Update to latest REST API

sdk/batch/azure-mgmt-batch/CHANGELOG.md

@@ -1,10 +1,33 @@
 # Release History
+## 9.0.0 (2020-05-29)
+### REST API version
+- This version targets REST API version 2020-05-01.
+
+### Features
+- Added ability to access the Batch DataPlane API without needing a public DNS entry for the account via the new `public_network_access` property on `BatchAccount`.
+- Added new `PrivateLinkResource` and `PrivateEndpointConnection` resource types. These are both only used when the `public_network_access` property on `BatchAccount` is set to `Disabled`.
+  - When `public_network_access` is set to `Disabled` a new `PrivateLinkResource` is visible in that account, which can be used to connect to the account using an ARM Private Endpoint in your VNET.
+- Added ability to encrypt `ComputeNode` disk drives using the new `disk_encryption_configuration` property of `VirtualMachineConfiguration`.
+- **[Breaking]** The `id` property of `ImageReference` can now only refer to a Shared Image Gallery image.
+- **[Breaking]** Pools can now be provisioned without a public IP using the new `public_ip_configuration` property of `NetworkConfiguration`.
+  - The `public_ips` property of `NetworkConfiguration` has moved in to `PublicIPAddressConfiguration` as well. This property can only be specified if `IPAddressProvisioningType` is `UserManaged`.
+- Adds a new property `identity` of type `BatchAccountIdentity` to `BatchAccount`. This can be used to configure how customer data is encrypted inside the Batch account.
+    - This new property is configurable at  the account level on create and update through a new `identity` property on `BatchAccountCreateParameters` and `BatchAccountUpdateParameters`
+
+### Fixes
+- [Breaking] Move tags from being an argument on create and update pool parameters to being a part of `BatchAccountCreateParameters` and `BatchAccountUpdateParameters` to properly reflect the REST API
+
+## 8.0.1 (2020-05-26) [Deprecated]
+### Notices
+- This version targeted an invalid REST API. This version does not honor the associated REST API contract.
 
-## 8.0.1 (2020-05-26)
 ### Bugfixes
-- Fix issues in PrivateEndpointConnection get and update methods due to mistakes in the Swagger specification causing validation to fail.
+- Fix issues in PrivateEndpointConnection get and update methods due to mistakes in the Swagger specification causing validation to fail. It is advised to use version 9+ to make use of the features added in this version.
+
+## 8.0.0 (2020-04-10) [Deprecated]
+### Notices
+- This version targeted an invalid REST API. Currently the PrivateEndpoint get() and update() functions do not function correctly. It is advised to use version 9+ to make use of the features added in this version.
 
-## 8.0.0 (2020-04-10)
 ### REST API version
 - This version targets REST API version 2020-03-01.
 

sdk/batch/azure-mgmt-batch/azure/mgmt/batch/_batch_management_client.py

@@ -66,7 +66,7 @@ def __init__(
         super(BatchManagementClient, self).__init__(self.config.credentials, self.config)
 
         client_models = {k: v for k, v in models.__dict__.items() if isinstance(v, type)}
-        self.api_version = '2020-03-01'
+        self.api_version = '2020-05-01'
         self._serialize = Serializer(client_models)
         self._deserialize = Deserializer(client_models)
 

sdk/batch/azure-mgmt-batch/azure/mgmt/batch/models/__init__.py

@@ -24,6 +24,7 @@
     from ._models_py3 import AzureFileShareConfiguration
     from ._models_py3 import BatchAccount
     from ._models_py3 import BatchAccountCreateParameters
+    from ._models_py3 import BatchAccountIdentity
     from ._models_py3 import BatchAccountKeys
     from ._models_py3 import BatchAccountRegenerateKeyParameters
     from ._models_py3 import BatchAccountUpdateParameters
@@ -94,6 +95,7 @@
     from ._models import AzureFileShareConfiguration
     from ._models import BatchAccount
     from ._models import BatchAccountCreateParameters
+    from ._models import BatchAccountIdentity
     from ._models import BatchAccountKeys
     from ._models import BatchAccountRegenerateKeyParameters
     from ._models import BatchAccountUpdateParameters
@@ -161,6 +163,7 @@
     KeySource,
     PoolAllocationMode,
     PublicNetworkAccessType,
+    ResourceIdentityType,
     ProvisioningState,
     PrivateEndpointConnectionProvisioningState,
     PrivateLinkServiceConnectionStatus,
@@ -205,6 +208,7 @@
     'AzureFileShareConfiguration',
     'BatchAccount',
     'BatchAccountCreateParameters',
+    'BatchAccountIdentity',
     'BatchAccountKeys',
     'BatchAccountRegenerateKeyParameters',
     'BatchAccountUpdateParameters',
@@ -271,6 +275,7 @@
     'KeySource',
     'PoolAllocationMode',
     'PublicNetworkAccessType',
+    'ResourceIdentityType',
     'ProvisioningState',
     'PrivateEndpointConnectionProvisioningState',
     'PrivateLinkServiceConnectionStatus',

sdk/batch/azure-mgmt-batch/azure/mgmt/batch/models/_batch_management_client_enums.py

@@ -15,7 +15,7 @@
 class KeySource(str, Enum):
 
     microsoft_batch = "Microsoft.Batch"  #: Batch creates and manages the encryption keys used to protect the account data.
-    microsoft_key_vault = "Microsoft.KeyVault"  #: The encryption keys used to protect the account data are stored in an external key vault.
+    microsoft_key_vault = "Microsoft.KeyVault"  #: The encryption keys used to protect the account data are stored in an external key vault. If this is set then the Batch Account identity must be set to `SystemAssigned` and a valid Key Identifier must also be supplied under the keyVaultProperties.
 
 
 class PoolAllocationMode(str, Enum):
@@ -30,6 +30,12 @@ class PublicNetworkAccessType(str, Enum):
     disabled = "Disabled"  #: Disables public connectivity and enables private connectivity to Azure Batch Service through private endpoint resource.
 
 
+class ResourceIdentityType(str, Enum):
+
+    system_assigned = "SystemAssigned"  #: Batch account has a system assigned identity with it.
+    none = "None"  #: Batch account has no identity associated with it. Setting `None` in update account will remove existing identities.
+
+
 class ProvisioningState(str, Enum):
 
     invalid = "Invalid"  #: The account is in an invalid state.

sdk/batch/azure-mgmt-batch/azure/mgmt/batch/models/_models.py

@@ -570,6 +570,9 @@ class BatchAccount(Resource):
      associated with the Batch account.
     :vartype auto_storage: ~azure.mgmt.batch.models.AutoStorageProperties
     :ivar encryption: The encryption configuration for the Batch account.
+     Configures how customer data is encrypted inside the Batch account. By
+     default, accounts are encrypted using a Microsoft managed key. For
+     additional control, a customer-managed key can be used instead.
     :vartype encryption: ~azure.mgmt.batch.models.EncryptionProperties
     :ivar dedicated_core_quota: The dedicated core quota for the Batch
      account. For accounts with PoolAllocationMode set to UserSubscription,
@@ -601,6 +604,8 @@ class BatchAccount(Resource):
     :ivar active_job_and_job_schedule_quota: The active job and job schedule
      quota for the Batch account.
     :vartype active_job_and_job_schedule_quota: int
+    :param identity: The identity of the Batch account.
+    :type identity: ~azure.mgmt.batch.models.BatchAccountIdentity
     """
 
     _validation = {
@@ -645,6 +650,7 @@ class BatchAccount(Resource):
         'dedicated_core_quota_per_vm_family_enforced': {'key': 'properties.dedicatedCoreQuotaPerVMFamilyEnforced', 'type': 'bool'},
         'pool_quota': {'key': 'properties.poolQuota', 'type': 'int'},
         'active_job_and_job_schedule_quota': {'key': 'properties.activeJobAndJobScheduleQuota', 'type': 'int'},
+        'identity': {'key': 'identity', 'type': 'BatchAccountIdentity'},
     }
 
     def __init__(self, **kwargs):
@@ -663,6 +669,7 @@ def __init__(self, **kwargs):
         self.dedicated_core_quota_per_vm_family_enforced = None
         self.pool_quota = None
         self.active_job_and_job_schedule_quota = None
+        self.identity = kwargs.get('identity', None)
 
 
 class BatchAccountCreateParameters(Model):
@@ -694,7 +701,12 @@ class BatchAccountCreateParameters(Model):
     :type public_network_access: str or
      ~azure.mgmt.batch.models.PublicNetworkAccessType
     :param encryption: The encryption configuration for the Batch account.
+     Configures how customer data is encrypted inside the Batch account. By
+     default, accounts are encrypted using a Microsoft managed key. For
+     additional control, a customer-managed key can be used instead.
     :type encryption: ~azure.mgmt.batch.models.EncryptionProperties
+    :param identity: The identity of the Batch account.
+    :type identity: ~azure.mgmt.batch.models.BatchAccountIdentity
     """
 
     _validation = {
@@ -709,6 +721,7 @@ class BatchAccountCreateParameters(Model):
         'key_vault_reference': {'key': 'properties.keyVaultReference', 'type': 'KeyVaultReference'},
         'public_network_access': {'key': 'properties.publicNetworkAccess', 'type': 'PublicNetworkAccessType'},
         'encryption': {'key': 'properties.encryption', 'type': 'EncryptionProperties'},
+        'identity': {'key': 'identity', 'type': 'BatchAccountIdentity'},
     }
 
     def __init__(self, **kwargs):
@@ -720,6 +733,47 @@ def __init__(self, **kwargs):
         self.key_vault_reference = kwargs.get('key_vault_reference', None)
         self.public_network_access = kwargs.get('public_network_access', "Enabled")
         self.encryption = kwargs.get('encryption', None)
+        self.identity = kwargs.get('identity', None)
+
+
+class BatchAccountIdentity(Model):
+    """The identity of the Batch account, if configured. This is only used when
+    the user specifies 'Microsoft.KeyVault' as their Batch account encryption
+    configuration.
+
+    Variables are only populated by the server, and will be ignored when
+    sending a request.
+
+    All required parameters must be populated in order to send to Azure.
+
+    :ivar principal_id: The principal id of the Batch account. This property
+     will only be provided for a system assigned identity.
+    :vartype principal_id: str
+    :ivar tenant_id: The tenant id associated with the Batch account. This
+     property will only be provided for a system assigned identity.
+    :vartype tenant_id: str
+    :param type: Required. The type of identity used for the Batch account.
+     Possible values include: 'SystemAssigned', 'None'
+    :type type: str or ~azure.mgmt.batch.models.ResourceIdentityType
+    """
+
+    _validation = {
+        'principal_id': {'readonly': True},
+        'tenant_id': {'readonly': True},
+        'type': {'required': True},
+    }
+
+    _attribute_map = {
+        'principal_id': {'key': 'principalId', 'type': 'str'},
+        'tenant_id': {'key': 'tenantId', 'type': 'str'},
+        'type': {'key': 'type', 'type': 'ResourceIdentityType'},
+    }
+
+    def __init__(self, **kwargs):
+        super(BatchAccountIdentity, self).__init__(**kwargs)
+        self.principal_id = None
+        self.tenant_id = None
+        self.type = kwargs.get('type', None)
 
 
 class BatchAccountKeys(Model):
@@ -786,20 +840,27 @@ class BatchAccountUpdateParameters(Model):
     :param auto_storage: The properties related to the auto-storage account.
     :type auto_storage: ~azure.mgmt.batch.models.AutoStorageBaseProperties
     :param encryption: The encryption configuration for the Batch account.
+     Configures how customer data is encrypted inside the Batch account. By
+     default, accounts are encrypted using a Microsoft managed key. For
+     additional control, a customer-managed key can be used instead.
     :type encryption: ~azure.mgmt.batch.models.EncryptionProperties
+    :param identity: The identity of the Batch account.
+    :type identity: ~azure.mgmt.batch.models.BatchAccountIdentity
     """
 
     _attribute_map = {
         'tags': {'key': 'tags', 'type': '{str}'},
         'auto_storage': {'key': 'properties.autoStorage', 'type': 'AutoStorageBaseProperties'},
         'encryption': {'key': 'properties.encryption', 'type': 'EncryptionProperties'},
+        'identity': {'key': 'identity', 'type': 'BatchAccountIdentity'},
     }
 
     def __init__(self, **kwargs):
         super(BatchAccountUpdateParameters, self).__init__(**kwargs)
         self.tags = kwargs.get('tags', None)
         self.auto_storage = kwargs.get('auto_storage', None)
         self.encryption = kwargs.get('encryption', None)
+        self.identity = kwargs.get('identity', None)
 
 
 class BatchLocationQuota(Model):
@@ -1466,7 +1527,9 @@ def __init__(self, **kwargs):
 
 
 class EncryptionProperties(Model):
-    """EncryptionProperties.
+    """Configures how customer data is encrypted inside the Batch account. By
+    default, accounts are encrypted using a Microsoft managed key. For
+    additional control, a customer-managed key can be used instead.
 
     :param key_source: Type of the key source. Possible values include:
      'Microsoft.Batch', 'Microsoft.KeyVault'
@@ -1666,10 +1729,16 @@ def __init__(self, **kwargs):
 
 
 class KeyVaultProperties(Model):
-    """KeyVaultProperties.
+    """KeyVault configuration when using an encryption KeySource of
+    Microsoft.KeyVault.
 
     :param key_identifier: Full path to the versioned secret. Example
-     https://mykeyvault.vault.azure.net/keys/testkey/6e34a81fef704045975661e297a4c053
+     https://mykeyvault.vault.azure.net/keys/testkey/6e34a81fef704045975661e297a4c053.
+     To be usable the following prerequisites must be met:
+     The Batch Account has a System Assigned identity
+     The account identity has been granted Key/Get, Key/Unwrap and Key/Wrap
+     permissions
+     The KeyVault has soft-delete and purge protection enabled
     :type key_identifier: str
     """