SQL VM AKV Integration in Azure SDK Release 0.9.8

src/ServiceManagement/Compute/Commands.ServiceManagement/Commands.ServiceManagement.csproj

@@ -171,6 +171,11 @@
     <Reference Include="System.Xml" />
   </ItemGroup>
   <ItemGroup>
+    <Compile Include="IaaS\Extensions\SqlServer\AzureVMSqlServerPublicAutoBackupSettings.cs" />
+    <Compile Include="IaaS\Extensions\SqlServer\AzureVMSqlServerPublicKeyVaultCredentialSettings.cs" />
+    <Compile Include="IaaS\Extensions\SqlServer\AzureVMSqlServerPrivateKeyVaultCredentialSettings.cs" />
+    <Compile Include="IaaS\Extensions\SqlServer\AzureVMSqlServerKeyVaultCredentialSettings.cs" />
+    <Compile Include="IaaS\Extensions\SqlServer\NewAzureVMSqlServerKeyVaultCredentialConfig.cs" />
     <Compile Include="IaaS\Extensions\DSC\DscExtensionCmdletConstants.cs" />
     <Compile Include="IaaS\Extensions\DSC\DscExtensionPrivateSettings.cs" />
     <Compile Include="IaaS\Extensions\DSC\DscExtensionPublicSettings.cs" />

src/ServiceManagement/Compute/Commands.ServiceManagement/IaaS/Extensions/SqlServer/AzureVMSqlServerKeyVaultCredentialSettings.cs

@@ -0,0 +1,58 @@
+// ----------------------------------------------------------------------------------
+//
+// Copyright Microsoft Corporation
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// http://www.apache.org/licenses/LICENSE-2.0
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+// ----------------------------------------------------------------------------------
+
+using System.Security;
+
+namespace Microsoft.WindowsAzure.Commands.ServiceManagement.IaaS.Extensions
+{
+    /// <summary>
+    /// Autobackup settings to configure managed backup on SQL VM
+    /// </summary>
+    public class KeyVaultCredentialSettings
+    {
+        /// <summary>
+        /// Defines if the Key Vault Credentails feature is enabled or disabled
+        /// </summary>
+        public bool Enable { get; set; }
+
+        /// <summary>
+        /// Key Vault credentails name
+        /// </summary>
+        public string CredentialName { get; set; }
+
+        /// <summary>
+        /// Gets the azure key vault URL.
+        /// </summary>
+        /// <value>
+        /// The azure key vault URL for Credential Management.
+        /// </value>
+        public string AzureKeyVaultUrl { get; set; }
+
+        /// <summary>
+        /// Gets the name of the principal.
+        /// </summary>
+        /// <value>
+        /// The name of the service principal to access the Azure Key Vault.
+        /// </value>
+        public string ServicePrincipalName { get; set; }
+
+        /// <summary>
+        /// Gets the principal secret.
+        /// </summary>
+        /// <value>
+        /// The service principal secret to access the Azure Key Vault.
+        /// </value>
+        public string ServicePrincipalSecret { get; set; }
+    }
+}

src/ServiceManagement/Compute/Commands.ServiceManagement/IaaS/Extensions/SqlServer/AzureVMSqlServerPrivateKeyVaultCredentialSettings.cs

@@ -0,0 +1,48 @@
+// ----------------------------------------------------------------------------------
+//
+// Copyright Microsoft Corporation
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// http://www.apache.org/licenses/LICENSE-2.0
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+// ----------------------------------------------------------------------------------
+
+using System.Security;
+
+namespace Microsoft.WindowsAzure.Commands.ServiceManagement.IaaS.Extensions
+{
+    /// <summary>
+    /// Autobackup settings to configure managed backup on SQL VM
+    /// </summary>
+    public class PrivateKeyVaultCredentialSettings
+    {
+        /// <summary>
+        /// Gets the azure key vault URL.
+        /// </summary>
+        /// <value>
+        /// The azure key vault URL for Credential Management.
+        /// </value>
+        public string AzureKeyVaultUrl { get; set; }
+
+        /// <summary>
+        /// Gets the name of the principal.
+        /// </summary>
+        /// <value>
+        /// The name of the service principal to access the Azure Key Vault.
+        /// </value>
+        public string ServicePrincipalName { get; set; }
+
+        /// <summary>
+        /// Gets the principal secret.
+        /// </summary>
+        /// <value>
+        /// The service principal secret to access the Azure Key Vault.
+        /// </value>
+        public string ServicePrincipalSecret { get; set; }
+    }
+}

src/ServiceManagement/Compute/Commands.ServiceManagement/IaaS/Extensions/SqlServer/AzureVMSqlServerPrivateSettings.cs

@@ -34,5 +34,11 @@ public class SqlServerPrivateSettings
         ///  Password required for certification when encryption is enabled
         /// </summary>
         public string Password;
+
+        /// <summary>
+        /// Azure Key Vault Credential settings
+        /// </summary>
+        public PrivateKeyVaultCredentialSettings PrivateKeyVaultCredentialSettings;
+
     }
 }

src/ServiceManagement/Compute/Commands.ServiceManagement/IaaS/Extensions/SqlServer/AzureVMSqlServerPublicAutoBackupSettings.cs

@@ -0,0 +1,39 @@
+// ----------------------------------------------------------------------------------
+//
+// Copyright Microsoft Corporation
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// http://www.apache.org/licenses/LICENSE-2.0
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+// ----------------------------------------------------------------------------------
+
+using System.Security;
+
+namespace Microsoft.WindowsAzure.Commands.ServiceManagement.IaaS.Extensions
+{
+    /// <summary>
+    /// Autobackup public settings to configure managed backup on SQL VM
+    /// </summary>
+    public class PublicAutoBackupSettings
+    {
+        /// <summary>
+        /// Defines if the Auto-backup feature is enabled or disabled
+        /// </summary>
+        public bool Enable { get; set; }
+
+        /// <summary>
+        /// Defines if backups will be encrypted or not
+        /// </summary>
+        public bool EnableEncryption { get; set; }
+
+        /// <summary>
+        /// Defines the number of days to keep the backups
+        /// </summary>
+        public int RetentionPeriod { get; set; }
+    }
+}

src/ServiceManagement/Compute/Commands.ServiceManagement/IaaS/Extensions/SqlServer/AzureVMSqlServerPublicKeyVaultCredentialSettings.cs

@@ -0,0 +1,34 @@
+// ----------------------------------------------------------------------------------
+//
+// Copyright Microsoft Corporation
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// http://www.apache.org/licenses/LICENSE-2.0
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+// ----------------------------------------------------------------------------------
+
+using System.Security;
+
+namespace Microsoft.WindowsAzure.Commands.ServiceManagement.IaaS.Extensions
+{
+    /// <summary>
+    /// Key Vault public settings to manage SQL VM credentials on configure Azure Key Vault
+    /// </summary>
+    public class PublicKeyVaultCredentialSettings
+    {
+        /// <summary>
+        /// Defines if the Key Vault Credentails feature is enabled or disabled
+        /// </summary>
+        public bool Enable { get; set; }
+
+        /// <summary>
+        /// Key Vault credentails name
+        /// </summary>
+        public string CredentialName { get; set; }
+    }
+}

src/ServiceManagement/Compute/Commands.ServiceManagement/IaaS/Extensions/SqlServer/AzureVMSqlServerPublicSettings.cs

@@ -27,11 +27,16 @@ public class SqlServerPublicSettings
         /// <summary>
         /// Auto-backup settings
         /// </summary>
-        public AutoBackupSettings AutoBackupSettings { get; set; }
+        public PublicAutoBackupSettings AutoBackupSettings { get; set; }
 
         /// <summary>
         /// Auto-telemetry settings
         /// </summary>
         public AutoTelemetrySettings AutoTelemetrySettings { get; set; }
+
+        /// <summary>
+        /// Azure Key Vault SQL Credentials settings
+        /// </summary>
+        public PublicKeyVaultCredentialSettings KeyVaultCredentialSettings { get; set; }
     }
 }

src/ServiceManagement/Compute/Commands.ServiceManagement/IaaS/Extensions/SqlServer/GetAzureVMSqlServerExtension.cs

@@ -42,6 +42,7 @@ public class GetAzureVMSqlServerExtensionCommand : VirtualMachineSqlServerExtens
         protected const string GetSqlServerExtensionParamSetName = "GetSqlServerExtension";
         protected const string AutoPatchingStatusMessageName = "Automated Patching";
         protected const string AutoBackupStatusMessageName = "Automated Backup";
+        protected const string KeyVaultCredentialStatusMessageName = "Key Vault Credential";
 
         internal void ExecuteCommand()
         {
@@ -59,7 +60,7 @@ internal void ExecuteCommand()
         protected override void ProcessRecord()
         {
             base.ProcessRecord();
-            ExecuteCommand();
+            this.ExecuteCommand();
         }
 
         /// <summary>
@@ -68,7 +69,7 @@ protected override void ProcessRecord()
         /// <returns></returns>
         private VirtualMachineSqlServerExtensionContext GetExtensionContext(ResourceExtensionReference r)
         {
-            string extensionName= VirtualMachineSqlServerExtensionCmdletBase.ExtensionPublishedNamespace + "."
+            string extensionName = VirtualMachineSqlServerExtensionCmdletBase.ExtensionPublishedNamespace + "."
                                + VirtualMachineSqlServerExtensionCmdletBase.ExtensionPublishedName;
 
             VirtualMachineSqlServerExtensionContext context = new VirtualMachineSqlServerExtensionContext
@@ -116,11 +117,14 @@ private VirtualMachineSqlServerExtensionContext GetExtensionContext(ResourceExte
                             {
                                 context.AutoPatchingSettings = DeSerializeAutoPatchingSettings(status.Name, formattedMessage);
                             }
-
-                            if (status.Name.Equals(AutoBackupStatusMessageName, System.StringComparison.InvariantCulture))
+                            else if (status.Name.Equals(AutoBackupStatusMessageName, System.StringComparison.InvariantCulture))
                             {
                                 context.AutoBackupSettings = DeSerializeAutoBackupSettings(status.Name, formattedMessage);
                             }
+                            else if (status.Name.Equals(KeyVaultCredentialStatusMessageName, System.StringComparison.InvariantCulture))
+                            {
+                                context.KeyVaultCredentialSettings = DeSerializeKeyVaultCredentialSettings(status.Name, formattedMessage);
+                            }
 
                             statusMessageList.Add(formattedMessage);
                         }
@@ -158,7 +162,7 @@ private VirtualMachineSqlServerExtensionContext GetExtensionContext(ResourceExte
                         NSM.DeploymentSlot.Production);
                 }
                 catch (CloudException e)
-                {  
+                {
                     if (e.Response.StatusCode != HttpStatusCode.NotFound)
                     {
                         throw;
@@ -212,13 +216,62 @@ private AutoPatchingSettings DeSerializeAutoPatchingSettings(string category, st
 
         private AutoBackupSettings DeSerializeAutoBackupSettings(string category, string input)
         {
-            AutoBackupSettings abs = new AutoBackupSettings();
+            AutoBackupSettings autoBackupSettings = new AutoBackupSettings();
 
             if (!string.IsNullOrEmpty(input))
             {
                 try
                 {
-                    abs = JsonConvert.DeserializeObject<AutoBackupSettings>(input);
+                    PublicAutoBackupSettings publicAutoBackupSettings = JsonConvert.DeserializeObject<PublicAutoBackupSettings>(input);
+
+                    if(publicAutoBackupSettings != null)
+                    {
+                        autoBackupSettings.Enable = publicAutoBackupSettings.Enable;
+                        autoBackupSettings.EnableEncryption = publicAutoBackupSettings.EnableEncryption;
+                        autoBackupSettings.RetentionPeriod = publicAutoBackupSettings.RetentionPeriod;
+                        autoBackupSettings.StorageAccessKey = "***";
+                        autoBackupSettings.StorageUrl = "***";
+
+                        if (autoBackupSettings.EnableEncryption)
+                        {
+                            autoBackupSettings.Password = "***";
+                        }
+                    }
+                }
+                catch (JsonReaderException jre)
+                {
+                    WriteVerboseWithTimestamp("Category:" + category);
+                    WriteVerboseWithTimestamp("Message:" + input);
+                    WriteVerboseWithTimestamp(jre.ToString());
+                }
+            }
+
+            return autoBackupSettings;
+        }
+
+        private KeyVaultCredentialSettings DeSerializeKeyVaultCredentialSettings(string category, string input)
+        {
+            KeyVaultCredentialSettings kvtSettings = new KeyVaultCredentialSettings();
+
+            if (!string.IsNullOrEmpty(input))
+            {
+                try
+                {
+                    // we only print the public settings
+                    PublicKeyVaultCredentialSettings publicSettings = JsonConvert.DeserializeObject<PublicKeyVaultCredentialSettings>(input);
+
+                    if (publicSettings != null)
+                    {
+                        kvtSettings.CredentialName = publicSettings.CredentialName;
+                        kvtSettings.Enable = publicSettings.Enable;
+
+                        if (kvtSettings.Enable)
+                        {
+                            kvtSettings.ServicePrincipalName = "***";
+                            kvtSettings.ServicePrincipalSecret = "***";
+                            kvtSettings.AzureKeyVaultUrl = "***";
+                        }
+                    }
                 }
                 catch (JsonReaderException jre)
                 {
@@ -228,7 +281,7 @@ private AutoBackupSettings DeSerializeAutoBackupSettings(string category, string
                 }
             }
 
-            return abs;
+            return kvtSettings;
         }
 
         /// <summary>