UMI related fix.

viparek · viparek · commit 7583bc929fbc · 2021-06-04T09:42:47.000-07:00
diff --git a/src/Sql/Sql/Auditing/Services/AuditingEndpointsCommunicator.cs b/src/Sql/Sql/Auditing/Services/AuditingEndpointsCommunicator.cs
@@ -226,7 +226,7 @@ public DiagnosticSettingsResource UpdateDiagnosticSettings(DiagnosticSettingsRes
             if (server.Identity == null ||
                 server.Identity.Type != ResourceIdentityType.SystemAssigned.ToString())
             {
-                server.Identity = ResourceIdentityHelper.GetIdentityObjectFromType(server.Identity.Type, null);
+                server.Identity = ResourceIdentityHelper.GetIdentityObjectFromType(true, false, null);
                 server = GetCurrentSqlClient().Servers.CreateOrUpdate(resourceGroupName, serverName, server);
             }
 
diff --git a/src/Sql/Sql/Common/ResourceIdentityHelper.cs b/src/Sql/Sql/Common/ResourceIdentityHelper.cs
@@ -55,7 +55,47 @@ public static Management.Sql.Models.ResourceIdentity GetIdentityObjectFromType(s
                     UserAssignedIdentities = umiDict
                 };
             }
-            
+
+            return identityResult;
+        }
+
+        public static Management.Sql.Models.ResourceIdentity GetIdentityObjectFromType(bool assignIdentityIsPresent, bool userAssignedIdentityIsPresent, List<string> userAssignedIdentities)
+        {
+            Management.Sql.Models.ResourceIdentity identityResult = null;
+
+            if (assignIdentityIsPresent && userAssignedIdentityIsPresent)
+            {
+                Dictionary<string, UserIdentity> umiDict = new Dictionary<string, UserIdentity>();
+
+                if (userAssignedIdentities != null && userAssignedIdentities.Any())
+                {
+                    foreach (string identity in userAssignedIdentities)
+                    {
+                        umiDict.Add(identity, new UserIdentity());
+                    }
+
+                    identityResult = new Management.Sql.Models.ResourceIdentity()
+                    {
+                        Type = ResourceIdentityType.UserAssigned.ToString(),
+                        UserAssignedIdentities = umiDict
+                    };
+                }
+                else
+                {
+                    identityResult = new Management.Sql.Models.ResourceIdentity()
+                    {
+                        Type = ResourceIdentityType.SystemAssigned.ToString()
+                    };
+                }    
+            }
+            else if (assignIdentityIsPresent)
+            {
+                identityResult = new Management.Sql.Models.ResourceIdentity()
+                {
+                    Type = ResourceIdentityType.SystemAssigned.ToString()
+                };
+            }
+
             return identityResult;
         }
     }
diff --git a/src/Sql/Sql/ManagedInstance/Cmdlet/NewAzureSqlManagedInstance.cs b/src/Sql/Sql/ManagedInstance/Cmdlet/NewAzureSqlManagedInstance.cs
@@ -344,6 +344,10 @@ public class NewAzureSqlManagedInstance : ManagedInstanceCmdletBase
             HelpMessage = "List of user assigned identities")]
         public List<string> UserAssignedIdentity { get; set; }
 
+        [Parameter(Mandatory = false,
+            HelpMessage = "Generate and assign an Azure Active Directory User Assigned Identity for this server for use with key management services like Azure KeyVault.")]
+        public SwitchParameter AssignUserAssignIdentity { get; set; }
+
         /// <summary>
         /// Gets or sets whether or not to run this cmdlet in the background as a job
         /// </summary>
@@ -517,7 +521,7 @@ public override void ExecuteCmdlet()
                 AdministratorPassword = (this.AdministratorCredential != null) ? this.AdministratorCredential.Password : null,
                 AdministratorLogin = (this.AdministratorCredential != null) ? this.AdministratorCredential.UserName : null,
                 Tags = TagsConversionHelper.CreateTagDictionary(Tag, validate: true),
-                Identity = ResourceIdentityHelper.GetIdentityObjectFromType(this.AssignIdentity.IsPresent ? this.AssignIdentity.ToString() : null, UserAssignedIdentity ?? null),
+                Identity = ResourceIdentityHelper.GetIdentityObjectFromType(this.AssignIdentity, this.AssignUserAssignIdentity, UserAssignedIdentity),
                 LicenseType = this.LicenseType,
                 // `-StorageSizeInGB 0` as a parameter to this cmdlet means "use default".
                 // For non-MI database, we can just pass in 0 and the server will treat 0 as default.
diff --git a/src/Sql/Sql/ManagedInstance/Cmdlet/SetAzureSqlManagedInstance.cs b/src/Sql/Sql/ManagedInstance/Cmdlet/SetAzureSqlManagedInstance.cs
@@ -225,6 +225,10 @@ public class SetAzureSqlManagedInstance : ManagedInstanceCmdletBase
             HelpMessage = "List of user assigned identities")]
         public List<string> UserAssignedIdentity { get; set; }
 
+        [Parameter(Mandatory = false,
+            HelpMessage = "Generate and assign an Azure Active Directory User Assigned Identity for this server for use with key management services like Azure KeyVault.")]
+        public SwitchParameter AssignUserAssignIdentity { get; set; }
+
         /// <summary>
         /// Gets or sets whether or not to run this cmdlet in the background as a job
         /// </summary>
@@ -308,7 +312,7 @@ protected override IEnumerable<AzureSqlManagedInstanceModel> ApplyUserInputToMod
                 PublicDataEndpointEnabled = this.PublicDataEndpointEnabled,
                 ProxyOverride = this.ProxyOverride,
                 Tags = TagsConversionHelper.CreateTagDictionary(Tag, validate: true),
-                Identity = model.FirstOrDefault().Identity ?? ResourceIdentityHelper.GetIdentityObjectFromType(this.AssignIdentity.IsPresent ? this.AssignIdentity.ToString() : null, UserAssignedIdentity ?? null),
+                Identity = model.FirstOrDefault().Identity ?? ResourceIdentityHelper.GetIdentityObjectFromType(this.AssignIdentity, this.AssignUserAssignIdentity, UserAssignedIdentity),
                 InstancePoolName = this.InstancePoolName,
                 MinimalTlsVersion = this.MinimalTlsVersion,
                 MaintenanceConfigurationId = this.MaintenanceConfigurationId,
diff --git a/src/Sql/Sql/Server/Cmdlet/NewAzureSqlServer.cs b/src/Sql/Sql/Server/Cmdlet/NewAzureSqlServer.cs
@@ -110,6 +110,10 @@ public class NewAzureSqlServer : AzureSqlServerCmdletBase
             HelpMessage = "List of user assigned identities")]
         public List<string> UserAssignedIdentity { get; set; }
 
+        [Parameter(Mandatory = false,
+            HelpMessage = "Generate and assign an Azure Active Directory User Assigned Identity for this server for use with key management services like Azure KeyVault.")]
+        public SwitchParameter AssignUserAssignIdentity { get; set; }
+
         /// <summary>
         /// Gets or sets whether or not to run this cmdlet in the background as a job
         /// </summary>
@@ -205,7 +209,7 @@ public override void ExecuteCmdlet()
                 SqlAdministratorPassword = (this.SqlAdministratorCredentials != null) ? this.SqlAdministratorCredentials.Password : null,
                 SqlAdministratorLogin = (this.SqlAdministratorCredentials != null) ? this.SqlAdministratorCredentials.UserName : null,
                 Tags = TagsConversionHelper.CreateTagDictionary(Tags, validate: true),
-                Identity = ResourceIdentityHelper.GetIdentityObjectFromType(this.AssignIdentity.IsPresent ? this.AssignIdentity.ToString() : null, UserAssignedIdentity ?? null),
+                Identity = ResourceIdentityHelper.GetIdentityObjectFromType(this.AssignIdentity, this.AssignUserAssignIdentity, UserAssignedIdentity),
                 MinimalTlsVersion = this.MinimalTlsVersion,
                 PublicNetworkAccess = this.PublicNetworkAccess,
                 PrimaryUserAssignedIdentityId = this.PrimaryUserAssignedIdentityId,
diff --git a/src/Sql/Sql/Server/Cmdlet/SetAzureSqlServer.cs b/src/Sql/Sql/Server/Cmdlet/SetAzureSqlServer.cs
@@ -104,6 +104,10 @@ public class SetAzureSqlServer : AzureSqlServerCmdletBase
             HelpMessage = "List of user assigned identities")]
         public List<string> UserAssignedIdentity { get; set; }
 
+        [Parameter(Mandatory = false,
+            HelpMessage = "Generate and assign an Azure Active Directory User Assigned Identity for this server for use with key management services like Azure KeyVault.")]
+        public SwitchParameter AssignUserAssignIdentity { get; set; }
+
         /// <summary>
         /// Defines whether it is ok to skip the requesting of rule removal confirmation
         /// </summary>
@@ -141,7 +145,7 @@ public class SetAzureSqlServer : AzureSqlServerCmdletBase
                 Tags = TagsConversionHelper.ReadOrFetchTags(this, model.FirstOrDefault().Tags),
                 ServerVersion = this.ServerVersion,
                 Location = model.FirstOrDefault().Location,
-                Identity = model.FirstOrDefault().Identity ?? ResourceIdentityHelper.GetIdentityObjectFromType(this.AssignIdentity.IsPresent ? this.AssignIdentity.ToString() : null, UserAssignedIdentity ?? null),
+                Identity = model.FirstOrDefault().Identity ?? ResourceIdentityHelper.GetIdentityObjectFromType(this.AssignIdentity, this.AssignUserAssignIdentity, UserAssignedIdentity),
                 PublicNetworkAccess = this.PublicNetworkAccess,
                 MinimalTlsVersion = this.MinimalTlsVersion,
                 SqlAdministratorLogin = model.FirstOrDefault().SqlAdministratorLogin,

Original file line number	Diff line number	Diff line change
`@@ -226,7 +226,7 @@ public DiagnosticSettingsResource UpdateDiagnosticSettings(DiagnosticSettingsRes`
`226`	`226`	`if (server.Identity == null \|\|`
`227`	`227`	`server.Identity.Type != ResourceIdentityType.SystemAssigned.ToString())`
`228`	`228`	`{`
`229`		`- server.Identity = ResourceIdentityHelper.GetIdentityObjectFromType(server.Identity.Type, null);`
	`229`	`+ server.Identity = ResourceIdentityHelper.GetIdentityObjectFromType(true, false, null);`
`230`	`230`	`server = GetCurrentSqlClient().Servers.CreateOrUpdate(resourceGroupName, serverName, server);`
`231`	`231`	`}`
`232`	`232`