Skip to content

Commit 267a55b

Browse files
vermashivermashi
committed
modified test to check update functionality
1 parent c1deefd commit 267a55b

File tree

1 file changed

+17
-2
lines changed

1 file changed

+17
-2
lines changed

src/ResourceManager/Compute/Commands.Compute.Test/ScenarioTests/VirtualMachineExtensionTests.ps1

Lines changed: 17 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1044,18 +1044,19 @@ function Test-AzureDiskEncryptionExtension
10441044

10451045
#KeyVault config variables
10461046
$vaultName = "detestvault";
1047+
$vault2Name = "detestvault2";
10471048
$kekName = "dstestkek";
10481049

10491050
#VM config variables
10501051
$vmName = "detestvm";
1051-
$vmsize = 'Standard_D2';
1052+
$vmsize = 'Standard_DS2';
10521053
$imagePublisher = "MicrosoftWindowsServer";
10531054
$imageOffer = "WindowsServer";
10541055
$imageSku ="2012-R2-Datacenter";
10551056

10561057
#Storage config variables
10571058
$storageAccountName = "deteststore";
1058-
$stotype = 'Standard_LRS';
1059+
$stotype = 'Premium_LRS';
10591060
$vhdContainerName = "vhds";
10601061
$osDiskName = 'osdisk' + $vmName;
10611062
$dataDiskName = 'datadisk' + $vmName;
@@ -1117,6 +1118,17 @@ function Test-AzureDiskEncryptionExtension
11171118
$keyVaultResourceId = $keyVault.ResourceId;
11181119
$keyEncryptionKeyUrl = $kek.Key.kid;
11191120

1121+
# Create the 2nd key vault
1122+
$keyVault2 = New-AzureRmKeyVault -VaultName $vault2Name -ResourceGroupName $rgname -Location $loc -Sku standard;
1123+
$keyVault2 = Get-AzureRmKeyVault -VaultName $vault2Name -ResourceGroupName $rgname
1124+
#set enabledForDiskEncryption
1125+
Set-AzureRmKeyVaultAccessPolicy -VaultName $vault2Name -ResourceGroupName $rgname -EnabledForDiskEncryption;
1126+
#set permissions to AAD app to write secrets and keys
1127+
Set-AzureRmKeyVaultAccessPolicy -VaultName $vault2Name -ServicePrincipalName $aadClientID -PermissionsToKeys all -PermissionsToSecrets all
1128+
1129+
$diskEncryptionKeyVaultUrl2 = $keyVault2.VaultUri;
1130+
$keyVaultResourceId2 = $keyVault2.ResourceId;
1131+
11201132
# VM Profile & Hardware
11211133
$p = New-AzureRmVMConfig -VMName $vmname -VMSize $vmsize;
11221134

@@ -1169,6 +1181,9 @@ function Test-AzureDiskEncryptionExtension
11691181
Assert-NotNull $OsVolumeEncryptionSettings.DiskEncryptionKey.SecretUrl;
11701182
Assert-NotNull $OsVolumeEncryptionSettings.DiskEncryptionKey.SourceVault;
11711183

1184+
# Change settings on the VM
1185+
Set-AzureRmVMDiskEncryptionExtension -ResourceGroupName $rgname -VMName $vmName -AadClientID $aadClientID -AadClientSecret $aadClientSecret -DiskEncryptionKeyVaultUrl $diskEncryptionKeyVaultUrl2 -DiskEncryptionKeyVaultId $keyVaultResourceId2 -KeyEncryptionKeyUrl $keyEncryptionKeyUrl -KeyEncryptionKeyVaultId $keyVaultResourceId -Force;
1186+
11721187
#Add a couple of data volumes to encrypt them
11731188
$p = Add-AzureRmVMDataDisk -VM $p -Name $extraDataDiskName1 -Caching 'ReadOnly' -DiskSizeInGB 2 -Lun 1 -VhdUri $dataDiskVhdUri -CreateOption Empty;
11741189
$p = Add-AzureRmVMDataDisk -VM $p -Name $extraDataDiskName2 -Caching 'ReadOnly' -DiskSizeInGB 2 -Lun 1 -VhdUri $dataDiskVhdUri -CreateOption Empty;

0 commit comments

Comments
 (0)