[HDInsight] Support customers specify min TLS version when creating cluster

src/HDInsight/HDInsight.Test/HDInsight.Test.csproj

@@ -11,7 +11,7 @@
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="Microsoft.Azure.Management.HDInsight" Version="5.1.0" />
+    <PackageReference Include="Microsoft.Azure.Management.HDInsight" Version="5.3.0" />
     <PackageReference Include="Microsoft.Azure.Management.HDInsight.Job" Version="2.0.7" />
     <PackageReference Include="Microsoft.Azure.Management.OperationalInsights" Version="0.19.0-preview" />
   </ItemGroup>
@@ -20,4 +20,8 @@
     <ProjectReference Include="..\HDInsight\HDInsight.csproj" />
   </ItemGroup>
 
+  <ItemGroup>
+    <Folder Include="SessionRecords\Commands.HDInsight.Test.ScenarioTests.HDInsightClusterTests\" />
+  </ItemGroup>
+
 </Project>

src/HDInsight/HDInsight.Test/ScenarioTests/Common.ps1

@@ -38,7 +38,8 @@ function Create-Cluster{
       [string] $location="West US",
       [string] $resourceGroupName="group-ps-test",
       [string] $clusterType="Spark",
-      [string] $storageAccountName="storagepstest"
+      [string] $storageAccountName="storagepstest",
+      [string] $minSupportedTlsVersion="1.2"
     )
 
     $clusterName=Generate-Name($clusterName)
@@ -65,7 +66,7 @@ function Create-Cluster{
 
     $cluster=New-AzHDInsightCluster -Location $location -ResourceGroupName $resourceGroup.ResourceGroupName -ClusterName $clusterName `
              -ClusterSizeInNodes $clusterSizeInNodes -ClusterType $clusterType -DefaultStorageAccountName $storageAccountName `
-             -DefaultStorageAccountKey $storageAccountKey -HttpCredential $httpCredential -SshCredential $sshCredential
+             -DefaultStorageAccountKey $storageAccountKey -HttpCredential $httpCredential -SshCredential $sshCredential -MinSupportedTlsVersion $minSupportedTlsVersion
 
     return $cluster
 }

src/HDInsight/HDInsight.Test/UnitTests/NewClusterTests.cs

@@ -112,7 +112,7 @@ public void CanCreateNewHDInsightCluster()
                     parameters.Location == Location &&
                     parameters.UserName == _httpCred.UserName &&
                     parameters.Password == _httpCred.Password.ConvertToString() &&
-                    parameters.ClusterType == ClusterType)))
+                    parameters.ClusterType == ClusterType), It.IsAny<string>()))
             .Returns(cluster)
             .Verifiable();
 
@@ -317,7 +317,7 @@ private void CreateNewHDInsightCluster(
                         parameters.SshUserName == _sshCred.UserName &&
                         parameters.SshPassword == _sshCred.Password.ConvertToString() &&
                         ((!setEdgeNodeVmSize && parameters.EdgeNodeSize == null) || (setEdgeNodeVmSize && parameters.EdgeNodeSize == "edgeNodeVmSizeSetTest")) &&
-                        (workerNodeDataDisks == 0) || (workerNodeDataDisks > 0 && parameters.WorkerNodeDataDisksGroups.First().DisksPerNode == workerNodeDataDisks))))
+                        (workerNodeDataDisks == 0) || (workerNodeDataDisks > 0 && parameters.WorkerNodeDataDisksGroups.First().DisksPerNode == workerNodeDataDisks)), It.IsAny<string>()))
                 .Returns(cluster)
                 .Verifiable();
 
@@ -416,7 +416,7 @@ public void CanCreateNewHDInsightCluster_LinuxComponentVersion()
                     parameters.ClusterType == sparkClusterType &&
                     parameters.SshUserName == _sshCred.UserName &&
                     parameters.SshPassword == _sshCred.Password.ConvertToString() &&
-                    parameters.ComponentVersion["Spark"] == componentVersion["Spark"])))
+                    parameters.ComponentVersion["Spark"] == componentVersion["Spark"]), It.IsAny<string>()))
             .Returns(cluster)
             .Verifiable();
             hdinsightManagementMock.Setup(
@@ -431,7 +431,7 @@ public void CanCreateNewHDInsightCluster_LinuxComponentVersion()
                         parameters.Password == _httpCred.Password.ConvertToString() &&
                         parameters.ClusterType == ClusterType &&
                         parameters.SshUserName == _sshCred.UserName &&
-                        parameters.SshPassword == _sshCred.Password.ConvertToString())))
+                        parameters.SshPassword == _sshCred.Password.ConvertToString()), It.IsAny<string>()))
                 .Returns(cluster)
                 .Verifiable();
 
@@ -474,7 +474,7 @@ public void TestStorageAccountTypeDefaultsToAzureStorage()
             cmdlet.DefaultStorageAccountKey = StorageKey;
             cmdlet.ClusterType = ClusterType;
 
-            hdinsightManagementMock.Setup(c => c.CreateNewCluster(ResourceGroupName, ClusterName,  OSType.Linux, It.IsAny<ClusterCreateParameters>()));
+            hdinsightManagementMock.Setup(c => c.CreateNewCluster(ResourceGroupName, ClusterName,  OSType.Linux, It.IsAny<ClusterCreateParameters>(), It.IsAny<string>()));
 
             cmdlet.ExecuteCmdlet();
 
@@ -487,7 +487,7 @@ public void TestStorageAccountTypeDefaultsToAzureStorage()
                     parameters.Location == Location &&
                     parameters.UserName == _httpCred.UserName &&
                     parameters.Password == _httpCred.Password.ConvertToString() &&
-                    parameters.ClusterType == ClusterType)),
+                    parameters.ClusterType == ClusterType), It.IsAny<string>()),
                 Times.Once);
         }
 
@@ -505,7 +505,7 @@ public void TestStorageAccountTypeAzureStorage()
             cmdlet.ClusterType = ClusterType;
             cmdlet.DefaultStorageAccountType = StorageType.AzureStorage;
 
-            hdinsightManagementMock.Setup(c => c.CreateNewCluster(ResourceGroupName, ClusterName, OSType.Linux, It.IsAny<ClusterCreateParameters>()));
+            hdinsightManagementMock.Setup(c => c.CreateNewCluster(ResourceGroupName, ClusterName, OSType.Linux, It.IsAny<ClusterCreateParameters>(), It.IsAny<string>()));
 
             cmdlet.ExecuteCmdlet();
 
@@ -518,7 +518,7 @@ public void TestStorageAccountTypeAzureStorage()
                     parameters.Location == Location &&
                     parameters.UserName == _httpCred.UserName &&
                     parameters.Password == _httpCred.Password.ConvertToString() &&
-                    parameters.ClusterType == ClusterType)),
+                    parameters.ClusterType == ClusterType), It.IsAny<string>()),
                 Times.Once);
         }
 
@@ -537,7 +537,7 @@ public void TestStorageAccountTypeAzureDataLakeStore()
             cmdlet.ClusterType = ClusterType;
             cmdlet.DefaultStorageAccountType = StorageType.AzureDataLakeStore;
 
-            hdinsightManagementMock.Setup(c => c.CreateNewCluster(ResourceGroupName, ClusterName, OSType.Linux, It.IsAny<ClusterCreateParameters>()));
+            hdinsightManagementMock.Setup(c => c.CreateNewCluster(ResourceGroupName, ClusterName, OSType.Linux, It.IsAny<ClusterCreateParameters>(), It.IsAny<string>()));
 
             cmdlet.ExecuteCmdlet();
 
@@ -550,7 +550,7 @@ public void TestStorageAccountTypeAzureDataLakeStore()
                     parameters.Location == Location &&
                     parameters.UserName == _httpCred.UserName &&
                     parameters.Password == _httpCred.Password.ConvertToString() &&
-                    parameters.ClusterType == ClusterType)),
+                    parameters.ClusterType == ClusterType), It.IsAny<string>()),
                 Times.Once);
         }
     }

src/HDInsight/HDInsight.Test/UnitTests/PremiumClusterTests.cs

@@ -113,7 +113,7 @@ public void CanCreateNewPremiumHDInsightCluster()
                     parameters.SshUserName == _httpCred.UserName &&
                     parameters.SshPassword == _httpCred.Password.ConvertToString() &&
                     parameters.ClusterType == ClusterType &&
-                    parameters.ClusterTier == Tier.Premium)))
+                    parameters.ClusterTier == Tier.Premium), It.IsAny<string>()))
             .Returns(cluster)
             .Verifiable();
 

src/HDInsight/HDInsight/ChangeLog.md

@@ -18,6 +18,7 @@
         - Additional information about change #1
 -->
 ## Upcoming Release
+Supported specifying minimal supported TLS version when creating cluster.
 
 ## Version 3.0.3
 * Fix document error of New-AzHDInsightCluster.

src/HDInsight/HDInsight/HDInsight.csproj

@@ -11,7 +11,7 @@
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="Microsoft.Azure.Management.HDInsight" Version="5.1.0" />
+    <PackageReference Include="Microsoft.Azure.Management.HDInsight" Version="5.3.0" />
     <PackageReference Include="Microsoft.Azure.Management.HDInsight.Job" Version="2.0.7" />
     <PackageReference Include="WindowsAzure.Storage" Version="9.3.0" />
   </ItemGroup>

src/HDInsight/HDInsight/ManagementCommands/NewAzureHDInsightClusterCommand.cs

@@ -136,7 +136,8 @@ public AzureHDInsightConfig Config
                     CertificateFilePath = CertificateFilePath,
                     CertificatePassword = CertificatePassword,
                     SecurityProfile = SecurityProfile,
-                    DisksPerWorkerNode = DisksPerWorkerNode
+                    DisksPerWorkerNode = DisksPerWorkerNode,
+                    MinSupportedTlsVersion = MinSupportedTlsVersion
                 };
                 foreach (
                     var storageAccount in
@@ -190,6 +191,7 @@ var storageAccount in
                 CertificatePassword = value.CertificatePassword;
                 SecurityProfile = value.SecurityProfile;
                 DisksPerWorkerNode = value.DisksPerWorkerNode;
+                MinSupportedTlsVersion = value.MinSupportedTlsVersion;
 
                 foreach (
                     var storageAccount in
@@ -353,6 +355,9 @@ public DateTime RdpAccessExpiry
         [Parameter(HelpMessage = "Gets or sets the number of disks for worker node role in the cluster.")]
         public int DisksPerWorkerNode { get; set; }
 
+        [Parameter(HelpMessage = "Gets or sets the minimal supported TLS version.")]
+        public string MinSupportedTlsVersion { get; set; }
+
         #endregion
 
 
@@ -473,7 +478,7 @@ var storageAccount in
                 };
             }
 
-            var cluster = HDInsightManagementClient.CreateNewCluster(ResourceGroupName, ClusterName, OSType, parameters);
+            var cluster = HDInsightManagementClient.CreateNewCluster(ResourceGroupName, ClusterName, OSType, parameters, MinSupportedTlsVersion);
 
             if (cluster != null)
             {

src/HDInsight/HDInsight/ManagementCommands/NewAzureHDInsightClusterConfigCommand.cs

@@ -148,6 +148,13 @@ public Guid AadTenantId
             set { _config.AADTenantId = value; }
         }
 
+        [Parameter(HelpMessage = "Gets or sets the minimal supported TLS version.")]
+        public string MinSupportedTlsVersion
+        {
+            get { return _config.MinSupportedTlsVersion; }
+            set { _config.MinSupportedTlsVersion = value; }
+        }
+
         #endregion
 
         public NewAzureHDInsightClusterConfigCommand()

src/HDInsight/HDInsight/Models/Management/AzureHDInsightCluster.cs

@@ -66,6 +66,8 @@ public AzureHDInsightCluster(Cluster cluster)
                 LdapsUrls = clusterSecurityProfile.LdapsUrls != null ? clusterSecurityProfile.LdapsUrls.ToArray() : null,
                 ClusterUsersGroupDNs = clusterSecurityProfile.ClusterUsersGroupDNs != null ? clusterSecurityProfile.ClusterUsersGroupDNs.ToArray() : null,
             } : null;
+
+            MinSupportedTlsVersion = cluster.Properties.MinSupportedTlsVersion;
         }
 
         public AzureHDInsightCluster(Cluster cluster, IDictionary<string, string> clusterConfiguration, IDictionary<string, string> clusterIdentity)
@@ -201,5 +203,10 @@ public AzureHDInsightCluster(Cluster cluster, IDictionary<string, string> cluste
         /// The security profile.
         /// </value>
         public AzureHDInsightSecurityProfile SecurityProfile { get; set; }
+
+        /// <summary>
+        /// Gets or sets the minimal supported TLS version.
+        /// </summary>
+        public string MinSupportedTlsVersion { get; set; }
     }
 }

src/HDInsight/HDInsight/Models/Management/AzureHDInsightConfig.cs

@@ -140,6 +140,11 @@ public class AzureHDInsightConfig
         /// </summary>
         public int DisksPerWorkerNode { get; set; }
 
+        /// <summary>
+        /// Gets or sets the minimal supported TLS version.
+        /// </summary>
+        public string MinSupportedTlsVersion { get; set; }
+
         public AzureHDInsightConfig()
         {
             ClusterType = Constants.Hadoop;

src/HDInsight/HDInsight/Models/Management/AzureHdInsightManagementClient.cs

@@ -34,10 +34,11 @@ public AzureHdInsightManagementClient() { }
 
         private IHDInsightManagementClient HdInsightManagementClient { get; set; }
 
-        public virtual Cluster CreateNewCluster(string resourceGroupName, string clusterName, OSType osType, ClusterCreateParameters parameters)
+        public virtual Cluster CreateNewCluster(string resourceGroupName, string clusterName, OSType osType, ClusterCreateParameters parameters, string minSupportedTlsVersion=default(string))
         {
             var createParams = CreateParametersConverter.GetExtendedClusterCreateParameters(clusterName, parameters);
             createParams.Properties.OsType = osType;
+            createParams.Properties.MinSupportedTlsVersion = minSupportedTlsVersion;
             return HdInsightManagementClient.Clusters.Create(resourceGroupName, clusterName, createParams);
         }