Merge pull request #9465 from wastoresh/fileaadga

[Storage] Support File AAD Domain Service Authentication GA

Author: markcowl

src/EventGrid/EventGrid.Test/EventGrid.Test.csproj

@@ -15,7 +15,7 @@
     <PackageReference Include="Microsoft.Azure.Management.EventHub" Version="2.5.0" />
     <PackageReference Include="Microsoft.Azure.Management.Relay" Version="2.0.2" />
     <PackageReference Include="Microsoft.Azure.Management.ServiceBus" Version="2.1.0" />
-    <PackageReference Include="Microsoft.Azure.Management.Storage" Version="11.0.0" />
+    <PackageReference Include="Microsoft.Azure.Management.Storage" Version="12.0.0" />
   </ItemGroup>
 
 </Project>

src/EventGrid/EventGrid.sln

@@ -21,6 +21,10 @@ Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "ScenarioTest.ResourceManage
 EndProject
 Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "TestFx", "..\..\tools\TestFx\TestFx.csproj", "{BC80A1D0-FFA4-43D9-AA74-799F5CB54B58}"
 EndProject
+Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "Relay", "..\Relay\Relay\Relay.csproj", "{10C8273F-7C1B-455C-B358-420DD2EA8FF8}"
+EndProject
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "ServiceBus", "..\ServiceBus\ServiceBus\ServiceBus.csproj", "{70B4325F-044A-44CE-AAC3-78CD5A8347DF}"
+EndProject
 Global
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
 		Debug|Any CPU = Debug|Any CPU
@@ -59,6 +63,14 @@ Global
 		{BC80A1D0-FFA4-43D9-AA74-799F5CB54B58}.Debug|Any CPU.Build.0 = Debug|Any CPU
 		{BC80A1D0-FFA4-43D9-AA74-799F5CB54B58}.Release|Any CPU.ActiveCfg = Release|Any CPU
 		{BC80A1D0-FFA4-43D9-AA74-799F5CB54B58}.Release|Any CPU.Build.0 = Release|Any CPU
+		{10C8273F-7C1B-455C-B358-420DD2EA8FF8}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{10C8273F-7C1B-455C-B358-420DD2EA8FF8}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{10C8273F-7C1B-455C-B358-420DD2EA8FF8}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{10C8273F-7C1B-455C-B358-420DD2EA8FF8}.Release|Any CPU.Build.0 = Release|Any CPU
+		{70B4325F-044A-44CE-AAC3-78CD5A8347DF}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{70B4325F-044A-44CE-AAC3-78CD5A8347DF}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{70B4325F-044A-44CE-AAC3-78CD5A8347DF}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{70B4325F-044A-44CE-AAC3-78CD5A8347DF}.Release|Any CPU.Build.0 = Release|Any CPU
 	EndGlobalSection
 	GlobalSection(SolutionProperties) = preSolution
 		HideSolutionNode = FALSE

src/Storage/Storage.Management.Test/ScenarioTests/StorageAccountTests.cs

@@ -141,7 +141,14 @@ public void TestNewAzureStorageAccountBlockBlobStorage()
         {
             TestRunner.RunTestScript("Test-NewAzureStorageAccountBlockBlobStorage");
         }
-        
+
+        [Fact]
+        [Trait(Category.AcceptanceType, Category.CheckIn)]
+        public void TestNewSetAzStorageAccountFileAADDS()
+        {
+            TestRunner.RunTestScript("Test-NewSetAzStorageAccountFileAADDS");
+        }
+
         [Fact]
         [Trait(Category.AcceptanceType, Category.CheckIn)]
         public void TestStorageAccountManagementPolicy()

src/Storage/Storage.Management.Test/ScenarioTests/StorageAccountTests.ps1

@@ -783,6 +783,67 @@ function Test-NewAzureStorageAccountBlockBlobStorage
     }
 }
 
+
+
+<#
+.SYNOPSIS
+Test NewSet-AzStorageAccountFileAADDS
+.DESCRIPTION
+Smoke[Broken]Test
+#>
+function Test-NewSetAzStorageAccountFileAADDS
+{
+    # Setup
+    $rgname = Get-StorageManagementTestResourceName;
+
+    try
+    {
+        # Test
+        $stoname = 'sto' + $rgname;
+        $stotype = 'Standard_LRS';
+        $kind = 'StorageV2'
+
+        $loc = Get-ProviderLocation ResourceManagement;
+        New-AzureRmResourceGroup -Name $rgname -Location $loc;
+        $loc = Get-ProviderLocation_Stage ResourceManagement;
+		
+        $sto = New-AzStorageAccount -ResourceGroupName $rgname -Name $stoname -Location $loc -Type $stotype -Kind $kind -EnableAzureActiveDirectoryDomainServicesForFile $true;
+        Assert-AreEqual $stoname $sto.StorageAccountName;
+        Assert-AreEqual $stotype $sto.Sku.Name;
+        Assert-AreEqual $loc.ToLower().Replace(" ", "") $sto.Location;
+        Assert-AreEqual $kind $sto.Kind; 
+        Assert-AreEqual 'AADDS' $sto.AzureFilesIdentityBasedAuth.DirectoryServiceOptions; 	
+
+        $sto = Get-AzStorageAccount -ResourceGroupName $rgname  -Name $stoname;
+        Assert-AreEqual $stoname $sto.StorageAccountName;
+        Assert-AreEqual $stotype $sto.Sku.Name;
+        Assert-AreEqual $loc.ToLower().Replace(" ", "") $sto.Location;
+        Assert-AreEqual $kind $sto.Kind; 
+        Assert-AreEqual 'AADDS' $sto.AzureFilesIdentityBasedAuth.DirectoryServiceOptions; 		
+		
+		$sto = Set-AzStorageAccount -ResourceGroupName $rgname -Name $stoname -EnableAzureActiveDirectoryDomainServicesForFile $false
+        Assert-AreEqual $stoname $sto.StorageAccountName;
+        Assert-AreEqual $stotype $sto.Sku.Name;
+        Assert-AreEqual $loc.ToLower().Replace(" ", "") $sto.Location;
+        Assert-AreEqual $kind $sto.Kind; 
+        Assert-AreEqual 'None' $sto.AzureFilesIdentityBasedAuth.DirectoryServiceOptions; 
+
+        $sto = Get-AzStorageAccount -ResourceGroupName $rgname  -Name $stoname;
+        Assert-AreEqual $stoname $sto.StorageAccountName;
+        Assert-AreEqual $stotype $sto.Sku.Name;
+        Assert-AreEqual $loc.ToLower().Replace(" ", "") $sto.Location;
+        Assert-AreEqual $kind $sto.Kind; 
+        Assert-AreEqual 'None' $sto.AzureFilesIdentityBasedAuth.DirectoryServiceOptions; 
+        
+        Retry-IfException { Remove-AzureRmStorageAccount -Force -ResourceGroupName $rgname -Name $stoname; }
+    }
+    finally
+    {
+        # Cleanup
+        Clean-ResourceGroup $rgname
+    }
+}
+
 <#
 .SYNOPSIS
 Test Set/Get/Remove-AzureStorageAccountManagementPolicy

src/Storage/Storage.Management.Test/SessionRecords/Microsoft.Azure.Commands.Management.Storage.Test.ScenarioTests.StorageAccountTests/TestNewSetAzStorageAccountFileAADDS.json

@@ -11,7 +11,7 @@
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="Microsoft.Azure.Management.Storage" Version="11.0.0" />
+    <PackageReference Include="Microsoft.Azure.Management.Storage" Version="12.0.0" />
   </ItemGroup>
 
 </Project>

src/Storage/Storage.Management.Test/Storage.Management.Test.csproj

@@ -91,7 +91,7 @@ public override void ExecuteCmdlet()
                 var container = this.StorageClient.BlobContainers.List(
                            this.ResourceGroupName,
                            this.StorageAccountName);
-                WriteContainerList(container.Value);
+                WriteContainerList(container);
             }
         }
     }

src/Storage/Storage.Management/Blob/GetAzureStorageContainer.cs

@@ -22,6 +22,9 @@
     -  Enable-AzStorageStaticWebsite
 * Update help of Get-AzStorageBlobContent by add an example
 * Show more error information when cmdlet failed with StorageException 
+* Support create or update Storage account with Azure Files AAD DS Authentication
+    -  New-AzStorageAccount
+    -  Set-AzStorageAccount
 * Support list or close file handles of a file share, file directory or a file
     - Get-AzStorageFileHandle
     - Close-AzStorageFileHandle

src/Storage/Storage.Management/ChangeLog.md

@@ -0,0 +1,28 @@
+// ----------------------------------------------------------------------------------
+//
+// Copyright Microsoft Corporation
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// http://www.apache.org/licenses/LICENSE-2.0
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+// ----------------------------------------------------------------------------------
+
+using Microsoft.Azure.Management.Storage.Models;
+
+namespace Microsoft.Azure.Commands.Management.Storage.Models
+{
+    public class PSAzureFilesIdentityBasedAuthentication
+    {
+        public PSAzureFilesIdentityBasedAuthentication(AzureFilesIdentityBasedAuthentication auth)
+        {
+            this.DirectoryServiceOptions = auth != null ? auth.DirectoryServiceOptions : null;
+        }
+        // Gets or sets indicates the directory service used. Possible values include: 'None','AADDS'
+        public string DirectoryServiceOptions { get; set; }
+    }
+}

src/Storage/Storage.Management/Models/PSAzureFilesIdentityBasedAuthentication.cs

@@ -52,6 +52,7 @@ public PSStorageAccount(StorageModels.StorageAccount storageAccount)
             this.EnableHttpsTrafficOnly = storageAccount.EnableHttpsTrafficOnly;
             this.NetworkRuleSet = PSNetworkRuleSet.ParsePSNetworkRule(storageAccount.NetworkRuleSet);
             this.EnableHierarchicalNamespace = storageAccount.IsHnsEnabled;
+            this.AzureFilesIdentityBasedAuth = storageAccount.AzureFilesIdentityBasedAuthentication is null ? null : new PSAzureFilesIdentityBasedAuthentication(storageAccount.AzureFilesIdentityBasedAuthentication);
         }
 
         [Ps1Xml(Label = "ResourceGroupName", Target = ViewControl.Table, Position = 1)]
@@ -103,7 +104,9 @@ public PSStorageAccount(StorageModels.StorageAccount storageAccount)
 
         [Ps1Xml(Label = "EnableHttpsTrafficOnly", Target = ViewControl.Table, Position = 8)]
         public bool? EnableHttpsTrafficOnly { get; set; }
-        
+
+        public PSAzureFilesIdentityBasedAuthentication AzureFilesIdentityBasedAuth { get; set; }
+
         public bool? EnableHierarchicalNamespace { get; set; }
 
         public PSNetworkRuleSet NetworkRuleSet { get; set; }

src/Storage/Storage.Management/Models/PSStorageAccount.cs

@@ -14,7 +14,7 @@
     <RootNamespace>$(LegacyAssemblyPrefix)$(PsModuleName)</RootNamespace>
   </PropertyGroup>
   <ItemGroup>
-    <PackageReference Include="Microsoft.Azure.Management.Storage" Version="11.0.0" />
+    <PackageReference Include="Microsoft.Azure.Management.Storage" Version="12.0.0" />
     <PackageReference Include="Microsoft.Azure.Storage.Blob" Version="10.0.3" />
     <PackageReference Include="Microsoft.Azure.Storage.File" Version="10.0.3" />
     <PackageReference Include="Microsoft.Azure.Storage.Queue" Version="10.0.3" />

src/Storage/Storage.Management/Storage.Management.csproj

@@ -164,6 +164,23 @@ public bool EnableHierarchicalNamespace
         }
         private bool? enableHierarchicalNamespace = null;
 
+        [Parameter(
+            Mandatory = false,
+            HelpMessage = "Enable Azure Files Azure Active Directory Domain Service Authentication for the storage account.")]
+        [ValidateNotNullOrEmpty]
+        public bool EnableAzureActiveDirectoryDomainServicesForFile
+        {
+            get
+            {
+                return enableAzureActiveDirectoryDomainServicesForFile.Value;
+            }
+            set
+            {
+                enableAzureActiveDirectoryDomainServicesForFile = value;
+            }
+        }
+        private bool? enableAzureActiveDirectoryDomainServicesForFile = null;
+
         [Parameter(Mandatory = false, HelpMessage = "Run cmdlet in the background")]
         public SwitchParameter AsJob { get; set; }
 
@@ -223,6 +240,18 @@ public override void ExecuteCmdlet()
             {
                 createParameters.IsHnsEnabled = enableHierarchicalNamespace;
             }
+            if (enableAzureActiveDirectoryDomainServicesForFile !=null)
+            {
+                createParameters.AzureFilesIdentityBasedAuthentication = new AzureFilesIdentityBasedAuthentication();
+                if (enableAzureActiveDirectoryDomainServicesForFile.Value)
+                {
+                    createParameters.AzureFilesIdentityBasedAuthentication.DirectoryServiceOptions = DirectoryServiceOptions.AADDS;
+                }
+                else
+                {
+                    createParameters.AzureFilesIdentityBasedAuthentication.DirectoryServiceOptions = DirectoryServiceOptions.None;
+                }
+            }
 
             var createAccountResponse = this.StorageClient.StorageAccounts.Create(
                 this.ResourceGroupName,

src/Storage/Storage.Management/StorageAccount/NewAzureStorageAccount.cs

@@ -183,6 +183,23 @@ public PSNetworkRuleSet NetworkRuleSet
             HelpMessage = "Upgrade Storage Account Kind to StorageV2.")]
         public SwitchParameter UpgradeToStorageV2 { get; set; }
 
+        [Parameter(
+            Mandatory = false,
+            HelpMessage = "Enable Azure Files Azure Active Directory Domain Service Authentication for the storage account.")]
+        [ValidateNotNullOrEmpty]
+        public bool EnableAzureActiveDirectoryDomainServicesForFile
+        {
+            get
+            {
+                return enableAzureActiveDirectoryDomainServicesForFile.Value;
+            }
+            set
+            {
+                enableAzureActiveDirectoryDomainServicesForFile = value;
+            }
+        }
+        private bool? enableAzureActiveDirectoryDomainServicesForFile = null;
+
         [Parameter(Mandatory = false, HelpMessage = "Run cmdlet in the background")]
         public SwitchParameter AsJob { get; set; }
 
@@ -250,6 +267,18 @@ public override void ExecuteCmdlet()
                     {
                         updateParameters.Kind = Kind.StorageV2;
                     }
+                    if (enableAzureActiveDirectoryDomainServicesForFile != null)
+                    {
+                        updateParameters.AzureFilesIdentityBasedAuthentication = new AzureFilesIdentityBasedAuthentication();
+                        if (enableAzureActiveDirectoryDomainServicesForFile.Value)
+                        {
+                            updateParameters.AzureFilesIdentityBasedAuthentication.DirectoryServiceOptions = DirectoryServiceOptions.AADDS;
+                        }
+                        else
+                        {
+                            updateParameters.AzureFilesIdentityBasedAuthentication.DirectoryServiceOptions = DirectoryServiceOptions.None;
+                        }
+                    }
 
                     var updatedAccountResponse = this.StorageClient.StorageAccounts.Update(
                         this.ResourceGroupName,

src/Storage/Storage.Management/StorageAccount/SetAzureStorageAccount.cs

@@ -17,8 +17,8 @@ Creates a Storage account.
 New-AzStorageAccount [-ResourceGroupName] <String> [-Name] <String> [-SkuName] <String> [-Location] <String>
  [-Kind <String>] [-AccessTier <String>] [-CustomDomainName <String>] [-UseSubDomain <Boolean>]
  [-Tag <Hashtable>] [-EnableHttpsTrafficOnly <Boolean>] [-AssignIdentity] [-NetworkRuleSet <PSNetworkRuleSet>]
- [-EnableHierarchicalNamespace <Boolean>] [-AsJob] [-DefaultProfile <IAzureContextContainer>]
- [<CommonParameters>]
+ [-EnableHierarchicalNamespace <Boolean>] [-EnableAzureActiveDirectoryDomainServicesForFile <Boolean>] [-AsJob]
+ [-DefaultProfile <IAzureContextContainer>] [<CommonParameters>]
 ```
 
 ## DESCRIPTION
@@ -66,6 +66,13 @@ PS C:\>New-AzStorageAccount -ResourceGroupName "MyResourceGroup" -AccountName "m
 
 This command creates a Storage account with Hierarchical Namespace enabled.
 
+### Example 6: Create a Storage account with Azure Files AAD DS Authentication.
+```
+PS C:\>New-AzStorageAccount -ResourceGroupName "MyResourceGroup" -AccountName "mystorageaccount" -Location "eastus2euap" -SkuName "Standard_LRS" -Kind StorageV2  -EnableAzureActiveDirectoryDomainServicesForFile $true
+```
+
+This command creates a Storage account with Azure Files AAD DS Authentication.
+
 ## PARAMETERS
 
 ### -AccessTier
@@ -149,6 +156,21 @@ Accept pipeline input: False
 Accept wildcard characters: False
 ```
 
+### -EnableAzureActiveDirectoryDomainServicesForFile
+Enable Azure Files Azure Active Directory Domain Service Authentication for the storage account.
+
+```yaml
+Type: System.Boolean
+Parameter Sets: (All)
+Aliases:
+
+Required: False
+Position: Named
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
 ### -EnableHierarchicalNamespace
 Indicates whether or not the Storage account enables Hierarchical Namespace.