserializeRoleDefinitionListResult(document.RootElement);
-                        return Response.FromValue(value, message.Response);
-                    }
-                default:
-                    throw new RequestFailedException(message.Response);
-            }
-        }
-
-        /// <summary> Get all role definitions that are applicable at scope and above. </summary>
-        /// <param name="nextLink"> The URL to the next page of results. </param>
-        /// <param name="vaultBaseUrl"> The vault name, for example https://myvault.vault.azure.net. </param>
-        /// <param name="scope"> The scope of the role definition. </param>
-        /// <param name="filter"> The filter to apply on the operation. Use atScopeAndBelow filter to search below the given scope as well. </param>
-        /// <param name="cancellationToken"> The cancellation token to use. </param>
-        /// <exception cref="ArgumentNullException"> <paramref name="nextLink"/>, <paramref name="vaultBaseUrl"/> or <paramref name="scope"/> is null. </exception>
-        public Response<RoleDefinitionListResult> ListNextPage(string nextLink, string vaultBaseUrl, string scope, string filter = null, CancellationToken cancellationToken = default)
-        {
-            if (nextLink == null)
-            {
-                throw new ArgumentNullException(nameof(nextLink));
-            }
-            if (vaultBaseUrl == null)
-            {
-                throw new ArgumentNullException(nameof(vaultBaseUrl));
-            }
-            if (scope == null)
-            {
-                throw new ArgumentNullException(nameof(scope));
-            }
-
-            using var message = CreateListNextPageRequest(nextLink, vaultBaseUrl, scope, filter);
-            _pipeline.Send(message, cancellationToken);
-            switch (message.Response.Status)
-            {
-                case 200:
-                    {
-                        RoleDefinitionListResult value = default;
-                        using var document = JsonDocument.Parse(message.Response.ContentStream);
-                        value = RoleDefinitionListResult.DeserializeRoleDefinitionListResult(document.RootElement);
-                        return Response.FromValue(value, message.Response);
-                    }
-                default:
-                    throw new RequestFailedException(message.Response);
-            }
-        }
-    }
-}
diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/SecurityKeyVaultAdministrationClientBuilderExtensions.cs b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/SecurityKeyVaultAdministrationClientBuilderExtensions.cs
new file mode 100644
index 000000000000..a9e2e4b579b3
--- /dev/null
+++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/SecurityKeyVaultAdministrationClientBuilderExtensions.cs
@@ -0,0 +1,35 @@
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License.
+
+// <auto-generated/>
+
+#nullable disable
+
+using System;
+using Azure.Core.Extensions;
+using Azure.Security.KeyVault.Administration;
+
+namespace Microsoft.Extensions.Azure
+{
+    /// <summary> Extension methods to add <see cref="KeyVaultClient"/> to client builder. </summary>
+    public static partial class SecurityKeyVaultAdministrationClientBuilderExtensions
+    {
+        /// <summary> Registers a <see cref="KeyVaultClient"/> instance. </summary>
+        /// <param name="builder"> The builder to register with. </param>
+        /// <param name="endpoint"> The <see cref="Uri"/> to use. </param>
+        public static IAzureClientBuilder<KeyVaultClient, KeyVaultClientOptions> AddKeyVaultClient<TBuilder>(this TBuilder builder, Uri endpoint)
+        where TBuilder : IAzureClientFactoryBuilderWithCredential
+        {
+            return builder.RegisterClientFactory<KeyVaultClient, KeyVaultClientOptions>((options, cred) => new KeyVaultClient(endpoint, cred, options));
+        }
+
+        /// <summary> Registers a <see cref="KeyVaultClient"/> instance. </summary>
+        /// <param name="builder"> The builder to register with. </param>
+        /// <param name="configuration"> The configuration values. </param>
+        public static IAzureClientBuilder<KeyVaultClient, KeyVaultClientOptions> AddKeyVaultClient<TBuilder, TConfiguration>(this TBuilder builder, TConfiguration configuration)
+        where TBuilder : IAzureClientFactoryBuilderWithConfiguration<TConfiguration>
+        {
+            return builder.RegisterClientFactory<KeyVaultClient, KeyVaultClientOptions>(configuration);
+        }
+    }
+}
diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/SettingsRestClient.cs b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/SettingsRestClient.cs
deleted file mode 100644
index 7a898bfb4b4b..000000000000
--- a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/Generated/SettingsRestClient.cs
+++ /dev/null
@@ -1,285 +0,0 @@
-// Copyright (c) Microsoft Corporation. All rights reserved.
-// Licensed under the MIT License.
-
-// <auto-generated/>
-
-#nullable disable
-
-using System;
-using System.Text.Json;
-using System.Threading;
-using System.Threading.Tasks;
-using Azure.Core;
-using Azure.Core.Pipeline;
-using Azure.Security.KeyVault.Administration.Models;
-
-namespace Azure.Security.KeyVault.Administration
-{
-    internal partial class SettingsRestClient
-    {
-        private readonly HttpPipeline _pipeline;
-        private readonly string _apiVersion;
-
-        /// <summary> The ClientDiagnostics is used to provide tracing support for the client library. </summary>
-        internal ClientDiagnostics ClientDiagnostics { get; }
-
-        /// <summary> Initializes a new instance of SettingsRestClient. </summary>
-        /// <param name="clientDiagnostics"> The handler for diagnostic messaging in the client. </param>
-        /// <param name="pipeline"> The HTTP pipeline for sending and receiving REST requests and responses. </param>
-        /// <param name="apiVersion"> Api Version. </param>
-        /// <exception cref="ArgumentNullException"> <paramref name="clientDiagnostics"/>, <paramref name="pipeline"/> or <paramref name="apiVersion"/> is null. </exception>
-        public SettingsRestClient(ClientDiagnostics clientDiagnostics, HttpPipeline pipeline, string apiVersion = "7.5")
-        {
-            ClientDiagnostics = clientDiagnostics ?? throw new ArgumentNullException(nameof(clientDiagnostics));
-            _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline));
-            _apiVersion = apiVersion ?? throw new ArgumentNullException(nameof(apiVersion));
-        }
-
-        internal HttpMessage CreateUpdateSettingRequest(string vaultBaseUrl, string settingName, string value)
-        {
-            var message = _pipeline.CreateMessage();
-            var request = message.Request;
-            request.Method = RequestMethod.Patch;
-            var uri = new RawRequestUriBuilder();
-            uri.AppendRaw(vaultBaseUrl, false);
-            uri.AppendPath("/settings/", false);
-            uri.AppendPath(settingName, true);
-            uri.AppendQuery("api-version", _apiVersion, true);
-            request.Uri = uri;
-            request.Headers.Add("Accept", "application/json");
-            request.Headers.Add("Content-Type", "application/json");
-            var model = new UpdateSettingRequest(value);
-            var content = new Utf8JsonRequestContent();
-            content.JsonWriter.WriteObjectValue(model);
-            request.Content = content;
-            return message;
-        }
-
-        /// <summary> Updates key vault account setting, stores it, then returns the setting name and value to the client. </summary>
-        /// <param name="vaultBaseUrl"> The vault name, for example https://myvault.vault.azure.net. </param>
-        /// <param name="settingName"> The name of the account setting. Must be a valid settings option. </param>
-        /// <param name="value"> The value of the pool setting. </param>
-        /// <param name="cancellationToken"> The cancellation token to use. </param>
-        /// <exception cref="ArgumentNullException"> <paramref name="vaultBaseUrl"/>, <paramref name="settingName"/> or <paramref name="value"/> is null. </exception>
-        /// <remarks> Description of the pool setting to be updated. </remarks>
-        public async Task<Response<KeyVaultSetting>> UpdateSettingAsync(string vaultBaseUrl, string settingName, string value, CancellationToken cancellationToken = default)
-        {
-            if (vaultBaseUrl == null)
-            {
-                throw new ArgumentNullException(nameof(vaultBaseUrl));
-            }
-            if (settingName == null)
-            {
-                throw new ArgumentNullException(nameof(settingName));
-            }
-            if (value == null)
-            {
-                throw new ArgumentNullException(nameof(value));
-            }
-
-            using var message = CreateUpdateSettingRequest(vaultBaseUrl, settingName, value);
-            await _pipeline.SendAsync(message, cancellationToken).ConfigureAwait(false);
-            switch (message.Response.Status)
-            {
-                case 200:
-                    {
-                        KeyVaultSetting value0 = default;
-                        using var document = await JsonDocument.ParseAsync(message.Response.ContentStream, default, cancellationToken).ConfigureAwait(false);
-                        value0 = KeyVaultSetting.DeserializeKeyVaultSetting(document.RootElement);
-                        return Response.FromValue(value0, message.Response);
-                    }
-                default:
-                    throw new RequestFailedException(message.Response);
-            }
-        }
-
-        /// <summary> Updates key vault account setting, stores it, then returns the setting name and value to the client. </summary>
-        /// <param name="vaultBaseUrl"> The vault name, for example https://myvault.vault.azure.net. </param>
-        /// <param name="settingName"> The name of the account setting. Must be a valid settings option. </param>
-        /// <param name="value"> The value of the pool setting. </param>
-        /// <param name="cancellationToken"> The cancellation token to use. </param>
-        /// <exception cref="ArgumentNullException"> <paramref name="vaultBaseUrl"/>, <paramref name="settingName"/> or <paramref name="value"/> is null. </exception>
-        /// <remarks> Description of the pool setting to be updated. </remarks>
-        public Response<KeyVaultSetting> UpdateSetting(string vaultBaseUrl, string settingName, string value, CancellationToken cancellationToken = default)
-        {
-            if (vaultBaseUrl == null)
-            {
-                throw new ArgumentNullException(nameof(vaultBaseUrl));
-            }
-            if (settingName == null)
-            {
-                throw new ArgumentNullException(nameof(settingName));
-            }
-            if (value == null)
-            {
-                throw new ArgumentNullException(nameof(value));
-            }
-
-            using var message = CreateUpdateSettingRequest(vaultBaseUrl, settingName, value);
-            _pipeline.Send(message, cancellationToken);
-            switch (message.Response.Status)
-            {
-                case 200:
-                    {
-                        KeyVaultSetting value0 = default;
-                        using var document = JsonDocument.Parse(message.Response.ContentStream);
-                        value0 = KeyVaultSetting.DeserializeKeyVaultSetting(document.RootElement);
-                        return Response.FromValue(value0, message.Response);
-                    }
-                default:
-                    throw new RequestFailedException(message.Response);
-            }
-        }
-
-        internal HttpMessage CreateGetSettingRequest(string vaultBaseUrl, string settingName)
-        {
-            var message = _pipeline.CreateMessage();
-            var request = message.Request;
-            request.Method = RequestMethod.Get;
-            var uri = new RawRequestUriBuilder();
-            uri.AppendRaw(vaultBaseUrl, false);
-            uri.AppendPath("/settings/", false);
-            uri.AppendPath(settingName, true);
-            uri.AppendQuery("api-version", _apiVersion, true);
-            request.Uri = uri;
-            request.Headers.Add("Accept", "application/json");
-            return message;
-        }
-
-        /// <summary> Get specified account setting object. </summary>
-        /// <param name="vaultBaseUrl"> The vault name, for example https://myvault.vault.azure.net. </param>
-        /// <param name="settingName"> The name of the account setting. Must be a valid settings option. </param>
-        /// <param name="cancellationToken"> The cancellation token to use. </param>
-        /// <exception cref="ArgumentNullException"> <paramref name="vaultBaseUrl"/> or <paramref name="settingName"/> is null. </exception>
-        /// <remarks> Retrieves the setting object of a specified setting name. </remarks>
-        public async Task<Response<KeyVaultSetting>> GetSettingAsync(string vaultBaseUrl, string settingName, CancellationToken cancellationToken = default)
-        {
-            if (vaultBaseUrl == null)
-            {
-                throw new ArgumentNullException(nameof(vaultBaseUrl));
-            }
-            if (settingName == null)
-            {
-                throw new ArgumentNullException(nameof(settingName));
-            }
-
-            using var message = CreateGetSettingRequest(vaultBaseUrl, settingName);
-            await _pipeline.SendAsync(message, cancellationToken).ConfigureAwait(false);
-            switch (message.Response.Status)
-            {
-                case 200:
-                    {
-                        KeyVaultSetting value = default;
-                        using var document = await JsonDocument.ParseAsync(message.Response.ContentStream, default, cancellationToken).ConfigureAwait(false);
-                        value = KeyVaultSetting.DeserializeKeyVaultSetting(document.RootElement);
-                        return Response.FromValue(value, message.Response);
-                    }
-                default:
-                    throw new RequestFailedException(message.Response);
-            }
-        }
-
-        /// <summary> Get specified account setting object. </summary>
-        /// <param name="vaultBaseUrl"> The vault name, for example https://myvault.vault.azure.net. </param>
-        /// <param name="settingName"> The name of the account setting. Must be a valid settings option. </param>
-        /// <param name="cancellationToken"> The cancellation token to use. </param>
-        /// <exception cref="ArgumentNullException"> <paramref name="vaultBaseUrl"/> or <paramref name="settingName"/> is null. </exception>
-        /// <remarks> Retrieves the setting object of a specified setting name. </remarks>
-        public Response<KeyVaultSetting> GetSetting(string vaultBaseUrl, string settingName, CancellationToken cancellationToken = default)
-        {
-            if (vaultBaseUrl == null)
-            {
-                throw new ArgumentNullException(nameof(vaultBaseUrl));
-            }
-            if (settingName == null)
-            {
-                throw new ArgumentNullException(nameof(settingName));
-            }
-
-            using var message = CreateGetSettingRequest(vaultBaseUrl, settingName);
-            _pipeline.Send(message, cancellationToken);
-            switch (message.Response.Status)
-            {
-                case 200:
-                    {
-                        KeyVaultSetting value = default;
-                        using var document = JsonDocument.Parse(message.Response.ContentStream);
-                        value = KeyVaultSetting.DeserializeKeyVaultSetting(document.RootElement);
-                        return Response.FromValue(value, message.Response);
-                    }
-                default:
-                    throw new RequestFailedException(message.Response);
-            }
-        }
-
-        internal HttpMessage CreateGetSettingsRequest(string vaultBaseUrl)
-        {
-            var message = _pipeline.CreateMessage();
-            var request = message.Request;
-            request.Method = RequestMethod.Get;
-            var uri = new RawRequestUriBuilder();
-            uri.AppendRaw(vaultBaseUrl, false);
-            uri.AppendPath("/settings", false);
-            uri.AppendQuery("api-version", _apiVersion, true);
-            request.Uri = uri;
-            request.Headers.Add("Accept", "application/json");
-            return message;
-        }
-
-        /// <summary> List account settings. </summary>
-        /// <param name="vaultBaseUrl"> The vault name, for example https://myvault.vault.azure.net. </param>
-        /// <param name="cancellationToken"> The cancellation token to use. </param>
-        /// <exception cref="ArgumentNullException"> <paramref name="vaultBaseUrl"/> is null. </exception>
-        /// <remarks> Retrieves a list of all the available account settings that can be configured. </remarks>
-        public async Task<Response<GetSettingsResult>> GetSettingsAsync(string vaultBaseUrl, CancellationToken cancellationToken = default)
-        {
-            if (vaultBaseUrl == null)
-            {
-                throw new ArgumentNullException(nameof(vaultBaseUrl));
-            }
-
-            using var message = CreateGetSettingsRequest(vaultBaseUrl);
-            await _pipeline.SendAsync(message, cancellationToken).ConfigureAwait(false);
-            switch (message.Response.Status)
-            {
-                case 200:
-                    {
-                        GetSettingsResult value = default;
-                        using var document = await JsonDocument.ParseAsync(message.Response.ContentStream, default, cancellationToken).ConfigureAwait(false);
-                        value = GetSettingsResult.DeserializeGetSettingsResult(document.RootElement);
-                        return Response.FromValue(value, message.Response);
-                    }
-                default:
-                    throw new RequestFailedException(message.Response);
-            }
-        }
-
-        /// <summary> List account settings. </summary>
-        /// <param name="vaultBaseUrl"> The vault name, for example https://myvault.vault.azure.net. </param>
-        /// <param name="cancellationToken"> The cancellation token to use. </param>
-        /// <exception cref="ArgumentNullException"> <paramref name="vaultBaseUrl"/> is null. </exception>
-        /// <remarks> Retrieves a list of all the available account settings that can be configured. </remarks>
-        public Response<GetSettingsResult> GetSettings(string vaultBaseUrl, CancellationToken cancellationToken = default)
-        {
-            if (vaultBaseUrl == null)
-            {
-                throw new ArgumentNullException(nameof(vaultBaseUrl));
-            }
-
-            using var message = CreateGetSettingsRequest(vaultBaseUrl);
-            _pipeline.Send(message, cancellationToken);
-            switch (message.Response.Status)
-            {
-                case 200:
-                    {
-                        GetSettingsResult value = default;
-                        using var document = JsonDocument.Parse(message.Response.ContentStream);
-                        value = GetSettingsResult.DeserializeGetSettingsResult(document.RootElement);
-                        return Response.FromValue(value, message.Response);
-                    }
-                default:
-                    throw new RequestFailedException(message.Response);
-            }
-        }
-    }
-}
diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/autorest.md b/sdk/keyvault/Azure.Security.KeyVault.Administration/src/autorest.md
deleted file mode 100644
index 4135789b16a2..000000000000
--- a/sdk/keyvault/Azure.Security.KeyVault.Administration/src/autorest.md
+++ /dev/null
@@ -1,90 +0,0 @@
-# Azure.Security.KeyVault.Administration
-
-## AutoRest Configuration
-
-> See https://aka.ms/autorest
-
-Run `dotnet build /t:GenerateCode` in src directory to re-generate.
-
-``` yaml
-title: Azure.Security.KeyVault.Administration
-input-file:
-- https://raw.githubusercontent.com/Azure/azure-rest-api-specs/7452e1cc7db72fbc6cd9539b390d8b8e5c2a1864/specification/keyvault/data-plane/Microsoft.KeyVault/stable/7.5/rbac.json
-- https://raw.githubusercontent.com/Azure/azure-rest-api-specs/7452e1cc7db72fbc6cd9539b390d8b8e5c2a1864/specification/keyvault/data-plane/Microsoft.KeyVault/stable/7.5/backuprestore.json
-- https://raw.githubusercontent.com/Azure/azure-rest-api-specs/7452e1cc7db72fbc6cd9539b390d8b8e5c2a1864/specification/keyvault/data-plane/Microsoft.KeyVault/stable/7.5/settings.json
-namespace: Azure.Security.KeyVault.Administration
-generation1-convenience-client: true
-include-csproj: disable
-```
-
-## Swagger customizations
-
-These changes should eventually be included in the swagger or at least centralized in Azure/azure-rest-api-specs.
-
-### Ignore 404s for DELETE operations
-
-Treat HTTP 404 responses for DELETE operations for RBAC as non-errors.
-
-``` yaml
-directive:
-- where-operation: RoleAssignments_Delete
-  transform: >
-    $.responses["404"] = {
-        "description": "The resource to delete does not exist.",
-        "x-ms-error-response": false
-    };
-
-- where-operation: RoleDefinitions_Delete
-  transform: >
-    $.responses["404"] = {
-        "description": "The resource to delete does not exist.",
-        "x-ms-error-response": false
-    };
-```
-
-### Return void for DELETE operations
-
-Do not parse response bodies unnecessarily.
-
-``` yaml
-directive:
-- where-operation: RoleAssignments_Delete
-  transform: >
-    delete $.responses["200"].schema;
-
-- where-operation: RoleDefinitions_Delete
-  transform: >
-    delete $.responses["200"].schema;
-```
-
-#### Specify client name for settings operations
-
-``` yaml
-directive:
-- rename-operation:
-    from: UpdateSetting
-    to: Settings_UpdateSetting
-- rename-operation:
-    from: GetSetting
-    to: Settings_GetSetting
-- rename-operation:
-    from: GetSettings
-    to: Settings_GetSettings
-```
-
-## C# customizations
-
-``` yaml
-directive:
-# [CodeGenMember("Type")] yields errors, so we have to rename via autorest transform.
-- where: $.definitions.Setting.properties.type
-  from: swagger-document
-  transform: >
-    $["x-ms-client-name"] = "SettingType";
-
-# [CodeGenSuppress("Value")] yields errors, so we have to rename via autorest transforms.
-- where: $.definitions.Setting.properties.value
-  from: swagger-document
-  transform: >
-    $["x-ms-client-name"] = "content";
-```
diff --git a/sdk/keyvault/Azure.Security.KeyVault.Administration/tsp-location.yaml b/sdk/keyvault/Azure.Security.KeyVault.Administration/tsp-location.yaml
new file mode 100644
index 000000000000..843029e95f52
--- /dev/null
+++ b/sdk/keyvault/Azure.Security.KeyVault.Administration/tsp-location.yaml
@@ -0,0 +1,8 @@
+directory: specification/keyvault/Security.KeyVault.Administration
+commit: d14440223c489782956396c2113adc07ca4cebd0
+repo: Azure/azure-rest-api-specs
+additionalDirectories: 
+- specification/keyvault/Security.KeyVault.BackupRestore
+- specification/keyvault/Security.KeyVault.Common
+- specification/keyvault/Security.KeyVault.RBAC
+- specification/keyvault/Security.KeyVault.Settings