Skip to content

Commit

Permalink
Confidential VM features in VM and Disk cmdlets (#18094)
Browse files Browse the repository at this point in the history 
* set-azvmsssecuritytype dev and test

* test more

* 5 of 6 devs

* removing vmss work

* setazvmosdisk

* 2 tests/cmdlets done

* diskdescurityprofile testing trying

* test trying

* trying tests

* test cleanup

* test eh

* tests work

* tests

* name changes

* test script issues

* remove unused test

* test rerecord

* test stop running

* new test withhout polciy file

* trying test, some succ

* igvm access

* desid test script

* wiki test success

* test record arm client error

* some attempts at testing

* get object id of user

* test stuff

* test stuff

* works with cli

* codereview cleanup

* codereview cleanup 2

* key vault trying

* keyvault cleanup

* test stuff

* trying key stuff

* test runner and key attempts

* computetestrunner attempt

* successful manual test

* tests cleanup and done

* changelog and help doc

* vmss dev and test

* disk encrypt type

* remove vmss since half is non functional

* remove vmss test

* examples and clean kv changelog

* remove vmss test

* Update Set-AzVMOSDisk.md

* Update examples

* Update Set-AzVMOSDisk.md

Co-authored-by: wyunchi-ms <[email protected]>
Co-authored-by: Yunchi Wang <[email protected]>
Co-authored-by: Yunchi Wang <[email protected]>
  • Loading branch information
@Sandido @wyunchi-ms
4 people authored Oct 10, 2022
1 parent f968215 commit cbbd0cc
Show file tree
Hide file tree
Showing 22 changed files with 22,156 additions and 22 deletions.
44 changes: 43 additions & 1 deletion src/Compute/Compute.Test/ScenarioTests/VirtualMachineTests.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -507,12 +507,54 @@ public void TestVirtualMachineGuestAttestation()
{
TestRunner.RunTestScript("Test-VirtualMachineGuestAttestation");
}

[Fact]
[Trait(Category.AcceptanceType, Category.CheckIn)]
public void TestVMandVMSSTimeCreated()
{
TestRunner.RunTestScript("Test-VMandVMSSTimeCreated");
}

[Fact]
[Trait(Category.AcceptanceType, Category.CheckIn)]
public void TestConfidentialVMSetAzVmOsDisk()
{
TestRunner.RunTestScript("Test-ConfidentialVMSetAzVmOsDisk");
}

[Fact]
[Trait(Category.AcceptanceType, Category.CheckIn)]
public void TestConfVMSetAzVMSecurityProfile()
{
TestRunner.RunTestScript("Test-ConfVMSetAzVMSecurityProfile");
}

[Fact]
[Trait(Category.AcceptanceType, Category.CheckIn)]
public void TestConfVMSetAzDiskSecurityProfile()
{
TestRunner.RunTestScript("Test-ConfVMSetAzDiskSecurityProfile");
}

[Fact]
[Trait(Category.AcceptanceType, Category.CheckIn)]
public void TestConfVMSetAzDiskEncryptionSetConfig()
{
TestRunner.RunTestScript("Test-ConfVMSetAzDiskEncryptionSetConfig");
}

[Fact]
[Trait(Category.AcceptanceType, Category.CheckIn)]
public void TestConfVMSetAzDiskSecurityProfileNoDES()
{
TestRunner.RunTestScript("Test-ConfVMSetAzDiskSecurityProfileNoDES");
}

[Fact]
[Trait(Category.AcceptanceType, Category.CheckIn)]
public void TestConfidentialVMSetAzVmOsDiskDesIdDiskWithVMGuestManual()
{
TestRunner.RunTestScript("Test-ManualConfidentialVMSetAzVmOsDiskDesIdDiskWithVMGuest");
}
}
}
509 changes: 507 additions & 2 deletions src/Compute/Compute.Test/ScenarioTests/VirtualMachineTests.ps1
View file

Large diffs are not rendered by default.

294 changes: 294 additions & 0 deletions ...ompute.Test.ScenarioTests.VirtualMachineTests/TestConfVMSetAzDiskEncryptionSetConfig.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,294 @@
{
"Entries": [
{
"RequestUri": "/subscriptions/e37510d7-33b6-4676-886f-ee75bcc01871/resourceGroups/adsanddescon1/providers/Microsoft.Compute/diskEncryptionSets/desadsanddescon1?api-version=2022-03-02",
"EncodedRequestUri": "L3N1YnNjcmlwdGlvbnMvZTM3NTEwZDctMzNiNi00Njc2LTg4NmYtZWU3NWJjYzAxODcxL3Jlc291cmNlR3JvdXBzL2Fkc2FuZGRlc2NvbjEvcHJvdmlkZXJzL01pY3Jvc29mdC5Db21wdXRlL2Rpc2tFbmNyeXB0aW9uU2V0cy9kZXNhZHNhbmRkZXNjb24xP2FwaS12ZXJzaW9uPTIwMjItMDMtMDI=",
"RequestMethod": "PUT",
"RequestHeaders": {
"x-ms-client-request-id": [
"bd4865c4-ce75-40a8-b82c-5c2ebbf95e48"
],
"Accept-Language": [
"en-US"
],
"User-Agent": [
"FxVersion/4.700.22.36202",
"OSName/Windows",
"OSVersion/Microsoft.Windows.10.0.22000",
"Microsoft.Azure.Management.Compute.ComputeManagementClient/57.0.0"
],
"Content-Type": [
"application/json; charset=utf-8"
],
"Content-Length": [
"514"
]
},
"RequestBody": "{\r\n \"identity\": {\r\n \"type\": \"SystemAssigned\"\r\n },\r\n \"properties\": {\r\n \"encryptionType\": \"ConfidentialVmEncryptedWithCustomerKey\",\r\n \"activeKey\": {\r\n \"sourceVault\": {\r\n \"id\": \"/subscriptions/e37510d7-33b6-4676-886f-ee75bcc01871/resourceGroups/adsanddescon1/providers/Microsoft.KeyVault/vaults/kvadsanddescon1\"\r\n },\r\n \"keyUrl\": \"https://kvadsanddescon1.vault.azure.net/keys/kadsanddescon1/a07a0b98ac3c4139b627190699e0804e\"\r\n }\r\n },\r\n \"location\": \"northeurope\",\r\n \"tags\": {}\r\n}",
"ResponseHeaders": {
"Cache-Control": [
"no-cache"
],
"Pragma": [
"no-cache"
],
"Location": [
"https://management.azure.com/subscriptions/e37510d7-33b6-4676-886f-ee75bcc01871/providers/Microsoft.Compute/locations/northeurope/DiskOperations/492d4803-a084-4ca3-aebd-bdd8f3eaf7cf?p=f11d738a-f4d5-4518-b51f-678877a2640b&monitor=true&api-version=2022-03-02"
],
"Azure-AsyncOperation": [
"https://management.azure.com/subscriptions/e37510d7-33b6-4676-886f-ee75bcc01871/providers/Microsoft.Compute/locations/northeurope/DiskOperations/492d4803-a084-4ca3-aebd-bdd8f3eaf7cf?p=f11d738a-f4d5-4518-b51f-678877a2640b&api-version=2022-03-02"
],
"x-ms-ratelimit-remaining-resource": [
"Microsoft.Compute/HighCostDiskEncryptionSet3Min;98,Microsoft.Compute/HighCostDiskEncryptionSet30Min;298"
],
"Strict-Transport-Security": [
"max-age=31536000; includeSubDomains"
],
"x-ms-served-by": [
"f11d738a-f4d5-4518-b51f-678877a2640b_132648252790131682"
],
"x-ms-request-id": [
"492d4803-a084-4ca3-aebd-bdd8f3eaf7cf"
],
"Server": [
"Microsoft-HTTPAPI/2.0",
"Microsoft-HTTPAPI/2.0"
],
"x-ms-ratelimit-remaining-subscription-writes": [
"1199"
],
"x-ms-correlation-request-id": [
"f23c4fc4-9911-4ec1-a4db-7267b02bfeac"
],
"x-ms-routing-request-id": [
"CENTRALUS:20220909T193745Z:f23c4fc4-9911-4ec1-a4db-7267b02bfeac"
],
"X-Content-Type-Options": [
"nosniff"
],
"Date": [
"Fri, 09 Sep 2022 19:37:44 GMT"
],
"Content-Length": [
"552"
],
"Content-Type": [
"application/json; charset=utf-8"
],
"Expires": [
"-1"
]
},
"ResponseBody": "{\r\n \"location\": \"northeurope\",\r\n \"tags\": {},\r\n \"identity\": {\r\n \"type\": \"SystemAssigned\"\r\n },\r\n \"properties\": {\r\n \"activeKey\": {\r\n \"sourceVault\": {\r\n \"id\": \"/subscriptions/e37510d7-33b6-4676-886f-ee75bcc01871/resourceGroups/adsanddescon1/providers/Microsoft.KeyVault/vaults/kvadsanddescon1\"\r\n },\r\n \"keyUrl\": \"https://kvadsanddescon1.vault.azure.net/keys/kadsanddescon1/a07a0b98ac3c4139b627190699e0804e\"\r\n },\r\n \"encryptionType\": \"ConfidentialVmEncryptedWithCustomerKey\",\r\n \"provisioningState\": \"Updating\"\r\n }\r\n}",
"StatusCode": 202
},
{
"RequestUri": "/subscriptions/e37510d7-33b6-4676-886f-ee75bcc01871/providers/Microsoft.Compute/locations/northeurope/DiskOperations/492d4803-a084-4ca3-aebd-bdd8f3eaf7cf?p=f11d738a-f4d5-4518-b51f-678877a2640b&api-version=2022-03-02",
"EncodedRequestUri": "L3N1YnNjcmlwdGlvbnMvZTM3NTEwZDctMzNiNi00Njc2LTg4NmYtZWU3NWJjYzAxODcxL3Byb3ZpZGVycy9NaWNyb3NvZnQuQ29tcHV0ZS9sb2NhdGlvbnMvbm9ydGhldXJvcGUvRGlza09wZXJhdGlvbnMvNDkyZDQ4MDMtYTA4NC00Y2EzLWFlYmQtYmRkOGYzZWFmN2NmP3A9ZjExZDczOGEtZjRkNS00NTE4LWI1MWYtNjc4ODc3YTI2NDBiJmFwaS12ZXJzaW9uPTIwMjItMDMtMDI=",
"RequestMethod": "GET",
"RequestHeaders": {
"x-ms-client-request-id": [
"bd4865c4-ce75-40a8-b82c-5c2ebbf95e48"
],
"User-Agent": [
"FxVersion/4.700.22.36202",
"OSName/Windows",
"OSVersion/Microsoft.Windows.10.0.22000",
"Microsoft.Azure.Management.Compute.ComputeManagementClient/57.0.0"
]
},
"RequestBody": "",
"ResponseHeaders": {
"Cache-Control": [
"no-cache"
],
"Pragma": [
"no-cache"
],
"x-ms-ratelimit-remaining-resource": [
"Microsoft.Compute/GetOperation3Min;49996,Microsoft.Compute/GetOperation30Min;399996"
],
"Strict-Transport-Security": [
"max-age=31536000; includeSubDomains"
],
"x-ms-served-by": [
"f11d738a-f4d5-4518-b51f-678877a2640b_132648252790131682"
],
"x-ms-request-id": [
"69d10e48-dad5-44c5-89f8-d38d99e18194"
],
"Server": [
"Microsoft-HTTPAPI/2.0",
"Microsoft-HTTPAPI/2.0"
],
"x-ms-ratelimit-remaining-subscription-reads": [
"11999"
],
"x-ms-correlation-request-id": [
"2a602896-e587-4675-9541-1bf4d7958782"
],
"x-ms-routing-request-id": [
"CENTRALUS:20220909T193815Z:2a602896-e587-4675-9541-1bf4d7958782"
],
"X-Content-Type-Options": [
"nosniff"
],
"Date": [
"Fri, 09 Sep 2022 19:38:15 GMT"
],
"Content-Length": [
"994"
],
"Content-Type": [
"application/json; charset=utf-8"
],
"Expires": [
"-1"
]
},
"ResponseBody": "{\r\n \"startTime\": \"2022-09-09T15:37:45.5986394-04:00\",\r\n \"endTime\": \"2022-09-09T15:37:45.6768383-04:00\",\r\n \"status\": \"Succeeded\",\r\n \"properties\": {\r\n \"output\": {\r\n \"name\": \"desadsanddescon1\",\r\n \"id\": \"/subscriptions/e37510d7-33b6-4676-886f-ee75bcc01871/resourceGroups/adsanddescon1/providers/Microsoft.Compute/diskEncryptionSets/desadsanddescon1\",\r\n \"type\": \"Microsoft.Compute/diskEncryptionSets\",\r\n \"location\": \"northeurope\",\r\n \"identity\": {\r\n \"type\": \"SystemAssigned\",\r\n \"principalId\": \"6138c972-5063-4dc3-9da5-682d1490bf9f\",\r\n \"tenantId\": \"72f988bf-86f1-41af-91ab-2d7cd011db47\"\r\n },\r\n \"properties\": {\r\n \"activeKey\": {\r\n \"sourceVault\": {\r\n \"id\": \"/subscriptions/e37510d7-33b6-4676-886f-ee75bcc01871/resourceGroups/adsanddescon1/providers/Microsoft.KeyVault/vaults/kvadsanddescon1\"\r\n },\r\n \"keyUrl\": \"https://kvadsanddescon1.vault.azure.net/keys/kadsanddescon1/a07a0b98ac3c4139b627190699e0804e\"\r\n },\r\n \"encryptionType\": \"ConfidentialVmEncryptedWithCustomerKey\",\r\n \"provisioningState\": \"Succeeded\"\r\n }\r\n }\r\n },\r\n \"name\": \"492d4803-a084-4ca3-aebd-bdd8f3eaf7cf\"\r\n}",
"StatusCode": 200
},
{
"RequestUri": "/subscriptions/e37510d7-33b6-4676-886f-ee75bcc01871/resourceGroups/adsanddescon1/providers/Microsoft.Compute/diskEncryptionSets/desadsanddescon1?api-version=2022-03-02",
"EncodedRequestUri": "L3N1YnNjcmlwdGlvbnMvZTM3NTEwZDctMzNiNi00Njc2LTg4NmYtZWU3NWJjYzAxODcxL3Jlc291cmNlR3JvdXBzL2Fkc2FuZGRlc2NvbjEvcHJvdmlkZXJzL01pY3Jvc29mdC5Db21wdXRlL2Rpc2tFbmNyeXB0aW9uU2V0cy9kZXNhZHNhbmRkZXNjb24xP2FwaS12ZXJzaW9uPTIwMjItMDMtMDI=",
"RequestMethod": "GET",
"RequestHeaders": {
"x-ms-client-request-id": [
"bd4865c4-ce75-40a8-b82c-5c2ebbf95e48"
],
"User-Agent": [
"FxVersion/4.700.22.36202",
"OSName/Windows",
"OSVersion/Microsoft.Windows.10.0.22000",
"Microsoft.Azure.Management.Compute.ComputeManagementClient/57.0.0"
]
},
"RequestBody": "",
"ResponseHeaders": {
"Cache-Control": [
"no-cache"
],
"Pragma": [
"no-cache"
],
"x-ms-ratelimit-remaining-resource": [
"Microsoft.Compute/LowCostGet3Min;14993,Microsoft.Compute/LowCostGet30Min;119981"
],
"Strict-Transport-Security": [
"max-age=31536000; includeSubDomains"
],
"x-ms-served-by": [
"f11d738a-f4d5-4518-b51f-678877a2640b_132648252790131682"
],
"x-ms-request-id": [
"f9e11aac-e39e-4dcf-b81f-55507388a133"
],
"Server": [
"Microsoft-HTTPAPI/2.0",
"Microsoft-HTTPAPI/2.0"
],
"x-ms-ratelimit-remaining-subscription-reads": [
"11998"
],
"x-ms-correlation-request-id": [
"fd51facb-39b4-4362-a80c-5f3af3f97a6b"
],
"x-ms-routing-request-id": [
"CENTRALUS:20220909T193816Z:fd51facb-39b4-4362-a80c-5f3af3f97a6b"
],
"X-Content-Type-Options": [
"nosniff"
],
"Date": [
"Fri, 09 Sep 2022 19:38:15 GMT"
],
"Content-Length": [
"894"
],
"Content-Type": [
"application/json; charset=utf-8"
],
"Expires": [
"-1"
]
},
"ResponseBody": "{\r\n \"name\": \"desadsanddescon1\",\r\n \"id\": \"/subscriptions/e37510d7-33b6-4676-886f-ee75bcc01871/resourceGroups/adsanddescon1/providers/Microsoft.Compute/diskEncryptionSets/desadsanddescon1\",\r\n \"type\": \"Microsoft.Compute/diskEncryptionSets\",\r\n \"location\": \"northeurope\",\r\n \"identity\": {\r\n \"type\": \"SystemAssigned\",\r\n \"principalId\": \"6138c972-5063-4dc3-9da5-682d1490bf9f\",\r\n \"tenantId\": \"72f988bf-86f1-41af-91ab-2d7cd011db47\"\r\n },\r\n \"properties\": {\r\n \"activeKey\": {\r\n \"sourceVault\": {\r\n \"id\": \"/subscriptions/e37510d7-33b6-4676-886f-ee75bcc01871/resourceGroups/adsanddescon1/providers/Microsoft.KeyVault/vaults/kvadsanddescon1\"\r\n },\r\n \"keyUrl\": \"https://kvadsanddescon1.vault.azure.net/keys/kadsanddescon1/a07a0b98ac3c4139b627190699e0804e\"\r\n },\r\n \"encryptionType\": \"ConfidentialVmEncryptedWithCustomerKey\",\r\n \"provisioningState\": \"Succeeded\"\r\n }\r\n}",
"StatusCode": 200
},
{
"RequestUri": "/subscriptions/e37510d7-33b6-4676-886f-ee75bcc01871/resourceGroups/adsanddescon1/providers/Microsoft.Compute/diskEncryptionSets/desadsanddescon1?api-version=2022-03-02",
"EncodedRequestUri": "L3N1YnNjcmlwdGlvbnMvZTM3NTEwZDctMzNiNi00Njc2LTg4NmYtZWU3NWJjYzAxODcxL3Jlc291cmNlR3JvdXBzL2Fkc2FuZGRlc2NvbjEvcHJvdmlkZXJzL01pY3Jvc29mdC5Db21wdXRlL2Rpc2tFbmNyeXB0aW9uU2V0cy9kZXNhZHNhbmRkZXNjb24xP2FwaS12ZXJzaW9uPTIwMjItMDMtMDI=",
"RequestMethod": "GET",
"RequestHeaders": {
"x-ms-client-request-id": [
"ca0ee892-4320-471d-9d7f-c927a232375b"
],
"Accept-Language": [
"en-US"
],
"User-Agent": [
"FxVersion/4.700.22.36202",
"OSName/Windows",
"OSVersion/Microsoft.Windows.10.0.22000",
"Microsoft.Azure.Management.Compute.ComputeManagementClient/57.0.0"
]
},
"RequestBody": "",
"ResponseHeaders": {
"Cache-Control": [
"no-cache"
],
"Pragma": [
"no-cache"
],
"x-ms-ratelimit-remaining-resource": [
"Microsoft.Compute/LowCostGet3Min;14992,Microsoft.Compute/LowCostGet30Min;119980"
],
"Strict-Transport-Security": [
"max-age=31536000; includeSubDomains"
],
"x-ms-served-by": [
"f11d738a-f4d5-4518-b51f-678877a2640b_132648252790131682"
],
"x-ms-request-id": [
"d663660c-0321-4d59-aa55-919416d60bbf"
],
"Server": [
"Microsoft-HTTPAPI/2.0",
"Microsoft-HTTPAPI/2.0"
],
"x-ms-ratelimit-remaining-subscription-reads": [
"11999"
],
"x-ms-correlation-request-id": [
"ceab977f-b477-4514-89df-beb3d5496d9c"
],
"x-ms-routing-request-id": [
"CENTRALUS:20220909T193818Z:ceab977f-b477-4514-89df-beb3d5496d9c"
],
"X-Content-Type-Options": [
"nosniff"
],
"Date": [
"Fri, 09 Sep 2022 19:38:18 GMT"
],
"Content-Length": [
"894"
],
"Content-Type": [
"application/json; charset=utf-8"
],
"Expires": [
"-1"
]
},
"ResponseBody": "{\r\n \"name\": \"desadsanddescon1\",\r\n \"id\": \"/subscriptions/e37510d7-33b6-4676-886f-ee75bcc01871/resourceGroups/adsanddescon1/providers/Microsoft.Compute/diskEncryptionSets/desadsanddescon1\",\r\n \"type\": \"Microsoft.Compute/diskEncryptionSets\",\r\n \"location\": \"northeurope\",\r\n \"identity\": {\r\n \"type\": \"SystemAssigned\",\r\n \"principalId\": \"6138c972-5063-4dc3-9da5-682d1490bf9f\",\r\n \"tenantId\": \"72f988bf-86f1-41af-91ab-2d7cd011db47\"\r\n },\r\n \"properties\": {\r\n \"activeKey\": {\r\n \"sourceVault\": {\r\n \"id\": \"/subscriptions/e37510d7-33b6-4676-886f-ee75bcc01871/resourceGroups/adsanddescon1/providers/Microsoft.KeyVault/vaults/kvadsanddescon1\"\r\n },\r\n \"keyUrl\": \"https://kvadsanddescon1.vault.azure.net/keys/kadsanddescon1/a07a0b98ac3c4139b627190699e0804e\"\r\n },\r\n \"encryptionType\": \"ConfidentialVmEncryptedWithCustomerKey\",\r\n \"provisioningState\": \"Succeeded\"\r\n }\r\n}",
"StatusCode": 200
}
],
"Names": {},
"Variables": {
"SubscriptionId": "e37510d7-33b6-4676-886f-ee75bcc01871"
}
}
Loading

0 comments on commit cbbd0cc

Please sign in to comment.