Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

UserAssignedIdentities #18682

Merged
merged 5 commits into from
Jun 23, 2022
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion src/Compute/Compute.Test/Compute.Test.csproj
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@

<ItemGroup>
<PackageReference Include="Microsoft.Azure.Graph.RBAC" Version="3.4.0-preview" />
<PackageReference Include="Microsoft.Azure.Management.Compute" Version="55.0.0" />
<PackageReference Include="Microsoft.Azure.Management.Compute" Version="56.0.0" />
<PackageReference Include="Microsoft.Azure.Management.KeyVault" Version="4.0.0-preview.1" />
<PackageReference Include="Microsoft.Azure.Management.Network" Version="22.0.0" />
</ItemGroup>
Expand Down
4 changes: 4 additions & 0 deletions src/Compute/Compute/ChangeLog.md
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,10 @@
* An unresolved path can be passed in for '-LocalFilePath' for `Add-AzVhd`. The cmdlet with unresolve the path itself.
* Added `-DataAccessAuthMode` parameter to Add-AzVhd DirectUploadToManagedDisk parameter set.
* Added `-EnabldUltraSSD` parameter to New-AzHostGroup.
* Added `-UserAssignedIdentity` and `-FederatedClientId` to the following cmdlets:
- `New-AzDiskEncryptionSetConfig`
- `Update-AzDiskEncryptionSet`
* Added `-TreatFailureAsDeploymentFailure` to cmdlets `Add-AzVmGalleryApplication` and `Add-AzVmssGalleryApplication`

## Version 4.27.0
* Edited `New-AzVm` cmdlet internal logic to use the `PlatformFaultDomain` value in the `PSVirtualMachine` object passed to it in the new virtual machine.
Expand Down
2 changes: 1 addition & 1 deletion src/Compute/Compute/Compute.csproj
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@

<ItemGroup>
<PackageReference Include="AutoMapper" Version="6.2.2" />
<PackageReference Include="Microsoft.Azure.Management.Compute" Version="55.0.0" />
<PackageReference Include="Microsoft.Azure.Management.Compute" Version="56.0.0" />
<PackageReference Include="System.Security.Permissions" Version="4.5.0" />
<PackageReference Include="System.ServiceModel.Primitives" Version="4.7.0" />
<PackageReference Include="WindowsAzure.Storage" Version="9.3.0" />
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -79,6 +79,17 @@ public partial class NewAzureRmDiskEncryptionSetConfigCommand : Microsoft.Azure.
HelpMessage = "Gets or sets set this flag to true to enable auto-updating of this disk encryption")]
public bool? RotationToLatestKeyVersionEnabled { get; set; }

[Parameter(
Mandatory = false,
ValueFromPipelineByPropertyName = true,
HelpMessage = "Multi-tenant application client id to access key vault in a different tenant.")]
public string FederatedClientId { get; set; }

[Parameter(
Mandatory = false,
ValueFromPipelineByPropertyName = true,
HelpMessage = "The list of user identities associated with the disk encryption set. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.")]
public Hashtable UserAssignedIdentity { get; set; }

protected override void ProcessRecord()
{
Expand Down Expand Up @@ -127,14 +138,41 @@ private void Run()
vActiveKey.KeyUrl = this.KeyUrl;
}

if (this.IsParameterBound(c => c.UserAssignedIdentity))
{
if (vIdentity == null)
{
vIdentity = new EncryptionSetIdentity();
}
if (vIdentity.UserAssignedIdentities == null)
{
vIdentity.UserAssignedIdentities = new Dictionary<string, EncryptionSetIdentityUserAssignedIdentitiesValue>();
}

foreach (DictionaryEntry de in this.UserAssignedIdentity)
{
if (((Hashtable)de.Value).Count == 0)
{
vIdentity.UserAssignedIdentities.Add(de.Key.ToString(), new EncryptionSetIdentityUserAssignedIdentitiesValue());
}
else
{
string principalId = ((Hashtable)de.Value)["principalId"]?.ToString();
string clientId = ((Hashtable)de.Value)["clientId"]?.ToString();
vIdentity.UserAssignedIdentities.Add(de.Key.ToString(), new EncryptionSetIdentityUserAssignedIdentitiesValue(principalId, clientId));
}
}
}

var vDiskEncryptionSet = new PSDiskEncryptionSet
{
Location = this.IsParameterBound(c => c.Location) ? this.Location : null,
Tags = this.IsParameterBound(c => c.Tag) ? this.Tag.Cast<DictionaryEntry>().ToDictionary(ht => (string)ht.Key, ht => (string)ht.Value) : null,
EncryptionType = this.IsParameterBound(c => c.EncryptionType) ? this.EncryptionType : null,
Identity = vIdentity,
ActiveKey = vActiveKey,
RotationToLatestKeyVersionEnabled = this.IsParameterBound(c => c.RotationToLatestKeyVersionEnabled) ? this.RotationToLatestKeyVersionEnabled : null
RotationToLatestKeyVersionEnabled = this.IsParameterBound(c => c.RotationToLatestKeyVersionEnabled) ? this.RotationToLatestKeyVersionEnabled : null,
FederatedClientId = this.IsParameterBound(c => c.FederatedClientId) ? this.FederatedClientId : null
};

WriteObject(vDiskEncryptionSet);
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -141,16 +141,29 @@ public override void ExecuteCmdlet()
[Parameter(Mandatory = false, HelpMessage = "Run cmdlet in the background")]
public SwitchParameter AsJob { get; set; }

[Parameter(
Mandatory = false,
ValueFromPipelineByPropertyName = true,
HelpMessage = "Multi-tenant application client id to access key vault in a different tenant. Setting value to 'None' will clear the property.")]
public string FederatedClientId { get; set; }

[Parameter(
Mandatory = false,
ValueFromPipelineByPropertyName = true,
HelpMessage = "The list of user identities associated with the disk encryption set. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.")]
public Hashtable UserAssignedIdentity { get; set; }

private DiskEncryptionSetUpdate DiskEncryptionSetUpdate { get; set; }

private void BuildPatchObject()
{
if (this.DiskEncryptionSetUpdate == null)
{
this.DiskEncryptionSetUpdate = new DiskEncryptionSetUpdate();
}

if (this.IsParameterBound(c => c.KeyUrl))
{
if (this.DiskEncryptionSetUpdate == null)
{
this.DiskEncryptionSetUpdate = new DiskEncryptionSetUpdate();
}
if (this.DiskEncryptionSetUpdate.ActiveKey == null)
{
//this.DiskEncryptionSetUpdate.ActiveKey = new KeyVaultAndKeyReference();
Expand All @@ -161,10 +174,6 @@ private void BuildPatchObject()

if (this.IsParameterBound(c => c.SourceVaultId))
{
if (this.DiskEncryptionSetUpdate == null)
{
this.DiskEncryptionSetUpdate = new DiskEncryptionSetUpdate();
}
if (this.DiskEncryptionSetUpdate.ActiveKey == null)
{
//this.DiskEncryptionSetUpdate.ActiveKey = new KeyVaultAndKeyReference();
Expand All @@ -179,20 +188,43 @@ private void BuildPatchObject()

if (this.IsParameterBound(c => c.Tag))
{
if (this.DiskEncryptionSetUpdate == null)
{
this.DiskEncryptionSetUpdate = new DiskEncryptionSetUpdate();
}
this.DiskEncryptionSetUpdate.Tags = this.Tag.Cast<DictionaryEntry>().ToDictionary(ht => (string)ht.Key, ht => (string)ht.Value);
}

if(this.IsParameterBound(c => c.RotationToLatestKeyVersionEnabled))
{
if (this.DiskEncryptionSetUpdate == null)
this.DiskEncryptionSetUpdate.RotationToLatestKeyVersionEnabled = this.RotationToLatestKeyVersionEnabled;
}

if(this.IsParameterBound(c => c.FederatedClientId))
{
this.DiskEncryptionSetUpdate.FederatedClientId = this.FederatedClientId;
}

if (this.IsParameterBound(c => c.UserAssignedIdentity))
{
if (this.DiskEncryptionSetUpdate.Identity == null)
{
this.DiskEncryptionSetUpdate = new DiskEncryptionSetUpdate();
this.DiskEncryptionSetUpdate.Identity = new EncryptionSetIdentity();
}
if (this.DiskEncryptionSetUpdate.Identity.UserAssignedIdentities == null)
{
this.DiskEncryptionSetUpdate.Identity.UserAssignedIdentities = new Dictionary<string, EncryptionSetIdentityUserAssignedIdentitiesValue>();
}

foreach (DictionaryEntry de in this.UserAssignedIdentity)
{
if (((Hashtable)de.Value).Count == 0)
{
this.DiskEncryptionSetUpdate.Identity.UserAssignedIdentities.Add(de.Key.ToString(), new EncryptionSetIdentityUserAssignedIdentitiesValue());
}
else
{
string principalId = ((Hashtable)de.Value)["principalId"]?.ToString();
string clientId = ((Hashtable)de.Value)["clientId"]?.ToString();
this.DiskEncryptionSetUpdate.Identity.UserAssignedIdentities.Add(de.Key.ToString(), new EncryptionSetIdentityUserAssignedIdentitiesValue(principalId, clientId));
}
}
this.DiskEncryptionSetUpdate.RotationToLatestKeyVersionEnabled = this.RotationToLatestKeyVersionEnabled;
}
}

Expand Down Expand Up @@ -230,6 +262,36 @@ private void BuildPutObject()
this.InputObject.RotationToLatestKeyVersionEnabled = this.RotationToLatestKeyVersionEnabled;
}

if (this.IsParameterBound(c => c.FederatedClientId))
{
this.InputObject.FederatedClientId = this.FederatedClientId;
}

if (this.IsParameterBound(c => c.UserAssignedIdentity))
{
if (this.InputObject.Identity == null)
{
this.InputObject.Identity = new EncryptionSetIdentity();
}
if (this.InputObject.Identity.UserAssignedIdentities == null)
{
this.InputObject.Identity.UserAssignedIdentities = new Dictionary<string, EncryptionSetIdentityUserAssignedIdentitiesValue>();
}

foreach (DictionaryEntry de in this.UserAssignedIdentity)
{
if (((Hashtable)de.Value).Count == 0)
{
this.InputObject.Identity.UserAssignedIdentities.Add(de.Key.ToString(), new EncryptionSetIdentityUserAssignedIdentitiesValue());
}
else
{
string principalId = ((Hashtable)de.Value)["principalId"]?.ToString();
string clientId = ((Hashtable)de.Value)["clientId"]?.ToString();
this.InputObject.Identity.UserAssignedIdentities.Add(de.Key.ToString(), new EncryptionSetIdentityUserAssignedIdentitiesValue(principalId, clientId));
}
}
}
}
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -41,6 +41,12 @@ public class AddAzureVmGalleryApplicationCommand : Microsoft.Azure.Commands.Reso
Mandatory = false)]
public int Order { get; set; }

[Parameter(
Mandatory = false,
ValueFromPipelineByPropertyName = true,
HelpMessage = "If true, any failure for any operation in the VmApplication will fail the deployment. Defaults to false if not specified.")]
public SwitchParameter TreatFailureAsDeploymentFailure { get; set; }

public override void ExecuteCmdlet()
{
if (VM.ApplicationProfile == null)
Expand All @@ -57,6 +63,11 @@ public override void ExecuteCmdlet()
GalleryApplication.Order = this.Order;
}

if (this.TreatFailureAsDeploymentFailure.IsPresent)
{
GalleryApplication.TreatFailureAsDeploymentFailure = true;
}

VM.ApplicationProfile.GalleryApplications.Add(GalleryApplication);

WriteObject(VM);
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -36,6 +36,12 @@ public class AddAzureVmssGalleryApplicationCommand : Microsoft.Azure.Commands.Re
HelpMessage = "VM Gallery Application Object.")]
public PSVMGalleryApplication GalleryApplication { get; set; }

[Parameter(
Mandatory = false,
ValueFromPipelineByPropertyName = true,
HelpMessage = "If true, any failure for any operation in the VmApplication will fail the deployment. Defaults to false if not specified.")]
public SwitchParameter TreatFailureAsDeploymentFailure { get; set; }

[Parameter(
Mandatory = false)]
public int Order { get; set; }
Expand All @@ -56,6 +62,11 @@ public override void ExecuteCmdlet()
GalleryApplication.Order = this.Order;
}

if (this.TreatFailureAsDeploymentFailure.IsPresent)
{
GalleryApplication.TreatFailureAsDeploymentFailure = true;
}

VirtualMachineScaleSetVM.ApplicationProfile.GalleryApplications.Add(GalleryApplication);

WriteObject(VirtualMachineScaleSetVM);
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -51,6 +51,7 @@ public string ResourceGroupName
public IDictionary<string, string> Tags { get; set; }
public string EncryptionType { get; set; }
public bool? RotationToLatestKeyVersionEnabled { get; set; }
public string FederatedClientId { get; set; }

}
}
Original file line number Diff line number Diff line change
Expand Up @@ -32,6 +32,8 @@ public partial class PSVMGalleryApplication
public int? Order { get; set; }
public string PackageReferenceId { get; set; }
public string ConfigurationReference { get; set; }
public bool? TreatFailureAsDeploymentFailure { get; set; }
public bool? EnableAutomaticUpgrade { get; set; }

}
}
Loading