Merge pull request #4180 from henry416/preview

cormacpayne · web-flow · commit 9c3b6ca08095 · 2017-06-23T16:08:43.000-07:00
Default values &amp; bounds for SAs in Ipsec Policy
diff --git a/src/ResourceManager/Network/ChangeLog.md b/src/ResourceManager/Network/ChangeLog.md
@@ -18,14 +18,17 @@
         - Additional information about change #1
 -->
 ## Current Release
+* New-AzureRmIpsecPolicy: SALifeTimeSeconds and SADataSizeKilobytes are no longer mandatory parameters
+    - SALifeTimeSeconds defaults to 27000 seconds
+    - SADataSizeKilobytes defaults to 102400000 KB
 
 ## Version 4.1.0
 * Get-AzureRmNetworkUsage: New cmdlet to show network usage and capacity details
 * Added new GatewaySku options for VirtualNetworkGateways
     - VpnGw1, VpnGw2, VpnGw3 are the new Skus added for Vpn gateways
 * Set-AzureRmNetworkWatcherConfigFlowLog
   * Fixed  help examples
-
+ 
 ## Version 4.0.1
 
 ## Version 4.0.0
@@ -115,4 +118,4 @@
     - Fixed issue where UseRemoteGateway property was not being populated in the request to the server
 * Get-AzureRmEffectiveNetworkSecurityGroup
     - Add warning if there is no response from GetEffectiveNSG
-* Add Source property to EffectiveRoute 
+* Add Source property to EffectiveRoute 
diff --git a/src/ResourceManager/Network/Commands.Network.Test/ScenarioTests/VirtualNetworkGatewayConnectionTests.ps1 b/src/ResourceManager/Network/Commands.Network.Test/ScenarioTests/VirtualNetworkGatewayConnectionTests.ps1
@@ -143,7 +143,7 @@ function Test-VirtualNetworkGatewayConnectionWithIpsecPoliciesCRUD
     $rglocation = Get-ProviderLocation ResourceManagement
     $resourceTypeParent = "Microsoft.Network/connections"
     $location = Get-ProviderLocation $resourceTypeParent
-    
+
 	try 
      {
       # Create the resource group
@@ -167,8 +167,11 @@ function Test-VirtualNetworkGatewayConnectionWithIpsecPoliciesCRUD
       $actual = New-AzureRmLocalNetworkGateway -ResourceGroupName $rgname -name $localnetName -location $location -AddressPrefix 192.168.0.0/16 -GatewayIpAddress 192.168.3.10
       $localnetGateway = Get-AzureRmLocalNetworkGateway -ResourceGroupName $rgname -name $localnetName
 
-	  # Create IpsecPolicy
-	  $ipsecPolicy = New-AzureRmIpsecPolicy -SALifeTimeSeconds 300 -SADataSizeKilobytes 1024 -IpsecEncryption "GCMAES256" -IpsecIntegrity "GCMAES256" -IkeEncryption "AES256" -IkeIntegrity "SHA256" -DhGroup "DHGroup14" -PfsGroup "PFS2048"
+	  # Create IpsecPolicy and test defaults creation
+	  $ipsecPolicy = New-AzureRmIpsecPolicy -IpsecEncryption "GCMAES256" -IpsecIntegrity "GCMAES256" -IkeEncryption "AES256" -IkeIntegrity "SHA256" -DhGroup "DHGroup14" -PfsGroup "PFS2048"
+	  Assert-AreEqual $ipsecPolicy.SALifeTimeSeconds 27000
+	  Assert-AreEqual $ipsecPolicy.SADataSizeKilobytes 102400000 
+	  $ipsecPolicy = New-AzureRmIpsecPolicy -SALifeTimeSeconds 3000 -SADataSizeKilobytes 10000 -IpsecEncryption "GCMAES256" -IpsecIntegrity "GCMAES256" -IkeEncryption "AES256" -IkeIntegrity "SHA256" -DhGroup "DHGroup14" -PfsGroup "PFS2048"
 
       # Create & Get VirtualNetworkGatewayConnection w/ policy based TS
       $actual = New-AzureRmVirtualNetworkGatewayConnection -ResourceGroupName $rgname -name $vnetConnectionName -location $location -VirtualNetworkGateway1 $vnetGateway -LocalNetworkGateway2 $localnetGateway -ConnectionType IPsec -RoutingWeight 3 -SharedKey abc -EnableBgp $false -UsePolicyBasedTrafficSelectors $true -IpsecPolicies $ipsecPolicy
diff --git a/src/ResourceManager/Network/Commands.Network.Test/SessionRecords/Commands.Network.Test.ScenarioTests.VirtualNetworkGatewayConnectionTests/TestVirtualNetworkGatewayConnectionwithIpsecPoliciesCRUD.json b/src/ResourceManager/Network/Commands.Network.Test/SessionRecords/Commands.Network.Test.ScenarioTests.VirtualNetworkGatewayConnectionTests/TestVirtualNetworkGatewayConnectionwithIpsecPoliciesCRUD.json
diff --git a/src/ResourceManager/Network/Commands.Network/VirtualNetworkGatewayConnection/NewAzureRmIpsecPolicyCommand.cs b/src/ResourceManager/Network/Commands.Network/VirtualNetworkGatewayConnection/NewAzureRmIpsecPolicyCommand.cs
@@ -22,15 +22,15 @@ namespace Microsoft.Azure.Commands.Network
     public class NewAzureRmIpsecPolicyCommand : NetworkBaseCmdlet
     {
         [Parameter(
-            Mandatory = true,
+            Mandatory = false,
             HelpMessage = "The IPSec Security Association (also called Quick Mode or Phase 2 SA) lifetime in seconds")]
-        [ValidateNotNullOrEmpty]
+        [ValidateRange(300, 172799)]
         public int SALifeTimeSeconds { get; set; }
 
         [Parameter(
-            Mandatory = true,
+            Mandatory = false,
             HelpMessage = "The IPSec Security Association (also called Quick Mode or Phase 2 SA) payload size in KB")]
-        [ValidateNotNullOrEmpty]
+        [ValidateRange(1024, int.MaxValue)]
         public int SADataSizeKilobytes { get; set; }
 
         [Parameter(
@@ -125,8 +125,10 @@ public override void Execute()
             base.Execute();
             var ipsecPolicy = new PSIpsecPolicy();
 
-            ipsecPolicy.SALifeTimeSeconds = this.SALifeTimeSeconds;
-            ipsecPolicy.SADataSizeKilobytes = this.SADataSizeKilobytes;
+            // default SA values
+            ipsecPolicy.SALifeTimeSeconds = (!this.MyInvocation.BoundParameters.ContainsKey("SALifeTimeSeconds")) ? 27000 : this.SALifeTimeSeconds;
+            ipsecPolicy.SADataSizeKilobytes = (!this.MyInvocation.BoundParameters.ContainsKey("SADataSizeKilobytes")) ? 102400000 : this.SADataSizeKilobytes;
+
             ipsecPolicy.IpsecEncryption = this.IpsecEncryption;
             ipsecPolicy.IpsecIntegrity = this.IpsecIntegrity;
             ipsecPolicy.IkeEncryption = this.IkeEncryption;
diff --git a/tools/StaticAnalysis/Exceptions/BreakingChangeIssues.csv b/tools/StaticAnalysis/Exceptions/BreakingChangeIssues.csv
@@ -37,4 +37,6 @@
 "Microsoft.Azure.Commands.Network.dll","Microsoft.Azure.Commands.Network.StopAzureNetworkWatcherPacketCaptureCommand","Stop-AzureRmNetworkWatcherPacketCapture","0","2090","The ValidateNotNullOrEmpty attribute has been added to parameter 'NetworkWatcherName' for cmdlet 'Stop-AzureRmNetworkWatcherPacketCapture'.","Remove the ValidateNotNullOrEmpty attribute from parameter 'NetworkWatcherName'."
 "Microsoft.Azure.Commands.Network.dll","Microsoft.Azure.Commands.Network.StopAzureNetworkWatcherPacketCaptureCommand","Stop-AzureRmNetworkWatcherPacketCapture","0","2090","The ValidateNotNullOrEmpty attribute has been added to parameter 'ResourceGroupName' for cmdlet 'Stop-AzureRmNetworkWatcherPacketCapture'.","Remove the ValidateNotNullOrEmpty attribute from parameter 'ResourceGroupName'."
 "D:\workspace\powershell\src\Package\Debug\ResourceManager\AzureResourceManager\AzureRM.DataLakeAnalytics\Microsoft.Azure.Commands.DataLakeAnalytics.dll","Microsoft.Azure.Commands.DataLakeAnalytics.SubmitAzureDataLakeAnalyticsJob","Submit-AzureRmDataLakeAnalyticsJob","0","1050","The parameter set 'Submit job with script path for SQL-IP' for cmdlet 'Submit-AzureRmDataLakeAnalyticsJob' has been removed.","Add parameter set 'Submit job with script path for SQL-IP' back to cmdlet 'Submit-AzureRmDataLakeAnalyticsJob'."
-"D:\workspace\powershell\src\Package\Debug\ResourceManager\AzureResourceManager\AzureRM.DataLakeAnalytics\Microsoft.Azure.Commands.DataLakeAnalytics.dll","Microsoft.Azure.Commands.DataLakeAnalytics.SubmitAzureDataLakeAnalyticsJob","Submit-AzureRmDataLakeAnalyticsJob","0","1050","The parameter set 'Submit SQL-IP Job' for cmdlet 'Submit-AzureRmDataLakeAnalyticsJob' has been removed.","Add parameter set 'Submit SQL-IP Job' back to cmdlet 'Submit-AzureRmDataLakeAnalyticsJob'."
+"D:\workspace\powershell\src\Package\Debug\ResourceManager\AzureResourceManager\AzureRM.DataLakeAnalytics\Microsoft.Azure.Commands.DataLakeAnalytics.dll","Microsoft.Azure.Commands.DataLakeAnalytics.SubmitAzureDataLakeAnalyticsJob","Submit-AzureRmDataLakeAnalyticsJob","0","1050","The parameter set 'Submit SQL-IP Job' for cmdlet 'Submit-AzureRmDataLakeAnalyticsJob' has been removed.","Add parameter set 'Submit SQL-IP Job' back to cmdlet 'Submit-AzureRmDataLakeAnalyticsJob'."
+"Microsoft.Azure.Commands.Network.dll","Microsoft.Azure.Commands.Network.NewAzureRmIpsecPolicyCommand","New-AzureRmIpsecPolicy","0","2150","A validate range has been added for parameter 'SALifeTimeSeconds' for cmdlet 'New-AzureRmIpsecPolicy'.","Remove the validate range from parameter 'SALifeTimeSeconds'."
+"Microsoft.Azure.Commands.Network.dll","Microsoft.Azure.Commands.Network.NewAzureRmIpsecPolicyCommand","New-AzureRmIpsecPolicy","0","2150","A validate range has been added for parameter 'SADataSizeKilobytes' for cmdlet 'New-AzureRmIpsecPolicy'.","Remove the validate range from parameter 'SADataSizeKilobytes'."
