[AKS] Support updating Windows password (Azure#3263)

AzureSDKAutomation · Apr 19, 2021 · a980ca1 · a980ca1
1 parent aa7e4dd
commit a980ca1
Show file tree

Hide file tree

Showing 6 changed files with 3,351 additions and 4 deletions.
diff --git a/src/aks-preview/azext_aks_preview/_help.py b/src/aks-preview/azext_aks_preview/_help.py
@@ -81,7 +81,7 @@
           short-summary: User account password to use on windows node VMs.
           long-summary: |-
             Rules for windows-admin-password:
-                - Minimum-length: 8 characters
+                - Minimum-length: 14 characters
                 - Max-length: 123 characters
                 - Complexity requirements: 3 out of 4 conditions below need to be fulfilled
                   * Has lower characters
@@ -505,6 +505,20 @@
         - name: --tags
           type: string
           short-summary: The tags of the managed cluster. The managed cluster instance and all resources managed by the cloud provider will be tagged.
+        - name: --windows-admin-password
+          type: string
+          short-summary: User account password to use on windows node VMs.
+          long-summary: |-
+            Rules for windows-admin-password:
+                - Minimum-length: 14 characters
+                - Max-length: 123 characters
+                - Complexity requirements: 3 out of 4 conditions below need to be fulfilled
+                  * Has lower characters
+                  * Has upper characters
+                  * Has a digit
+                  * Has a special character (Regex match [\\W_])
+                - Disallowed values:  "abc@123", "P@$$w0rd", "P@ssw0rd", "P@ssword123", "Pa$$word", "pass@word1", "Password!", "Password1", "Password22", "iloveyou!"
+            Reference: https://docs.microsoft.com/en-us/dotnet/api/microsoft.azure.management.compute.models.virtualmachinescalesetosprofile.adminpassword?view=azure-dotnet
     examples:
       - name: Enable cluster-autoscaler within node count range [1,5]
         text: az aks update --enable-cluster-autoscaler --min-count 1 --max-count 5 -g MyResourceGroup -n MyManagedCluster
@@ -548,6 +562,8 @@
         text: az aks update -g MyResourceGroup -n MyManagedCluster --disable-pod-identity
       - name: Update the tags of a kubernetes cluster
         text: az aks update -g MyResourceGroup -n MyManagedCLuster --tags "foo=bar" "baz=qux"
+      - name: Update Windows password of a kubernetes cluster
+        text: az aks update -g MyResourceGroup -n MyManagedCLuster --windows-admin-password "Repl@cePassw0rd12345678"
 """
 
 helps['aks kollect'] = """

diff --git a/src/aks-preview/azext_aks_preview/_params.py b/src/aks-preview/azext_aks_preview/_params.py
@@ -157,6 +157,7 @@ def load_arguments(self, _):
         c.argument('disable_pod_identity', action='store_true')
         c.argument('enable_secret_rotation', action='store_true')
         c.argument('disable_secret_rotation', action='store_true')
+        c.argument('windows_admin_password', options_list=['--windows-admin-password'])
         c.argument('yes', options_list=['--yes', '-y'], help='Do not prompt for confirmation.', action='store_true')
 
     with self.argument_context('aks scale') as c:

diff --git a/src/aks-preview/azext_aks_preview/custom.py b/src/aks-preview/azext_aks_preview/custom.py
@@ -1495,7 +1495,8 @@ def aks_update(cmd,     # pylint: disable=too-many-statements,too-many-branches,
                enable_secret_rotation=False,
                disable_secret_rotation=False,
                yes=False,
-               tags=None):
+               tags=None,
+               windows_admin_password=None):
     update_autoscaler = enable_cluster_autoscaler or disable_cluster_autoscaler or update_cluster_autoscaler
     update_acr = attach_acr is not None or detach_acr is not None
     update_pod_security = enable_pod_security_policy or disable_pod_security_policy
@@ -1527,7 +1528,8 @@ def aks_update(cmd,     # pylint: disable=too-many-statements,too-many-branches,
        not disable_pod_identity and \
        not enable_secret_rotation and \
        not disable_secret_rotation and \
-       not tags:
+       not tags and \
+       not windows_admin_password:
         raise CLIError('Please specify "--enable-cluster-autoscaler" or '
                        '"--disable-cluster-autoscaler" or '
                        '"--update-cluster-autoscaler" or '
@@ -1553,7 +1555,8 @@ def aks_update(cmd,     # pylint: disable=too-many-statements,too-many-branches,
                        '"--auto-upgrade-channel" or '
                        '"--enable-secret-rotation" or '
                        '"--disable-secret-rotation" or '
-                       '"--tags"')
+                       '"--tags" or '
+                       '"--windows-admin-password"')
 
     instance = client.get(resource_group_name, name)
 
@@ -1791,6 +1794,9 @@ def aks_update(cmd,     # pylint: disable=too-many-statements,too-many-branches,
     if tags:
         instance.tags = tags
 
+    if windows_admin_password:
+        instance.windows_profile.admin_password = windows_admin_password
+
     headers = get_aks_custom_headers(aks_custom_headers)
 
     return _put_managed_cluster_ensuring_permission(cmd,