Merge pull request Azure#10125 from Jyotsna-Anand/jyanand-vimish-ps

ADE - Remove QueryEncryptionStatus & honor different publisher, type and name

Author: msJinLei

src/Compute/Compute.Test/ScenarioTests/VirtualMachineExtensionTests.cs

@@ -113,6 +113,13 @@ public void TestAzureDiskEncryptionExtensionSinglePassDisableAndRemove()
             TestRunner.RunTestScript("Test-AzureDiskEncryptionExtensionSinglePassDisableAndRemove");
         }
 
+        [Fact]
+        [Trait(Category.AcceptanceType, Category.CheckIn)]
+        public void TestAzureDiskEncryptionExtensionSinglePassEnableAndDisableWithNonDefaultParams()
+        {
+            TestRunner.RunTestScript("Test-AzureDiskEncryptionExtensionSinglePassEnableAndDisableWithNonDefaultParams");
+        }
+
         [Fact]
         [Trait(Category.AcceptanceType, Category.CheckIn)]
         public void TestVirtualMachineBginfoExtension()

src/Compute/Compute.Test/ScenarioTests/VirtualMachineExtensionTests.ps1

@@ -1250,6 +1250,60 @@ function Test-AzureDiskEncryptionExtensionSinglePassDisableAndRemove
 	}
 }
 
+<#
+.SYNOPSIS
+Test the Set-AzVMDiskEncryptionExtension single pass enable and disable scenario with non default parameters
+#>
+function Test-AzureDiskEncryptionExtensionSinglePassEnableAndDisableWithNonDefaultParams
+{
+	$resourceGroupName = Get-ComputeTestResourceName
+	try
+	{
+		# create virtual machine and key vault prerequisites
+		$vm = Create-VirtualMachine $resourceGroupName
+		$kv = Create-KeyVault $vm.ResourceGroupName $vm.Location
+
+		$extensionPublisher = "Microsoft.Azure.Security.Edp";
+		$extensionName = "MyExtension";
+
+		# enable encryption with single pass syntax (omits AD parameters)
+		Set-AzVMDiskEncryptionExtension `
+			-ResourceGroupName $vm.ResourceGroupName `
+			-VMName $vm.Name `
+			-DiskEncryptionKeyVaultUrl $kv.DiskEncryptionKeyVaultUrl `
+			-DiskEncryptionKeyVaultId $kv.DiskEncryptionKeyVaultId `
+			-ExtensionPublisherName $extensionPublisher `
+			-ExtensionName $extensionName `
+			-Force
+
+		# verify encryption state
+		$status = Get-AzVmDiskEncryptionStatus -ResourceGroupName $vm.ResourceGroupName -VMName $vm.Name -ExtensionPublisherName $extensionPublisher -ExtensionName $extensionName
+		Assert-NotNull $status
+		Assert-AreEqual $status.OsVolumeEncrypted Encrypted
+		Assert-AreEqual $status.DataVolumesEncrypted Encrypted
+
+		# verify encryption settings
+		$settings = $status.OsVolumeEncryptionSettings
+		Assert-NotNull $settings
+		Assert-NotNull $settings.DiskEncryptionKey.SecretUrl
+		Assert-AreEqual $settings.DiskEncryptionKey.SourceVault.Id $kv.DiskEncryptionKeyVaultId
+
+		# disable encryption
+		$status = Disable-AzVmDiskEncryption -ResourceGroupName $vm.ResourceGroupName -VMName $vm.Name -ExtensionPublisherName $extensionPublisher -ExtensionName $extensionName -Force
+		Assert-NotNull $status
+
+		# verify encryption state
+		$status = Get-AzVmDiskEncryptionStatus -ResourceGroupName $vm.ResourceGroupName -VMName $vm.Name -ExtensionPublisherName $extensionPublisher -ExtensionName $extensionName
+		Assert-NotNull $status
+		Assert-AreEqual $status.OsVolumeEncrypted NotEncrypted
+		Assert-AreEqual $status.DataVolumesEncrypted NotEncrypted
+	}
+	finally
+	{
+		Clean-ResourceGroup($resourceGroupName)
+	}
+}
+
 <#
 .SYNOPSIS
 Test AzureDiskEncryption extension

src/Compute/Compute.Test/SessionRecords/Microsoft.Azure.Commands.Compute.Test.ScenarioTests.VirtualMachineExtensionTests/TestAzureDiskEncryptionExtensionSinglePassEnableAndDisableWithNonDefaultParams.json

@@ -30,6 +30,7 @@
 * Fix the null exception for Get-AzRemoteDesktopFile.
 * Fix VHD Seek method for end-relative position.
 * Fix UltraSSD issue for New-AzVM and Update-AzVM.
+* Fix code to allow non default extension publisher, type and name for Get-AzVMDiskEncryptionStatus
 
 ## Version 2.5.0
 * Add VmssId to New-AzVMConfig cmdlet

src/Compute/Compute/ChangeLog.md

@@ -340,12 +340,12 @@ private VirtualMachineExtensionInstanceView FindEncryptionExtensionInstanceView(
             switch(vm.StorageProfile.OsDisk.OsType)
             {
                 case OperatingSystemTypes.Linux:
-                    extensionPublisher = AzureDiskEncryptionExtensionContext.LinuxExtensionDefaultPublisher;
-                    extensionName = AzureDiskEncryptionExtensionContext.LinuxExtensionDefaultName;
+                    extensionPublisher = this.ExtensionPublisherName ?? AzureDiskEncryptionExtensionContext.LinuxExtensionDefaultPublisher;
+                    extensionName = this.Name ?? AzureDiskEncryptionExtensionContext.LinuxExtensionDefaultName;
                     break;
                 case OperatingSystemTypes.Windows:
-                    extensionPublisher = AzureDiskEncryptionExtensionContext.ExtensionDefaultPublisher;
-                    extensionName = AzureDiskEncryptionExtensionContext.ExtensionDefaultName;
+                    extensionPublisher = this.ExtensionPublisherName ?? AzureDiskEncryptionExtensionContext.ExtensionDefaultPublisher;
+                    extensionName = this.Name ?? AzureDiskEncryptionExtensionContext.ExtensionDefaultName;
                     break;
             }
 
@@ -373,12 +373,12 @@ private VirtualMachineExtension FindEncryptionExtension(VirtualMachine vm)
             switch(vm.StorageProfile.OsDisk.OsType)
             {
                 case OperatingSystemTypes.Linux:
-                    extensionPublisher = AzureDiskEncryptionExtensionContext.LinuxExtensionDefaultPublisher;
-                    extensionType = AzureDiskEncryptionExtensionContext.LinuxExtensionDefaultType;
+                    extensionPublisher = this.ExtensionPublisherName ?? AzureDiskEncryptionExtensionContext.LinuxExtensionDefaultPublisher;
+                    extensionType = this.ExtensionType ?? AzureDiskEncryptionExtensionContext.LinuxExtensionDefaultType;
                     break;
                 case OperatingSystemTypes.Windows:
-                    extensionPublisher = AzureDiskEncryptionExtensionContext.ExtensionDefaultPublisher;
-                    extensionType = AzureDiskEncryptionExtensionContext.ExtensionDefaultType;
+                    extensionPublisher = this.ExtensionPublisherName ?? AzureDiskEncryptionExtensionContext.ExtensionDefaultPublisher;
+                    extensionType = this.ExtensionType ?? AzureDiskEncryptionExtensionContext.ExtensionDefaultType;
                     break;
             }
 
@@ -518,16 +518,6 @@ private AzureDiskEncryptionStatusContext getStatusDualPass(VirtualMachine vm)
                     };
                     break;
                 case OperatingSystemTypes.Linux:
-                    if (!this.IsExtensionInstalled(vm) && this.isVMRunning(vm))
-                    {
-                        VirtualMachineExtension parameters = GetDualPassQueryVmExtensionParameters(vm);
-
-                        this.VirtualMachineExtensionClient.CreateOrUpdateWithHttpMessagesAsync(
-                            this.ResourceGroupName,
-                            this.VMName,
-                            this.Name,
-                            parameters).GetAwaiter().GetResult();
-                    }
 
                     Dictionary<string, string> encryptionStatusParsed = null;
                     try

src/Compute/Compute/Extension/AzureDiskEncryption/GetAzureDiskEncryptionStatus.cs

@@ -868,6 +868,10 @@
     {
       "file": "src\\Sql\\Sql.Test\\SessionRecords\\Microsoft.Azure.Commands.Sql.Test.ScenarioTests.VulnerabilityAssessmentMiTests\\VulnerabilityAssessmentManagedDatabaseSettingsTest.json",
       "_justification": "Legitimate test session record - the resources are being deleted after the test run in Record mode."
+    },
+    {
+      "file": "src\\Compute\\Compute.Test\\SessionRecords\\Microsoft.Azure.Commands.Compute.Test.ScenarioTests.VirtualMachineExtensionTests\\TestAzureDiskEncryptionExtensionSinglePassEnableAndDisableWithNonDefaultParams.json",
+      "_justification": "Generated test resource group, deleted after test execution"
     }
   ]
 }