Skip to content

SQL VM AKV Integration in Azure SDK Release 0.9.8 #847

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 8 commits into from
Sep 4, 2015
Merged

SQL VM AKV Integration in Azure SDK Release 0.9.8 #847

merged 8 commits into from
Sep 4, 2015

Conversation

OJDUDE
Copy link

@OJDUDE OJDUDE commented Sep 3, 2015

Retarget pull request 751 to release branch. See pull request details here #751

OJDUDE added 7 commits August 7, 2015 22:50
SQL Server Virtual Machine Azure Key Vault Integration
10abbe7 
The files in this change implement two changes:

1. The AutoBackup feature includes private settings in the public
settings section.  The fix was to add a public settings class that is
used to manage the AutoBackup settings in the set and get command.
The change does not impact the cmdlet interface or the objects used to
configure AutoBackup. The change is internal to the feature
implementation.

The AutoBackup syntax command is still the same. Here is an example:
$storageaccount = "nobrooklyninfrawe"
$storageaccountkey = (Get-AzureStorageKey -StorageAccountName
$storageaccount).Primary
$storagecontext = New-AzureStorageContext -StorageAccountName
$storageaccount -StorageAccountKey $storageaccountkey
$password = "P@ssw0rd"
$encryptionpassword = $password | ConvertTo-SecureString -AsPlainText
-Force
$autobackupconfig = New-AzureVMSqlServerAutoBackupConfig -StorageContext
$storagecontext -Enable -RetentionPeriod 10 -EnableEncryption
-CertificatePassword $encryptionpassword

Get-AzureVM -ServiceName $serviceName -Name $vmName |
Set-AzureVMSqlServerExtension -AutoBackupSettings $autobackupconfig |
Update-AzureVM

2. SQL VM Azure key Vault Integration
This is a new feature is added to configure SQL Connector to access
Azure Key Vault on a SQL IaaS VM. The feature is only available for SQL
Server 2012 and higher version. A new set of classes is added to manage
Collecting the Azure Key Vault settings and new SQL credential settings.
The user would provide the key vault url, principal name and secret and
the SQL credential name. The user can enable \ disable the feature
Using the Enable switch option. By default the feature is disabled. The
following is an example to enable the feature:

$akvsecret = "3j432j4lj32lk4j32lk4jlk32j4l32j4lj32lj4l32j4lk"
$secureakv =  $akvsecret | ConvertTo-SecureString -AsPlainText -Force
$akvs = New-AzureVMSqlServerKeyVaultCredentialConfig -Enable
-CredentialName mycredzz11 -AzureKeyVaultUrl
"http://afSqlKVT.vault.azure.net" -ServicePrincipalName
"jljlj3l-s4d4c-9d2d-42428ed7" -ServicePrincipalSecret $secureakv

Get-AzureVM -ServiceName $serviceName -Name $vmName |
Set-AzureVMSqlServerExtension -KeyVaultCredentialSettings $akvs |
Update-AzureVM

The change also update the extension status. The status output now
includes the KeyVaultSettings object
Get-AzureVM -ServiceName $serviceName -Name $vmName |
Get-AzureVMSqlServerExtension

The following is a sample output of the get command
ExtensionName              : SqlIaaSAgent
Publisher                  : Microsoft.SqlServer.Management
Version                    : 1.*
State                      : Enable
RoleName                   : afexttest
AutoPatchingSettings       :
Microsoft.WindowsAzure.Commands.ServiceManagement.IaaS.Extensions.AutoPatchingSettings
AutoBackupSettings         :
Microsoft.WindowsAzure.Commands.ServiceManagement.IaaS.Extensions.AutoBackupSettings
KeyVaultCredentialSettings :
Microsoft.WindowsAzure.Commands.ServiceManagement.IaaS.Extensions.KeyVaultCredentialSettings
Don't use default settings when settings are missing
a0473e0 
In the previous change, default settings were used for AKV and
AutoBackup if the settings are not entered by the user. This is the
wrong behavior as it would always update the VM with the default
settings for feature that the user did not include in the set command.
SQL Server IaaS Extension cmdlets update
c8658ea 
1. Don't print or attempt to print private settings from the Get.
Instead print *** if the options are set.

2. Print a message to educate the user when disabling Azure key vault
that existing credentials will not be removed but AKV status will not be
reported.

3. Update the help file.

4. No new tests are required as the current tests already cover the
changes in this changeset.
This is update to local branch
3d0f59b
Merge branch 'Azure-dev' into dev
28b5a2b
Updateing local branch
1721dc2
Merge branch 'dev' into Azure/release-0.9.8
44ef696
@azurecla
Copy link

azurecla commented Sep 3, 2015

Hi @OJDUDE, I'm your friendly neighborhood Azure Pull Request Bot (You can call me AZPRBOT). Thanks for your contribution!
You've already signed the contribution license agreement. Thanks!
We will now validate the agreement and then real humans will evaluate your PR.

TTYL, AZPRBOT;

@markcowl
Copy link
Member

markcowl commented Sep 3, 2015

On demand job is here: http://azuresdkci.cloudapp.net/view/1-AzurePowerShell/job/powershell-on-demand/174/

@OJDUDE
Copy link
Author

OJDUDE commented Sep 3, 2015

Thanks for the update. I don’t have access to the links yet. I am still getting access to them. I will wait for the update results.

From: Mark Cowlishaw [mailto:[email protected]]
Sent: Thursday, September 3, 2015 11:38 AM
To: Azure/azure-powershell [email protected]
Cc: Omar Jaber [email protected]
Subject: Re: [azure-powershell] Release 0.9.8 (#847)

On demand job is here: http://azuresdkci.cloudapp.net/view/1-AzurePowerShell/job/powershell-on-demand/174/https://na01.safelinks.protection.outlook.com/?url=http%3a%2f%2fazuresdkci.cloudapp.net%2fview%2f1-AzurePowerShell%2fjob%2fpowershell-on-demand%2f174%2f&data=01%7c01%7comjaber%40microsoft.com%7c548f13b5f29e4b4ae6f208d2b48ebdd5%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=4fqUz6uQl3uHz5rnT9dl2XbxhExcWDqPrfykgjyo5Bw%3d


Reply to this email directly or view it on GitHubhttps://na01.safelinks.protection.outlook.com/?url=https%3a%2f%2fi.8713187.xyz%2fAzure%2fazure-powershell%2fpull%2f847%23issuecomment-137537576&data=01%7c01%7comjaber%40microsoft.com%7c548f13b5f29e4b4ae6f208d2b48ebdd5%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=R%2fDgpkDVs1owjqQltwYMZHnB%2bs2REam%2bbf13aL85Qco%3d.

@OJDUDE
Copy link
Author

OJDUDE commented Sep 4, 2015

Resolved failed test. Please schedule the change for test run please.

@OJDUDE OJDUDE changed the title Release 0.9.8 SQL VM AKV Integration in Azure SDK Release 0.9.8 Sep 4, 2015
@OJDUDE
Copy link
Author

OJDUDE commented Sep 4, 2015

Thanks folks for kicking this test. It all passed. Please let me know when it is merged.

@OJDUDE
Copy link
Author

OJDUDE commented Sep 4, 2015

Can you please provide an ETA when this be merged?

@jianghaolu
Copy link
Contributor

On demand job here: http://azuresdkci.cloudapp.net/view/1-AzurePowerShell/job/powershell-on-demand/182/

@OJDUDE
Copy link
Author

OJDUDE commented Sep 4, 2015

Is this being tested again?

@OJDUDE
Copy link
Author

OJDUDE commented Sep 4, 2015

I see this is a check-in validation job.

@OJDUDE
Copy link
Author

OJDUDE commented Sep 4, 2015

Build completed without errors. Please let us know when this is merged.

@jianghaolu
Copy link
Contributor

Merging. Thanks!!

jianghaolu pushed a commit that referenced this pull request Sep 4, 2015
Merge pull request #847 from OJDUDE/release-0.9.8
50312c1 
SQL VM AKV Integration in Azure SDK Release 0.9.8
@jianghaolu jianghaolu merged commit 50312c1 into Azure:release-0.9.8 Sep 4, 2015
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@OJDUDE @azurecla @markcowl @jianghaolu