@@ -824,26 +824,30 @@ function Test-NetworkRuleSet
824824 $rg = New-AzureRmResourceGroup - Name $resourceGroupName - Location $resourceGroupLocation
825825 $vault = New-AzureRmKeyVault - VaultName $vaultName - ResourceGroupName $resourceGroupName - Location $vaultLocation
826826
827- $frontendSubnet = New-AzureRmVirtualNetworkSubnetConfig - Name frontendSubnet - AddressPrefix " 10.0.1.0/24"
827+ $frontendSubnet = New-AzureRmVirtualNetworkSubnetConfig - Name frontendSubnet - AddressPrefix " 10.0.1.0/24" - ServiceEndpoint Microsoft.KeyVault
828828 $virtualNetwork = New-AzureRmVirtualNetwork - Name $virtualNetworkName - ResourceGroupName $resourceGroupName - Location $virtualNetworkLocation - AddressPrefix " 10.0.0.0/16" - Subnet $frontendSubnet
829829
830830 $myNetworkResId = (Get-AzureRmVirtualNetwork - Name $virtualNetworkName - ResourceGroupName $resourceGroupName ).Subnets[0 ].Id
831- $networkRule = Add-AzureRmKeyVaultNetworkRule - VaultName $vaultName - IpAddressRange " 10.0.1.0/24" - VirtualNetworkResourceId $myNetworkResId
831+ Add-AzureRmKeyVaultNetworkRule - VaultName $vaultName - IpAddressRange " 10.0.1.0/24" - VirtualNetworkResourceId $myNetworkResId
832832 $vault = Get-AzureRmKeyVault - ResourceGroupName $resourceGroupName - Name $vaultName
833- Assert-AreEqual $vault.NetworkAcls.Count () 1
834- Assert-AreEqual $vault.NetworkAcls.First () $networkRule
835- Assert-AreEqual $networkRule.IpAddressRanges.Count () 1
836- Assert-AreEqual $networkRule.IpAddressRanges.First () " 10.0.1.0/24"
837- Assert-AreEqual $networkRule.VirtualNetworkResourceIds.Count () 1
838- Assert-AreEqual $networkRule.VirtualNetworkResourceIds.First () " 10.0.1.0/24"
839-
840- $networkRule = Update-AzureRmKeyVaultNetworkRuleSet - VaultName $vaultName - ResourceGroupName $resourceGroupName - Bypass AzureServices - DefaultAction Allow - IpAddressRange " 10.0.0.1/26" - VirtualNetworkResourceId $myNetworkResId - PassThru
841- Assert-AreEqual $networkRule.Bypass.toString () " AzureServices"
842- Assert-AreEqual $networkRule.DefaultAction.toString () " Allow"
843-
844- Remove-AzureRmKeyVaultNetworkRuleSet - VaultName $vaultName - ResourceGroupName $resourceGroupName - IpAddressRange " 10.0.0.1/26" - VirtualNetworkResourceId $myNetworkResId
833+ Assert-AreEqual $vault.NetworkAcls.IpAddressRanges.Count 1
834+ Assert-AreEqual $vault.NetworkAcls.IpAddressRanges [0 ] " 10.0.1.0/24"
835+ Assert-AreEqual $vault.NetworkAcls.VirtualNetworkResourceIds.Count 1
836+ Assert-AreEqual $vault.NetworkAcls.VirtualNetworkResourceIds [0 ] $myNetworkResId
837+ Assert-AreEqual $vault.NetworkAcls.Bypass.toString () " AzureServices"
838+ Assert-AreEqual $vault.NetworkAcls.DefaultAction.toString () " Allow"
839+
840+ $networkRule = Update-AzureRmKeyVaultNetworkRuleSet - VaultName $vaultName - ResourceGroupName $resourceGroupName - Bypass None - DefaultAction Deny - PassThru
841+ Assert-AreEqual $networkRule.NetworkAcls.Bypass.toString () " None"
842+ Assert-AreEqual $networkRule.NetworkAcls.DefaultAction.toString () " Deny"
845843 $vault = Get-AzureRmKeyVault - ResourceGroupName $resourceGroupName - Name $vaultName
846- Assert-AreEqual $vault.NetworkAcls.Count () 0
844+ Assert-AreEqual $vault.NetworkAcls.Bypass.toString () " None"
845+ Assert-AreEqual $vault.NetworkAcls.DefaultAction.toString () " Deny"
846+
847+ Remove-AzureRmKeyVaultNetworkRule - VaultName $vaultName - ResourceGroupName $resourceGroupName - IpAddressRange " 10.0.1.0/24" - VirtualNetworkResourceId $myNetworkResId
848+ $vault = Get-AzureRmKeyVault - ResourceGroupName $resourceGroupName - Name $vaultName
849+ Assert-AreEqual $vault.NetworkAcls.IpAddressRanges.Count 0
850+ Assert-AreEqual $vault.NetworkAcls.VirtualNetworkResourceIds.Count 0
847851 }
848852 finally
849853 {
0 commit comments