Skip to content

Commit d54017c

Browse files
Sandidogrizzlytheodore
Sandido
and
grizzlytheodore
authored
DiskRP PS support for DiskRP version 2020-06-30. (#13235)
* updating project version values to 39.0.0 * New-AzDiskConfig cmdlet with new parameters Tier and Sectorsize (#13191) * in progress commit. Still investigating * dev and some testing and project version updates that are likely no longer needed * diskconfig test * changelog, help doc for new-azdiskconfig * New-AzDiskUpdateConfig added parameters Tier, diskIOPSReadOnly, and diskMBpsReadOnly (#13218) * dev work for New-AzDiskUpdateConfig * New-AzDiskUpdateConfig test and New-AzDiskConfig changes for tests. Help doc and changelog. * recorded test file * cleanup new-azdiskconfig for merge * trying to undo new-azdiskconfig changes * additional cleanup * commit to re run CI tests * removing unneeded update * new cmdlet Get-AzDiskEncryptionSetAssociatedResource (#13212) * update 1 * help doc, first draft test * debugging test * Final draft * making cmd name not plural name was plural in the header of the markdown file, seemed to cause CI failures on Generate Help. * removing 'online version: ' from the top see if it allows CI checks to pass. * empty update to rerun ci checks ci rerun button is not working. * Update Get-AzDiskEncryptionSetAssociatedResource.md Co-authored-by: Adam Sandor <[email protected]> * new-azdiskupdateconfig dev, test, changelog, help doc (#13232) * removing extra logical sector size assignment Co-authored-by: Theodore Chang <[email protected]>
1 parent d8212ae commit d54017c

File tree

20 files changed

+3596
-50
lines changed

20 files changed

+3596
-50
lines changed

src/Compute/Compute.Test/Compute.Test.csproj

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -12,7 +12,7 @@
1212

1313
<ItemGroup>
1414
<PackageReference Include="Microsoft.Azure.Graph.RBAC" Version="3.4.0-preview" />
15-
<PackageReference Include="Microsoft.Azure.Management.Compute" Version="38.1.0" />
15+
<PackageReference Include="Microsoft.Azure.Management.Compute" Version="39.0.0" />
1616
<PackageReference Include="Microsoft.Azure.Management.KeyVault" Version="3.0.0" />
1717
<PackageReference Include="Microsoft.Azure.Management.Network" Version="20.1.1" />
1818
</ItemGroup>

src/Compute/Compute.Test/ScenarioTests/DiskRPTests.cs

Lines changed: 14 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -93,6 +93,19 @@ public void TestSnapshotConfigDiskAccessNetworkPolicy()
9393
{
9494
TestRunner.RunTestScript("Test-SnapshotConfigDiskAccessNetworkPolicy");
9595
}
96-
96+
97+
[Fact]
98+
[Trait(Category.AcceptanceType, Category.CheckIn)]
99+
public void TestDiskConfigTierSectorSizeReadOnly()
100+
{
101+
TestRunner.RunTestScript("Test-DiskConfigTierSectorSizeReadOnly");
102+
}
103+
104+
[Fact]
105+
[Trait(Category.AcceptanceType, Category.CheckIn)]
106+
public void TestGetDiskEncryptionSetAssociatedResource()
107+
{
108+
TestRunner.RunTestScript("Test-GetDiskEncryptionSetAssociatedResource");
109+
}
97110
}
98111
}

src/Compute/Compute.Test/ScenarioTests/DiskRPTests.ps1

Lines changed: 169 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1168,3 +1168,172 @@ function Test-SnapshotConfigDiskAccessNetworkPolicy
11681168
Clean-ResourceGroup $rgname
11691169
}
11701170
}
1171+
1172+
<#
1173+
.SYNOPSIS
1174+
Testing the Get-DiskEncryptionSetAssociatedResources cmdlet.
1175+
Creates a DiskEncyptionSet object,
1176+
then associates a disk to it.
1177+
Check with the cmdlet,
1178+
add another disk associated to the encryptionset,
1179+
then check with the cmdlet again.
1180+
#>
1181+
function Test-GetDiskEncryptionSetAssociatedResource
1182+
{
1183+
# Setup
1184+
$loc = 'eastus';
1185+
$rgname = 'EncSetAssociTest';
1186+
$iteration = '4'
1187+
$vaultName = 'kv'+ $iteration + $rgname ;
1188+
1189+
1190+
try
1191+
{
1192+
# Create keyvault
1193+
1194+
<#
1195+
# Note: In order to record this test, you need to run the following commands to create KeyValut key and KeyVault secret in a separate Powershell window.
1196+
1197+
$kekName = 'key' + $iteration + $rgname;
1198+
$secretname = 'mysecret00';
1199+
$secretdata = 'mysecretvalue00';
1200+
$securestring = ConvertTo-SecureString $secretdata -Force -AsPlainText;
1201+
1202+
New-AzResourceGroup -Name $rgname -Location $loc -Force;
1203+
$vault = New-AzKeyVault -VaultName $vaultName -ResourceGroupName $rgname -Location $loc -Sku Standard -EnablePurgeProtection;
1204+
$mocksourcevault = $vault.ResourceId;
1205+
Set-AzKeyVaultAccessPolicy -VaultName $vaultName -ResourceGroupName $rgname -EnabledForDiskEncryption;
1206+
$kek = Add-AzKeyVaultKey -VaultName $vaultName -Name $kekName -Destination "Software";
1207+
$secret = Set-AzKeyVaultSecret -VaultName $vaultName -Name $secretname -SecretValue $securestring;
1208+
$mockkey = $kek.Id
1209+
1210+
$sub = Get-AzContext;
1211+
$subId = $sub.Subscription.id;
1212+
$mocksourcevault = '/subscriptions/' + $subId + '/resourceGroups/' + $rgname + '/providers/Microsoft.KeyVault/vaults/' + $vaultName;
1213+
1214+
# Create DiskEncyptionSet
1215+
$diskEncryptionSetConfig = New-AzDiskEncryptionSetConfig -Location $loc -KeyUrl $mockkey -SourceVaultId $mocksourcevault -IdentityType "SystemAssigned"
1216+
$diskEncryptionSetName = "encryptionSet0" + $iteration;
1217+
$diskEncryptionSet = New-AzDiskEncryptionSet -ResourceGroupName $rgname -Name $diskEncryptionSetName -inputobject $diskEncryptionSetConfig
1218+
1219+
# set access policy for diskencryptionset in keyvault
1220+
$access = @("get", "wrapkey", "unwrapkey")
1221+
Set-AzKeyVaultAccessPolicy -vaultname $vaultName -objectId $diskEncryptionSet.Identity.PrincipalId -PermissionsToKeys $access
1222+
1223+
#>
1224+
1225+
$diskEncryptionSetName = "encryptionSet0" + $iteration;
1226+
$diskEncryptionSet = Get-AzDiskEncryptionSet -ResourceGroupName $rgname -Name $diskEncryptionSetName;
1227+
1228+
# Create a disk and associate it with EncryptionSet
1229+
$diskconfig00 = New-AzDiskConfig -Location $loc -Zone "1" -DiskSizeGB 1 -AccountType "Standard_LRS" -OsType "Windows" -CreateOption "Empty" -HyperVGeneration "V1" -diskencryptionsetid $diskEncryptionSet.id -EncryptionType 'EncryptionAtRestWithCustomerKey';
1230+
$disk00Name = "disk00" + $iteration
1231+
$disk00 = New-AzDisk -ResourceGroupName $rgname -DiskName $disk00Name -Disk $diskconfig00
1232+
1233+
# check association
1234+
$res = get-AzDiskEncryptionSetAssociatedResource -resourceGroupName $rgname -diskEncryptionSetName $diskEncryptionSetName;
1235+
Assert-NotNull $res
1236+
Assert-True { $res.count -eq 1}
1237+
Assert-AreEqual $res[0] $disk00.id
1238+
1239+
# create another disk without disk encryption set association
1240+
$diskconfig01 = New-AzDiskConfig -Location $loc -Zone "1" -DiskSizeGB 1 -AccountType "Standard_LRS" -OsType "Windows" -CreateOption "Empty" -HyperVGeneration "V1";
1241+
$disk01Name = "disk01" + $iteration
1242+
$disk01 = New-AzDisk -ResourceGroupName $rgname -DiskName $disk01Name -Disk $diskconfig01
1243+
1244+
# check association (count still 1)
1245+
$res = get-AzDiskEncryptionSetAssociatedResource -resourceGroupName $rgname -diskEncryptionSetName $diskEncryptionSetName;
1246+
Assert-True {$res.count -eq 1}
1247+
1248+
# Update disk to associate with encryptionset
1249+
$diskUpdatedConfig = New-AzDiskUpdateConfig -EncryptionType 'EncryptionAtRestWithCustomerKey' -DiskEncryptionSetId $diskEncryptionSet.Id
1250+
Update-AzDisk -ResourceGroupName $rgname -DiskName $disk01Name -DiskUpdate $diskUpdatedConfig
1251+
1252+
# check association (count = 2)
1253+
$res = get-AzDiskEncryptionSetAssociatedResource -resourceGroupName $rgname -diskEncryptionSetName $diskEncryptionSetName;
1254+
Assert-True {$res.count -eq 2}
1255+
}
1256+
finally
1257+
{
1258+
# Cleanup
1259+
# Clean-ResourceGroup $rgname
1260+
Remove-AzDisk -ResourceGroupName $rgName -DiskName $disk00Name -Force
1261+
Remove-AzDisk -ResourceGroupName $rgName -DiskName $disk01Name -Force
1262+
}
1263+
}
1264+
1265+
<#
1266+
.SYNOPSIS
1267+
Testing the new parameters
1268+
Tier
1269+
LogicalSectorSize
1270+
in the New-AzDiskConfig cmdlet.
1271+
1272+
Testing the new parameters
1273+
Tier
1274+
MaxSharesCount
1275+
DiskIOPSReadOnly
1276+
DiskMBpsReadOnly
1277+
in the New-AzDiskUpdateConfig cmdlet.
1278+
#>
1279+
function Test-DiskConfigTierSectorSizeReadOnly
1280+
{
1281+
1282+
# Setup
1283+
$rgname = Get-ComputeTestResourceName;
1284+
$loc = "eastus2euap";
1285+
1286+
try
1287+
{
1288+
New-AzResourceGroup -Name $rgname -Location $loc -Force;
1289+
$diskNameTier = "datadisktier";
1290+
$diskNameSector = "datadisksector";
1291+
$tier3 = "P3";
1292+
$tier40 = "P40";
1293+
$tier30 = "P30";
1294+
$sectorSize = 512;
1295+
$IoPS1 = 100;
1296+
$IoPS2 = 120;
1297+
$MbPS1 = 3;
1298+
$MbPS2 = 20;
1299+
$maxShares1 = 2;
1300+
$maxShares2 = 3;
1301+
1302+
1303+
$diskTier = New-AzDiskConfig -Location $loc -DiskSizeGB 1024 `
1304+
-SkuName Premium_LRS -OsType Windows -CreateOption Empty -Tier $tier30 -MaxSharesCount $maxShares1 `
1305+
| New-AzDisk -ResourceGroupName $rgname -DiskName $diskNameTier;
1306+
1307+
Assert-AreEqual $tier30 $diskTier.Tier;
1308+
Assert-AreEqual $maxShares1 $diskTier.MaxShares;
1309+
1310+
$diskSector = New-AzDiskConfig -Location $loc -DiskSizeGB 5 `
1311+
-SkuName UltraSSD_LRS -OsType Windows -CreateOption Empty -LogicalSectorSize $sectorSize -DiskIOPSReadOnly $IoPS1 -DiskMBpsReadOnly $MbPS1 `
1312+
| New-AzDisk -ResourceGroupName $rgname -DiskName $diskNameSector;
1313+
1314+
Assert-AreEqual $diskSector.CreationData.LogicalSectorSize $sectorSize;
1315+
1316+
# New-AzDiskUpdateConfig
1317+
# Tier and MaxShares
1318+
$diskUpdateTierConfig = New-AzDiskUpdateConfig -Tier $tier40 -MaxSharesCount $maxShares2;
1319+
$diskUp = Update-AzDisk -ResourceGroupName $rgname -DiskName $diskNameTier -DiskUpdate $diskUpdateTierConfig;
1320+
1321+
$diskUpdated = Get-AzDisk -ResourceGroupName $rgname -DiskName $diskNameTier;
1322+
1323+
Assert-AreEqual $tier40 $diskUpdated.Tier;
1324+
Assert-AreEqual $maxShares2 $diskUpdated.MaxShares;
1325+
1326+
# DiskIOPSReadOnly and DiskMBpsReadOnly
1327+
$diskUpdateReadOnlyConfig = New-AzDiskUpdateConfig -DiskIOPSReadOnly $IoPS2 -DiskMBpsReadOnly $MbPS2;
1328+
$diskUp = Update-AzDisk -ResourceGroupName $rgname -DiskName $diskNameSector -DiskUpdate $diskUpdateReadOnlyConfig;
1329+
1330+
$diskUpdated = Get-AzDisk -ResourceGroupName $rgname -DiskName $diskNameSector;
1331+
Assert-AreEqual $IoPS2 $diskUpdated.DiskIOPSReadOnly;
1332+
Assert-AreEqual $MbPS2 $diskUpdated.DiskMBpsReadOnly;
1333+
}
1334+
finally
1335+
{
1336+
# Cleanup
1337+
Clean-ResourceGroup $rgname
1338+
}
1339+
}

0 commit comments

Comments
 (0)