From 97dd1907670ac22c09e4f861220071d98f2cc735 Mon Sep 17 00:00:00 2001
From: Fuming Zhang <fumingzhang@microsoft.com>
Date: Tue, 26 Jul 2022 10:14:29 +0800
Subject: [PATCH 1/7] add defender related test cases back

---
 .../azcli_aks_live_test/configs/cli_matrix_default.json       | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/src/aks-preview/azcli_aks_live_test/configs/cli_matrix_default.json b/src/aks-preview/azcli_aks_live_test/configs/cli_matrix_default.json
index b6b4b2045d8..b2b69857051 100644
--- a/src/aks-preview/azcli_aks_live_test/configs/cli_matrix_default.json
+++ b/src/aks-preview/azcli_aks_live_test/configs/cli_matrix_default.json
@@ -14,9 +14,7 @@
             "test_aks_create_with_monitoring_aad_auth_msi",
             "test_aks_create_with_monitoring_aad_auth_uai",
             "test_aks_enable_monitoring_with_aad_auth_msi",
-            "test_aks_enable_monitoring_with_aad_auth_uai",
-            "test_aks_create_with_defender",
-            "test_aks_update_with_defender"
+            "test_aks_enable_monitoring_with_aad_auth_uai"
         ]
     }
 }
\ No newline at end of file

From eb065bb6bcad9eb865f0e193e4a44f06d6dd65f2 Mon Sep 17 00:00:00 2001
From: Fuming Zhang <fumingzhang@microsoft.com>
Date: Tue, 26 Jul 2022 10:31:55 +0800
Subject: [PATCH 2/7] add test_aks_nodepool_add_with_ossku back

---
 .../azcli_aks_live_test/configs/cli_matrix_default.json        | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/src/aks-preview/azcli_aks_live_test/configs/cli_matrix_default.json b/src/aks-preview/azcli_aks_live_test/configs/cli_matrix_default.json
index b2b69857051..0d05c492181 100644
--- a/src/aks-preview/azcli_aks_live_test/configs/cli_matrix_default.json
+++ b/src/aks-preview/azcli_aks_live_test/configs/cli_matrix_default.json
@@ -5,9 +5,6 @@
         ]
     },
     "exclude": {
-        "compatibility issue": [
-            "test_aks_nodepool_add_with_ossku"
-        ],
         "need feature registration": [
             "test_aks_create_enable_encryption",
             "test_aks_create_edge_zone",

From 99feedb3f08c03ba51891e02a803f2342b4667ce Mon Sep 17 00:00:00 2001
From: Fuming Zhang <fumingzhang@microsoft.com>
Date: Tue, 26 Jul 2022 11:46:47 +0800
Subject: [PATCH 3/7] update test matrix

---
 .../configs/cli_matrix_default.json            |  4 +++-
 .../configs/ext_matrix_default.json            | 18 ++++++++++++------
 2 files changed, 15 insertions(+), 7 deletions(-)

diff --git a/src/aks-preview/azcli_aks_live_test/configs/cli_matrix_default.json b/src/aks-preview/azcli_aks_live_test/configs/cli_matrix_default.json
index 0d05c492181..c38218e7a11 100644
--- a/src/aks-preview/azcli_aks_live_test/configs/cli_matrix_default.json
+++ b/src/aks-preview/azcli_aks_live_test/configs/cli_matrix_default.json
@@ -7,7 +7,9 @@
     "exclude": {
         "need feature registration": [
             "test_aks_create_enable_encryption",
-            "test_aks_create_edge_zone",
+            "test_aks_create_edge_zone"
+        ],
+        "need namespace registration (AME)": [
             "test_aks_create_with_monitoring_aad_auth_msi",
             "test_aks_create_with_monitoring_aad_auth_uai",
             "test_aks_enable_monitoring_with_aad_auth_msi",
diff --git a/src/aks-preview/azcli_aks_live_test/configs/ext_matrix_default.json b/src/aks-preview/azcli_aks_live_test/configs/ext_matrix_default.json
index 99724539e38..1a9bc7674e5 100644
--- a/src/aks-preview/azcli_aks_live_test/configs/ext_matrix_default.json
+++ b/src/aks-preview/azcli_aks_live_test/configs/ext_matrix_default.json
@@ -16,10 +16,6 @@
             "test_aks_create_with_pod_identity_enabled",
             "test_aks_create_using_azurecni_with_pod_identity_enabled",
             "test_aks_pod_identity_usage",
-            "test_aks_create_with_monitoring_aad_auth_msi",
-            "test_aks_create_with_monitoring_aad_auth_uai",
-            "test_aks_enable_monitoring_with_aad_auth_msi",
-            "test_aks_enable_monitoring_with_aad_auth_uai",
             "test_aks_nodepool_add_with_workload_runtime",
             "test_aks_nodepool_add_with_gpu_instance_profile",
             "test_aks_create_with_crg_id",
@@ -29,9 +25,19 @@
             "test_list_trustedaccess_roles",
             "test_aks_custom_ca_trust_flow",
             "test_aks_create_with_csi_driver_v2",
-            "test_aks_create_and_update_csi_driver_to_v2",
+            "test_aks_create_and_update_csi_driver_to_v2"
+        ],
+        "toggle": [
             "test_aks_create_with_azurekeyvaultkms_private_key_vault",
-            "test_aks_update_with_azurekeyvaultkms_private_key_vault"
+            "test_aks_update_with_azurekeyvaultkms_private_key_vault",
+            "test_aks_create_with_azurekeyvaultkms_public_key_vault",
+            "test_aks_create_with_azurekeyvaultkms_private_cluster_v1_private_key_vault"
+        ],
+        "need namespace registration (AME)": [
+            "test_aks_create_with_monitoring_aad_auth_msi",
+            "test_aks_create_with_monitoring_aad_auth_uai",
+            "test_aks_enable_monitoring_with_aad_auth_msi",
+            "test_aks_enable_monitoring_with_aad_auth_uai"
         ]
     }
 }
\ No newline at end of file

From d300fbf5e13d35b93252f899691ef7b64b7b44cb Mon Sep 17 00:00:00 2001
From: Fuming Zhang <fumingzhang@microsoft.com>
Date: Tue, 26 Jul 2022 11:46:58 +0800
Subject: [PATCH 4/7] fix TA test case

---
 .../azext_aks_preview/tests/latest/test_aks_commands.py       | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/src/aks-preview/azext_aks_preview/tests/latest/test_aks_commands.py b/src/aks-preview/azext_aks_preview/tests/latest/test_aks_commands.py
index 9d2c21f522f..835a77d0914 100644
--- a/src/aks-preview/azext_aks_preview/tests/latest/test_aks_commands.py
+++ b/src/aks-preview/azext_aks_preview/tests/latest/test_aks_commands.py
@@ -4977,13 +4977,11 @@ def test_aks_update_with_keda(self, resource_group, resource_group_location):
             self.is_empty(),
         ])
 
-    @live_only()  # live only is required for test environment setup like `az login`
     @AllowLargeResponse()
     def test_list_trustedaccess_roles(self):
         cmd = 'aks trustedaccess role list -l eastus2euap'
         self.cmd(cmd, checks=[
-            self.check(
-                'type', 'Microsoft.ContainerService/locations/trustedaccessroles')
+            self.exists('[0].sourceResourceType')
         ])
 
     @live_only() # this test requires live_only because a binary is downloaded

From 151989aa1f1bba8409ab1c35cabc811c5e8acc74 Mon Sep 17 00:00:00 2001
From: Fuming Zhang <fumingzhang@microsoft.com>
Date: Tue, 26 Jul 2022 11:48:26 +0800
Subject: [PATCH 5/7] update history

---
 src/aks-preview/HISTORY.rst | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/aks-preview/HISTORY.rst b/src/aks-preview/HISTORY.rst
index a4b99484d4a..696f43fde91 100644
--- a/src/aks-preview/HISTORY.rst
+++ b/src/aks-preview/HISTORY.rst
@@ -17,6 +17,7 @@ Pending
 
 * Move Azure KeyVault KMS to GA.
 * Support disabling Azure KeyVault KMS.
+* Update to use 2022-06-02-preview api version.
 
 0.5.91
 ++++++

From 8f3c8402b4c2309531bb6879c911d6879e86db4d Mon Sep 17 00:00:00 2001
From: Fuming Zhang <fumingzhang@microsoft.com>
Date: Tue, 26 Jul 2022 11:50:59 +0800
Subject: [PATCH 6/7] remove ossku test

---
 .../azcli_aks_live_test/configs/cli_matrix_default.json        | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/aks-preview/azcli_aks_live_test/configs/cli_matrix_default.json b/src/aks-preview/azcli_aks_live_test/configs/cli_matrix_default.json
index c38218e7a11..4e92de9dceb 100644
--- a/src/aks-preview/azcli_aks_live_test/configs/cli_matrix_default.json
+++ b/src/aks-preview/azcli_aks_live_test/configs/cli_matrix_default.json
@@ -5,6 +5,9 @@
         ]
     },
     "exclude": {
+        "compatibility issue": [
+            "test_aks_nodepool_add_with_ossku"
+        ],
         "need feature registration": [
             "test_aks_create_enable_encryption",
             "test_aks_create_edge_zone"

From b090b19ef07b074e0caefd97a90a7fbf551253f7 Mon Sep 17 00:00:00 2001
From: Fuming Zhang <fumingzhang@microsoft.com>
Date: Tue, 26 Jul 2022 15:46:28 +0800
Subject: [PATCH 7/7] add recording for test_list_trustedaccess_roles

---
 .../test_list_trustedaccess_roles.yaml        | 117 ++++++++++++++++++
 1 file changed, 117 insertions(+)
 create mode 100644 src/aks-preview/azext_aks_preview/tests/latest/recordings/test_list_trustedaccess_roles.yaml

diff --git a/src/aks-preview/azext_aks_preview/tests/latest/recordings/test_list_trustedaccess_roles.yaml b/src/aks-preview/azext_aks_preview/tests/latest/recordings/test_list_trustedaccess_roles.yaml
new file mode 100644
index 00000000000..709470fd682
--- /dev/null
+++ b/src/aks-preview/azext_aks_preview/tests/latest/recordings/test_list_trustedaccess_roles.yaml
@@ -0,0 +1,117 @@
+interactions:
+- request:
+    body: null
+    headers:
+      Accept:
+      - application/json
+      Accept-Encoding:
+      - gzip, deflate
+      CommandName:
+      - aks trustedaccess role list
+      Connection:
+      - keep-alive
+      ParameterSetName:
+      - -l
+      User-Agent:
+      - AZURECLI/2.38.0 azsdk-python-azure-mgmt-containerservice/20.0.0b Python/3.8.10
+        (Linux-5.15.0-1014-azure-x86_64-with-glibc2.29)
+    method: GET
+    uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.ContainerService/locations/eastus2euap/trustedAccessRoles?api-version=2022-06-02-preview
+  response:
+    body:
+      string: "{\n  \"value\": [\n   {\n    \"sourceResourceType\": \"Microsoft.Compute/virtualMachineScaleSets\",\n
+        \   \"name\": \"test-node-reader\",\n    \"rules\": [\n     {\n      \"verbs\":
+        [\n       \"list\"\n      ],\n      \"apiGroups\": [\n       \"\"\n      ],\n
+        \     \"resources\": [\n       \"nodes\"\n      ]\n     }\n    ]\n   },\n
+        \  {\n    \"sourceResourceType\": \"Microsoft.Compute/virtualMachineScaleSets\",\n
+        \   \"name\": \"test-pod-reader\",\n    \"rules\": [\n     {\n      \"verbs\":
+        [\n       \"list\"\n      ],\n      \"apiGroups\": [\n       \"\"\n      ],\n
+        \     \"resources\": [\n       \"pods\"\n      ]\n     }\n    ]\n   },\n   {\n
+        \   \"sourceResourceType\": \"Microsoft.Compute/virtualMachineScaleSets\",\n
+        \   \"name\": \"test-admin\",\n    \"rules\": [\n     {\n      \"verbs\":
+        [\n       \"*\"\n      ],\n      \"apiGroups\": [\n       \"\"\n      ],\n
+        \     \"resources\": [\n       \"*\"\n      ]\n     }\n    ]\n   },\n   {\n
+        \   \"sourceResourceType\": \"Microsoft.DataProtection/BackupVaults\",\n    \"name\":
+        \"pvbackup\",\n    \"rules\": [\n     {\n      \"verbs\": [\n       \"list\"\n
+        \     ],\n      \"apiGroups\": [\n       \"\"\n      ],\n      \"resources\":
+        [\n       \"events\"\n      ]\n     },\n     {\n      \"verbs\": [\n       \"get\",\n
+        \      \"list\"\n      ],\n      \"apiGroups\": [\n       \"\"\n      ],\n
+        \     \"resources\": [\n       \"namespaces\",\n       \"deployments\",\n
+        \      \"statefulsets\",\n       \"replicasets\",\n       \"daemonsets\"\n
+        \     ]\n     },\n     {\n      \"verbs\": [\n       \"create\",\n       \"get\",\n
+        \      \"list\",\n       \"patch\",\n       \"update\",\n       \"delete\"\n
+        \     ],\n      \"apiGroups\": [\n       \"\"\n      ],\n      \"resources\":
+        [\n       \"persistentvolumes\",\n       \"persistentvolumeclaims\"\n      ]\n
+        \    },\n     {\n      \"verbs\": [\n       \"get\",\n       \"list\"\n      ],\n
+        \     \"apiGroups\": [\n       \"storage.k8s.io\"\n      ],\n      \"resources\":
+        [\n       \"csidrivers\"\n      ]\n     },\n     {\n      \"verbs\": [\n       \"create\",\n
+        \      \"get\",\n       \"list\",\n       \"patch\",\n       \"update\"\n
+        \     ],\n      \"apiGroups\": [\n       \"storage.k8s.io\"\n      ],\n      \"resources\":
+        [\n       \"storageclasses\",\n       \"volumeattachments\"\n      ]\n     },\n
+        \    {\n      \"verbs\": [\n       \"create\",\n       \"get\",\n       \"list\",\n
+        \      \"patch\",\n       \"update\",\n       \"delete\"\n      ],\n      \"apiGroups\":
+        [\n       \"snapshot.storage.k8s.io\"\n      ],\n      \"resources\": [\n
+        \      \"volumesnapshots\",\n       \"volumesnapshotcontents\",\n       \"volumesnapshotclasses\"\n
+        \     ]\n     }\n    ]\n   },\n   {\n    \"sourceResourceType\": \"Microsoft.MachineLearningServices/workspaces\",\n
+        \   \"name\": \"training\",\n    \"rules\": [\n     {\n      \"verbs\": [\n
+        \      \"create\",\n       \"get\",\n       \"list\",\n       \"patch\",\n
+        \      \"update\",\n       \"delete\"\n      ],\n      \"apiGroups\": [\n
+        \      \"\"\n      ],\n      \"resources\": [\n       \"services\",\n       \"services/proxy\"\n
+        \     ]\n     }\n    ]\n   },\n   {\n    \"sourceResourceType\": \"Microsoft.MachineLearningServices/workspaces\",\n
+        \   \"name\": \"inferenceV2\",\n    \"rules\": [\n     {\n      \"verbs\":
+        [\n       \"create\",\n       \"get\",\n       \"list\",\n       \"patch\",\n
+        \      \"update\",\n       \"delete\"\n      ],\n      \"apiGroups\": [\n
+        \      \"\"\n      ],\n      \"resources\": [\n       \"services\",\n       \"services/proxy\"\n
+        \     ]\n     }\n    ]\n   },\n   {\n    \"sourceResourceType\": \"Microsoft.MachineLearningServices/workspaces\",\n
+        \   \"name\": \"inferenceV1\",\n    \"rules\": [\n     {\n      \"verbs\":
+        [\n       \"list\"\n      ],\n      \"apiGroups\": [\n       \"\"\n      ],\n
+        \     \"resources\": [\n       \"events\",\n       \"nodes\"\n      ]\n     },\n
+        \    {\n      \"verbs\": [\n       \"create\",\n       \"get\",\n       \"list\",\n
+        \      \"patch\",\n       \"update\",\n       \"delete\"\n      ],\n      \"apiGroups\":
+        [\n       \"\"\n      ],\n      \"resources\": [\n       \"persistentvolumes\",\n
+        \      \"persistentvolumeclaims\"\n      ]\n     },\n     {\n      \"verbs\":
+        [\n       \"create\",\n       \"get\",\n       \"list\",\n       \"patch\",\n
+        \      \"update\",\n       \"delete\"\n      ],\n      \"apiGroups\": [\n
+        \      \"\"\n      ],\n      \"resources\": [\n       \"namespaces\",\n       \"pods\",\n
+        \      \"configmaps\",\n       \"secrets\",\n       \"services\",\n       \"services/proxy\",\n
+        \      \"serviceaccounts\"\n      ]\n     },\n     {\n      \"verbs\": [\n
+        \      \"create\",\n       \"get\",\n       \"list\",\n       \"patch\",\n
+        \      \"update\",\n       \"delete\"\n      ],\n      \"apiGroups\": [\n
+        \      \"\"\n      ],\n      \"resources\": [\n       \"deployments\",\n       \"replicasets\",\n
+        \      \"daemonsets\"\n      ]\n     },\n     {\n      \"verbs\": [\n       \"create\",\n
+        \      \"get\",\n       \"list\"\n      ],\n      \"apiGroups\": [\n       \"\"\n
+        \     ],\n      \"resources\": [\n       \"jobs\"\n      ]\n     },\n     {\n
+        \     \"verbs\": [\n       \"create\",\n       \"get\",\n       \"list\",\n
+        \      \"patch\",\n       \"update\",\n       \"delete\"\n      ],\n      \"apiGroups\":
+        [\n       \"storage.k8s.io\"\n      ],\n      \"resources\": [\n       \"csidrivers\"\n
+        \     ]\n     },\n     {\n      \"verbs\": [\n       \"create\",\n       \"get\",\n
+        \      \"list\",\n       \"update\"\n      ],\n      \"apiGroups\": [\n       \"rbac.authorization.k8s.io\"\n
+        \     ],\n      \"resources\": [\n       \"clusterroles\",\n       \"clusterrolebindings\"\n
+        \     ]\n     }\n    ]\n   }\n  ]\n }"
+    headers:
+      cache-control:
+      - no-cache
+      content-length:
+      - '4926'
+      content-type:
+      - application/json
+      date:
+      - Tue, 26 Jul 2022 07:07:41 GMT
+      expires:
+      - '-1'
+      pragma:
+      - no-cache
+      server:
+      - nginx
+      strict-transport-security:
+      - max-age=31536000; includeSubDomains
+      transfer-encoding:
+      - chunked
+      vary:
+      - Accept-Encoding
+      x-content-type-options:
+      - nosniff
+    status:
+      code: 200
+      message: OK
+version: 1