resolving conflicts

Author: saisujithreddym

src/Batch/Batch.Test/Batch.Test.csproj

@@ -17,7 +17,7 @@
     <PackageReference Include="Microsoft.Azure.Batch" Version="13.0.0" />
     <PackageReference Include="Microsoft.Azure.Management.Batch" Version="10.0.0" />
     <PackageReference Include="WindowsAzure.Storage" Version="9.3.0" />
-    <PackageReference Include="Microsoft.Azure.Management.Network" Version="20.0.0-preview" />
+    <PackageReference Include="Microsoft.Azure.Management.Network" Version="20.0.1-preview" />
   </ItemGroup>
 
   <ItemGroup>

src/CognitiveServices/CognitiveServices.Test/CognitiveServices.Test.csproj

@@ -12,7 +12,7 @@
 
   <ItemGroup>
     <PackageReference Include="Microsoft.Azure.Management.CognitiveServices" Version="7.1.0-preview" />
-    <PackageReference Include="Microsoft.Azure.Management.Network" Version="20.0.0-preview" />
+    <PackageReference Include="Microsoft.Azure.Management.Network" Version="20.0.1-preview" />
   </ItemGroup>
 
 </Project>

src/Compute/Compute.Test/Compute.Test.csproj

@@ -14,7 +14,7 @@
     <PackageReference Include="Microsoft.Azure.Graph.RBAC" Version="3.4.0-preview" />
     <PackageReference Include="Microsoft.Azure.Management.Compute" Version="36.0.0" />
     <PackageReference Include="Microsoft.Azure.Management.KeyVault" Version="3.0.0" />
-    <PackageReference Include="Microsoft.Azure.Management.Network" Version="20.0.0-preview" />
+    <PackageReference Include="Microsoft.Azure.Management.Network" Version="20.0.1-preview" />
   </ItemGroup>
 
   <ItemGroup>

src/CosmosDB/CosmosDB.Test/CosmosDB.Test.csproj

@@ -5,6 +5,6 @@
   <Import Project="$(MSBuildThisFileDirectory)..\..\Az.Test.props" />
   <ItemGroup>
     <PackageReference Include="Microsoft.Azure.Management.CosmosDB" Version="1.1.1" />
-    <PackageReference Include="Microsoft.Azure.Management.Network" Version="20.0.0-preview" />
+    <PackageReference Include="Microsoft.Azure.Management.Network" Version="20.0.1-preview" />
 </ItemGroup>
 </Project>

src/DataLakeStore/DataLakeStore.Test/DataLakeStore.Test.csproj

@@ -12,7 +12,7 @@
 
   <ItemGroup>
     <PackageReference Include="Microsoft.Azure.Management.DataLake.Store" Version="2.4.2-preview" />
-    <PackageReference Include="Microsoft.Azure.Management.Network" Version="20.0.0-preview" />
+    <PackageReference Include="Microsoft.Azure.Management.Network" Version="20.0.1-preview" />
   </ItemGroup>
 
   <ItemGroup>

src/Dns/Dns.Test/Dns.Test.csproj

@@ -12,7 +12,7 @@
 
   <ItemGroup>
     <PackageReference Include="Microsoft.Azure.Management.Dns" Version="3.0.1" />
-    <PackageReference Include="Microsoft.Azure.Management.Network" Version="20.0.0-preview" />
+    <PackageReference Include="Microsoft.Azure.Management.Network" Version="20.0.1-preview" />
   </ItemGroup>
 
 </Project>

src/KeyVault/KeyVault.Test/KeyVault.Test.csproj

@@ -14,7 +14,7 @@
     <PackageReference Include="Microsoft.Azure.KeyVault" Version="3.0.1" />
     <PackageReference Include="Microsoft.Azure.KeyVault.WebKey" Version="3.0.1" />
     <PackageReference Include="Microsoft.Azure.Management.KeyVault" Version="3.0.0" />
-    <PackageReference Include="Microsoft.Azure.Management.Network" Version="20.0.0-preview" />
+    <PackageReference Include="Microsoft.Azure.Management.Network" Version="20.0.1-preview" />
   </ItemGroup>
 
   <ItemGroup>

src/Monitor/Monitor.Test/Monitor.Test.csproj

@@ -13,7 +13,7 @@
   <ItemGroup>
     <PackageReference Include="Microsoft.Azure.Management.Monitor" Version="0.25.1-preview" />
     <PackageReference Include="Microsoft.Azure.Management.ApplicationInsights" Version="0.3.0-preview" />
-    <PackageReference Include="Microsoft.Azure.Management.Network" Version="20.0.0-preview" />
+    <PackageReference Include="Microsoft.Azure.Management.Network" Version="20.0.1-preview" />
     <PackageReference Include="Microsoft.Azure.Management.OperationalInsights" Version="0.20.0-preview" />
   </ItemGroup>
 

src/NetAppFiles/NetAppFiles.Test/NetAppFiles.Test.csproj

@@ -12,7 +12,7 @@
 
   <ItemGroup>
     <PackageReference Include="Microsoft.Azure.Management.NetApp" Version="1.4.0" />
-    <PackageReference Include="Microsoft.Azure.Management.Network" Version="20.0.0-preview" />
+    <PackageReference Include="Microsoft.Azure.Management.Network" Version="20.0.1-preview" />
   </ItemGroup>
 
 </Project>

src/Network/Network.Test/Network.Test.csproj

@@ -14,7 +14,7 @@
 
   <ItemGroup>
     <PackageReference Include="Microsoft.Azure.Graph.RBAC" Version="3.4.0-preview" />
-    <PackageReference Include="Microsoft.Azure.Management.Network" Version="20.0.0-preview" />
+    <PackageReference Include="Microsoft.Azure.Management.Network" Version="20.0.1-preview" />
     <PackageReference Include="Microsoft.Azure.Insights" Version="0.16.0-preview" />
     <PackageReference Include="Microsoft.Azure.Management.Compute" Version="36.0.0" />
     <PackageReference Include="Microsoft.Azure.Management.ContainerInstance" Version="2.0.0" />

src/Network/Network.Test/ScenarioTests/AzureFirewallPolicyTests.cs

@@ -26,12 +26,20 @@ public AzureFirewallPolicyTests(ITestOutputHelper output)
         {
         }
 
-        [Fact(Skip = "Fails with Internal Server Error")]
+        [Fact]
         [Trait(Category.AcceptanceType, Category.CheckIn)]
         [Trait(Category.Owner, NrpTeamAlias.azurefirewall)]
         public void TestAzureFirewallPolicyCRUD()
         {
             TestRunner.RunTestScript("Test-AzureFirewallPolicyCRUD");
         }
+
+        [Fact]
+        [Trait(Category.AcceptanceType, Category.CheckIn)]
+        [Trait(Category.Owner, NrpTeamAlias.azurefirewall)]
+        public void TestAzureFirewallPolicyWithThreatIntelWhitelistCRUD()
+        {
+            TestRunner.RunTestScript("Test-AzureFirewallPolicyWithThreatIntelWhitelistCRUD");
+        }
     }
 }

src/Network/Network.Test/ScenarioTests/AzureFirewallPolicyTests.ps1

@@ -22,7 +22,7 @@ function Test-AzureFirewallPolicyCRUD {
     $azureFirewallPolicyName = Get-ResourceName
     $azureFirewallPolicyAsJobName = Get-ResourceName
     $resourceTypeParent = "Microsoft.Network/FirewallPolicies"
-    $location = "westcentralus"
+    $location = "eastus2euap"
 
     $ruleGroupName = Get-ResourceName
 
@@ -33,11 +33,6 @@ function Test-AzureFirewallPolicyCRUD {
 
     $pipelineRcPriority = 154
 
-    # AzureFirewallPolicyApplicationRuleCollection 2
-    $appRc2Name = "appRc2"
-    $appRc2Priority = 300
-    $appRc2ActionType = "Deny"
-
     # AzureFirewallPolicyApplicationRule 1
     $appRule1Name = "appRule"
     $appRule1Desc = "desc1"
@@ -70,23 +65,22 @@ function Test-AzureFirewallPolicyCRUD {
     $networkRule1Desc = "desc1"
     $networkRule1SourceAddress1 = "10.0.0.0"
     $networkRule1SourceAddress2 = "111.1.0.0/24"
-    $networkRule1DestinationAddress1 = "*"
+    $networkRule1DestinationAddress1 = "10.10.10.1"
     $networkRule1Protocol1 = "UDP"
     $networkRule1Protocol2 = "TCP"
     $networkRule1Protocol3 = "ICMP"
     $networkRule1DestinationPort1 = "90"
 
     # AzureFirewallPolicyNatRuleCollection
     $natRcName = "natRc"
-    $natRcPriority = 200
+    $natRcPriority = 100
     $natRcActionType = "Dnat"
 
     # AzureFirewallPolicyNatRule 1
     $natRule1Name = "natRule"
     $natRule1Desc = "desc1"
     $natRule1SourceAddress1 = "10.0.0.0"
     $natRule1SourceAddress2 = "111.1.0.0/24"
-    $natRule1DestinationAddress1 = "1.2.3.4"
     $natRule1Protocol1 = "UDP"
     $natRule1Protocol2 = "TCP"
     $natRule1DestinationPort1 = "90"
@@ -115,16 +109,22 @@ function Test-AzureFirewallPolicyCRUD {
         $appRule = New-AzFirewallPolicyApplicationRule -Name $appRule1Name -Description $appRule1Desc -Protocol $appRule1Protocol1, $appRule1Protocol2 -TargetFqdn $appRule1Fqdn1, $appRule1Fqdn2 -SourceAddress $appRule1SourceAddress1
         $appRule2 = New-AzFirewallPolicyApplicationRule -Name $appRule2Name -Description $appRule1Desc -Protocol $appRule2Protocol1, $appRule2Protocol2 -TargetFqdn $appRule2Fqdn1 -SourceAddress $appRule2SourceAddress1
 
-        # Create Network Rule Condition
+        # Create Network Rule
         $networkRule = New-AzFirewallPolicyNetworkRule -Name $networkRule1Name -Description $networkRule1Desc -Protocol $networkRule1Protocol1, $networkRule1Protocol2 -SourceAddress $networkRule1SourceAddress1, $networkRule1SourceAddress2 -DestinationAddress $networkRule1DestinationAddress1 -DestinationPort $networkRule1DestinationPort1
 
-        # Create Filter Rule with 2 rules
+
+        # Create Filter Rule with 2 application rules
         $appRc = New-AzFirewallPolicyFilterRuleCollection -Name $appRcName -Priority $appRcPriority -Rule $appRule, $appRule2 -ActionType $appRcActionType
-        # Create a second Filter Rule Collection with 1 rule
-        $appRc2 = New-AzFirewallPolicyFilterRuleCollection -Name $appRc2Name -Priority $appRc2Priority -Rule $networkRule -ActionType $appRc2ActionType
+        
+        # Create a second Filter Rule Collection with 1 network rule
+        $appRc2 = New-AzFirewallPolicyFilterRuleCollection -Name $networkRcName -Priority $networkRcPriority -Rule $networkRule -ActionType $networkRcActionType
+
 
-        # Create a NAT rule
-        $natRc = New-AzFirewallPolicyNatRuleCollection -Name $networkRcName -Priority $natRcPriority -Rule $networkRule -TranslatedAddress $natRule1TranslatedAddress -TranslatedPort $natRule1TranslatedPort -ActionType $natRcActionType
+        # Create NAT rule
+        $natRule = New-AzFirewallPolicyNatRule -Name $natRule1Name -Description $natRule1Desc -Protocol $natRule1Protocol1, $natRule1Protocol2 -SourceAddress $natRule1SourceAddress1, $natRule1SourceAddress2 -DestinationAddress $networkRule1DestinationAddress1 -DestinationPort $natRule1DestinationPort1 -TranslatedAddress $natRule1TranslatedAddress -TranslatedPort $natRule1TranslatedPort
+
+        # Create a NAT Rule Collection
+        $natRc = New-AzFirewallPolicyNatRuleCollection -Name $natRcName -ActionType $natRcActionType -Priority $natRcPriority -Rule $natRule
 
         New-AzFirewallPolicyRuleCollectionGroup -Name $ruleGroupName -Priority 100 -RuleCollection $appRc, $appRc2, $natRc -FirewallPolicyObject $azureFirewallPolicy
 
@@ -136,24 +136,25 @@ function Test-AzureFirewallPolicyCRUD {
         # Get AzureFirewallPolicy
         $getAzureFirewallPolicy = Get-AzFirewallPolicy -Name $azureFirewallPolicyName -ResourceGroupName $rgName
 
-        # #verification
+        # verification
         Assert-AreEqual $rgName $getAzureFirewallPolicy.ResourceGroupName
         Assert-AreEqual $azureFirewallPolicyName $getAzureFirewallPolicy.Name
         Assert-NotNull $getAzureFirewallPolicy.Location
         Assert-AreEqual $location $getAzureFirewallPolicy.Location
         Assert-AreEqual "Deny" $getAzureFirewallPolicy.ThreatIntelMode
 
-        # # Check rule groups count
+        # Check rule groups count
         Assert-AreEqual 1 @($getAzureFirewallPolicy.RuleCollectionGroups).Count
 
         $getRg = Get-AzFirewallPolicyRuleCollectionGroup -Name $ruleGroupName -AzureFirewallPolicy $getAzureFirewallPolicy
 
         Assert-AreEqual 3 @($getRg.properties.ruleCollection).Count
 
         $filterRuleCollection1 = $getRg.Properties.GetRuleCollectionByName($appRcName)
-        $natRuleCollection = $getRg.Properties.GetRuleCollectionByName($networkRcName)
+        $filterRuleCollection2 = $getRg.Properties.GetRuleCollectionByName($networkRcName)
+        $natRuleCollection = $getRg.Properties.GetRuleCollectionByName($natRcName)
 
-        # Verify filter Rule1 
+        # Verify Filter Rule Collection1 
         Assert-AreEqual $appRcName $filterRuleCollection1.Name
         Assert-AreEqual $appRcPriority $filterRuleCollection1.Priority
         Assert-AreEqual $appRcActionType $filterRuleCollection1.Action.Type
@@ -176,29 +177,50 @@ function Test-AzureFirewallPolicyCRUD {
         Assert-AreEqual $appRule1Fqdn1 $appRule.TargetFqdns[0]
         Assert-AreEqual $appRule1Fqdn2 $appRule.TargetFqdns[1]
 
-        # Verify NAT rule collection and NAT rule)
-        $natRule = $natRuleCollection.GetRuleByName($networkRcName)
+        # Verify Filter Rule Collection2 
+        Assert-AreEqual $networkRcName $filterRuleCollection2.Name
+        Assert-AreEqual $networkRcPriority $filterRuleCollection2.Priority
+        Assert-AreEqual $networkRcActionType $filterRuleCollection2.Action.Type
+        Assert-AreEqual 1 $filterRuleCollection2.Rules.Count
+
+        $networkRule = $filterRuleCollection2.GetRuleByName($networkRule1Name)
+        # Verify Network rule
+        Assert-AreEqual $networkRule1Name $networkRule.Name
 
-        Assert-AreEqual $networkRcName $natRuleCollection.Name
+        Assert-AreEqual 2 $networkRule.SourceAddresses.Count
+        Assert-AreEqual $networkRule1SourceAddress1 $networkRule.SourceAddresses[0]
+        Assert-AreEqual $networkRule1SourceAddress2 $networkRule.SourceAddresses[1]
+
+        Assert-AreEqual 2 $networkRule.Protocols.Count 
+        Assert-AreEqual $networkRule1Protocol1 $networkRule.Protocols[0]
+        Assert-AreEqual $networkRule1Protocol2 $networkRule.Protocols[1]
+
+        Assert-AreEqual 1 $networkRule.DestinationPorts.Count 
+        Assert-AreEqual $networkRule1DestinationPort1 $networkRule.DestinationPorts[0]
+
+        # Verify NAT rule collection and NAT rule
+        $natRule = $natRuleCollection.GetRuleByName($natRule1Name)
+
+        Assert-AreEqual $natRcName $natRuleCollection.Name
         Assert-AreEqual $natRcPriority $natRuleCollection.Priority
 
-        Assert-AreEqual $networkRule1Name $natRule.Name
+        Assert-AreEqual $natRule1Name $natRule.Name
 
         Assert-AreEqual 2 $natRule.SourceAddresses.Count 
         Assert-AreEqual $natRule1SourceAddress1 $natRule.SourceAddresses[0]
         Assert-AreEqual $natRule1SourceAddress2 $natRule.SourceAddresses[1]
 
-        Assert-AreEqual 1 $natRule.DestinationAddresses.Count 
+        Assert-AreEqual 1 $natRule.DestinationAddresses.Count
 
-        Assert-AreEqual 2 $natRule.Protocols.Count 
-        Assert-AreEqual $networkRule1Protocol1 $natRule.Protocols[0]
-        Assert-AreEqual $networkRule1Protocol2 $natRule.Protocols[1]
+        Assert-AreEqual 2 $natRule.Protocols.Count
+        Assert-AreEqual $natRule1Protocol1 $natRule.Protocols[0]
+        Assert-AreEqual $natRule1Protocol2 $natRule.Protocols[1]
 
-        Assert-AreEqual 1 $natRule.DestinationPorts.Count 
+        Assert-AreEqual 1 $natRule.DestinationPorts.Count
         Assert-AreEqual $natRule1DestinationPort1 $natRule.DestinationPorts[0]
 
-        Assert-AreEqual $natRule1TranslatedAddress $natRuleCollection.TranslatedAddress
-        Assert-AreEqual $natRule1TranslatedPort $natRuleCollection.TranslatedPort
+        Assert-AreEqual $natRule1TranslatedAddress $natRule.TranslatedAddress
+        Assert-AreEqual $natRule1TranslatedPort $natRule.TranslatedPort
 
 
         $testPipelineRg = Get-AzFirewallPolicyRuleCollectionGroup -Name $ruleGroupName -AzureFirewallPolicyName $getAzureFirewallPolicy.Name -ResourceGroupName $rgname
@@ -208,7 +230,71 @@ function Test-AzureFirewallPolicyCRUD {
 
         $azureFirewallPolicyAsJob = New-AzFirewallPolicy -Name $azureFirewallPolicyAsJobName -ResourceGroupName $rgname -Location $location -AsJob
         $result = $azureFirewallPolicyAsJob | Wait-Job
-        Assert-AreEqual "Completed" $result.State;
+        Assert-AreEqual "Completed" $result.State
+    }
+    finally {
+        # Cleanup
+        Clean-ResourceGroup $rgname
+    }
+}
+
+
+<#
+.SYNOPSIS
+Tests AzureFirewallPolicyCRUD with ThreatIntelWhitelist.
+#>
+function Test-AzureFirewallPolicyWithThreatIntelWhitelistCRUD {
+    # Setup
+    $rgname = Get-ResourceGroupName
+    $azureFirewallPolicyName = Get-ResourceName
+    $azureFirewallPolicyAsJobName = Get-ResourceName
+    $resourceTypeParent = "Microsoft.Network/FirewallPolicies"
+    $location = "eastus2euap"
+
+    $ruleGroupName = Get-ResourceName
+    $threatIntelWhiteListIp1 = "20.3.4.5"
+    $threatIntelWhiteListIp2 = "37.1.2.3"
+    $threatIntelWhiteListIp3 = "208.199.20.37"
+    $threatIntelWhiteListFqdn1 = "microsoft.com"
+
+    try {
+        # Create the resource group
+        $resourceGroup = New-AzResourceGroup -Name $rgname -Location $location -Tags @{ testtag = "testval" }
+        
+        $tiWhiteList = New-AzFirewallPolicyThreatIntelWhitelist -IpAddress $threatIntelWhiteListIp1,$threatIntelWhiteListIp2 -FQDN $threatIntelWhiteListFqdn1
+
+        # Create AzureFirewallPolicy (with no rules, ThreatIntel is in Alert mode by default)
+        $azureFirewallPolicy = New-AzFirewallPolicy -Name $azureFirewallPolicyName -ResourceGroupName $rgname -Location $location -ThreatIntelWhitelist $tiWhiteList
+
+        # Get AzureFirewallPolicy
+        $getAzureFirewallPolicy = Get-AzFirewallPolicy -Name $azureFirewallPolicyName -ResourceGroupName $rgname
+
+        #verification
+        Assert-AreEqual $rgName $getAzureFirewallPolicy.ResourceGroupName
+        Assert-AreEqual $azureFirewallPolicyName $getAzureFirewallPolicy.Name
+        Assert-NotNull $getAzureFirewallPolicy.Location
+        Assert-AreEqual $location $getAzureFirewallPolicy.Location
+        Assert-AreEqual "Alert" $getAzureFirewallPolicy.ThreatIntelMode
+        Assert-NotNull $getAzureFirewallPolicy.ThreatIntelWhitelist
+        Assert-AreEqual $threatIntelWhiteListIp1 $getAzureFirewallPolicy.ThreatIntelWhitelist.IpAddresses[0]
+        Assert-AreEqual $threatIntelWhiteListIp2 $getAzureFirewallPolicy.ThreatIntelWhitelist.IpAddresses[1]
+        Assert-AreEqual $threatIntelWhiteListFqdn1 $getAzureFirewallPolicy.ThreatIntelWhitelist.FQDNs[0]
+
+        # # Update ThreatIntel Whitelist
+        $azureFirewallPolicy.ThreatIntelWhitelist.IpAddresses[0] = $threatIntelWhiteListIp3
+        
+        # Set AzureFirewallPolicy
+        Set-AzFirewallPolicy -InputObject $azureFirewallPolicy
+        # Get AzureFirewallPolicy
+        $getAzureFirewallPolicy = Get-AzFirewallPolicy -Name $azureFirewallPolicyName -ResourceGroupName $rgName
+		
+        # #verification
+        Assert-AreEqual $rgName $getAzureFirewallPolicy.ResourceGroupName
+        Assert-AreEqual $azureFirewallPolicyName $getAzureFirewallPolicy.Name
+        Assert-NotNull $getAzureFirewallPolicy.Location
+        Assert-AreEqual $location $getAzureFirewallPolicy.Location
+        Assert-NotNull $getAzureFirewallPolicy.ThreatIntelWhitelist
+        Assert-AreEqual $threatIntelWhiteListIp3 $getAzureFirewallPolicy.ThreatIntelWhitelist.IpAddresses[0]
     }
     finally {
         # Cleanup

src/Network/Network.Test/ScenarioTests/CortexTests.cs

@@ -66,5 +66,13 @@ public void TestDisconnectAzP2sVpnGatewayVpnConnection()
         {
             TestRunner.RunTestScript("Test-DisconnectAzP2sVpnGatewayVpnConnection");
         }
+
+        [Fact]
+        [Trait(Category.AcceptanceType, Category.LiveOnly)]
+        [Trait(Category.Owner, NrpTeamAlias.brooklynft)]
+        public void TestBgpSettingsUpdateVpnGateway()
+        {
+            TestRunner.RunTestScript("Test-BgpUpdateVpnGateway");
+        }
     }
 }