[SQL] Bug fix for UMI (#15338)

viparek · BethanyZhou · web-flow · commit eb271d809189 · 2021-06-30T16:48:14.000+08:00
* [SQL] Bug fix for UMI

* Add changelog

* UMI fixes for support SMI,UMI

* Add fix for Get-AzSqlInstance

* Added fix for SMI,UMI IdentityType

* Fix for backward compat

* modified help

Co-authored-by: Beisi Zhou &lt;zazbs@qq.com&gt;
diff --git a/src/Sql/Sql/Auditing/Services/AuditingEndpointsCommunicator.cs b/src/Sql/Sql/Auditing/Services/AuditingEndpointsCommunicator.cs
@@ -226,7 +226,7 @@ public DiagnosticSettingsResource UpdateDiagnosticSettings(DiagnosticSettingsRes
             if (server.Identity == null ||
                 server.Identity.Type != ResourceIdentityType.SystemAssigned.ToString())
             {
-                server.Identity = ResourceIdentityHelper.GetIdentityObjectFromType(true, "SystemAssigned", null, null);
+                server.Identity = ResourceIdentityHelper.GetIdentityObjectFromType(true, ResourceIdentityType.SystemAssigned.ToString(), null, null);
                 server = GetCurrentSqlClient().Servers.CreateOrUpdate(resourceGroupName, serverName, server);
             }
 
diff --git a/src/Sql/Sql/ChangeLog.md b/src/Sql/Sql/ChangeLog.md
@@ -25,6 +25,7 @@
       `Get-AzSqlServerOutboundFirewallRule`
       `New-AzSqlServerOutboundFirewallRule`
       `Remove-AzSqlServerOutboundFirewallRule`
+* Fixed the identity logic for SystemAssigned,UserAssigned identities for New-AzSqlServer, New-AzSqlInstance
 * Updated cmdlets for getting and updating SQL database's differential backup frequency
       `Get-AzSqlDatabaseBackupShortTermRetentionPolicy`
       `Set-AzSqlDatabaseBackupShortTermRetentionPolicy`
diff --git a/src/Sql/Sql/Common/ResourceIdentityHelper.cs b/src/Sql/Sql/Common/ResourceIdentityHelper.cs
@@ -33,7 +33,7 @@ public class ResourceIdentityHelper
         public static Management.Sql.Models.ResourceIdentity GetIdentityObjectFromType(bool assignIdentityIsPresent, string resourceIdentityType, List<string> userAssignedIdentities, Management.Sql.Models.ResourceIdentity existingResourceIdentity)
         {
             Management.Sql.Models.ResourceIdentity identityResult = null;
-
+            
             // If the user passes in IdentityType as None, then irrespective of previous config, we set the IdentityType to be None.
             //
             if (resourceIdentityType != null && resourceIdentityType.Equals(ResourceIdentityType.None.ToString()))
@@ -46,13 +46,14 @@ public static Management.Sql.Models.ResourceIdentity GetIdentityObjectFromType(b
                 return identityResult;
             }
 
-            if (resourceIdentityType != null && assignIdentityIsPresent && resourceIdentityType.Equals(ResourceIdentityType.SystemAssignedUserAssigned.ToString()))
+            if (resourceIdentityType != null && assignIdentityIsPresent && 
+                (resourceIdentityType.Equals("SystemAssigned,UserAssigned") || resourceIdentityType.Equals(ResourceIdentityType.SystemAssignedUserAssigned.ToString())))
             {
                 Dictionary<string, UserIdentity> umiDict = new Dictionary<string, UserIdentity>();
 
                 if (userAssignedIdentities == null)
                 {
-                    throw new PSArgumentNullException("The list of user assigned identity ids needs to be passed if the IdentityType is UserAssigned or SystemAssignedUserAssigned");
+                    throw new PSArgumentNullException("The list of user assigned identity ids needs to be passed if the IdentityType is UserAssigned or SystemAssigned,UserAssigned");
                 }
 
                 if (existingResourceIdentity != null && userAssignedIdentities.Any()
@@ -65,7 +66,7 @@ public static Management.Sql.Models.ResourceIdentity GetIdentityObjectFromType(b
 
                     identityResult = new Management.Sql.Models.ResourceIdentity()
                     {
-                        Type = ResourceIdentityType.SystemAssignedUserAssigned.ToString()
+                        Type = "SystemAssigned,UserAssigned"
                     };
                 }
                 else if (userAssignedIdentities.Any())
@@ -77,7 +78,7 @@ public static Management.Sql.Models.ResourceIdentity GetIdentityObjectFromType(b
 
                     identityResult = new Management.Sql.Models.ResourceIdentity()
                     {
-                        Type = ResourceIdentityType.SystemAssignedUserAssigned.ToString(),
+                        Type = "SystemAssigned,UserAssigned",
                         UserAssignedIdentities = umiDict
                     };
                 }
@@ -88,7 +89,7 @@ public static Management.Sql.Models.ResourceIdentity GetIdentityObjectFromType(b
 
                 if (userAssignedIdentities == null)
                 {
-                    throw new PSArgumentNullException("The list of user assigned identity ids needs to be passed if the IdentityType is UserAssigned or SystemAssignedUserAssigned");
+                    throw new PSArgumentNullException("The list of user assigned identity ids needs to be passed if the IdentityType is UserAssigned or SystemAssigned,UserAssigned");
                 }
 
                 if (existingResourceIdentity != null && userAssignedIdentities.Any()
@@ -120,18 +121,10 @@ public static Management.Sql.Models.ResourceIdentity GetIdentityObjectFromType(b
             }
             else if (assignIdentityIsPresent)
             {
-                if (existingResourceIdentity != null)
-                {
-                    identityResult = existingResourceIdentity;
-                    identityResult.Type = ResourceIdentityType.SystemAssigned.ToString();
-                }
-                else
+                identityResult = new Management.Sql.Models.ResourceIdentity()
                 {
-                    identityResult = new Management.Sql.Models.ResourceIdentity()
-                    {
-                        Type = ResourceIdentityType.SystemAssigned.ToString()
-                    };
-                }       
+                    Type = ResourceIdentityType.SystemAssigned.ToString()
+                };  
             }
             
             if (!assignIdentityIsPresent && existingResourceIdentity != null && existingResourceIdentity.PrincipalId != null)
diff --git a/src/Sql/Sql/ManagedInstance/Cmdlet/NewAzureSqlManagedInstance.cs b/src/Sql/Sql/ManagedInstance/Cmdlet/NewAzureSqlManagedInstance.cs
@@ -348,8 +348,8 @@ public class NewAzureSqlManagedInstance : ManagedInstanceCmdletBase
         /// Type of identity to be assigned to the server..
         /// </summary>
         [Parameter(Mandatory = false,
-            HelpMessage = "Type of Identity to be used. Possible values are SystemAsssigned, UserAssigned, SystemAssignedUserAssigned and None.")]
-        [PSArgumentCompleter("SystemAssigned", "UserAssigned", "SystemAssignedUserAssigned", "None")]
+            HelpMessage = "Type of Identity to be used. Possible values are SystemAssigned, UserAssigned, 'SystemAssigned,UserAssigned' and None.")]
+        [PSArgumentCompleter("SystemAssigned", "UserAssigned", "\"SystemAssigned,UserAssigned\"", "None")]
         public string IdentityType { get; set; }
 
         /// <summary>
diff --git a/src/Sql/Sql/ManagedInstance/Cmdlet/SetAzureSqlManagedInstance.cs b/src/Sql/Sql/ManagedInstance/Cmdlet/SetAzureSqlManagedInstance.cs
@@ -229,8 +229,8 @@ public class SetAzureSqlManagedInstance : ManagedInstanceCmdletBase
         /// List of user assigned identities.
         /// </summary>
         [Parameter(Mandatory = false,
-            HelpMessage = "Type of Identity to be used. Possible values are SystemAsssigned, UserAssigned, SystemAssignedUserAssigned and None.")]
-        [PSArgumentCompleter("SystemAssigned", "UserAssigned", "SystemAssignedUserAssigned", "None")]
+            HelpMessage = "Type of Identity to be used. Possible values are SystemAssigned, UserAssigned, 'SystemAssigned,UserAssigned' and None.")]
+        [PSArgumentCompleter("SystemAssigned", "UserAssigned", "\"SystemAssigned,UserAssigned\"", "None")]
         public string IdentityType { get; set; }
 
         /// <summary>
diff --git a/src/Sql/Sql/ManagedInstance/Services/AzureSqlManagedInstanceAdapter.cs b/src/Sql/Sql/ManagedInstance/Services/AzureSqlManagedInstanceAdapter.cs
@@ -265,6 +265,8 @@ private static AzureSqlManagedInstanceModel CreateManagedInstanceModelFromRespon
             {
                 managedInstance.Administrators.AdministratorType = "ActiveDirectory";
             }
+            managedInstance.PrimaryUserAssignedIdentityId = resp.PrimaryUserAssignedIdentityId;
+            managedInstance.KeyId = resp.KeyId;
 
             return managedInstance;
         }
diff --git a/src/Sql/Sql/Server/Cmdlet/NewAzureSqlServer.cs b/src/Sql/Sql/Server/Cmdlet/NewAzureSqlServer.cs
@@ -119,8 +119,8 @@ public class NewAzureSqlServer : AzureSqlServerCmdletBase
         /// Type of identity to be assigned to the server..
         /// </summary>
         [Parameter(Mandatory = false,
-            HelpMessage = "Type of Identity to be used. Possible values are SystemAsssigned, UserAssigned, SystemAssignedUserAssigned and None.")]
-        [PSArgumentCompleter("SystemAssigned", "UserAssigned", "SystemAssignedUserAssigned", "None")]
+            HelpMessage = "Type of Identity to be used. Possible values are SystemAssigned, UserAssigned, 'SystemAssigned,UserAssigned' and None.")]
+        [PSArgumentCompleter("SystemAssigned", "UserAssigned", "\"SystemAssigned,UserAssigned\"", "None")]
         public string IdentityType { get; set; }
 
         /// <summary>
diff --git a/src/Sql/Sql/Server/Cmdlet/SetAzureSqlServer.cs b/src/Sql/Sql/Server/Cmdlet/SetAzureSqlServer.cs
@@ -15,6 +15,7 @@
 using Microsoft.Azure.Commands.ResourceManager.Common.ArgumentCompleters;
 using Microsoft.Azure.Commands.ResourceManager.Common.Tags;
 using Microsoft.Azure.Commands.Sql.Common;
+using System;
 using System.Collections;
 using System.Collections.Generic;
 using System.Linq;
@@ -113,8 +114,8 @@ public class SetAzureSqlServer : AzureSqlServerCmdletBase
         /// Type of identity to be assigned to the server..
         /// </summary>
         [Parameter(Mandatory = false,
-            HelpMessage = "Type of Identity to be used. Possible values are SystemAsssigned, UserAssigned, SystemAssignedUserAssigned and None.")]
-        [PSArgumentCompleter("SystemAssigned", "UserAssigned", "SystemAssignedUserAssigned", "None")]
+            HelpMessage = "Type of Identity to be used. Possible values are SystemAssigned, UserAssigned, 'SystemAssigned,UserAssigned' and None.")]
+        [PSArgumentCompleter("SystemAssigned", "UserAssigned", "\"SystemAssigned,UserAssigned\"", "None")]
         public string IdentityType { get; set; }
 
         /// <summary>
diff --git a/src/Sql/Sql/help/New-AzSqlInstance.md b/src/Sql/Sql/help/New-AzSqlInstance.md
@@ -719,7 +719,7 @@ Accept wildcard characters: False
 ```
 
 ### -IdentityType
-Type of identity to be assigned to the server. Possible values are SystemAsssigned, UserAssigned, SystemAssignedUserAssigned and None.
+Type of identity to be assigned to the server. Possible values are SystemAsssigned, UserAssigned, 'SystemAssigned,UserAssigned' and None.
 
 ```yaml
 Type: System.String
diff --git a/src/Sql/Sql/help/New-AzSqlServer.md b/src/Sql/Sql/help/New-AzSqlServer.md
@@ -337,7 +337,7 @@ Accept wildcard characters: False
 ```
 
 ### -IdentityType
-Type of identity to be assigned to the server. Possible values are SystemAsssigned, UserAssigned, SystemAssignedUserAssigned and None.
+Type of identity to be assigned to the server. Possible values are SystemAsssigned, UserAssigned, 'SystemAssigned,UserAssigned' and None.
 
 ```yaml
 Type: System.String
diff --git a/src/Sql/Sql/help/Set-AzSqlInstance.md b/src/Sql/Sql/help/Set-AzSqlInstance.md
@@ -497,7 +497,7 @@ Accept wildcard characters: False
 ```
 
 ### -IdentityType
-Type of identity to be assigned to the server. Possible values are SystemAsssigned, UserAssigned, SystemAssignedUserAssigned and None.
+Type of identity to be assigned to the server. Possible values are SystemAsssigned, UserAssigned, 'SystemAssigned,UserAssigned' and None.
 
 ```yaml
 Type: System.String
diff --git a/src/Sql/Sql/help/Set-AzSqlServer.md b/src/Sql/Sql/help/Set-AzSqlServer.md
@@ -256,7 +256,7 @@ Accept wildcard characters: False
 ```
 
 ### -IdentityType
-Type of identity to be assigned to the server. Possible values are SystemAsssigned, UserAssigned, SystemAssignedUserAssigned and None.
+Type of identity to be assigned to the server. Possible values are SystemAsssigned, UserAssigned, 'SystemAssigned,UserAssigned' and None.
 
 ```yaml
 Type: System.String

Original file line number	Diff line number	Diff line change
`@@ -226,7 +226,7 @@ public DiagnosticSettingsResource UpdateDiagnosticSettings(DiagnosticSettingsRes`
`226`	`226`	`if (server.Identity == null \|\|`
`227`	`227`	`server.Identity.Type != ResourceIdentityType.SystemAssigned.ToString())`
`228`	`228`	`{`
`229`		`- server.Identity = ResourceIdentityHelper.GetIdentityObjectFromType(true, "SystemAssigned", null, null);`
	`229`	`+ server.Identity = ResourceIdentityHelper.GetIdentityObjectFromType(true, ResourceIdentityType.SystemAssigned.ToString(), null, null);`
`230`	`230`	`server = GetCurrentSqlClient().Servers.CreateOrUpdate(resourceGroupName, serverName, server);`
`231`	`231`	`}`
`232`	`232`
Original file line number	Diff line number	Diff line change
`@@ -33,7 +33,7 @@ public class ResourceIdentityHelper`
`33`	`33`	`public static Management.Sql.Models.ResourceIdentity GetIdentityObjectFromType(bool assignIdentityIsPresent, string resourceIdentityType, List<string> userAssignedIdentities, Management.Sql.Models.ResourceIdentity existingResourceIdentity)`
`34`	`34`	`{`
`35`	`35`	`Management.Sql.Models.ResourceIdentity identityResult = null;`
`36`		`-`
	`36`	`+`
`37`	`37`	`// If the user passes in IdentityType as None, then irrespective of previous config, we set the IdentityType to be None.`
`38`	`38`	`//`
`39`	`39`	`if (resourceIdentityType != null && resourceIdentityType.Equals(ResourceIdentityType.None.ToString()))`
`@@ -46,13 +46,14 @@ public static Management.Sql.Models.ResourceIdentity GetIdentityObjectFromType(b`
`46`	`46`	`return identityResult;`
`47`	`47`	`}`
`48`	`48`
`49`		`- if (resourceIdentityType != null && assignIdentityIsPresent && resourceIdentityType.Equals(ResourceIdentityType.SystemAssignedUserAssigned.ToString()))`
	`49`	`+ if (resourceIdentityType != null && assignIdentityIsPresent &&`
	`50`	`+ (resourceIdentityType.Equals("SystemAssigned,UserAssigned") \|\| resourceIdentityType.Equals(ResourceIdentityType.SystemAssignedUserAssigned.ToString())))`
`50`	`51`	`{`
`51`	`52`	`Dictionary<string, UserIdentity> umiDict = new Dictionary<string, UserIdentity>();`
`52`	`53`
`53`	`54`	`if (userAssignedIdentities == null)`
`54`	`55`	`{`
`55`		`- throw new PSArgumentNullException("The list of user assigned identity ids needs to be passed if the IdentityType is UserAssigned or SystemAssignedUserAssigned");`
	`56`	`+ throw new PSArgumentNullException("The list of user assigned identity ids needs to be passed if the IdentityType is UserAssigned or SystemAssigned,UserAssigned");`
`56`	`57`	`}`
`57`	`58`
`58`	`59`	`if (existingResourceIdentity != null && userAssignedIdentities.Any()`
`@@ -65,7 +66,7 @@ public static Management.Sql.Models.ResourceIdentity GetIdentityObjectFromType(b`
`65`	`66`
`66`	`67`	`identityResult = new Management.Sql.Models.ResourceIdentity()`
`67`	`68`	`{`
`68`		`- Type = ResourceIdentityType.SystemAssignedUserAssigned.ToString()`
	`69`	`+ Type = "SystemAssigned,UserAssigned"`
`69`	`70`	`};`
`70`	`71`	`}`
`71`	`72`	`else if (userAssignedIdentities.Any())`
`@@ -77,7 +78,7 @@ public static Management.Sql.Models.ResourceIdentity GetIdentityObjectFromType(b`
`77`	`78`
`78`	`79`	`identityResult = new Management.Sql.Models.ResourceIdentity()`
`79`	`80`	`{`
`80`		`- Type = ResourceIdentityType.SystemAssignedUserAssigned.ToString(),`
	`81`	`+ Type = "SystemAssigned,UserAssigned",`
`81`	`82`	`UserAssignedIdentities = umiDict`
`82`	`83`	`};`
`83`	`84`	`}`
`@@ -88,7 +89,7 @@ public static Management.Sql.Models.ResourceIdentity GetIdentityObjectFromType(b`
`88`	`89`
`89`	`90`	`if (userAssignedIdentities == null)`
`90`	`91`	`{`
`91`		`- throw new PSArgumentNullException("The list of user assigned identity ids needs to be passed if the IdentityType is UserAssigned or SystemAssignedUserAssigned");`
	`92`	`+ throw new PSArgumentNullException("The list of user assigned identity ids needs to be passed if the IdentityType is UserAssigned or SystemAssigned,UserAssigned");`
`92`	`93`	`}`
`93`	`94`
`94`	`95`	`if (existingResourceIdentity != null && userAssignedIdentities.Any()`
`@@ -120,18 +121,10 @@ public static Management.Sql.Models.ResourceIdentity GetIdentityObjectFromType(b`
`120`	`121`	`}`
`121`	`122`	`else if (assignIdentityIsPresent)`
`122`	`123`	`{`
`123`		`- if (existingResourceIdentity != null)`
`124`		`- {`
`125`		`- identityResult = existingResourceIdentity;`
`126`		`- identityResult.Type = ResourceIdentityType.SystemAssigned.ToString();`
`127`		`- }`
`128`		`- else`
	`124`	`+ identityResult = new Management.Sql.Models.ResourceIdentity()`
`129`	`125`	`{`
`130`		`- identityResult = new Management.Sql.Models.ResourceIdentity()`
`131`		`- {`
`132`		`- Type = ResourceIdentityType.SystemAssigned.ToString()`
`133`		`- };`
`134`		`- }`
	`126`	`+ Type = ResourceIdentityType.SystemAssigned.ToString()`
	`127`	`+ };`
`135`	`128`	`}`
`136`	`129`
`137`	`130`	`if (!assignIdentityIsPresent && existingResourceIdentity != null && existingResourceIdentity.PrincipalId != null)`
Original file line number	Diff line number	Diff line change
`@@ -265,6 +265,8 @@ private static AzureSqlManagedInstanceModel CreateManagedInstanceModelFromRespon`
`265`	`265`	`{`
`266`	`266`	`managedInstance.Administrators.AdministratorType = "ActiveDirectory";`
`267`	`267`	`}`
	`268`	`+ managedInstance.PrimaryUserAssignedIdentityId = resp.PrimaryUserAssignedIdentityId;`
	`269`	`+ managedInstance.KeyId = resp.KeyId;`
`268`	`270`
`269`	`271`	`return managedInstance;`
`270`	`272`	`}`