Skip to content

Commit

Permalink
Network Security Perimeter Resources (#19164)
Browse files Browse the repository at this point in the history
* temp commit

* delete base nsp added

* Add delete base profile

* make nspdelbase1 as parent of 1 association and 2 accessRukes

* add association in del base2 profile and nsp base1, profile3 -> profile base 2

* variable name fix

* add all values in env

* add test for get and remove

* create profile add test case

* Add test cases for create access rule, associations

* temp commit, comment our association delete, rg delete commands

* update utils

* Update works woth asking parameters

* filename update

* try multiple commands

* Update works

* Add update associaton, access rule

* update

* update

* Add access rule test cases

* Add fqdn test cases

* association update

* update

* Add GetViaIdentity test cases

* add examples in docs

* Add examples

* remove python file

* update examples

* subscription id and resource group change in docs and examples

* Add github swagger url

* Add access rule with perimeter docs

* Add test recordings

* cleanups

* Cleanups

* Check if association is deleted, cleanups

* review changes

* move the nsp files one directory up as per review comments

* moved it to one directory up

* Access rule bug fix, test case update

* singular plural parameter pipeline validation fix

* cleanup swagger, regenerate ps cmdlets, modify paramters

Co-authored-by: Kaushal Kumar <[email protected]>
  • Loading branch information
kaushal087 and Kaushal Kumar authored Aug 22, 2022
1 parent b0fd3ce commit 7cebf5d
Show file tree
Hide file tree
Showing 75 changed files with 9,271 additions and 0 deletions.
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
* text=auto
16 changes: 16 additions & 0 deletions src/Network/NetworkSecurityPerimeter.Autorest/.gitignore
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
bin
obj
.vs
generated
internal
exports
tools
custom/*.psm1
custom/autogen-model-cmdlets
test/*-TestResults.xml
/*.ps1
/*.ps1xml
/*.psm1
/*.snk
/*.csproj
/*.nuspec
Original file line number Diff line number Diff line change
@@ -0,0 +1,24 @@
@{
GUID = '9560a0c7-e4ed-40d0-a8c4-9b28b241edca'
RootModule = './Az.NetworkSecurityPerimeter.psm1'
ModuleVersion = '0.1.0'
CompatiblePSEditions = 'Core', 'Desktop'
Author = 'Microsoft Corporation'
CompanyName = 'Microsoft Corporation'
Copyright = 'Microsoft Corporation. All rights reserved.'
Description = 'Microsoft Azure PowerShell: NetworkSecurityPerimeter cmdlets'
PowerShellVersion = '5.1'
DotNetFrameworkVersion = '4.7.2'
RequiredAssemblies = './bin/Az.NetworkSecurityPerimeter.private.dll'
FormatsToProcess = './Az.NetworkSecurityPerimeter.format.ps1xml'
FunctionsToExport = 'Get-AzNetworkSecurityPerimeter', 'Get-AzNetworkSecurityPerimeterAccessRule', 'Get-AzNetworkSecurityPerimeterAssociation', 'Get-AzNetworkSecurityPerimeterProfile', 'New-AzNetworkSecurityPerimeter', 'New-AzNetworkSecurityPerimeterAccessRule', 'New-AzNetworkSecurityPerimeterAssociation', 'New-AzNetworkSecurityPerimeterProfile', 'Remove-AzNetworkSecurityPerimeter', 'Remove-AzNetworkSecurityPerimeterAccessRule', 'Remove-AzNetworkSecurityPerimeterAssociation', 'Remove-AzNetworkSecurityPerimeterProfile', 'Update-AzNetworkSecurityPerimeterAccessRule', 'Update-AzNetworkSecurityPerimeterAssociation', '*'
AliasesToExport = '*'
PrivateData = @{
PSData = @{
Tags = 'Azure', 'ResourceManager', 'ARM', 'PSModule', 'NetworkSecurityPerimeter'
LicenseUri = 'https://aka.ms/azps-license'
ProjectUri = 'https://github.com/Azure/azure-powershell'
ReleaseNotes = ''
}
}
}
219 changes: 219 additions & 0 deletions src/Network/NetworkSecurityPerimeter.Autorest/README.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,219 @@
<!-- region Generated -->
# Az.NetworkSecurityPerimeter
This directory contains the PowerShell module for the NetworkSecurityPerimeter service.

---
## Status
[![Az.NetworkSecurityPerimeter](https://img.shields.io/powershellgallery/v/Az.NetworkSecurityPerimeter.svg?style=flat-square&label=Az.NetworkSecurityPerimeter "Az.NetworkSecurityPerimeter")](https://www.powershellgallery.com/packages/Az.NetworkSecurityPerimeter/)

## Info
- Modifiable: yes
- Generated: all
- Committed: yes
- Packaged: yes

---
## Detail
This module was primarily generated via [AutoRest](https://github.com/Azure/autorest) using the [PowerShell](https://github.com/Azure/autorest.powershell) extension.

## Module Requirements
- [Az.Accounts module](https://www.powershellgallery.com/packages/Az.Accounts/), version 2.7.5 or greater

## Authentication
AutoRest does not generate authentication code for the module. Authentication is handled via Az.Accounts by altering the HTTP payload before it is sent.

## Development
For information on how to develop for `Az.NetworkSecurityPerimeter`, see [how-to.md](how-to.md).
<!-- endregion -->

### AutoRest Configuration
> see https://aka.ms/autorest
``` yaml
require:
# readme.azure.noprofile.md is the common configuration file
# - ../../../../tools/SwaggerCI/readme.azure.noprofile.md
- $(this-folder)/../../readme.azure.noprofile.md
input-file:
# You need to specify your swagger files here.
- https://github.com/kaushal087/azure-rest-api-specs/blob/8afd9a7cf174025c8d0cb9d8927e4efde1ccc047/specification/network/resource-manager/Microsoft.Network/preview/2021-02-01-preview/networkSecurityPerimeter.json
# - C:\repo\azure-rest-api-specs/specification/network/resource-manager/Microsoft.Network/preview/2021-02-01-preview/networkSecurityPerimeter.json
# If the swagger has not been put in the repo, you may uncomment the following line and refer to it locally
# - (this-folder)/relative-path-to-your-swagger

# For new RP, the version is 0.1.0
module-version: 0.1.0
# Normally, title is the service name
title: NetworkSecurityPerimeter
subject-prefix: $(service-name)
sanitize-names: true

# If there are post APIs for some kinds of actions in the RP, you may need to
# uncomment following line to support viaIdentity for these post APIs
# identity-correction-for-post: true

directive:
# Following is two common directive which are normally required in all the RPs
# 1. Remove the unexpanded parameter set
# 2. For New-* cmdlets, ViaIdentity is not required, so CreateViaIdentityExpanded is removed as well
# - where:
# variant: ^Create$|^CreateViaIdentityExpanded$
# remove: true
# Remove the set-* cmdlet
- where:
verb: Set
remove: true
- where:
variant: ^Update$|^UpdateViaIdentity$|^UpdateViaIdentityExpanded$
remove: true
# Hide CreateViaIdentity for customization
- where:
variant: ^CreateViaIdentity$
hide: true
- where:
subject: NetworkSecurityPerimeter
set:
subject-prefix: ''
- where:
subject: NspProfile
set:
subject: Profile
- where:
subject: NspAccessRule
set:
subject: AccessRule
- where:
subject: NspAssociation
set:
subject: Association

# Parameter Update
# NSP
- where:
subject: NetworkSecurityPerimeter
parameter-name: Name
set:
alias:
- SecurityPerimeterName
- NSPName

- where:
subject: NetworkSecurityPerimeter
parameter-name: Id
set:
parameter-name: SecurityPerimeterId
alias:
- Id

# Profile
- where:
subject: Profile
parameter-name: ProfileName
set:
parameter-name: Name
alias:
- ProfileName

- where:
subject: Profile
parameter-name: Id
set:
parameter-name: ProfileId
alias:
- Id

- where:
subject: Profile
parameter-name: NetworkSecurityPerimeterName
set:
parameter-name: SecurityPerimeterName
alias:
- NetworkSecurityPerimeterName
- NSPName

# AccessRule
- where:
subject: AccessRule
parameter-name: NetworkSecurityPerimeterName
set:
parameter-name: SecurityPerimeterName
alias:
- NetworkSecurityPerimeterName
- NSPName

- where:
subject: AccessRule
parameter-name: Id
set:
parameter-name: AccessRuleId
alias:
- Id

- where:
subject: AccessRule
parameter-name: ProfileName
set:
parameter-name: ProfileName
alias:
- SecurityPerimeterProfileName
- NSPProfileName

- where:
subject: AccessRule
parameter-name: AccessRuleName
set:
parameter-name: Name
alias:
- AccessRuleName

- where:
subject: AccessRule
parameter-name: NetworkSecurityPerimeter
set:
parameter-name: Perimeter

# Association
- where:
subject: Association
parameter-name: NetworkSecurityPerimeterName
set:
parameter-name: SecurityPerimeterName
alias:
- NetworkSecurityPerimeterName
- NSPName

- where:
subject: Association
parameter-name: ProfileName
set:
parameter-name: ProfileName
alias:
- SecurityPerimeterProfileName
- NSPProfileName

- where:
subject: Association
parameter-name: AssociationName
set:
parameter-name: Name
alias:
- AssociationName

- where:
subject: Association
parameter-name: Id
set:
parameter-name: AssociationId
alias:
- Id

# feature request for the below change https://github.com/Azure/autorest.powershell/issues/982
- from: source-file-csharp
where: $
transform: $ = $.replace('if (result.NextLink != null)', 'if (result.NextLink != null && result.NextLink != "")')

- from: source-file-csharp
where: $
transform: $ = $.replace('_nextLink != null', '_nextLink != null && _nextLink != ""')

```
41 changes: 41 additions & 0 deletions src/Network/NetworkSecurityPerimeter.Autorest/custom/README.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,41 @@
# Custom
This directory contains custom implementation for non-generated cmdlets for the `Az.NetworkSecurityPerimeter` module. Both scripts (`.ps1`) and C# files (`.cs`) can be implemented here. They will be used during the build process in `build-module.ps1`, and create cmdlets into the `..\exports` folder. The only generated file into this folder is the `Az.NetworkSecurityPerimeter.custom.psm1`. This file should not be modified.

## Info
- Modifiable: yes
- Generated: partial
- Committed: yes
- Packaged: yes

## Details
For `Az.NetworkSecurityPerimeter` to use custom cmdlets, it does this two different ways. We **highly recommend** creating script cmdlets, as they are easier to write and allow access to the other exported cmdlets. C# cmdlets *cannot access exported cmdlets*.

For C# cmdlets, they are compiled with the rest of the generated low-level cmdlets into the `./bin/Az.NetworkSecurityPerimeter.private.dll`. The names of the cmdlets (methods) and files must follow the `[cmdletName]_[variantName]` syntax used for generated cmdlets. The `variantName` is used as the `ParameterSetName`, so use something appropriate that doesn't clash with already created variant or parameter set names. You cannot use the `ParameterSetName` property in the `Parameter` attribute on C# cmdlets. Each cmdlet must be separated into variants using the same pattern as seen in the `generated/cmdlets` folder.

For script cmdlets, these are loaded via the `Az.NetworkSecurityPerimeter.custom.psm1`. Then, during the build process, this module is loaded and processed in the same manner as the C# cmdlets. The fundamental difference is the script cmdlets use the `ParameterSetName` attribute and C# cmdlets do not. To create a script cmdlet variant of a generated cmdlet, simply decorate all parameters in the script with the new `ParameterSetName` in the `Parameter` attribute. This will appropriately treat each parameter set as a separate variant when processed to be exported during the build.

## Purpose
This allows the modules to have cmdlets that were not defined in the REST specification. It also allows combining logic using generated cmdlets. This is a level of customization beyond what can be done using the [readme configuration options](https://github.com/Azure/autorest/blob/master/docs/powershell/options.md) that are currently available. These custom cmdlets are then referenced by the cmdlets created at build-time in the `..\exports` folder.

## Usage
The easiest way currently to start developing custom cmdlets is to copy an existing cmdlet. For C# cmdlets, copy one from the `generated/cmdlets` folder. For script cmdlets, build the project using `build-module.ps1` and copy one of the scripts from the `..\exports` folder. After that, if you want to add new parameter sets, follow the guidelines in the `Details` section above. For implementing a new cmdlets, at minimum, please keep these parameters:
- Break
- DefaultProfile
- HttpPipelineAppend
- HttpPipelinePrepend
- Proxy
- ProxyCredential
- ProxyUseDefaultCredentials

These provide functionality to our HTTP pipeline and other useful features. In script, you can forward these parameters using `$PSBoundParameters` to the other cmdlets you're calling within `Az.NetworkSecurityPerimeter`. For C#, follow the usage seen in the `ProcessRecordAsync` method.

### Attributes
For processing the cmdlets, we've created some additional attributes:
- `Microsoft.Azure.PowerShell.Cmdlets.NetworkSecurityPerimeter.DescriptionAttribute`
- Used in C# cmdlets to provide a high-level description of the cmdlet. This is propagated to reference documentation via [help comments](https://docs.microsoft.com/powershell/module/microsoft.powershell.core/about/about_comment_based_help) in the exported scripts.
- `Microsoft.Azure.PowerShell.Cmdlets.NetworkSecurityPerimeter.DoNotExportAttribute`
- Used in C# and script cmdlets to suppress creating an exported cmdlet at build-time. These cmdlets will *not be exposed* by `Az.NetworkSecurityPerimeter`.
- `Microsoft.Azure.PowerShell.Cmdlets.NetworkSecurityPerimeter.InternalExportAttribute`
- Used in C# cmdlets to route exported cmdlets to the `..\internal`, which are *not exposed* by `Az.NetworkSecurityPerimeter`. For more information, see [README.md](..\internal/README.md) in the `..\internal` folder.
- `Microsoft.Azure.PowerShell.Cmdlets.NetworkSecurityPerimeter.ProfileAttribute`
- Used in C# and script cmdlets to define which Azure profiles the cmdlet supports. This is only supported for Azure (`--azure`) modules.
Loading

0 comments on commit 7cebf5d

Please sign in to comment.