WinRM, CustomData, Secrets, SshKey, AddtionalUnattendContent

Set-AzureVMOperatiingSystem
New-AzureAdditionalUnattendContent
New-AzureSshPublicKey
New-AzureVaultCertificate
New-AzureVaultSecretGroup

Author: unknown

src/ResourceManager/Compute/Commands.Compute.Test/ScenarioTests/VirtualMachineProfileTests.ps1

@@ -66,21 +66,87 @@ function Test-VirtualMachineProfile
     Assert-AreEqual $p.StorageProfile.DataDisks[1].Lun 1;
     Assert-AreEqual $p.StorageProfile.DataDisks[1].VirtualHardDisk.Uri $dataDiskVhdUri2;
 
-    # OS
+    # Windows OS
     $user = "Foo12";
     $password = 'BaR@000' + ((Get-Random) % 10000);
     $securePassword = ConvertTo-SecureString $password -AsPlainText -Force;
     $cred = New-Object System.Management.Automation.PSCredential ($user, $securePassword);
     $computerName = 'test';
     $vhdContainer = "https://$stoname.blob.core.windows.net/test";
     $img = 'a699494373c04fc0bc8f2bb1389d6106__Windows-Server-2012-Datacenter-201503.01-en.us-127GB.vhd';
-    
-    $p = Set-AzureVMOperatingSystem -VM $p -Windows -ComputerName $computerName -Credential $cred;
+
+	$referenceUri = "/subscriptions/05cacd0c-6f9b-492e-b673-d8be41a7644f/resourceGroups/RgTest1/providers/Microsoft.KeyVault/vaults/TestVault123";
+	$certStore = "My";
+	$certUrl =  "https://testvault123.vault.azure.net/secrets/Test1/514ceb769c984379a7e0230bdd703272";
+	$vaultCert = New-AzureVaultCertificate -CertificateStore $certStore -CertificateUrl $certUrl;
+	$vaultSG = New-AzureVaultSecretGroup -ReferenceUri $referenceUri -VaultCertificates $vaultCert;
+
+	$aucSetting = "AutoLogon";
+	$aucContent = "<UserAccounts><AdministratorPassword><Value>p@ssw0rd</Value><PlainText>true</PlainText></AdministratorPassword></UserAccounts>";
+	$auc1 = New-AzureAdditionalUnattendContent -Content $aucContent -SettingName $aucSetting;
+	$auc2 = New-AzureAdditionalUnattendContent -Content $aucContent -SettingName $aucSetting;
+
+	$winRMCertUrl = "http://keyVaultName.vault.azure.net/secrets/secretName/secretVersion";
+	$timeZone = "Pacific Standard Time";
+	$custom = "echo 'Hello World'";
+	$encodedCustom = "ZWNobyAnSGVsbG8gV29ybGQn";
+
+    $p = Set-AzureVMOperatingSystem -VM $p -Windows -ComputerName $computerName -Credential $cred -CustomData $custom -Secrets $vaultSG -WinRMHttp -WinRMHttps -WinRMCertUrl $winRMCertUrl -ProvisionVMAgent -EnableAutoUpdate -TimeZone $timeZone -AdditionalUnattendContents $auc1,$auc2;
     $p = Set-AzureVMSourceImage -VM $p -Name $img -DestinationVhdsContainer $vhdContainer;
 
     Assert-AreEqual $p.OSProfile.AdminUsername $user;
     Assert-AreEqual $p.OSProfile.ComputerName $computerName;
     Assert-AreEqual $p.OSProfile.AdminPassword $password;
     Assert-AreEqual $p.StorageProfile.DestinationVhdsContainer.ToString() $vhdContainer;
     Assert-AreEqual $p.StorageProfile.SourceImage.ReferenceUri ('/' + (Get-AzureSubscription -Current).SubscriptionId + '/services/images/' + $img);
+	Assert-AreEqual $p.OSProfile.Secrets[0].SourceVault.ReferenceUri $referenceUri;
+	Assert-AreEqual $p.OSProfile.Secrets[0].VaultCertificates[0].CertificateStore $certStore;
+	Assert-AreEqual $p.OSProfile.Secrets[0].VaultCertificates[0].CertificateUrl $certUrl;
+	Assert-AreEqual $encodedCustom $p.OSProfile.CustomData;
+
+	# Verify WinRM
+	Assert-AreEqual $null $p.OSProfile.WindowsConfiguration.WinRMConfiguration.Listeners[0].CertificateUrl;
+    Assert-AreEqual "http" $p.OSProfile.WindowsConfiguration.WinRMConfiguration.Listeners[0].Protocol ;
+    Assert-AreEqual $winRMCertUrl $p.OSProfile.WindowsConfiguration.WinRMConfiguration.Listeners[1].CertificateUrl ;
+    Assert-AreEqual "https" $p.OSProfile.WindowsConfiguration.WinRMConfiguration.Listeners[1].Protocol ;
+
+	# Verify Windows Provisioning Setup
+	Assert-AreEqual $true $p.OSProfile.WindowsConfiguration.ProvisionVMAgent;
+	Assert-AreEqual $true $p.OSProfile.WindowsConfiguration.EnableAutomaticUpdates;
+	Assert-AreEqual $timeZone $p.OSProfile.WindowsConfiguration.TimeZone;
+
+	# Verify Additional Unattend Content
+	Assert-AreEqual "Microsoft-Windows-Shell-Setup" $p.OSProfile.WindowsConfiguration.AdditionalUnattendContents[0].ComponentName;
+	Assert-AreEqual $aucContent $p.OSProfile.WindowsConfiguration.AdditionalUnattendContents[0].Content;
+	Assert-AreEqual "oobeSystem" $p.OSProfile.WindowsConfiguration.AdditionalUnattendContents[0].PassName;
+	Assert-AreEqual $aucSetting $p.OSProfile.WindowsConfiguration.AdditionalUnattendContents[0].SettingName;
+	Assert-AreEqual "Microsoft-Windows-Shell-Setup" $p.OSProfile.WindowsConfiguration.AdditionalUnattendContents[1].ComponentName;
+	Assert-AreEqual $aucContent $p.OSProfile.WindowsConfiguration.AdditionalUnattendContents[1].Content;
+	Assert-AreEqual "oobeSystem" $p.OSProfile.WindowsConfiguration.AdditionalUnattendContents[1].PassName;
+	Assert-AreEqual $aucSetting $p.OSProfile.WindowsConfiguration.AdditionalUnattendContents[1].SettingName;
+
+	# Linux OS
+    $img = "b4590d9e3ed742e4a1d46e5424aa335e__SUSE-Linux-Enterprise-Server-11-SP3-v206";
+	$sshPath = "/home/pstestuser/.ssh/authorized_keys";
+	$sshPublicKey = "MIIDszCCApugAwIBAgIJALBV9YJCF/tAMA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV";
+
+	$sshKey = New-AzureSshPublicKey -KeyData $sshPublicKey -Path $sshPath;
+
+    $p = Set-AzureVMOperatingSystem -VM $p -Linux -ComputerName $computerName -Credential $cred -CustomData $custom -Secrets $vaultSG -SSHPublicKeys $sshKey -DisablePasswordAuthentication;
+    $p = Set-AzureVMSourceImage -VM $p -Name $img -DestinationVhdsContainer $vhdContainer;
+
+    Assert-AreEqual $p.OSProfile.AdminUsername $user;
+    Assert-AreEqual $p.OSProfile.ComputerName $computerName;
+    Assert-AreEqual $p.OSProfile.AdminPassword $password;
+    Assert-AreEqual $p.StorageProfile.DestinationVhdsContainer.ToString() $vhdContainer;
+    Assert-AreEqual $p.StorageProfile.SourceImage.ReferenceUri ('/' + (Get-AzureSubscription -Current).SubscriptionId + '/services/images/' + $img);
+	Assert-AreEqual $p.OSProfile.Secrets[0].SourceVault.ReferenceUri $referenceUri;
+	Assert-AreEqual $p.OSProfile.Secrets[0].VaultCertificates[0].CertificateStore $certStore;
+	Assert-AreEqual $p.OSProfile.Secrets[0].VaultCertificates[0].CertificateUrl $certUrl;
+	Assert-AreEqual $encodedCustom $p.OSProfile.CustomData;
+
+	# Verify SSH configuration
+	Assert-AreEqual $sshPublicKey $p.OSProfile.LinuxConfiguration.SshConfiguration.PublicKeys[0].KeyData;
+	Assert-AreEqual $sshPath $p.OSProfile.LinuxConfiguration.SshConfiguration.PublicKeys[0].Path;
+	Assert-AreEqual $true $p.OSProfile.LinuxConfiguration.DisablePasswordAuthentication
 }

src/ResourceManager/Compute/Commands.Compute/Commands.Compute.csproj

@@ -151,6 +151,10 @@
     <Compile Include="VirtualMachineSizes\VirtualMachineSizeBaseCmdlet.cs" />
     <Compile Include="VirtualMachine\Action\SaveAzureVMImageCommand.cs" />
     <Compile Include="VirtualMachine\Action\SetAzureVMCommand.cs" />
+    <Compile Include="VirtualMachine\Config\NewAzureAdditionalUnattendContentCommand.cs" />
+    <Compile Include="VirtualMachine\Config\NewAzureSshPublicKeyCommand.cs" />
+    <Compile Include="VirtualMachine\Config\NewAzureVaultCertificateCommand.cs" />
+    <Compile Include="VirtualMachine\Config\NewAzureVaultSecretGroupCommand.cs" />
     <Compile Include="VirtualMachine\Config\RemoveAzureVMDataDiskCommand.cs" />
     <Compile Include="VirtualMachine\Config\SetAzureVMSourceImage.cs" />
     <Compile Include="VirtualMachine\Config\SetAzureVMOSDiskCommand.cs" />

src/ResourceManager/Compute/Commands.Compute/Common/ConstantStringTypes.cs

@@ -72,5 +72,10 @@ public static class ProfileNouns
         public const string VirtualMachineSize = "AzureVMSize";
 
         public const string VirtualMachineImage = "AzureVMImage";
+
+        public const string SshPublicKey = "AzureSshPublicKey";
+        public const string AdditionalUnattendContent = "AzureAdditionalUnattendContent";
+        public const string VaultCertificate = "AzureVaultCertificate";
+        public const string VaultSecretGroup = "AzureVaultSecretGroup";
     }
 }

src/ResourceManager/Compute/Commands.Compute/VirtualMachine/Config/NewAzureAdditionalUnattendContentCommand.cs

@@ -0,0 +1,76 @@
+// ----------------------------------------------------------------------------------
+//
+// Copyright Microsoft Corporation
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// http://www.apache.org/licenses/LICENSE-2.0
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+// ----------------------------------------------------------------------------------
+
+using Microsoft.Azure.Commands.Compute.Common;
+using Microsoft.Azure.Management.Compute.Models;
+using Microsoft.WindowsAzure.Commands.Utilities.Common;
+using System.Management.Automation;
+
+namespace Microsoft.Azure.Commands.Compute
+{
+    /// <summary>
+    /// Create Additional Unattend Content Object
+    /// </summary>
+    [Cmdlet(
+        VerbsCommon.New,
+        ProfileNouns.AdditionalUnattendContent),
+    OutputType(
+        typeof(AdditionalUnattendContent))]
+    public class NewAzureAdditionalUnattendContentCommand : AzurePSCmdlet
+    {
+        private const string defaultComponentName = "Microsoft-Windows-Shell-Setup";
+        private const string defaultPassName = "oobeSystem";
+
+        [Parameter(
+            DontShow = true, // Currently, the only allowable value is 'Microsoft-Windows-Shell-Setup'.
+            Position = 0,
+            ValueFromPipelineByPropertyName = true,
+            HelpMessage = "Component Name.")]
+        [ValidateNotNullOrEmpty]
+        public string ComponentName { get; set; }
+
+        [Parameter(
+            Position = 1,
+            ValueFromPipelineByPropertyName = true,
+            HelpMessage = "XML Formatted Content.")]
+        [ValidateNotNullOrEmpty]
+        public string Content { get; set; }
+
+        [Parameter(
+            DontShow = true, // Currently, the only allowable value is 'oobeSystem'.
+            Position = 2,
+            ValueFromPipelineByPropertyName = true,
+            HelpMessage = "Pass name")]
+        [ValidateNotNullOrEmpty]
+        public string PassName { get; set; }
+
+        [Parameter(
+            Position = 3,
+            ValueFromPipelineByPropertyName = true,
+            HelpMessage = "Setting Name.")]
+        [ValidateNotNullOrEmpty]
+        public string SettingName { get; set; }
+
+        public override void ExecuteCmdlet()
+        {
+            WriteObject(new AdditionalUnattendContent
+            {
+                ComponentName = defaultComponentName,
+                Content = this.Content,
+                PassName = defaultPassName,
+                SettingName = this.SettingName,
+            });
+        }
+    }
+}

src/ResourceManager/Compute/Commands.Compute/VirtualMachine/Config/NewAzureSshPublicKeyCommand.cs

@@ -0,0 +1,55 @@
+// ----------------------------------------------------------------------------------
+//
+// Copyright Microsoft Corporation
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// http://www.apache.org/licenses/LICENSE-2.0
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+// ----------------------------------------------------------------------------------
+
+using Microsoft.Azure.Commands.Compute.Common;
+using Microsoft.Azure.Management.Compute.Models;
+using Microsoft.WindowsAzure.Commands.Utilities.Common;
+using System.Management.Automation;
+
+namespace Microsoft.Azure.Commands.Compute
+{
+    /// <summary>
+    /// Create Ssh Public Key object
+    /// </summary>
+    [Cmdlet(
+        VerbsCommon.New,
+        ProfileNouns.SshPublicKey),
+    OutputType(
+        typeof(SshPublicKey))]
+    public class NewAzureSshPublicKeyCommand : AzurePSCmdlet
+    {
+        [Parameter(
+            Position = 0,
+            ValueFromPipelineByPropertyName = true,
+            HelpMessage = "Certificate Public Key")]
+        [ValidateNotNullOrEmpty]
+        public string KeyData { get; set; }
+
+        [Parameter(
+            Position = 1,
+            ValueFromPipelineByPropertyName = true,
+            HelpMessage = "Full Path on VM where SSH Public Key is Stored.")]
+        [ValidateNotNullOrEmpty]
+        public string Path { get; set; }
+
+        public override void ExecuteCmdlet()
+        {
+            WriteObject(new SshPublicKey
+            {
+                KeyData = this.KeyData,
+                Path = this.Path,
+            });
+        }
+    }
+}

src/ResourceManager/Compute/Commands.Compute/VirtualMachine/Config/NewAzureVaultCertificateCommand.cs

@@ -0,0 +1,55 @@
+// ----------------------------------------------------------------------------------
+//
+// Copyright Microsoft Corporation
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// http://www.apache.org/licenses/LICENSE-2.0
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+// ----------------------------------------------------------------------------------
+
+using Microsoft.Azure.Commands.Compute.Common;
+using Microsoft.Azure.Management.Compute.Models;
+using Microsoft.WindowsAzure.Commands.Utilities.Common;
+using System.Management.Automation;
+
+namespace Microsoft.Azure.Commands.Compute
+{
+    /// <summary>
+    /// Create Vault Certificate object
+    /// </summary>
+    [Cmdlet(
+        VerbsCommon.New,
+        ProfileNouns.VaultCertificate),
+    OutputType(
+        typeof(VaultCertificate))]
+    public class NewAzureVaultCertificateCommand : AzurePSCmdlet
+    {
+        [Parameter(
+            Position = 0,
+            ValueFromPipelineByPropertyName = true,
+            HelpMessage = "Certificate store in LocalMachine")]
+        [ValidateNotNullOrEmpty]
+        public string CertificateStore { get; set; }
+
+        [Parameter(
+            Position = 1,
+            ValueFromPipelineByPropertyName = true,
+            HelpMessage = "URL referencing a secret in a Key Vault.")]
+        [ValidateNotNullOrEmpty]
+        public string CertificateUrl { get; set; }
+
+        public override void ExecuteCmdlet()
+        {
+            WriteObject(new VaultCertificate
+            {
+                CertificateStore = this.CertificateStore,
+                CertificateUrl = this.CertificateUrl,
+            });
+        }
+    }
+}

src/ResourceManager/Compute/Commands.Compute/VirtualMachine/Config/NewAzureVaultSecretGroupCommand.cs

@@ -0,0 +1,56 @@
+// ----------------------------------------------------------------------------------
+//
+// Copyright Microsoft Corporation
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// http://www.apache.org/licenses/LICENSE-2.0
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+// ----------------------------------------------------------------------------------
+
+using Microsoft.Azure.Commands.Compute.Common;
+using Microsoft.Azure.Management.Compute.Models;
+using Microsoft.WindowsAzure.Commands.Utilities.Common;
+using System.Management.Automation;
+using System.Collections.Generic;
+
+namespace Microsoft.Azure.Commands.Compute
+{
+    /// <summary>
+    /// Create Vault Secret Group object
+    /// </summary>
+    [Cmdlet(
+        VerbsCommon.New,
+        ProfileNouns.VaultSecretGroup),
+    OutputType(
+        typeof(VaultSecretGroup))]
+    public class NewAzureVaultSecretGroupCommand : AzurePSCmdlet
+    {
+        [Parameter(
+            Position = 0,
+            ValueFromPipelineByPropertyName = true,
+            HelpMessage = "Certificate store in LocalMachine")]
+        [ValidateNotNullOrEmpty]
+        public string ReferenceUri { get; set; }
+
+        [Parameter(
+            Position = 1,
+            ValueFromPipelineByPropertyName = true,
+            HelpMessage = "URL referencing a secret in a Key Vault.")]
+        [ValidateNotNullOrEmpty]
+        public List<VaultCertificate> VaultCertificates { get; set; }
+
+        public override void ExecuteCmdlet()
+        {
+            WriteObject(new VaultSecretGroup
+            {
+                SourceVault = new SourceVaultReference { ReferenceUri = this.ReferenceUri },
+                VaultCertificates = this.VaultCertificates,
+            });
+        }
+    }
+}