Brooklyn Feature: Point To Site IPSec custom policy set on Gateway #5909
Conversation
…icy set on Gateway. and fix build merge errors.
MiYanni
changed the title
|
Cmdlet review here: https://github.com/Azure/azure-powershell-cmdlet-review-pr/issues/45 |
|
@Nilambari please take a look at the build failures in the markdown help files:
|
| @@ -31,36 +31,31 @@ public void TestZoneCrud() | |||
| DnsTestsBase.NewInstance.RunPowerShellTest("Test-ZoneCrud"); | |||
| } | |||
|
|
|||
| [Fact] | |||
| [Trait(Category.AcceptanceType, Category.CheckIn)] | |||
| [Fact(Skip = "Test is failing, service team needs to re-record")] | |||
There was a problem hiding this comment.
@Nilambari why are these tests failing? @muwaqar would you mind working with Nilambari to enable these tests?
There was a problem hiding this comment.
Enabled skipped tests back as tests are passing now.
| @@ -34,6 +34,16 @@ | |||
| * Add support for DDoS protection plan resource | |||
| * Introduced multiple breaking changes | |||
| - Please refer to the migration guide for more information | |||
| * Updated below commands for feature: Point to Site IPsec custom policy set/remove on Brooklyn Gateway. | |||
There was a problem hiding this comment.
@Nilambari please move the snippet you are adding to below the ## Current Release header
| { | ||
| base.Execute(); | ||
|
|
||
| if (ShouldProcess("AzureRmVpnClientIpsecParameter", VerbsCommon.Get)) |
There was a problem hiding this comment.
@Nilambari please remove the call to ShouldProcess for this cmdlet
| { | ||
| base.Execute(); | ||
|
|
||
| if (ShouldProcess(Properties.Resources.CreatingResourceMessage + Properties.Resources.VirtualNetworkGatewayVpnClientIpsecPolicy)) |
There was a problem hiding this comment.
@Nilambari it doesn't appear that this cmdlet doesn't make any calls to the server, it's just creating an in-memory object. If that is the case, then you don't need ShouldProcess and you can remove SupportsShouldProcess from the cmdlet attribute
| MNM.IpsecEncryption.GCMAES128, | ||
| MNM.IpsecEncryption.AES256, | ||
| MNM.IpsecEncryption.AES128, | ||
| IgnoreCase = false)] |
There was a problem hiding this comment.
@Nilambari is there any reason we need to be case sensitive for all of these parameters using ValidateSet? I think we should make all ValidateSet attributes case insensitive, so removing the IgnoreCase = False line from each one will resolve this issue.
|
|
||
| ### Create new virtual network gateway with setting vpn custom ipsec policy: | ||
| ``` | ||
| PS C:\> New-AzureRmVirtualNetworkGateway -ResourceGroupName vnet-gateway -name myNGW -location $location -IpConfigurations $vnetIpConfig -GatewayType Vpn -VpnType RouteBased -GatewaySku VpnGw1 -VpnClientIpsecPolicy $vpnclientipsecpolicy |
There was a problem hiding this comment.
@Nilambari same comment about adding corresponding output
|
|
||
| ### Get virtual network gateway to see if vpn custom policy is set correctly: | ||
| ``` | ||
| $gateway = Get-AzureRmVirtualNetworkGateway -ResourceGroupName vnet-gateway -name myNGW |
There was a problem hiding this comment.
@Nilambari nit: please add the PS C:\> string before this command to be consistent with the line below it
| # Remove-AzureRmVpnClientIpsecParameter | ||
|
|
||
| ## SYNOPSIS | ||
| {{Fill in the Synopsis}} |
There was a problem hiding this comment.
@Nilambari please fill in a synopsis
|
|
||
| ### 1: Deletes the set vpn ipsec parameters set on the Virtual Network Gateway | ||
| ``` | ||
| Remove-AzureRmVpnClientIpsecParameter -VirtualNetworkGatewayName myGateway -ResourceGroupName myRG |
There was a problem hiding this comment.
@Nilambari same comment about adding the corresponding output
| ### Example 1 : Sets a custom vpn ipsec policy to existing virtual network gateway. | ||
| ```powershell | ||
| PS C:\>$vpnclientipsecparams = New-AzureRmVpnClientIpsecParameter -IpsecEncryption AES256 -IpsecIntegrity SHA256 -SALifeTime 86473 -SADataSize 429498 -IkeEncryption AES256 -IkeIntegrity SHA384 -DhGroup DHGroup2 -PfsGroup PFS2 | ||
| PS C:\> $setvpnIpsecParams = Set-AzureRmVpnClientIpsecParameter -VirtualNetworkGatewayName "ContosoLocalGateway" -ResourceGroupName "ContosoResourceGroup" -VpnClientIPsecParameter $vpnclientipsecparams |
There was a problem hiding this comment.
@Nilambari same comment about adding corresponding output
There was a problem hiding this comment.
Done. Added output details in comment.
|
@cormacpayne Incorporated requested review comments. Please take a look and help accept the PR. Thanks! |
|
@cormacpayne I think build failed due to static analysis errors. It asks for adding ShouldProcess to commandlets:- New-AzureRmVpnClientIpsecPolicy & New-AzureRmVpnClientIpsecParameter which was removed as per latest code review comments. Can you Please advice what to do in this case in order for build to pass? |
|
@cormacpayne Build is passed, Can you help accept the PR? Thanks! |
|
@cormacpayne Seems on demand job is successful, can you Please help merge this PR? |
| @@ -22,6 +22,16 @@ | |||
|
|
|||
| ## Version 6.1.0 | |||
| * Bump up Network SDK version from 18.0.0-preview to 19.0.0-preview | |||
| * Updated below commands for feature: Point to Site IPsec custom policy set/remove on Brooklyn Gateway. | |||
There was a problem hiding this comment.
@Nilambari we'll need to move the release notes you added to be under the Current Release header above, but we can do that in a separate PR
Description
Checklist
CONTRIBUTING.mdplatyPSmodule