diff --git a/services/keyvault/mgmt/2015-06-01/keyvault/CHANGELOG.md b/services/keyvault/mgmt/2015-06-01/keyvault/CHANGELOG.md
index 52911e4cc5e4..a1ecf841edb0 100644
--- a/services/keyvault/mgmt/2015-06-01/keyvault/CHANGELOG.md
+++ b/services/keyvault/mgmt/2015-06-01/keyvault/CHANGELOG.md
@@ -1,2 +1,2 @@
-# Change History
+# Unreleased
 
diff --git a/services/keyvault/mgmt/2015-06-01/keyvault/_meta.json b/services/keyvault/mgmt/2015-06-01/keyvault/_meta.json
index 1d802a993bb9..6eedcdc96d06 100644
--- a/services/keyvault/mgmt/2015-06-01/keyvault/_meta.json
+++ b/services/keyvault/mgmt/2015-06-01/keyvault/_meta.json
@@ -1,5 +1,5 @@
 {
-  "commit": "3c764635e7d442b3e74caf593029fcd440b3ef82",
+  "commit": "b41d940251a770bfb05c729f104c2c57f73279b7",
   "readme": "/_/azure-rest-api-specs/specification/keyvault/resource-manager/readme.md",
   "tag": "package-2015-06",
   "use": "@microsoft.azure/autorest.go@2.1.187",
diff --git a/services/keyvault/mgmt/2016-10-01/keyvault/CHANGELOG.md b/services/keyvault/mgmt/2016-10-01/keyvault/CHANGELOG.md
index 52911e4cc5e4..a1ecf841edb0 100644
--- a/services/keyvault/mgmt/2016-10-01/keyvault/CHANGELOG.md
+++ b/services/keyvault/mgmt/2016-10-01/keyvault/CHANGELOG.md
@@ -1,2 +1,2 @@
-# Change History
+# Unreleased
 
diff --git a/services/keyvault/mgmt/2016-10-01/keyvault/_meta.json b/services/keyvault/mgmt/2016-10-01/keyvault/_meta.json
index e4e58c24d09a..99eca68503ae 100644
--- a/services/keyvault/mgmt/2016-10-01/keyvault/_meta.json
+++ b/services/keyvault/mgmt/2016-10-01/keyvault/_meta.json
@@ -1,5 +1,5 @@
 {
-  "commit": "3c764635e7d442b3e74caf593029fcd440b3ef82",
+  "commit": "b41d940251a770bfb05c729f104c2c57f73279b7",
   "readme": "/_/azure-rest-api-specs/specification/keyvault/resource-manager/readme.md",
   "tag": "package-2016-10",
   "use": "@microsoft.azure/autorest.go@2.1.187",
diff --git a/services/keyvault/mgmt/2018-02-14/keyvault/CHANGELOG.md b/services/keyvault/mgmt/2018-02-14/keyvault/CHANGELOG.md
index 52911e4cc5e4..a1ecf841edb0 100644
--- a/services/keyvault/mgmt/2018-02-14/keyvault/CHANGELOG.md
+++ b/services/keyvault/mgmt/2018-02-14/keyvault/CHANGELOG.md
@@ -1,2 +1,2 @@
-# Change History
+# Unreleased
 
diff --git a/services/keyvault/mgmt/2018-02-14/keyvault/_meta.json b/services/keyvault/mgmt/2018-02-14/keyvault/_meta.json
index 7afc5c0d9d9f..1f059bbad97a 100644
--- a/services/keyvault/mgmt/2018-02-14/keyvault/_meta.json
+++ b/services/keyvault/mgmt/2018-02-14/keyvault/_meta.json
@@ -1,5 +1,5 @@
 {
-  "commit": "3c764635e7d442b3e74caf593029fcd440b3ef82",
+  "commit": "b41d940251a770bfb05c729f104c2c57f73279b7",
   "readme": "/_/azure-rest-api-specs/specification/keyvault/resource-manager/readme.md",
   "tag": "package-2018-02",
   "use": "@microsoft.azure/autorest.go@2.1.187",
diff --git a/services/keyvault/mgmt/2019-09-01/keyvault/CHANGELOG.md b/services/keyvault/mgmt/2019-09-01/keyvault/CHANGELOG.md
index 52911e4cc5e4..8418900aedd2 100644
--- a/services/keyvault/mgmt/2019-09-01/keyvault/CHANGELOG.md
+++ b/services/keyvault/mgmt/2019-09-01/keyvault/CHANGELOG.md
@@ -1,2 +1,40 @@
-# Change History
+# Unreleased
 
+## Breaking Changes
+
+### Struct Changes
+
+#### Removed Struct Fields
+
+1. PrivateLinkServiceConnectionState.ActionRequired
+
+## Additive Changes
+
+### New Constants
+
+1. VaultProvisioningState.VaultProvisioningStateRegisteringDNS
+1. VaultProvisioningState.VaultProvisioningStateSucceeded
+
+### New Funcs
+
+1. PossibleVaultProvisioningStateValues() []VaultProvisioningState
+
+### Struct Changes
+
+#### New Structs
+
+1. DimensionProperties
+1. MetricSpecification
+
+#### New Struct Fields
+
+1. DeletedVaultProperties.PurgeProtectionEnabled
+1. Operation.IsDataAction
+1. PrivateEndpointConnection.Etag
+1. PrivateEndpointConnectionItem.Etag
+1. PrivateEndpointConnectionItem.ID
+1. PrivateLinkServiceConnectionState.ActionsRequired
+1. ServiceSpecification.MetricSpecifications
+1. VaultProperties.HsmPoolResourceID
+1. VaultProperties.ProvisioningState
+1. VirtualNetworkRule.IgnoreMissingVnetServiceEndpoint
diff --git a/services/keyvault/mgmt/2019-09-01/keyvault/_meta.json b/services/keyvault/mgmt/2019-09-01/keyvault/_meta.json
index c90c716d6220..4dfb490cbdc7 100644
--- a/services/keyvault/mgmt/2019-09-01/keyvault/_meta.json
+++ b/services/keyvault/mgmt/2019-09-01/keyvault/_meta.json
@@ -1,5 +1,5 @@
 {
-  "commit": "3c764635e7d442b3e74caf593029fcd440b3ef82",
+  "commit": "b41d940251a770bfb05c729f104c2c57f73279b7",
   "readme": "/_/azure-rest-api-specs/specification/keyvault/resource-manager/readme.md",
   "tag": "package-2019-09",
   "use": "@microsoft.azure/autorest.go@2.1.187",
diff --git a/services/keyvault/mgmt/2019-09-01/keyvault/enums.go b/services/keyvault/mgmt/2019-09-01/keyvault/enums.go
index 0d6ec98c4fde..0977ff4b3402 100644
--- a/services/keyvault/mgmt/2019-09-01/keyvault/enums.go
+++ b/services/keyvault/mgmt/2019-09-01/keyvault/enums.go
@@ -382,3 +382,18 @@ const (
 func PossibleStoragePermissionsValues() []StoragePermissions {
 	return []StoragePermissions{StoragePermissionsAll, StoragePermissionsBackup, StoragePermissionsDelete, StoragePermissionsDeletesas, StoragePermissionsGet, StoragePermissionsGetsas, StoragePermissionsList, StoragePermissionsListsas, StoragePermissionsPurge, StoragePermissionsRecover, StoragePermissionsRegeneratekey, StoragePermissionsRestore, StoragePermissionsSet, StoragePermissionsSetsas, StoragePermissionsUpdate}
 }
+
+// VaultProvisioningState enumerates the values for vault provisioning state.
+type VaultProvisioningState string
+
+const (
+	// VaultProvisioningStateRegisteringDNS ...
+	VaultProvisioningStateRegisteringDNS VaultProvisioningState = "RegisteringDns"
+	// VaultProvisioningStateSucceeded ...
+	VaultProvisioningStateSucceeded VaultProvisioningState = "Succeeded"
+)
+
+// PossibleVaultProvisioningStateValues returns an array of possible values for the VaultProvisioningState const type.
+func PossibleVaultProvisioningStateValues() []VaultProvisioningState {
+	return []VaultProvisioningState{VaultProvisioningStateRegisteringDNS, VaultProvisioningStateSucceeded}
+}
diff --git a/services/keyvault/mgmt/2019-09-01/keyvault/models.go b/services/keyvault/mgmt/2019-09-01/keyvault/models.go
index 305303631173..d8d88ba59758 100644
--- a/services/keyvault/mgmt/2019-09-01/keyvault/models.go
+++ b/services/keyvault/mgmt/2019-09-01/keyvault/models.go
@@ -288,6 +288,8 @@ type DeletedVaultProperties struct {
 	ScheduledPurgeDate *date.Time `json:"scheduledPurgeDate,omitempty"`
 	// Tags - READ-ONLY; Tags of the original vault.
 	Tags map[string]*string `json:"tags"`
+	// PurgeProtectionEnabled - READ-ONLY; Purge protection status of the original vault.
+	PurgeProtectionEnabled *bool `json:"purgeProtectionEnabled,omitempty"`
 }
 
 // MarshalJSON is the custom marshaler for DeletedVaultProperties.
@@ -296,6 +298,16 @@ func (dvp DeletedVaultProperties) MarshalJSON() ([]byte, error) {
 	return json.Marshal(objectMap)
 }
 
+// DimensionProperties type of operation: get, read, delete, etc.
+type DimensionProperties struct {
+	// Name - Name of dimension.
+	Name *string `json:"name,omitempty"`
+	// DisplayName - Display name of dimension.
+	DisplayName *string `json:"displayName,omitempty"`
+	// ToBeExportedForShoebox - Property to specify whether the dimension should be exported for shoebox.
+	ToBeExportedForShoebox *bool `json:"toBeExportedForShoebox,omitempty"`
+}
+
 // IPRule a rule governing the accessibility of a vault from a specific ip address or ip range.
 type IPRule struct {
 	// Value - An IPv4 address range in CIDR notation, such as '124.56.78.91' (simple IP address) or '124.56.78.0/24' (all addresses that start with 124.56.78).
@@ -655,6 +667,32 @@ type LogSpecification struct {
 	BlobDuration *string `json:"blobDuration,omitempty"`
 }
 
+// MetricSpecification metric specification of operation.
+type MetricSpecification struct {
+	// Name - Name of metric specification.
+	Name *string `json:"name,omitempty"`
+	// DisplayName - Display name of Metric specification.
+	DisplayName *string `json:"displayName,omitempty"`
+	// DisplayDescription - Display description of Metric specification.
+	DisplayDescription *string `json:"displayDescription,omitempty"`
+	// Unit - The metric unit. Possible values include: 'Bytes', 'Count', 'Milliseconds'.
+	Unit *string `json:"unit,omitempty"`
+	// AggregationType - The metric aggregation type. Possible values include: 'Average', 'Count', 'Total'.
+	AggregationType *string `json:"aggregationType,omitempty"`
+	// SupportedAggregationTypes - The supported aggregation types for the metrics.
+	SupportedAggregationTypes *[]string `json:"supportedAggregationTypes,omitempty"`
+	// SupportedTimeGrainTypes - The supported time grain types for the metrics.
+	SupportedTimeGrainTypes *[]string `json:"supportedTimeGrainTypes,omitempty"`
+	// LockAggregationType - The metric lock aggregation type.
+	LockAggregationType *string `json:"lockAggregationType,omitempty"`
+	// Dimensions - The dimensions of metric
+	Dimensions *[]DimensionProperties `json:"dimensions,omitempty"`
+	// FillGapWithZero - Property to specify whether to fill gap with zero.
+	FillGapWithZero *bool `json:"fillGapWithZero,omitempty"`
+	// InternalMetricName - The internal metric name.
+	InternalMetricName *string `json:"internalMetricName,omitempty"`
+}
+
 // NetworkRuleSet a set of rules governing the network accessibility of a vault.
 type NetworkRuleSet struct {
 	// Bypass - Tells what traffic can bypass network rules. This can be 'AzureServices' or 'None'.  If not specified the default is 'AzureServices'. Possible values include: 'AzureServices', 'None'
@@ -677,6 +715,8 @@ type Operation struct {
 	Origin *string `json:"origin,omitempty"`
 	// OperationProperties - Properties of operation, include metric specifications.
 	*OperationProperties `json:"properties,omitempty"`
+	// IsDataAction - Property to specify whether the action is a data action.
+	IsDataAction *bool `json:"isDataAction,omitempty"`
 }
 
 // MarshalJSON is the custom marshaler for Operation.
@@ -694,6 +734,9 @@ func (o Operation) MarshalJSON() ([]byte, error) {
 	if o.OperationProperties != nil {
 		objectMap["properties"] = o.OperationProperties
 	}
+	if o.IsDataAction != nil {
+		objectMap["isDataAction"] = o.IsDataAction
+	}
 	return json.Marshal(objectMap)
 }
 
@@ -742,6 +785,15 @@ func (o *Operation) UnmarshalJSON(body []byte) error {
 				}
 				o.OperationProperties = &operationProperties
 			}
+		case "isDataAction":
+			if v != nil {
+				var isDataAction bool
+				err = json.Unmarshal(*v, &isDataAction)
+				if err != nil {
+					return err
+				}
+				o.IsDataAction = &isDataAction
+			}
 		}
 	}
 
@@ -955,6 +1007,8 @@ type PrivateEndpointConnection struct {
 	autorest.Response `json:"-"`
 	// PrivateEndpointConnectionProperties - Resource properties.
 	*PrivateEndpointConnectionProperties `json:"properties,omitempty"`
+	// Etag - Modified whenever there is a change in the state of private endpoint connection.
+	Etag *string `json:"etag,omitempty"`
 	// ID - READ-ONLY; Fully qualified identifier of the key vault resource.
 	ID *string `json:"id,omitempty"`
 	// Name - READ-ONLY; Name of the key vault resource.
@@ -973,6 +1027,9 @@ func (pec PrivateEndpointConnection) MarshalJSON() ([]byte, error) {
 	if pec.PrivateEndpointConnectionProperties != nil {
 		objectMap["properties"] = pec.PrivateEndpointConnectionProperties
 	}
+	if pec.Etag != nil {
+		objectMap["etag"] = pec.Etag
+	}
 	return json.Marshal(objectMap)
 }
 
@@ -994,6 +1051,15 @@ func (pec *PrivateEndpointConnection) UnmarshalJSON(body []byte) error {
 				}
 				pec.PrivateEndpointConnectionProperties = &privateEndpointConnectionProperties
 			}
+		case "etag":
+			if v != nil {
+				var etag string
+				err = json.Unmarshal(*v, &etag)
+				if err != nil {
+					return err
+				}
+				pec.Etag = &etag
+			}
 		case "id":
 			if v != nil {
 				var ID string
@@ -1047,6 +1113,10 @@ func (pec *PrivateEndpointConnection) UnmarshalJSON(body []byte) error {
 
 // PrivateEndpointConnectionItem private endpoint connection item.
 type PrivateEndpointConnectionItem struct {
+	// ID - Id of private endpoint connection.
+	ID *string `json:"id,omitempty"`
+	// Etag - Modified whenever there is a change in the state of private endpoint connection.
+	Etag *string `json:"etag,omitempty"`
 	// PrivateEndpointConnectionProperties - Private endpoint connection properties.
 	*PrivateEndpointConnectionProperties `json:"properties,omitempty"`
 }
@@ -1054,6 +1124,12 @@ type PrivateEndpointConnectionItem struct {
 // MarshalJSON is the custom marshaler for PrivateEndpointConnectionItem.
 func (peci PrivateEndpointConnectionItem) MarshalJSON() ([]byte, error) {
 	objectMap := make(map[string]interface{})
+	if peci.ID != nil {
+		objectMap["id"] = peci.ID
+	}
+	if peci.Etag != nil {
+		objectMap["etag"] = peci.Etag
+	}
 	if peci.PrivateEndpointConnectionProperties != nil {
 		objectMap["properties"] = peci.PrivateEndpointConnectionProperties
 	}
@@ -1069,6 +1145,24 @@ func (peci *PrivateEndpointConnectionItem) UnmarshalJSON(body []byte) error {
 	}
 	for k, v := range m {
 		switch k {
+		case "id":
+			if v != nil {
+				var ID string
+				err = json.Unmarshal(*v, &ID)
+				if err != nil {
+					return err
+				}
+				peci.ID = &ID
+			}
+		case "etag":
+			if v != nil {
+				var etag string
+				err = json.Unmarshal(*v, &etag)
+				if err != nil {
+					return err
+				}
+				peci.Etag = &etag
+			}
 		case "properties":
 			if v != nil {
 				var privateEndpointConnectionProperties PrivateEndpointConnectionProperties
@@ -1264,8 +1358,8 @@ type PrivateLinkServiceConnectionState struct {
 	Status PrivateEndpointServiceConnectionStatus `json:"status,omitempty"`
 	// Description - The reason for approval or rejection.
 	Description *string `json:"description,omitempty"`
-	// ActionRequired - A message indicating if changes on the service provider require any updates on the consumer.
-	ActionRequired *string `json:"actionRequired,omitempty"`
+	// ActionsRequired - A message indicating if changes on the service provider require any updates on the consumer.
+	ActionsRequired *string `json:"actionsRequired,omitempty"`
 }
 
 // Resource key Vault resource
@@ -1451,6 +1545,8 @@ func NewResourceListResultPage(cur ResourceListResult, getNextPage func(context.
 type ServiceSpecification struct {
 	// LogSpecifications - Log specifications of operation.
 	LogSpecifications *[]LogSpecification `json:"logSpecifications,omitempty"`
+	// MetricSpecifications - Metric specifications of operation.
+	MetricSpecifications *[]MetricSpecification `json:"metricSpecifications,omitempty"`
 }
 
 // Sku SKU details
@@ -1751,7 +1847,7 @@ type VaultPatchProperties struct {
 	EnabledForTemplateDeployment *bool `json:"enabledForTemplateDeployment,omitempty"`
 	// EnableSoftDelete - Property to specify whether the 'soft delete' functionality is enabled for this key vault. Once set to true, it cannot be reverted to false.
 	EnableSoftDelete *bool `json:"enableSoftDelete,omitempty"`
-	// EnableRbacAuthorization - Property that controls how data actions are authorized. When true, the key vault will use Role Based Access Control (RBAC) for authorization of data actions, and the access policies specified in vault properties will be  ignored (warning: this is a preview feature). When false, the key vault will use the access policies specified in vault properties, and any policy stored on Azure Resource Manager will be ignored. If null or not specified, the value of this property will not change.
+	// EnableRbacAuthorization - Property that controls how data actions are authorized. When true, the key vault will use Role Based Access Control (RBAC) for authorization of data actions, and the access policies specified in vault properties will be  ignored. When false, the key vault will use the access policies specified in vault properties, and any policy stored on Azure Resource Manager will be ignored. If null or not specified, the value of this property will not change.
 	EnableRbacAuthorization *bool `json:"enableRbacAuthorization,omitempty"`
 	// SoftDeleteRetentionInDays - softDelete data retention days. It accepts >=7 and <=90.
 	SoftDeleteRetentionInDays *int32 `json:"softDeleteRetentionInDays,omitempty"`
@@ -1771,8 +1867,10 @@ type VaultProperties struct {
 	Sku *Sku `json:"sku,omitempty"`
 	// AccessPolicies - An array of 0 to 1024 identities that have access to the key vault. All identities in the array must use the same tenant ID as the key vault's tenant ID. When `createMode` is set to `recover`, access policies are not required. Otherwise, access policies are required.
 	AccessPolicies *[]AccessPolicyEntry `json:"accessPolicies,omitempty"`
-	// VaultURI - The URI of the vault for performing operations on keys and secrets.
+	// VaultURI - The URI of the vault for performing operations on keys and secrets. This property is readonly
 	VaultURI *string `json:"vaultUri,omitempty"`
+	// HsmPoolResourceID - READ-ONLY; The resource id of HSM Pool.
+	HsmPoolResourceID *string `json:"hsmPoolResourceId,omitempty"`
 	// EnabledForDeployment - Property to specify whether Azure Virtual Machines are permitted to retrieve certificates stored as secrets from the key vault.
 	EnabledForDeployment *bool `json:"enabledForDeployment,omitempty"`
 	// EnabledForDiskEncryption - Property to specify whether Azure Disk Encryption is permitted to retrieve secrets from the vault and unwrap keys.
@@ -1783,7 +1881,7 @@ type VaultProperties struct {
 	EnableSoftDelete *bool `json:"enableSoftDelete,omitempty"`
 	// SoftDeleteRetentionInDays - softDelete data retention days. It accepts >=7 and <=90.
 	SoftDeleteRetentionInDays *int32 `json:"softDeleteRetentionInDays,omitempty"`
-	// EnableRbacAuthorization - Property that controls how data actions are authorized. When true, the key vault will use Role Based Access Control (RBAC) for authorization of data actions, and the access policies specified in vault properties will be  ignored (warning: this is a preview feature). When false, the key vault will use the access policies specified in vault properties, and any policy stored on Azure Resource Manager will be ignored. If null or not specified, the vault is created with the default value of false. Note that management actions are always authorized with RBAC.
+	// EnableRbacAuthorization - Property that controls how data actions are authorized. When true, the key vault will use Role Based Access Control (RBAC) for authorization of data actions, and the access policies specified in vault properties will be  ignored. When false, the key vault will use the access policies specified in vault properties, and any policy stored on Azure Resource Manager will be ignored. If null or not specified, the vault is created with the default value of false. Note that management actions are always authorized with RBAC.
 	EnableRbacAuthorization *bool `json:"enableRbacAuthorization,omitempty"`
 	// CreateMode - The vault's create mode to indicate whether the vault need to be recovered or not. Possible values include: 'CreateModeRecover', 'CreateModeDefault'
 	CreateMode CreateMode `json:"createMode,omitempty"`
@@ -1791,6 +1889,8 @@ type VaultProperties struct {
 	EnablePurgeProtection *bool `json:"enablePurgeProtection,omitempty"`
 	// NetworkAcls - Rules governing the accessibility of the key vault from specific network locations.
 	NetworkAcls *NetworkRuleSet `json:"networkAcls,omitempty"`
+	// ProvisioningState - Provisioning state of the vault. Possible values include: 'VaultProvisioningStateSucceeded', 'VaultProvisioningStateRegisteringDNS'
+	ProvisioningState VaultProvisioningState `json:"provisioningState,omitempty"`
 	// PrivateEndpointConnections - READ-ONLY; List of private endpoint connections associated with the key vault.
 	PrivateEndpointConnections *[]PrivateEndpointConnectionItem `json:"privateEndpointConnections,omitempty"`
 }
@@ -1837,6 +1937,9 @@ func (vp VaultProperties) MarshalJSON() ([]byte, error) {
 	if vp.NetworkAcls != nil {
 		objectMap["networkAcls"] = vp.NetworkAcls
 	}
+	if vp.ProvisioningState != "" {
+		objectMap["provisioningState"] = vp.ProvisioningState
+	}
 	return json.Marshal(objectMap)
 }
 
@@ -1924,4 +2027,6 @@ func (future *VaultsPurgeDeletedFuture) result(client VaultsClient) (ar autorest
 type VirtualNetworkRule struct {
 	// ID - Full resource id of a vnet subnet, such as '/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworks/test-vnet/subnets/subnet1'.
 	ID *string `json:"id,omitempty"`
+	// IgnoreMissingVnetServiceEndpoint - Property to specify whether NRP will ignore the check if parent subnet has serviceEndpoints configured.
+	IgnoreMissingVnetServiceEndpoint *bool `json:"ignoreMissingVnetServiceEndpoint,omitempty"`
 }
diff --git a/services/keyvault/mgmt/2019-09-01/keyvault/privateendpointconnections.go b/services/keyvault/mgmt/2019-09-01/keyvault/privateendpointconnections.go
index d7865b9d97a2..07419877f06e 100644
--- a/services/keyvault/mgmt/2019-09-01/keyvault/privateendpointconnections.go
+++ b/services/keyvault/mgmt/2019-09-01/keyvault/privateendpointconnections.go
@@ -197,7 +197,7 @@ func (client PrivateEndpointConnectionsClient) GetSender(req *http.Request) (*ht
 func (client PrivateEndpointConnectionsClient) GetResponder(resp *http.Response) (result PrivateEndpointConnection, err error) {
 	err = autorest.Respond(
 		resp,
-		azure.WithErrorUnlessStatusCode(http.StatusOK),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusNoContent),
 		autorest.ByUnmarshallingJSON(&result),
 		autorest.ByClosing())
 	result.Response = autorest.Response{Response: resp}
diff --git a/services/keyvault/mgmt/2021-10-01/keyvault/CHANGELOG.md b/services/keyvault/mgmt/2021-10-01/keyvault/CHANGELOG.md
index 52911e4cc5e4..a1ecf841edb0 100644
--- a/services/keyvault/mgmt/2021-10-01/keyvault/CHANGELOG.md
+++ b/services/keyvault/mgmt/2021-10-01/keyvault/CHANGELOG.md
@@ -1,2 +1,2 @@
-# Change History
+# Unreleased
 
diff --git a/services/keyvault/mgmt/2021-10-01/keyvault/_meta.json b/services/keyvault/mgmt/2021-10-01/keyvault/_meta.json
index 313806bcf4e4..60292ad67916 100644
--- a/services/keyvault/mgmt/2021-10-01/keyvault/_meta.json
+++ b/services/keyvault/mgmt/2021-10-01/keyvault/_meta.json
@@ -1,5 +1,5 @@
 {
-  "commit": "cd8f049ce47372fd5955c2dfd11daf4a02050fe3",
+  "commit": "b41d940251a770bfb05c729f104c2c57f73279b7",
   "readme": "/_/azure-rest-api-specs/specification/keyvault/resource-manager/readme.md",
   "tag": "package-2021-10",
   "use": "@microsoft.azure/autorest.go@2.1.187",
diff --git a/services/preview/keyvault/mgmt/2020-04-01-preview/keyvault/CHANGELOG.md b/services/preview/keyvault/mgmt/2020-04-01-preview/keyvault/CHANGELOG.md
index 52911e4cc5e4..8418900aedd2 100644
--- a/services/preview/keyvault/mgmt/2020-04-01-preview/keyvault/CHANGELOG.md
+++ b/services/preview/keyvault/mgmt/2020-04-01-preview/keyvault/CHANGELOG.md
@@ -1,2 +1,40 @@
-# Change History
+# Unreleased
 
+## Breaking Changes
+
+### Struct Changes
+
+#### Removed Struct Fields
+
+1. PrivateLinkServiceConnectionState.ActionRequired
+
+## Additive Changes
+
+### New Constants
+
+1. VaultProvisioningState.VaultProvisioningStateRegisteringDNS
+1. VaultProvisioningState.VaultProvisioningStateSucceeded
+
+### New Funcs
+
+1. PossibleVaultProvisioningStateValues() []VaultProvisioningState
+
+### Struct Changes
+
+#### New Structs
+
+1. DimensionProperties
+1. MetricSpecification
+
+#### New Struct Fields
+
+1. DeletedVaultProperties.PurgeProtectionEnabled
+1. Operation.IsDataAction
+1. PrivateEndpointConnection.Etag
+1. PrivateEndpointConnectionItem.Etag
+1. PrivateEndpointConnectionItem.ID
+1. PrivateLinkServiceConnectionState.ActionsRequired
+1. ServiceSpecification.MetricSpecifications
+1. VaultProperties.HsmPoolResourceID
+1. VaultProperties.ProvisioningState
+1. VirtualNetworkRule.IgnoreMissingVnetServiceEndpoint
diff --git a/services/preview/keyvault/mgmt/2020-04-01-preview/keyvault/_meta.json b/services/preview/keyvault/mgmt/2020-04-01-preview/keyvault/_meta.json
index 76cc9ce8308a..d8f8cd0c5e34 100644
--- a/services/preview/keyvault/mgmt/2020-04-01-preview/keyvault/_meta.json
+++ b/services/preview/keyvault/mgmt/2020-04-01-preview/keyvault/_meta.json
@@ -1,5 +1,5 @@
 {
-  "commit": "3c764635e7d442b3e74caf593029fcd440b3ef82",
+  "commit": "b41d940251a770bfb05c729f104c2c57f73279b7",
   "readme": "/_/azure-rest-api-specs/specification/keyvault/resource-manager/readme.md",
   "tag": "package-preview-2020-04",
   "use": "@microsoft.azure/autorest.go@2.1.187",
diff --git a/services/preview/keyvault/mgmt/2020-04-01-preview/keyvault/enums.go b/services/preview/keyvault/mgmt/2020-04-01-preview/keyvault/enums.go
index eff409c7ad4a..63b8898eafe1 100644
--- a/services/preview/keyvault/mgmt/2020-04-01-preview/keyvault/enums.go
+++ b/services/preview/keyvault/mgmt/2020-04-01-preview/keyvault/enums.go
@@ -343,3 +343,18 @@ const (
 func PossibleStoragePermissionsValues() []StoragePermissions {
 	return []StoragePermissions{StoragePermissionsAll, StoragePermissionsBackup, StoragePermissionsDelete, StoragePermissionsDeletesas, StoragePermissionsGet, StoragePermissionsGetsas, StoragePermissionsList, StoragePermissionsListsas, StoragePermissionsPurge, StoragePermissionsRecover, StoragePermissionsRegeneratekey, StoragePermissionsRestore, StoragePermissionsSet, StoragePermissionsSetsas, StoragePermissionsUpdate}
 }
+
+// VaultProvisioningState enumerates the values for vault provisioning state.
+type VaultProvisioningState string
+
+const (
+	// VaultProvisioningStateRegisteringDNS ...
+	VaultProvisioningStateRegisteringDNS VaultProvisioningState = "RegisteringDns"
+	// VaultProvisioningStateSucceeded ...
+	VaultProvisioningStateSucceeded VaultProvisioningState = "Succeeded"
+)
+
+// PossibleVaultProvisioningStateValues returns an array of possible values for the VaultProvisioningState const type.
+func PossibleVaultProvisioningStateValues() []VaultProvisioningState {
+	return []VaultProvisioningState{VaultProvisioningStateRegisteringDNS, VaultProvisioningStateSucceeded}
+}
diff --git a/services/preview/keyvault/mgmt/2020-04-01-preview/keyvault/managedhsms.go b/services/preview/keyvault/mgmt/2020-04-01-preview/keyvault/managedhsms.go
index e9174031fe6c..9b9b701dfc32 100644
--- a/services/preview/keyvault/mgmt/2020-04-01-preview/keyvault/managedhsms.go
+++ b/services/preview/keyvault/mgmt/2020-04-01-preview/keyvault/managedhsms.go
@@ -260,7 +260,7 @@ func (client ManagedHsmsClient) GetSender(req *http.Request) (*http.Response, er
 func (client ManagedHsmsClient) GetResponder(resp *http.Response) (result ManagedHsm, err error) {
 	err = autorest.Respond(
 		resp,
-		azure.WithErrorUnlessStatusCode(http.StatusOK),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted, http.StatusNoContent),
 		autorest.ByUnmarshallingJSON(&result),
 		autorest.ByClosing())
 	result.Response = autorest.Response{Response: resp}
diff --git a/services/preview/keyvault/mgmt/2020-04-01-preview/keyvault/models.go b/services/preview/keyvault/mgmt/2020-04-01-preview/keyvault/models.go
index f5cf4c25aecc..49e90497e311 100644
--- a/services/preview/keyvault/mgmt/2020-04-01-preview/keyvault/models.go
+++ b/services/preview/keyvault/mgmt/2020-04-01-preview/keyvault/models.go
@@ -257,6 +257,8 @@ type DeletedVaultProperties struct {
 	ScheduledPurgeDate *date.Time `json:"scheduledPurgeDate,omitempty"`
 	// Tags - READ-ONLY; Tags of the original vault.
 	Tags map[string]*string `json:"tags"`
+	// PurgeProtectionEnabled - READ-ONLY; Purge protection status of the original vault.
+	PurgeProtectionEnabled *bool `json:"purgeProtectionEnabled,omitempty"`
 }
 
 // MarshalJSON is the custom marshaler for DeletedVaultProperties.
@@ -265,6 +267,16 @@ func (dvp DeletedVaultProperties) MarshalJSON() ([]byte, error) {
 	return json.Marshal(objectMap)
 }
 
+// DimensionProperties type of operation: get, read, delete, etc.
+type DimensionProperties struct {
+	// Name - Name of dimension.
+	Name *string `json:"name,omitempty"`
+	// DisplayName - Display name of dimension.
+	DisplayName *string `json:"displayName,omitempty"`
+	// ToBeExportedForShoebox - Property to specify whether the dimension should be exported for shoebox.
+	ToBeExportedForShoebox *bool `json:"toBeExportedForShoebox,omitempty"`
+}
+
 // Error the server error.
 type Error struct {
 	// Code - READ-ONLY; The error code.
@@ -511,7 +523,7 @@ type ManagedHsmProperties struct {
 	TenantID *uuid.UUID `json:"tenantId,omitempty"`
 	// InitialAdminObjectIds - Array of initial administrators object ids for this managed hsm pool.
 	InitialAdminObjectIds *[]string `json:"initialAdminObjectIds,omitempty"`
-	// HsmURI - The URI of the managed hsm pool for performing operations on keys.
+	// HsmURI - READ-ONLY; The URI of the managed hsm pool for performing operations on keys.
 	HsmURI *string `json:"hsmUri,omitempty"`
 	// EnableSoftDelete - Property to specify whether the 'soft delete' functionality is enabled for this managed HSM pool. If it's not set to any value(true or false) when creating new managed HSM pool, it will be set to true by default. Once set to true, it cannot be reverted to false.
 	EnableSoftDelete *bool `json:"enableSoftDelete,omitempty"`
@@ -536,9 +548,6 @@ func (mhp ManagedHsmProperties) MarshalJSON() ([]byte, error) {
 	if mhp.InitialAdminObjectIds != nil {
 		objectMap["initialAdminObjectIds"] = mhp.InitialAdminObjectIds
 	}
-	if mhp.HsmURI != nil {
-		objectMap["hsmUri"] = mhp.HsmURI
-	}
 	if mhp.EnableSoftDelete != nil {
 		objectMap["enableSoftDelete"] = mhp.EnableSoftDelete
 	}
@@ -716,6 +725,32 @@ func (future *ManagedHsmsUpdateFuture) result(client ManagedHsmsClient) (mh Mana
 	return
 }
 
+// MetricSpecification metric specification of operation.
+type MetricSpecification struct {
+	// Name - Name of metric specification.
+	Name *string `json:"name,omitempty"`
+	// DisplayName - Display name of Metric specification.
+	DisplayName *string `json:"displayName,omitempty"`
+	// DisplayDescription - Display description of Metric specification.
+	DisplayDescription *string `json:"displayDescription,omitempty"`
+	// Unit - The metric unit. Possible values include: 'Bytes', 'Count', 'Milliseconds'.
+	Unit *string `json:"unit,omitempty"`
+	// AggregationType - The metric aggregation type. Possible values include: 'Average', 'Count', 'Total'.
+	AggregationType *string `json:"aggregationType,omitempty"`
+	// SupportedAggregationTypes - The supported aggregation types for the metrics.
+	SupportedAggregationTypes *[]string `json:"supportedAggregationTypes,omitempty"`
+	// SupportedTimeGrainTypes - The supported time grain types for the metrics.
+	SupportedTimeGrainTypes *[]string `json:"supportedTimeGrainTypes,omitempty"`
+	// LockAggregationType - The metric lock aggregation type.
+	LockAggregationType *string `json:"lockAggregationType,omitempty"`
+	// Dimensions - The dimensions of metric
+	Dimensions *[]DimensionProperties `json:"dimensions,omitempty"`
+	// FillGapWithZero - Property to specify whether to fill gap with zero.
+	FillGapWithZero *bool `json:"fillGapWithZero,omitempty"`
+	// InternalMetricName - The internal metric name.
+	InternalMetricName *string `json:"internalMetricName,omitempty"`
+}
+
 // NetworkRuleSet a set of rules governing the network accessibility of a vault.
 type NetworkRuleSet struct {
 	// Bypass - Tells what traffic can bypass network rules. This can be 'AzureServices' or 'None'.  If not specified the default is 'AzureServices'. Possible values include: 'AzureServices', 'None'
@@ -738,6 +773,8 @@ type Operation struct {
 	Origin *string `json:"origin,omitempty"`
 	// OperationProperties - Properties of operation, include metric specifications.
 	*OperationProperties `json:"properties,omitempty"`
+	// IsDataAction - Property to specify whether the action is a data action.
+	IsDataAction *bool `json:"isDataAction,omitempty"`
 }
 
 // MarshalJSON is the custom marshaler for Operation.
@@ -755,6 +792,9 @@ func (o Operation) MarshalJSON() ([]byte, error) {
 	if o.OperationProperties != nil {
 		objectMap["properties"] = o.OperationProperties
 	}
+	if o.IsDataAction != nil {
+		objectMap["isDataAction"] = o.IsDataAction
+	}
 	return json.Marshal(objectMap)
 }
 
@@ -803,6 +843,15 @@ func (o *Operation) UnmarshalJSON(body []byte) error {
 				}
 				o.OperationProperties = &operationProperties
 			}
+		case "isDataAction":
+			if v != nil {
+				var isDataAction bool
+				err = json.Unmarshal(*v, &isDataAction)
+				if err != nil {
+					return err
+				}
+				o.IsDataAction = &isDataAction
+			}
 		}
 	}
 
@@ -1016,6 +1065,8 @@ type PrivateEndpointConnection struct {
 	autorest.Response `json:"-"`
 	// PrivateEndpointConnectionProperties - Resource properties.
 	*PrivateEndpointConnectionProperties `json:"properties,omitempty"`
+	// Etag - Modified whenever there is a change in the state of private endpoint connection.
+	Etag *string `json:"etag,omitempty"`
 	// ID - READ-ONLY; Fully qualified identifier of the key vault resource.
 	ID *string `json:"id,omitempty"`
 	// Name - READ-ONLY; Name of the key vault resource.
@@ -1034,6 +1085,9 @@ func (pec PrivateEndpointConnection) MarshalJSON() ([]byte, error) {
 	if pec.PrivateEndpointConnectionProperties != nil {
 		objectMap["properties"] = pec.PrivateEndpointConnectionProperties
 	}
+	if pec.Etag != nil {
+		objectMap["etag"] = pec.Etag
+	}
 	return json.Marshal(objectMap)
 }
 
@@ -1055,6 +1109,15 @@ func (pec *PrivateEndpointConnection) UnmarshalJSON(body []byte) error {
 				}
 				pec.PrivateEndpointConnectionProperties = &privateEndpointConnectionProperties
 			}
+		case "etag":
+			if v != nil {
+				var etag string
+				err = json.Unmarshal(*v, &etag)
+				if err != nil {
+					return err
+				}
+				pec.Etag = &etag
+			}
 		case "id":
 			if v != nil {
 				var ID string
@@ -1108,6 +1171,10 @@ func (pec *PrivateEndpointConnection) UnmarshalJSON(body []byte) error {
 
 // PrivateEndpointConnectionItem private endpoint connection item.
 type PrivateEndpointConnectionItem struct {
+	// ID - Id of private endpoint connection.
+	ID *string `json:"id,omitempty"`
+	// Etag - Modified whenever there is a change in the state of private endpoint connection.
+	Etag *string `json:"etag,omitempty"`
 	// PrivateEndpointConnectionProperties - Private endpoint connection properties.
 	*PrivateEndpointConnectionProperties `json:"properties,omitempty"`
 }
@@ -1115,6 +1182,12 @@ type PrivateEndpointConnectionItem struct {
 // MarshalJSON is the custom marshaler for PrivateEndpointConnectionItem.
 func (peci PrivateEndpointConnectionItem) MarshalJSON() ([]byte, error) {
 	objectMap := make(map[string]interface{})
+	if peci.ID != nil {
+		objectMap["id"] = peci.ID
+	}
+	if peci.Etag != nil {
+		objectMap["etag"] = peci.Etag
+	}
 	if peci.PrivateEndpointConnectionProperties != nil {
 		objectMap["properties"] = peci.PrivateEndpointConnectionProperties
 	}
@@ -1130,6 +1203,24 @@ func (peci *PrivateEndpointConnectionItem) UnmarshalJSON(body []byte) error {
 	}
 	for k, v := range m {
 		switch k {
+		case "id":
+			if v != nil {
+				var ID string
+				err = json.Unmarshal(*v, &ID)
+				if err != nil {
+					return err
+				}
+				peci.ID = &ID
+			}
+		case "etag":
+			if v != nil {
+				var etag string
+				err = json.Unmarshal(*v, &etag)
+				if err != nil {
+					return err
+				}
+				peci.Etag = &etag
+			}
 		case "properties":
 			if v != nil {
 				var privateEndpointConnectionProperties PrivateEndpointConnectionProperties
@@ -1325,8 +1416,8 @@ type PrivateLinkServiceConnectionState struct {
 	Status PrivateEndpointServiceConnectionStatus `json:"status,omitempty"`
 	// Description - The reason for approval or rejection.
 	Description *string `json:"description,omitempty"`
-	// ActionRequired - A message indicating if changes on the service provider require any updates on the consumer.
-	ActionRequired *string `json:"actionRequired,omitempty"`
+	// ActionsRequired - A message indicating if changes on the service provider require any updates on the consumer.
+	ActionsRequired *string `json:"actionsRequired,omitempty"`
 }
 
 // Resource key Vault resource
@@ -1512,6 +1603,8 @@ func NewResourceListResultPage(cur ResourceListResult, getNextPage func(context.
 type ServiceSpecification struct {
 	// LogSpecifications - Log specifications of operation.
 	LogSpecifications *[]LogSpecification `json:"logSpecifications,omitempty"`
+	// MetricSpecifications - Metric specifications of operation.
+	MetricSpecifications *[]MetricSpecification `json:"metricSpecifications,omitempty"`
 }
 
 // Sku SKU details
@@ -1812,7 +1905,7 @@ type VaultPatchProperties struct {
 	EnabledForTemplateDeployment *bool `json:"enabledForTemplateDeployment,omitempty"`
 	// EnableSoftDelete - Property to specify whether the 'soft delete' functionality is enabled for this key vault. Once set to true, it cannot be reverted to false.
 	EnableSoftDelete *bool `json:"enableSoftDelete,omitempty"`
-	// EnableRbacAuthorization - Property that controls how data actions are authorized. When true, the key vault will use Role Based Access Control (RBAC) for authorization of data actions, and the access policies specified in vault properties will be  ignored (warning: this is a preview feature). When false, the key vault will use the access policies specified in vault properties, and any policy stored on Azure Resource Manager will be ignored. If null or not specified, the value of this property will not change.
+	// EnableRbacAuthorization - Property that controls how data actions are authorized. When true, the key vault will use Role Based Access Control (RBAC) for authorization of data actions, and the access policies specified in vault properties will be  ignored. When false, the key vault will use the access policies specified in vault properties, and any policy stored on Azure Resource Manager will be ignored. If null or not specified, the value of this property will not change.
 	EnableRbacAuthorization *bool `json:"enableRbacAuthorization,omitempty"`
 	// SoftDeleteRetentionInDays - softDelete data retention days. It accepts >=7 and <=90.
 	SoftDeleteRetentionInDays *int32 `json:"softDeleteRetentionInDays,omitempty"`
@@ -1832,8 +1925,10 @@ type VaultProperties struct {
 	Sku *Sku `json:"sku,omitempty"`
 	// AccessPolicies - An array of 0 to 1024 identities that have access to the key vault. All identities in the array must use the same tenant ID as the key vault's tenant ID. When `createMode` is set to `recover`, access policies are not required. Otherwise, access policies are required.
 	AccessPolicies *[]AccessPolicyEntry `json:"accessPolicies,omitempty"`
-	// VaultURI - The URI of the vault for performing operations on keys and secrets.
+	// VaultURI - The URI of the vault for performing operations on keys and secrets. This property is readonly
 	VaultURI *string `json:"vaultUri,omitempty"`
+	// HsmPoolResourceID - READ-ONLY; The resource id of HSM Pool.
+	HsmPoolResourceID *string `json:"hsmPoolResourceId,omitempty"`
 	// EnabledForDeployment - Property to specify whether Azure Virtual Machines are permitted to retrieve certificates stored as secrets from the key vault.
 	EnabledForDeployment *bool `json:"enabledForDeployment,omitempty"`
 	// EnabledForDiskEncryption - Property to specify whether Azure Disk Encryption is permitted to retrieve secrets from the vault and unwrap keys.
@@ -1844,7 +1939,7 @@ type VaultProperties struct {
 	EnableSoftDelete *bool `json:"enableSoftDelete,omitempty"`
 	// SoftDeleteRetentionInDays - softDelete data retention days. It accepts >=7 and <=90.
 	SoftDeleteRetentionInDays *int32 `json:"softDeleteRetentionInDays,omitempty"`
-	// EnableRbacAuthorization - Property that controls how data actions are authorized. When true, the key vault will use Role Based Access Control (RBAC) for authorization of data actions, and the access policies specified in vault properties will be  ignored (warning: this is a preview feature). When false, the key vault will use the access policies specified in vault properties, and any policy stored on Azure Resource Manager will be ignored. If null or not specified, the vault is created with the default value of false. Note that management actions are always authorized with RBAC.
+	// EnableRbacAuthorization - Property that controls how data actions are authorized. When true, the key vault will use Role Based Access Control (RBAC) for authorization of data actions, and the access policies specified in vault properties will be  ignored. When false, the key vault will use the access policies specified in vault properties, and any policy stored on Azure Resource Manager will be ignored. If null or not specified, the vault is created with the default value of false. Note that management actions are always authorized with RBAC.
 	EnableRbacAuthorization *bool `json:"enableRbacAuthorization,omitempty"`
 	// CreateMode - The vault's create mode to indicate whether the vault need to be recovered or not. Possible values include: 'CreateModeRecover', 'CreateModeDefault'
 	CreateMode CreateMode `json:"createMode,omitempty"`
@@ -1852,6 +1947,8 @@ type VaultProperties struct {
 	EnablePurgeProtection *bool `json:"enablePurgeProtection,omitempty"`
 	// NetworkAcls - Rules governing the accessibility of the key vault from specific network locations.
 	NetworkAcls *NetworkRuleSet `json:"networkAcls,omitempty"`
+	// ProvisioningState - Provisioning state of the vault. Possible values include: 'VaultProvisioningStateSucceeded', 'VaultProvisioningStateRegisteringDNS'
+	ProvisioningState VaultProvisioningState `json:"provisioningState,omitempty"`
 	// PrivateEndpointConnections - READ-ONLY; List of private endpoint connections associated with the key vault.
 	PrivateEndpointConnections *[]PrivateEndpointConnectionItem `json:"privateEndpointConnections,omitempty"`
 }
@@ -1898,6 +1995,9 @@ func (vp VaultProperties) MarshalJSON() ([]byte, error) {
 	if vp.NetworkAcls != nil {
 		objectMap["networkAcls"] = vp.NetworkAcls
 	}
+	if vp.ProvisioningState != "" {
+		objectMap["provisioningState"] = vp.ProvisioningState
+	}
 	return json.Marshal(objectMap)
 }
 
@@ -1985,4 +2085,6 @@ func (future *VaultsPurgeDeletedFuture) result(client VaultsClient) (ar autorest
 type VirtualNetworkRule struct {
 	// ID - Full resource id of a vnet subnet, such as '/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworks/test-vnet/subnets/subnet1'.
 	ID *string `json:"id,omitempty"`
+	// IgnoreMissingVnetServiceEndpoint - Property to specify whether NRP will ignore the check if parent subnet has serviceEndpoints configured.
+	IgnoreMissingVnetServiceEndpoint *bool `json:"ignoreMissingVnetServiceEndpoint,omitempty"`
 }
diff --git a/services/preview/keyvault/mgmt/2020-04-01-preview/keyvault/privateendpointconnections.go b/services/preview/keyvault/mgmt/2020-04-01-preview/keyvault/privateendpointconnections.go
index d7865b9d97a2..07419877f06e 100644
--- a/services/preview/keyvault/mgmt/2020-04-01-preview/keyvault/privateendpointconnections.go
+++ b/services/preview/keyvault/mgmt/2020-04-01-preview/keyvault/privateendpointconnections.go
@@ -197,7 +197,7 @@ func (client PrivateEndpointConnectionsClient) GetSender(req *http.Request) (*ht
 func (client PrivateEndpointConnectionsClient) GetResponder(resp *http.Response) (result PrivateEndpointConnection, err error) {
 	err = autorest.Respond(
 		resp,
-		azure.WithErrorUnlessStatusCode(http.StatusOK),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusNoContent),
 		autorest.ByUnmarshallingJSON(&result),
 		autorest.ByClosing())
 	result.Response = autorest.Response{Response: resp}