Support cross-tenant virtual network linking for Private DNS zones (#…

…10582)

src/azure-cli/HISTORY.rst

@@ -7,6 +7,10 @@ Release History
 * BREAKING CHANGE:
     Changed job creation from "job start" to "job create".
 
+**Network**
+
+* az network private-dns link vnet create/update: Fixes #9851. Support cross-tenant virtual network linking.
+
 2.0.74
 ++++++
 

src/azure-cli/azure/cli/command_modules/privatedns/__init__.py

@@ -21,7 +21,7 @@ def __init__(self, cli_ctx=None):
                                                        resource_type=ResourceType.MGMT_NETWORK,
                                                        custom_command_type=privatedns_custom,
                                                        suppress_extension=[
-                                                           ModExtensionSuppress(__name__, 'privatedns', '0.1.0',
+                                                           ModExtensionSuppress(__name__, 'privatedns', '0.1.1',
                                                                                 reason='These commands are now in the CLI.',
                                                                                 recommend_remove=True)])
 

src/azure-cli/azure/cli/command_modules/privatedns/_help.py

@@ -69,6 +69,10 @@
 parameters:
   - name: --tags
     short-summary: Resource tags for the virtual network link.
+  - name: --if-match
+    short-summary: The ETag of the virtual network link to the Private DNS zone.
+    long-summary: Omit this value to always overwrite the current virtual network link.
+                  Specify the last-seen ETag value to prevent accidentally overwritting any concurrent changes.
 examples:
   - name: Update a virtual network link properties to enable registration.
     text: >

src/azure-cli/azure/cli/command_modules/privatedns/commands.py

@@ -26,6 +26,11 @@ def load_command_table(self, _):
         client_factory=cf_privatedns_mgmt_record_sets
     )
 
+    network_privatedns_custom = CliCommandType(
+        operations_tmpl='azure.cli.command_modules.privatedns.custom#{}',
+        client_factory=cf_privatedns_mgmt_record_sets
+    )
+
     with self.command_group('network private-dns zone', network_privatedns_zone_sdk) as g:
         g.command('delete', 'delete', confirmation=True, supports_no_wait=True)
         g.show_command('show', 'get', table_transformer=transform_privatedns_zone_table_output)
@@ -39,7 +44,7 @@ def load_command_table(self, _):
         g.show_command('show', 'get', table_transformer=transform_privatedns_link_table_output)
         g.command('list', 'list', table_transformer=transform_privatedns_link_table_output)
         g.custom_command('create', 'create_privatedns_link', client_factory=cf_privatedns_mgmt_virtual_network_links, supports_no_wait=True)
-        g.generic_update_command('update', setter_name='update', custom_func_name='update_privatedns_link', supports_no_wait=True)
+        g.generic_update_command('update', setter_name='update_privatedns_link', setter_type=network_privatedns_custom, supports_no_wait=True)
         g.wait_command('wait')
 
     with self.command_group('network private-dns record-set') as g:

src/azure-cli/azure/cli/command_modules/privatedns/custom.py

@@ -8,6 +8,7 @@
 from collections import Counter
 from knack.log import get_logger
 from msrestazure.azure_exceptions import CloudError
+from msrestazure.tools import parse_resource_id
 from azure.cli.core.util import CLIError
 from azure.cli.core.commands.client_factory import get_mgmt_service_client
 
@@ -43,26 +44,32 @@ def update_privatedns_zone(instance, tags=None):
 def create_privatedns_link(cmd, resource_group_name, private_zone_name, virtual_network_link_name, virtual_network, registration_enabled, tags=None):
     from azure.mgmt.privatedns import PrivateDnsManagementClient
     from azure.mgmt.privatedns.models import VirtualNetworkLink
-    client = get_mgmt_service_client(cmd.cli_ctx, PrivateDnsManagementClient).virtual_network_links
     link = VirtualNetworkLink(location='global', tags=tags)
 
     if registration_enabled is not None:
         link.registration_enabled = registration_enabled
+        aux_subscription = parse_resource_id(virtual_network.id)['subscription']
 
     if virtual_network is not None:
         link.virtual_network = virtual_network
 
+    client = get_mgmt_service_client(cmd.cli_ctx, PrivateDnsManagementClient, aux_subscriptions=[aux_subscription]).virtual_network_links
     return client.create_or_update(resource_group_name, private_zone_name, virtual_network_link_name, link, if_none_match='*')
 
 
-def update_privatedns_link(instance, registration_enabled=None, tags=None):
+def update_privatedns_link(cmd, resource_group_name, private_zone_name, virtual_network_link_name, registration_enabled=None, tags=None, if_match=None, **kwargs):
+    from azure.mgmt.privatedns import PrivateDnsManagementClient
+    link = kwargs['parameters']
+
     if registration_enabled is not None:
-        instance.registration_enabled = registration_enabled
+        link.registration_enabled = registration_enabled
 
     if tags is not None:
-        instance.tags = tags
+        link.tags = tags
 
-    return instance
+    aux_subscription = parse_resource_id(link.virtual_network.id)['subscription']
+    client = get_mgmt_service_client(cmd.cli_ctx, PrivateDnsManagementClient, aux_subscriptions=[aux_subscription]).virtual_network_links
+    return client.update(resource_group_name, private_zone_name, virtual_network_link_name, link, if_match=if_match)
 
 
 def create_privatedns_record_set(cmd, resource_group_name, private_zone_name, relative_record_set_name, record_type, metadata=None, ttl=3600):