[Engineer build test] Fix for output type and null subscriptions coll…

…ection in ResourceGraph (#15165) * Onboard DigitalTwins to Private Link Common Cmdlets (#14613) * Onboard DigitalTwins to Private Link Common Cmdlets * Removed the change log * Added DigitalTwins in lexicographical order * Adding Private Range (No SNAT) Support to Firewall Policies (#14577) * Add Azure Route Server CRUD cmdlets to deprecate Virtual Router cmdlets (#14036) * change name from virtual router to route server * add test records * fix warning * delete unused import * no snat private ranges * adding private range in firewall policies * using AzPSArgumentException instead of PSArgumentException * using Resources.resx for AzPSArgumentException * reverting changes in Resources.Designer.cs that is not related to my code * adding help instruction for set-AzFirewallPolicy * updated changeLog Co-authored-by: litchiyangMSFT <[email protected]> * Added a new property "FlowTimeout" to Virtual Network (#14665) * Adding new property to Virtual Network FlowTimeoutInMinutes * Reverting local SDK changes * Added recorded test and updated help files, changed FlowTimeoutInMinutes to FlowTimeout * Update src/Network/Network/VirtualNetwork/NewAzureVirtualNetworkCommand.cs Removing Abbreviation of mins and expanding to minutes Co-authored-by: Beisi Zhou <[email protected]> * Updated FlowTimeout Description * Generated New Test Recording and updated PS Test script * Adding local SDK for FlowTimeout * Update the Network sdk version in test projects * Update the Network sdk version in test projects * Updated FlowTimeout Description * Update the Network sdk version in test projects Co-authored-by: Beisi Zhou <[email protected]> Co-authored-by: wyunchi-ms <[email protected]> * Virtual Network Gateway NAT feature changes (#14685) * workingCode * VNGCommands * ConnChanges * Format * helpFiles * tests * changeLog * Revert "changeLog" This reverts commit 8dbb8a2. * ChangeLogMd * fixing csProj * Revert "Revert "changeLog"" This reverts commit 7f69613. * Fixing nupkg * TestCsProj * testRecords * fixing comments * Fixing Comments Co-authored-by: Khushboo Baheti <[email protected]> * Support for Preferred Routing Gateway for Virtual Hub (#14761) * Fixed Azure Vnet peering build fix for new SDK * Added support for VPN or ER selection * Added default display * Bug fixes * Updated change log * Reverting VNET Peering change mismatch with SDK * Fixed help file * correcting document example 1 of New-AzFirewallPolicyRuleCollectionGroup (#14777) * Added more detailed description about GroupId in New-AzPrivateLinkServiceConnection (#14786) Co-authored-by: Beisi Zhou <[email protected]> * Fix (#14791) Co-authored-by: Khushboo Baheti <[email protected]> * Added support for getting a single private link resource (#14785) * Added support for getting a single private link resource * update help file * Update src/Network/Network/help/Get-AzPrivateLinkResource.md * Update src/Network/Network/help/Get-AzPrivateLinkResource.md Co-authored-by: Beisi Zhou <[email protected]> * Exposing two read-only properties of Application Gateway client certificate (#14784) * expose two read-only client cert properties * update appgw senario test to cover two new read-only properties of client cert * create zonal public ip referred by appgw with zone redundancy * update session record * update ChangeLog * use cert chain name from appgw * check client cert properties from appgw output * update test case and record * Gateway Loadbalancer (#14683) * new branch * fix * fix * fix * fix * fix * try restart json * replace file Co-authored-by: matyang222 <[email protected]> * Add new properties a new commandlet to support the address space update in peered vNets (#14730) * Changes for adding new commandlet for sync operation * Reverting the unintended change related to flow timeout * Updating with the SDK that has the newer fields Updating with the SDK that has the newer fields * Updating the networking SDK for all references Updating the networking SDK for all references * Added Parameter Set & Updated Changelog.md & Recorded PS Test * Minor update to changelog.md file and removed comment from VirtualNetworkTests.cs * Added default parameter set and ShouldSupportProcess=false * Added default parameter set and ShouldSupportProcess=false * Sync-AzVirtualNetworkPeering.md Help file * Updated links in help files * Minor spacing issue in help files hyperlink * Changed synopsis and description from comment to actual string * Added Sync-AzVirtualNetworkPeering to StaticAnalysis exception to ignore the shouldProcess error * Updating build steps * Setting supportsshouldprocess = true in sync-azvnetpeering * Reverting the Signature Issues Co-authored-by: Hari Prasad Perabattula <[email protected]> Co-authored-by: Satya-anshu <[email protected]> * Gateway LoadBalancer property ParameterSetName requirement removal (#15108) * fix * fix Co-authored-by: matyang222 <[email protected]> * Upgrade PowerShell to 7.0.6 (#15113) Upgrade Linux Image of CI pipeline to Ubuntu 20.04 Co-authored-by: wyunchi-ms <[email protected]> * Fix the random failure in CI pipeline (#15153) Co-authored-by: wyunchi-ms <[email protected]> * Release Az 4.1.1 (#15150) * Release Az.Resources 4.1.1 (#15149) * [Resource] Fixed issue that property is cleaned by [#15134]. (#15136) * Az.Resources 4.1.1 release * Update version of Az.Accounts in psd1 Co-authored-by: LucasYao93 <[email protected]> * Update ChangeLog.md Co-authored-by: LucasYao93 <[email protected]> * [Storage] Fix oauthCopySameAccount (#15152) * Update Az.SecurityInsights help files (#15144) * Updating Az.SecurityInsights help files * Update Get-AzSentinelAlertRule.md * typo in examples resourcegroup parameter (#15146) * Update the dependencies for Az.Accounts (#15154) * Fix the issue that static analysis cannot find SupportsShouldProcess in cmdlet (#15155) Co-authored-by: wyunchi-ms <[email protected]> * [Az.DiskPool] First preview availability of Az.DiskPool (#15128) * First availability of Az.DiskPool * supress error * remove unnecessary suppress * Code changes for provisioning Server & ManagedInstance with AD Only Authentication & External Administrator Properties (#15151) * Rebase master * Update Changelog * Switch to singular noun * Fix bug * Check for administrator object * Fix test * Release notes of Az.DiskPool v0.1.0 (#15160) * correct the way to download keyvault certificate (#15163) * Remove duplicate list item in Get-AzKeyVault (#15167) * cmdlets for new compute resource: SSH Public Key (#15120) * four cmdlets * location to follow resource group * add supportshouldprocess * update test * update key save location * capitalization * change * change * add two new parameter sets * ReadScale default to null on Set-AzSqlDatabase (#15168) * Updated api version (#15169) * [**URGENT**] Fix for Set-AzSqlServer and Set-AzSqlInstance cmdlets (#15176) * Fix for Set cmdlets * comma * update changelog.md * Update ChangeLog.md Co-authored-by: Dingmeng Xue <[email protected]> * Using FQDN when connecting to nodes and enabling Arc (#15174) -Using fqdn while connecting to cluster and nodes. -Using AAD retries in Arc AAD application setup. -Returning ErrorDetails in PS output stream for WAC to handle incase of RegisteredButArcFailed. * Adding Cross Tenant DS move (#15185) updated help text added new CRR regions Co-authored-by: Dingmeng Xue <[email protected]> * Add SecretManagement tag to module (#15187) * [HDInsight] Support new azure monitor feature (#15068) * Support new azure monitor feature * Change the cmdlet name Get/Enable/Disable-AzHDInsightMonitor to Get/Enable/Disable-AzHDInsightAzureMonitor * Update the help doc and sdk version and add tests * Add online version link * Add related test * Change setbynameparameterset to bynameparameterset * Change the parameter set names to verb+ByName|ResourceId|InputObject style Co-authored-by: Zhenyu Zhou <[email protected]> * Hotfix for the issue on windows powershell (#15189) * Hotfix for the issue on windows powershell * Bump version for Az.DiskPool OOB * Adding CMK changes for PS cmdlets (#15122) * Adding CMK changes for PS cmdlets * Add UMI. Address comments * Added UMI related config * Fix build error * Fix static analysis errors * UMI related fix. * Fix test and build issues * Update with UMI scenarios * Fix generated files * Fix identity issue * Fix failing test * Modified help files. Modified changelog.md * Update AzureSqlDatabaseTransparentDataEncryptionCommunicator.cs Remove legacy codes Co-authored-by: Jin Lei <[email protected]> * Polish changelog for upcoming release (#15191) * Provide certificate file login method (#14738) * Use certificate file as input * Address review comments * Change underline behavior of adding IP configuration to route server (#15194) * fix day 1 behavior for route server * record and log * Az.StackHCI - Pass GraphAccessToken to Connect-AzAccount (#15193) New-AzRoleAssignment Cmdlet needs graph token, so during Connect-AzAccount pass GraphAccessToken * [Storage] Removed StorageFileDataSmbShareOwner from value set of DefaultSharePermission (#15190) * Revert "Az.StackHCI - Pass GraphAccessToken to Connect-AzAccount (#15193)" (#15201) This reverts commit e1f82c9. * 47 update version (#15172) * Add Deep delete options for Disks and NICs (#15177) * DeleteOptions for Disks and NetworkInterfaces * DeleteOption fixes * Upgrade to Microsoft.Azure.Management.Compute Version 47.0.0 * Updated help files * temporyr change to move Compute package to version 47 Co-authored-by: Bashar Gharaibeh <[email protected]> * fix blank space issue (#15206) * [ApplicationInsights] Fixed ApplicationInsightsLinkedStorageAccount CRUD command that complain missing resourcegroupName when using InputObject (#15166) * [ApplicationInsights] ApplicationInsightsLinkedStorageAccount CRUD command that complain missing resourcegroupName when using InputObject [#14848]. * Update ChangeLog.md * [ApplicationInsights] Add CRUD test cases of the LinkedStorageAccount for pipeline. Co-authored-by: Dingmeng Xue <[email protected]> * Az.StackHCI - Pass GraphAccessToken to Connect-AzAccount (#15193) (#15203) New-AzRoleAssignment Cmdlet needs graph token, so during Connect-AzAccount pass GraphAccessToken Co-authored-by: digot007 <[email protected]> * should not try to use existed module version for new modules (#15217) * Fixed null subscriptions exception, added change log * Added output type fix and updated tests Changes from PR #15125 * regenerated ps1xml, updated examples * Updated md file for the output type and changelog * added breaking change issues csv after rebasing with master * added parenthesses to csv to fix parsing issue Co-authored-by: anakarparida <[email protected]> Co-authored-by: kenchenMicrosoft <[email protected]> Co-authored-by: litchiyangMSFT <[email protected]> Co-authored-by: Satya-anshu <[email protected]> Co-authored-by: Beisi Zhou <[email protected]> Co-authored-by: wyunchi-ms <[email protected]> Co-authored-by: Khushboo Baheti <[email protected]> Co-authored-by: Khushboo Baheti <[email protected]> Co-authored-by: arvenka <[email protected]> Co-authored-by: Beisi Zhou <[email protected]> Co-authored-by: biaogao <[email protected]> Co-authored-by: Matthew Yang <[email protected]> Co-authored-by: matyang222 <[email protected]> Co-authored-by: Hari Prasad Perabattula <[email protected]> Co-authored-by: Hari Prasad Perabattula <[email protected]> Co-authored-by: Yunchi Wang <[email protected]> Co-authored-by: Dingmeng Xue <[email protected]> Co-authored-by: LucasYao93 <[email protected]> Co-authored-by: Wei Wei <[email protected]> Co-authored-by: Tiander Turpijn <[email protected]> Co-authored-by: srozemuller <[email protected]> Co-authored-by: strehan1993 <[email protected]> Co-authored-by: Jin Lei <[email protected]> Co-authored-by: Theodore Chang <[email protected]> Co-authored-by: bradrich-msft <[email protected]> Co-authored-by: Mikhail <[email protected]> Co-authored-by: digot007 <[email protected]> Co-authored-by: Himanshu Agarwal <[email protected]> Co-authored-by: aim-for-better <[email protected]> Co-authored-by: Zhenyu Zhou <[email protected]> Co-authored-by: viparek <[email protected]> Co-authored-by: Adam Sandor <[email protected]> Co-authored-by: basharg <[email protected]> Co-authored-by: Bashar Gharaibeh <[email protected]> Co-authored-by: Xiaogang <[email protected]> Co-authored-by: makharch <[email protected]>
Azure · Jun 10, 2021 · 4d1f891 · 4d1f891
1 parent f05fde1
commit 4d1f891
Show file tree

Hide file tree

Showing 753 changed files with 117,514 additions and 20,469 deletions.
diff --git a/.azure-pipelines/powershell-core.yml b/.azure-pipelines/powershell-core.yml
@@ -2,7 +2,7 @@ variables:
   WindowsName: windows
   WindowsImage: vs2017-win2016
   LinuxName: linux
-  LinuxImage: ubuntu-18.04
+  LinuxImage: ubuntu-20.04
   MacOSName: macOS
   MacOSImage: macOS-10.14
   TestFramework: netcoreapp2.1

diff --git a/.azure-pipelines/util/analyze-steps.yml b/.azure-pipelines/util/analyze-steps.yml
@@ -11,7 +11,7 @@ steps:
   displayName: 'Use .NET Core sdk'
   inputs:
     packageType: sdk
-    version: 2.1.x
+    version: 3.1.x
 
 - pwsh: 'Install-Module platyPS -Force -Confirm:$false -Scope CurrentUser'
   displayName: 'Install platyPS'

diff --git a/.azure-pipelines/util/build-steps.yml b/.azure-pipelines/util/build-steps.yml
@@ -13,7 +13,7 @@ steps:
   displayName: 'Use .NET Core sdk'
   inputs:
     packageType: sdk
-    version: 2.1.x
+    version: 3.1.x
 
 - task: DotNetCoreCLI@2
   displayName: Build

diff --git a/build.proj b/build.proj
@@ -103,15 +103,15 @@
   </Target>
 
   <Target Name="BuildTools">
-    <Exec Command="dotnet publish $(RepoTools)StaticAnalysis/StaticAnalysis.Netcore.csproj -c $(Configuration) -f netcoreapp2.1" />
+    <Exec Command="dotnet publish $(RepoTools)StaticAnalysis/StaticAnalysis.Netcore.csproj -c $(Configuration)" />
   </Target>
 
   <Target Name="FilterBuild" Condition="$(PullRequestNumber) != '' OR $(TargetModule) != ''" DependsOnTargets="BuildTools">
     <Message Importance="high" Text="Filtering projects and modules..." />
     <Exec Command="$(PowerShellCoreCommandPrefix) &quot;. $(RepoTools)/CreateFilterMappings.ps1&quot;" />
 
     <!-- Build the Microsoft.Azure.Build.Tasks project -->
-    <Exec Command="dotnet publish $(RepoTools)BuildPackagesTask/Microsoft.Azure.Build.Tasks/Microsoft.Azure.Build.Tasks.csproj -c $(Configuration) -f netstandard2.0" />
+    <Exec Command="dotnet publish $(RepoTools)BuildPackagesTask/Microsoft.Azure.Build.Tasks/Microsoft.Azure.Build.Tasks.csproj -c $(Configuration)" />
 
     <!-- Get all of the files changed in the given pull request -->
     <FilesChangedTask RepositoryOwner="Azure" RepositoryName="azure-powershell" PullRequestNumber="$(PullRequestNumber)" TargetModule="$(TargetModule)">
@@ -268,11 +268,11 @@
   </Target>
 
   <Target Name="AzToolsInstaller">
-    <Exec Command="dotnet msbuild $(RepoTools)/Az.Tools.Installer/build.proj /t:'clean;build;test'" />
+    <Exec Command='dotnet msbuild $(RepoTools)/Az.Tools.Installer/build.proj /t:"clean;build;test"' />
   </Target>
 
   <Target Name="AzToolsPredictor">
-    <Exec Command="dotnet msbuild $(RepoTools)/Az.Tools.Predictor/build.proj /t:'clean;build;test'" />
+    <Exec Command='dotnet msbuild $(RepoTools)/Az.Tools.Predictor/build.proj /t:"clean;build;test"' />
   </Target>
 
   <Target Name="ChangeLogErrorMessage">

diff --git a/src/Accounts/Accounts.Test/AutosaveTests.cs b/src/Accounts/Accounts.Test/AutosaveTests.cs
@@ -52,7 +52,7 @@ void ResetState()
             AzureSession.Instance.AuthenticationFactory = new MockTokenAuthenticationFactory();
             Environment.SetEnvironmentVariable("Azure_PS_Data_Collection", "false");
             PowerShellTokenCacheProvider tokenProvider = new InMemoryTokenCacheProvider();
-            AzureSession.Instance.RegisterComponent(PowerShellTokenCacheProvider.PowerShellTokenCacheProviderKey, () => tokenProvider);
+            AzureSession.Instance.RegisterComponent(PowerShellTokenCacheProvider.PowerShellTokenCacheProviderKey, () => tokenProvider, true);
         }
 
         [Fact]

diff --git a/src/Accounts/Accounts/Account/ConnectAzureRmAccount.cs b/src/Accounts/Accounts/Account/ConnectAzureRmAccount.cs
@@ -14,6 +14,7 @@
 
 using System;
 using System.Collections.Concurrent;
+using System.Linq;
 using System.Management.Automation;
 using System.Security;
 using System.Threading;
@@ -52,6 +53,7 @@ public class ConnectAzureRmAccountCommand : AzureContextModificationCmdlet, IMod
         public const string UserWithCredentialParameterSet = "UserWithCredential";
         public const string ServicePrincipalParameterSet = "ServicePrincipalWithSubscriptionId";
         public const string ServicePrincipalCertificateParameterSet= "ServicePrincipalCertificateWithSubscriptionId";
+        public const string ServicePrincipalCertificateFileParameterSet = "ServicePrincipalCertificateFileWithSubscriptionId";
         public const string AccessTokenParameterSet = "AccessTokenWithSubscriptionId";
         public const string ManagedServiceParameterSet = "ManagedServiceLogin";
         public const string MSIEndpointVariable = "MSI_ENDPOINT";
@@ -79,12 +81,16 @@ public class ConnectAzureRmAccountCommand : AzureContextModificationCmdlet, IMod
 
         [Parameter(ParameterSetName = ServicePrincipalCertificateParameterSet,
                     Mandatory = true, HelpMessage = "SPN")]
+        [Parameter(ParameterSetName = ServicePrincipalCertificateFileParameterSet,
+                    Mandatory = true, HelpMessage = "SPN")]
         public string ApplicationId { get; set; }
 
         [Parameter(ParameterSetName = ServicePrincipalParameterSet,
                     Mandatory = true)]
         [Parameter(ParameterSetName = ServicePrincipalCertificateParameterSet,
                     Mandatory = false)]
+        [Parameter(ParameterSetName = ServicePrincipalCertificateFileParameterSet,
+                    Mandatory = false)]
         public SwitchParameter ServicePrincipal { get; set; }
 
         [Parameter(ParameterSetName = UserParameterSet,
@@ -97,6 +103,8 @@ public class ConnectAzureRmAccountCommand : AzureContextModificationCmdlet, IMod
                     Mandatory = false, HelpMessage = "Tenant name or ID")]
         [Parameter(ParameterSetName = ServicePrincipalCertificateParameterSet,
                     Mandatory = true, HelpMessage = "Tenant name or ID")]
+        [Parameter(ParameterSetName = ServicePrincipalCertificateFileParameterSet,
+                    Mandatory = true, HelpMessage = "Tenant name or ID")]
         [Parameter(ParameterSetName = ManagedServiceParameterSet,
                     Mandatory = false, HelpMessage = "Optional tenant name or ID")]
         [Alias("Domain", "TenantId")]
@@ -138,6 +146,8 @@ public class ConnectAzureRmAccountCommand : AzureContextModificationCmdlet, IMod
                     Mandatory = false, HelpMessage = "Subscription Name or ID", ValueFromPipeline = true)]
         [Parameter(ParameterSetName = ServicePrincipalCertificateParameterSet,
                     Mandatory = false, HelpMessage = "Subscription Name or ID", ValueFromPipeline = true)]
+        [Parameter(ParameterSetName = ServicePrincipalCertificateFileParameterSet,
+                    Mandatory = false, HelpMessage = "Subscription Name or ID", ValueFromPipeline = true)]
         [Parameter(ParameterSetName = AccessTokenParameterSet,
                     Mandatory = false, HelpMessage = "Subscription Name or ID", ValueFromPipeline = true)]
         [Parameter(ParameterSetName = ManagedServiceParameterSet,
@@ -187,6 +197,7 @@ public class ConnectAzureRmAccountCommand : AzureContextModificationCmdlet, IMod
         [Parameter(ParameterSetName = UserWithCredentialParameterSet, Mandatory = false, HelpMessage = "Max subscription number to populate contexts after login. Default is " + DefaultMaxContextPopulationString + ". To populate all subscriptions to contexts, set to -1.")]
         [Parameter(ParameterSetName = ServicePrincipalParameterSet, Mandatory = false, HelpMessage = "Max subscription number to populate contexts after login. Default is " + DefaultMaxContextPopulationString + ". To populate all subscriptions to contexts, set to -1.")]
         [Parameter(ParameterSetName = ServicePrincipalCertificateParameterSet, Mandatory = false, HelpMessage = "Max subscription number to populate contexts after login. Default is " + DefaultMaxContextPopulationString + ". To populate all subscriptions to contexts, set to -1.")]
+        [Parameter(ParameterSetName = ServicePrincipalCertificateFileParameterSet, Mandatory = false, HelpMessage = "Max subscription number to populate contexts after login. Default is " + DefaultMaxContextPopulationString + ". To populate all subscriptions to contexts, set to -1.")]
         [Parameter(ParameterSetName = AccessTokenParameterSet, Mandatory = false, HelpMessage = "Max subscription number to populate contexts after login. Default is " + DefaultMaxContextPopulationString + ". To populate all subscriptions to contexts, set to -1.")]
         [Parameter(ParameterSetName = ManagedServiceParameterSet, Mandatory = false, HelpMessage = "Max subscription number to populate contexts after login. Default is " + DefaultMaxContextPopulationString + ". To populate all subscriptions to contexts, set to -1.")]
         [PSDefaultValue(Help = DefaultMaxContextPopulationString, Value = DefaultMaxContextPopulation)]
@@ -201,9 +212,17 @@ public class ConnectAzureRmAccountCommand : AzureContextModificationCmdlet, IMod
         [Parameter(Mandatory = false, HelpMessage = "Overwrite the existing context with the same name, if any.")]
         public SwitchParameter Force { get; set; }
 
-        [Parameter(ParameterSetName = ServicePrincipalCertificateParameterSet, Mandatory = false, HelpMessage = "Specifies if the x5c claim (public key of the certificate) should be sent to the STS to achieve easy certificate rollover in Azure AD.")]
+        [Parameter(ParameterSetName = ServicePrincipalCertificateParameterSet, HelpMessage = "Specifies if the x5c claim (public key of the certificate) should be sent to the STS to achieve easy certificate rollover in Azure AD.")]
+        [Parameter(ParameterSetName = ServicePrincipalCertificateFileParameterSet, HelpMessage = "Specifies if the x5c claim (public key of the certificate) should be sent to the STS to achieve easy certificate rollover in Azure AD.")]
         public SwitchParameter SendCertificateChain { get; set; }
 
+
+        [Parameter(ParameterSetName = ServicePrincipalCertificateFileParameterSet, Mandatory = true, HelpMessage = "The path of certficate file in pkcs#12 format.")]
+        public String CertificatePath { get; set; }
+
+        [Parameter(ParameterSetName = ServicePrincipalCertificateFileParameterSet, HelpMessage = "The password required to access the pkcs#12 certificate file.")]
+        public SecureString CertificatePassword { get; set; }
+
         protected override IAzureContext DefaultContext
         {
             get
@@ -305,6 +324,7 @@ public override void ExecuteCmdlet()
                     azureAccount.SetProperty(AzureAccount.Property.KeyVaultAccessToken, KeyVaultAccessToken);
                     break;
                 case ServicePrincipalCertificateParameterSet:
+                case ServicePrincipalCertificateFileParameterSet:
                 case ServicePrincipalParameterSet:
                     azureAccount.Type = AzureAccount.AccountType.ServicePrincipal;
                     break;
@@ -345,7 +365,23 @@ public override void ExecuteCmdlet()
                 azureAccount.SetThumbprint(CertificateThumbprint);
             }
 
-            if (ParameterSetName == ServicePrincipalCertificateParameterSet && SendCertificateChain)
+            if( !string.IsNullOrWhiteSpace(CertificatePath))
+            {
+                var resolvedPath = this.SessionState.Path.GetResolvedPSPathFromPSPath(CertificatePath).FirstOrDefault()?.Path;
+                if (string.IsNullOrEmpty(resolvedPath))
+                {
+                    var parametersLog = $"- Invalid certificate path :'{CertificatePath}'.";
+                    throw new InvalidOperationException(parametersLog);
+                }
+                azureAccount.SetProperty(AzureAccount.Property.CertificatePath, resolvedPath);
+                if (CertificatePassword != null)
+                {
+                    azureAccount.SetProperty(AzureAccount.Property.CertificatePassword, CertificatePassword.ConvertToString());
+                }
+            }
+
+            if ((ParameterSetName == ServicePrincipalCertificateParameterSet || ParameterSetName == ServicePrincipalCertificateFileParameterSet)
+                && SendCertificateChain)
             {
                 azureAccount.SetProperty(AzureAccount.Property.SendCertificateChain, SendCertificateChain.ToString());
                 bool supressWarningOrError = false;
@@ -368,7 +404,7 @@ public override void ExecuteCmdlet()
                 azureAccount.SetProperty(AzureAccount.Property.Tenants, Tenant);
             }
 
-            if (azureAccount.Type == AzureAccount.AccountType.ServicePrincipal && string.IsNullOrEmpty(CertificateThumbprint))
+            if (azureAccount.Type == AzureAccount.AccountType.ServicePrincipal && password != null)
             {
                 azureAccount.SetProperty(AzureAccount.Property.ServicePrincipalSecret, password.ConvertToString());
                 if (GetContextModificationScope() == ContextModificationScope.CurrentUser)

diff --git a/src/Accounts/Accounts/AzureRmAlias/Mappings.json b/src/Accounts/Accounts/AzureRmAlias/Mappings.json
@@ -1494,6 +1494,7 @@
     "Set-AzLoadBalancerBackendAddressPool": "Set-AzureRmLoadBalancerBackendAddressPool",
     "New-AzLoadBalancerBackendAddressPool": "New-AzureRmLoadBalancerBackendAddressPool",
     "Remove-AzLoadBalancerBackendAddressPool": "Remove-AzureRmLoadBalancerBackendAddressPool",
+    "New-AzLoadBalancerBackendAddressPoolTunnelInterfaceConfig": "New-AzureRmLoadBalancerBackendAddressPoolTunnelInterfaceConfig",
     "New-AzLoadBalancerBackendAddressConfig": "New-AzureRmLoadBalancerBackendAddressConfig",
     "Get-AzLoadBalancerBackendAddressPoolConfig": "Get-AzureRmLoadBalancerBackendAddressPoolConfig",
     "Add-AzLoadBalancerBackendAddressPoolConfig": "Add-AzureRmLoadBalancerBackendAddressPoolConfig",

diff --git a/src/Accounts/Accounts/ChangeLog.md b/src/Accounts/Accounts/ChangeLog.md
@@ -19,11 +19,12 @@
 -->
 
 ## Upcoming Release
+* Supported certificate file as input parameter of Connect-AzAccount
 
 ## Version 2.3.0
 * Upgraded Azure.Identity to 1.4 and MSAL to 4.30.1
 * Removed obsolete parameters `ManagedServiceHostName`, `ManagedServicePort` and `ManagedServiceSecret` of cmdlet `Connect-AzAccount`, environment variables `MSI_ENDPOINT` and `MSI_SECRET` could be used instead
-* Customize display format of PSAzureRmAccount to hide secret of service principal [#14208]
+* Customized display format of PSAzureRmAccount to hide secret of service principal [#14208]
 * Added optional parameter `AuthScope` to `Connect-AzAccount` to support enhanced authentication of data plane features
 * Set retry times by environment variable [#14748]
 * Supported subject name issuer authentication

diff --git a/src/Accounts/Accounts/help/Connect-AzAccount.md b/src/Accounts/Accounts/help/Connect-AzAccount.md
@@ -45,6 +45,15 @@ Connect-AzAccount [-Environment <String>] -CertificateThumbprint <String> -Appli
  [<CommonParameters>]
 ```
 
+### ServicePrincipalCertificateFileWithSubscriptionId
+```
+Connect-AzAccount [-Environment <String>] -ApplicationId <String> [-ServicePrincipal] -Tenant <String>
+ [-Subscription <String>] [-ContextName <String>] [-SkipContextPopulation] [-MaxContextPopulation <Int32>]
+ [-Force] [-SendCertificateChain] -CertificatePath <String> [-CertificatePassword <SecureString>]
+ [-Scope <ContextModificationScope>] [-DefaultProfile <IAzureContextContainer>] [-WhatIf] [-Confirm]
+ [<CommonParameters>]
+```
+
 ### AccessTokenWithSubscriptionId
 ```
 Connect-AzAccount [-Environment <String>] [-Tenant <String>] -AccessToken <String> [-GraphAccessToken <String>]
@@ -184,21 +193,21 @@ more information on creating a self-signed certificates and assigning them permi
 [Use Azure PowerShell to create a service principal with a certificate](/azure/active-directory/develop/howto-authenticate-service-principal-powershell)
 
 ```powershell
-$Thumbprint = '0SZTNJ34TCCMUJ5MJZGR8XQD3S0RVHJBA33Z8ZXV'
-$TenantId = '4cd76576-b611-43d0-8f2b-adcb139531bf'
-$ApplicationId = '3794a65a-e4e4-493d-ac1d-f04308d712dd'
+$Thumbprint = 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX'
+$TenantId = 'yyyyyyyy-yyyy-yyyy-yyyy-yyyyyyy'
+$ApplicationId = '00000000-0000-0000-0000-00000000'
 Connect-AzAccount -CertificateThumbprint $Thumbprint -ApplicationId $ApplicationId -Tenant $TenantId -ServicePrincipal
 ```
 
 ```Output
-Account             SubscriptionName TenantId            Environment
--------             ---------------- --------            -----------
-xxxx-xxxx-xxxx-xxxx Subscription1    xxxx-xxxx-xxxx-xxxx AzureCloud
+Account                      SubscriptionName TenantId                        Environment
+-------                      ---------------- --------                        -----------
+xxxxxxxx-xxxx-xxxx-xxxxxxxxx Subscription1    yyyyyyyy-yyyy-yyyy-yyyy-yyyyyyy AzureCloud
 
-Account          : 3794a65a-e4e4-493d-ac1d-f04308d712dd
+Account          : xxxxxxxx-xxxx-xxxx-xxxxxxxx
 SubscriptionName : MyTestSubscription
-SubscriptionId   : 85f0f653-1f86-4d2c-a9f1-042efc00085c
-TenantId         : 4cd76576-b611-43d0-8f2b-adcb139531bf
+SubscriptionId   : zzzzzzzz-zzzz-zzzz-zzzz-zzzzzzzz
+TenantId         : yyyyyyyy-yyyy-yyyy-yyyy-yyyyyyy
 Environment      : AzureCloud
 ```
 
@@ -216,6 +225,24 @@ Account                SubscriptionName TenantId                Environment
 yyyy-yyyy-yyyy-yyyy    Subscription1    xxxx-xxxx-xxxx-xxxx     AzureCloud
 ```
 
+### Example 9: Connect using certificate file
+
+This example connects to an Azure account using certificate-based service principal authentication.
+The certificate file, which is specified by `CertficatePath`, should contains both certificate and private key as the input.
+
+```powershell
+$securePassword = $plainPassword | ConvertTo-SecureString -AsPlainText -Force
+$TenantId = 'yyyyyyyy-yyyy-yyyy-yyyy-yyyyyyy'
+$ApplicationId = 'zzzzzzzz-zzzz-zzzz-zzzz-zzzzzzzz'
+Connect-AzAccount -ServicePrincipal -ApplicationId $ApplicationId -TenantId $TenantId -CertificatePath './certificatefortest.pfx' -CertificatePassword $securePassword
+```
+
+```Output
+Account                     SubscriptionName TenantId                        Environment
+-------                     ---------------- --------                        -----------
+xxxxxxxx-xxxx-xxxx-xxxxxxxx Subscription1    yyyyyyyy-yyyy-yyyy-yyyy-yyyyyyy AzureCloud
+```
+
 ## PARAMETERS
 
 ### -AccessToken
@@ -275,7 +302,7 @@ Application ID of the service principal.
 
 ```yaml
 Type: System.String
-Parameter Sets: ServicePrincipalCertificateWithSubscriptionId
+Parameter Sets: ServicePrincipalCertificateWithSubscriptionId, ServicePrincipalCertificateFileWithSubscriptionId
 Aliases:
 
 Required: True
@@ -300,6 +327,36 @@ Accept pipeline input: False
 Accept wildcard characters: False
 ```
 
+### -CertificatePassword
+The password required to access the pkcs#12 certificate file.
+
+```yaml
+Type: System.Security.SecureString
+Parameter Sets: ServicePrincipalCertificateFileWithSubscriptionId
+Aliases:
+
+Required: False
+Position: Named
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
+### -CertificatePath
+The path of certficate file in pkcs#12 format.
+
+```yaml
+Type: System.String
+Parameter Sets: ServicePrincipalCertificateFileWithSubscriptionId
+Aliases:
+
+Required: True
+Position: Named
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
 ### -CertificateThumbprint
 
 Certificate Hash or Thumbprint.
@@ -486,7 +543,7 @@ Specifies if the x5c claim (public key of the certificate) should be sent to the
 
 ```yaml
 Type: System.Management.Automation.SwitchParameter
-Parameter Sets: ServicePrincipalCertificateWithSubscriptionId
+Parameter Sets: ServicePrincipalCertificateWithSubscriptionId, ServicePrincipalCertificateFileWithSubscriptionId
 Aliases:
 
 Required: False
@@ -514,7 +571,7 @@ Accept wildcard characters: False
 
 ```yaml
 Type: System.Management.Automation.SwitchParameter
-Parameter Sets: ServicePrincipalCertificateWithSubscriptionId
+Parameter Sets: ServicePrincipalCertificateWithSubscriptionId, ServicePrincipalCertificateFileWithSubscriptionId
 Aliases:
 
 Required: False
@@ -594,7 +651,7 @@ Accept wildcard characters: False
 
 ```yaml
 Type: System.String
-Parameter Sets: ServicePrincipalWithSubscriptionId, ServicePrincipalCertificateWithSubscriptionId
+Parameter Sets: ServicePrincipalWithSubscriptionId, ServicePrincipalCertificateWithSubscriptionId, ServicePrincipalCertificateFileWithSubscriptionId
 Aliases: Domain, TenantId
 
 Required: True