diff --git a/src/azure-cli/azure/cli/command_modules/vm/_params.py b/src/azure-cli/azure/cli/command_modules/vm/_params.py index 6919410806d..9fc6b08d8e6 100644 --- a/src/azure-cli/azure/cli/command_modules/vm/_params.py +++ b/src/azure-cli/azure/cli/command_modules/vm/_params.py @@ -129,7 +129,7 @@ def load_arguments(self, _): enable_vtpm_type = CLIArgumentType(arg_type=get_three_state_flag(), min_api='2020-12-01', help='Enable vTPM.') enable_secure_boot_type = CLIArgumentType(arg_type=get_three_state_flag(), min_api='2020-12-01', help='Enable secure boot.') - security_type = CLIArgumentType(arg_type=get_enum_type(['TrustedLaunch']), min_api='2020-12-01', help='Specify if the VM is Trusted Launch enabled. See https://docs.microsoft.com/azure/virtual-machines/trusted-launch.') + security_type = CLIArgumentType(arg_type=get_enum_type(self.get_models('SecurityTypes')), min_api='2020-12-01', help='Specify the security type of the virtual machine.') gallery_image_name_type = CLIArgumentType(options_list=['--gallery-image-definition', '-i'], help='The name of the community gallery image definition from which the image versions are to be listed.', id_part='child_name_2') gallery_image_name_version_type = CLIArgumentType(options_list=['--gallery-image-version', '-e'], help='The name of the gallery image version to be created. Needs to follow semantic version name pattern: The allowed characters are digit and period. Digits must be within the range of a 32-bit integer. Format: ..', id_part='child_name_3') public_gallery_name_type = CLIArgumentType(help='The public name of community gallery.', id_part='child_name_1') @@ -954,6 +954,8 @@ def load_arguments(self, _): c.argument('edge_zone', edge_zone_type) c.argument('accept_term', action='store_true', help="Accept the license agreement and privacy statement.") c.argument('disable_integrity_monitoring', action='store_true', min_api='2020-12-01', help='Disable the default behavior of installing guest attestation extension and enabling System Assigned Identity for Trusted Launch enabled VMs and VMSS.') + c.argument('os_disk_security_encryption_type', arg_type=get_enum_type(self.get_models('SecurityEncryptionTypes')), min_api='2021-11-01', help='Specify the encryption type of the OS managed disk.') + c.argument('os_disk_secure_vm_disk_encryption_set', min_api='2021-11-01', help='Specify the customer managed disk encryption set resource ID or name for the managed disk that is used for customer managed key encrypted Confidential VM OS disk and VM guest blob.') with self.argument_context(scope, arg_group='Authentication') as c: c.argument('generate_ssh_keys', action='store_true', help='Generate SSH public and private key files if missing. The keys will be stored in the ~/.ssh directory') diff --git a/src/azure-cli/azure/cli/command_modules/vm/_template_builder.py b/src/azure-cli/azure/cli/command_modules/vm/_template_builder.py index b18847cac25..dd1f600f911 100644 --- a/src/azure-cli/azure/cli/command_modules/vm/_template_builder.py +++ b/src/azure-cli/azure/cli/command_modules/vm/_template_builder.py @@ -302,7 +302,8 @@ def build_vm_resource( # pylint: disable=too-many-locals, too-many-statements, encryption_at_host=None, dedicated_host_group=None, enable_auto_update=None, patch_mode=None, enable_hotpatching=None, platform_fault_domain=None, security_type=None, enable_secure_boot=None, enable_vtpm=None, count=None, edge_zone=None, os_disk_delete_option=None, user_data=None, - capacity_reservation_group=None, enable_hibernation=None, v_cpus_available=None, v_cpus_per_core=None): + capacity_reservation_group=None, enable_hibernation=None, v_cpus_available=None, v_cpus_per_core=None, + os_disk_security_encryption_type=None, os_disk_secure_vm_disk_encryption_set=None): os_caching = disk_info['os'].get('caching') @@ -492,6 +493,48 @@ def _build_storage_profile(): storage_profiles['CommunityGalleryImage']['osDisk']['managedDisk']['diskEncryptionSet'] = { 'id': os_disk_encryption_set, } + if os_disk_security_encryption_type is not None: + storage_profiles['ManagedPirImage']['osDisk']['managedDisk'].update({ + 'securityProfile': { + 'securityEncryptionType': os_disk_security_encryption_type, + } + }) + storage_profiles['ManagedCustomImage']['osDisk']['managedDisk'].update({ + 'securityProfile': { + 'securityEncryptionType': os_disk_security_encryption_type, + } + }) + storage_profiles['SharedGalleryImage']['osDisk']['managedDisk'].update({ + 'securityProfile': { + 'securityEncryptionType': os_disk_security_encryption_type, + } + }) + storage_profiles['CommunityGalleryImage']['osDisk']['managedDisk'].update({ + 'securityProfile': { + 'securityEncryptionType': os_disk_security_encryption_type, + } + }) + if os_disk_secure_vm_disk_encryption_set is not None: + storage_profiles['ManagedPirImage']['osDisk']['managedDisk']['securityProfile'].update({ + 'diskEncryptionSet': { + 'id': os_disk_secure_vm_disk_encryption_set + } + }) + storage_profiles['ManagedCustomImage']['osDisk']['managedDisk']['securityProfile'].update({ + 'diskEncryptionSet': { + 'id': os_disk_secure_vm_disk_encryption_set + } + }) + storage_profiles['SharedGalleryImage']['osDisk']['managedDisk']['securityProfile'].update({ + 'diskEncryptionSet': { + 'id': os_disk_secure_vm_disk_encryption_set + } + }) + storage_profiles['CommunityGalleryImage']['osDisk']['managedDisk']['securityProfile'].update({ + 'diskEncryptionSet': { + 'id': os_disk_secure_vm_disk_encryption_set + } + }) profile = storage_profiles[storage_profile.name] if os_disk_size_gb: @@ -867,7 +910,8 @@ def build_vmss_resource(cmd, name, computer_name_prefix, location, tags, overpro enable_spot_restore=None, spot_restore_timeout=None, capacity_reservation_group=None, enable_auto_update=None, patch_mode=None, enable_agent=None, security_type=None, enable_secure_boot=None, enable_vtpm=None, automatic_repairs_action=None, v_cpus_available=None, - v_cpus_per_core=None): + v_cpus_per_core=None, os_disk_security_encryption_type=None, + os_disk_secure_vm_disk_encryption_set=None): # Build IP configuration ip_configuration = {} @@ -944,6 +988,18 @@ def build_vmss_resource(cmd, name, computer_name_prefix, location, tags, overpro storage_properties['osDisk']['managedDisk']['diskEncryptionSet'] = { 'id': os_disk_encryption_set } + if os_disk_security_encryption_type is not None: + storage_properties['osDisk']['managedDisk'].update({ + 'securityProfile': { + 'securityEncryptionType': os_disk_security_encryption_type + } + }) + if os_disk_secure_vm_disk_encryption_set is not None: + storage_properties['osDisk']['managedDisk']['securityProfile'].update({ + 'diskEncryptionSet': { + 'id': os_disk_secure_vm_disk_encryption_set + } + }) if disk_info and disk_info['os'].get('diffDiskSettings'): storage_properties['osDisk']['diffDiskSettings'] = disk_info['os']['diffDiskSettings'] @@ -975,6 +1031,18 @@ def build_vmss_resource(cmd, name, computer_name_prefix, location, tags, overpro storage_properties['osDisk']['managedDisk']['diskEncryptionSet'] = { 'id': os_disk_encryption_set } + if os_disk_security_encryption_type is not None: + storage_properties['osDisk']['managedDisk'].update({ + 'securityProfile': { + 'securityEncryptionType': os_disk_security_encryption_type, + } + }) + if os_disk_secure_vm_disk_encryption_set is not None: + storage_properties['osDisk']['managedDisk']['securityProfile'].update({ + 'diskEncryptionSet': { + 'id': os_disk_secure_vm_disk_encryption_set + } + }) if storage_profile == StorageProfile.CommunityGalleryImage: storage_properties['osDisk'] = { 'caching': os_caching, @@ -989,6 +1057,18 @@ def build_vmss_resource(cmd, name, computer_name_prefix, location, tags, overpro storage_properties['osDisk']['managedDisk']['diskEncryptionSet'] = { 'id': os_disk_encryption_set } + if os_disk_security_encryption_type is not None: + storage_properties['osDisk']['managedDisk'].update({ + 'securityProfile': { + 'securityEncryptionType': os_disk_security_encryption_type, + } + }) + if os_disk_secure_vm_disk_encryption_set is not None: + storage_properties['osDisk']['managedDisk']['securityProfile'].update({ + 'diskEncryptionSet': { + 'id': os_disk_secure_vm_disk_encryption_set + } + }) if disk_info: data_disks = [v for k, v in disk_info.items() if k != 'os'] diff --git a/src/azure-cli/azure/cli/command_modules/vm/_validators.py b/src/azure-cli/azure/cli/command_modules/vm/_validators.py index c3abb9c0ba1..7c4621ca5f9 100644 --- a/src/azure-cli/azure/cli/command_modules/vm/_validators.py +++ b/src/azure-cli/azure/cli/command_modules/vm/_validators.py @@ -574,6 +574,17 @@ def _validate_vm_create_storage_profile(cmd, namespace, for_scale_set=False): "the os type of this image should be {}".format(community_gallery_image_info.os_type)) namespace.os_type = community_gallery_image_info.os_type + if getattr(namespace, 'security_type', None) == 'ConfidentialVM' and \ + not getattr(namespace, 'os_disk_security_encryption_type', None): + raise RequiredArgumentMissingError('usage error: "--os-disk-security-encryption-type" is required ' + 'when "--security-type" is specified as "ConfidentialVM"') + + if getattr(namespace, 'os_disk_secure_vm_disk_encryption_set', None) and \ + getattr(namespace, 'os_disk_security_encryption_type', None) != 'DiskWithVMGuestState': + raise ArgumentUsageError( + 'usage error: The "--os-disk-secure-vm-disk-encryption-set" can only be passed in ' + 'when "--os-disk-security-encryption-type" is "DiskWithVMGuestState"') + if not namespace.os_type: namespace.os_type = 'windows' if 'windows' in namespace.os_offer.lower() else 'linux' diff --git a/src/azure-cli/azure/cli/command_modules/vm/custom.py b/src/azure-cli/azure/cli/command_modules/vm/custom.py index 57a874c7ee3..8911df66948 100644 --- a/src/azure-cli/azure/cli/command_modules/vm/custom.py +++ b/src/azure-cli/azure/cli/command_modules/vm/custom.py @@ -807,7 +807,8 @@ def create_vm(cmd, vm_name, resource_group_name, image=None, size='Standard_DS1_ enable_hotpatching=None, platform_fault_domain=None, security_type=None, enable_secure_boot=None, enable_vtpm=None, count=None, edge_zone=None, nic_delete_option=None, os_disk_delete_option=None, data_disk_delete_option=None, user_data=None, capacity_reservation_group=None, enable_hibernation=None, - v_cpus_available=None, v_cpus_per_core=None, accept_term=None, disable_integrity_monitoring=False): + v_cpus_available=None, v_cpus_per_core=None, accept_term=None, disable_integrity_monitoring=False, + os_disk_security_encryption_type=None, os_disk_secure_vm_disk_encryption_set=None): from azure.cli.core.commands.client_factory import get_subscription_id from azure.cli.core.util import random_string, hash_string @@ -837,6 +838,11 @@ def create_vm(cmd, vm_name, resource_group_name, image=None, size='Standard_DS1_ os_disk_encryption_set = resource_id( subscription=subscription_id, resource_group=resource_group_name, namespace='Microsoft.Compute', type='diskEncryptionSets', name=os_disk_encryption_set) + if os_disk_secure_vm_disk_encryption_set is not None and\ + not is_valid_resource_id(os_disk_secure_vm_disk_encryption_set): + os_disk_secure_vm_disk_encryption_set = resource_id( + subscription=subscription_id, resource_group=resource_group_name, + namespace='Microsoft.Compute', type='diskEncryptionSets', name=os_disk_secure_vm_disk_encryption_set) if data_disk_encryption_sets is None: data_disk_encryption_sets = [] @@ -1026,7 +1032,9 @@ def create_vm(cmd, vm_name, resource_group_name, image=None, size='Standard_DS1_ platform_fault_domain=platform_fault_domain, security_type=security_type, enable_secure_boot=enable_secure_boot, enable_vtpm=enable_vtpm, count=count, edge_zone=edge_zone, os_disk_delete_option=os_disk_delete_option, user_data=user_data, capacity_reservation_group=capacity_reservation_group, - enable_hibernation=enable_hibernation, v_cpus_available=v_cpus_available, v_cpus_per_core=v_cpus_per_core) + enable_hibernation=enable_hibernation, v_cpus_available=v_cpus_available, v_cpus_per_core=v_cpus_per_core, + os_disk_security_encryption_type=os_disk_security_encryption_type, + os_disk_secure_vm_disk_encryption_set=os_disk_secure_vm_disk_encryption_set) vm_resource['dependsOn'] = vm_dependencies @@ -2897,7 +2905,8 @@ def create_vmss(cmd, vmss_name, resource_group_name, image=None, user_data=None, network_api_version=None, enable_spot_restore=None, spot_restore_timeout=None, capacity_reservation_group=None, enable_auto_update=None, patch_mode=None, enable_agent=None, security_type=None, enable_secure_boot=None, enable_vtpm=None, automatic_repairs_action=None, - v_cpus_available=None, v_cpus_per_core=None, accept_term=None, disable_integrity_monitoring=False): + v_cpus_available=None, v_cpus_per_core=None, accept_term=None, disable_integrity_monitoring=False, + os_disk_security_encryption_type=None, os_disk_secure_vm_disk_encryption_set=None): from azure.cli.core.commands.client_factory import get_subscription_id from azure.cli.core.util import random_string, hash_string @@ -2935,6 +2944,11 @@ def create_vmss(cmd, vmss_name, resource_group_name, image=None, os_disk_encryption_set = resource_id( subscription=subscription_id, resource_group=resource_group_name, namespace='Microsoft.Compute', type='diskEncryptionSets', name=os_disk_encryption_set) + if os_disk_secure_vm_disk_encryption_set is not None and\ + not is_valid_resource_id(os_disk_secure_vm_disk_encryption_set): + os_disk_secure_vm_disk_encryption_set = resource_id( + subscription=subscription_id, resource_group=resource_group_name, + namespace='Microsoft.Compute', type='diskEncryptionSets', name=os_disk_secure_vm_disk_encryption_set) if data_disk_encryption_sets is None: data_disk_encryption_sets = [] @@ -3173,7 +3187,8 @@ def _get_public_ip_address_allocation(value, sku): patch_mode=patch_mode, enable_agent=enable_agent, security_type=security_type, enable_secure_boot=enable_secure_boot, enable_vtpm=enable_vtpm, automatic_repairs_action=automatic_repairs_action, v_cpus_available=v_cpus_available, - v_cpus_per_core=v_cpus_per_core) + v_cpus_per_core=v_cpus_per_core, os_disk_security_encryption_type=os_disk_security_encryption_type, + os_disk_secure_vm_disk_encryption_set=os_disk_secure_vm_disk_encryption_set) vmss_resource['dependsOn'] = vmss_dependencies diff --git a/src/azure-cli/azure/cli/command_modules/vm/linter_exclusions.yml b/src/azure-cli/azure/cli/command_modules/vm/linter_exclusions.yml index 4d273b9f51e..651368d9c40 100644 --- a/src/azure-cli/azure/cli/command_modules/vm/linter_exclusions.yml +++ b/src/azure-cli/azure/cli/command_modules/vm/linter_exclusions.yml @@ -35,6 +35,12 @@ vmss create: disable_integrity_monitoring: rule_exclusions: - option_length_too_long + os_disk_security_encryption_type: + rule_exclusions: + - option_length_too_long + os_disk_secure_vm_disk_encryption_set: + rule_exclusions: + - option_length_too_long vmss update: parameters: enable_cross_zone_upgrade: @@ -73,6 +79,12 @@ vm create: disable_integrity_monitoring: rule_exclusions: - option_length_too_long + os_disk_security_encryption_type: + rule_exclusions: + - option_length_too_long + os_disk_secure_vm_disk_encryption_set: + rule_exclusions: + - option_length_too_long vm unmanaged-disk attach: parameters: size_gb: diff --git a/src/azure-cli/azure/cli/command_modules/vm/tests/latest/recordings/test_os_disk_security_encryption.yaml b/src/azure-cli/azure/cli/command_modules/vm/tests/latest/recordings/test_os_disk_security_encryption.yaml new file mode 100644 index 00000000000..c81c4f05154 --- /dev/null +++ b/src/azure-cli/azure/cli/command_modules/vm/tests/latest/recordings/test_os_disk_security_encryption.yaml @@ -0,0 +1,2424 @@ +interactions: +- request: + body: null + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - keyvault create + Connection: + - keep-alive + ParameterSetName: + - -g -n --enable-purge-protection --enable-soft-delete + User-Agent: + - AZURECLI/2.37.0 azsdk-python-azure-mgmt-resource/21.1.0b1 Python/3.8.10 (Windows-10-10.0.22000-SP0) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/cli_test_os_disk_security_encryption000001?api-version=2021-04-01 + response: + body: + string: '{"id":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption000001","name":"cli_test_os_disk_security_encryption000001","type":"Microsoft.Resources/resourceGroups","location":"centraluseuap","tags":{"product":"azurecli","cause":"automation","date":"2022-05-31T02:49:32Z"},"properties":{"provisioningState":"Succeeded"}}' + headers: + cache-control: + - no-cache + content-length: + - '369' + content-type: + - application/json; charset=utf-8 + date: + - Tue, 31 May 2022 02:49:37 GMT + expires: + - '-1' + pragma: + - no-cache + strict-transport-security: + - max-age=31536000; includeSubDomains + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - keyvault create + Connection: + - keep-alive + ParameterSetName: + - -g -n --enable-purge-protection --enable-soft-delete + User-Agent: + - AZURECLI/2.37.0 azsdk-python-azure-mgmt-keyvault/9.3.0 Python/3.8.10 (Windows-10-10.0.22000-SP0) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.KeyVault/vaults/vault000002?api-version=2021-06-01-preview + response: + body: + string: '{"error":{"code":"ResourceNotFound","message":"The Resource ''Microsoft.KeyVault/vaults/vault000002'' + under resource group ''cli_test_os_disk_security_encryption000001'' was not + found. For more details please go to https://aka.ms/ARMResourceNotFoundFix"}}' + headers: + cache-control: + - no-cache + content-length: + - '251' + content-type: + - application/json; charset=utf-8 + date: + - Tue, 31 May 2022 02:49:38 GMT + expires: + - '-1' + pragma: + - no-cache + strict-transport-security: + - max-age=31536000; includeSubDomains + x-content-type-options: + - nosniff + x-ms-failure-cause: + - gateway + status: + code: 404 + message: Not Found +- request: + body: null + headers: + Accept: + - '*/*' + Accept-Encoding: + - gzip, deflate + CommandName: + - keyvault create + Connection: + - keep-alive + ParameterSetName: + - -g -n --enable-purge-protection --enable-soft-delete + User-Agent: + - python/3.8.10 (Windows-10-10.0.22000-SP0) AZURECLI/2.37.0 + method: GET + uri: https://graph.microsoft.com/v1.0/me + response: + body: + string: '{"@odata.context":"https://graph.microsoft.com/v1.0/$metadata#users/$entity","businessPhones":[],"displayName":"Jingsong + Zhang (WICRESOFT NORTH AMERICA LTD)","givenName":null,"jobTitle":null,"mail":"v-jingszhang@microsoft.com","mobilePhone":null,"officeLocation":null,"preferredLanguage":null,"surname":null,"userPrincipalName":"v-jingszhang_microsoft.com#EXT#@AzureSDKTeam.onmicrosoft.com","id":"d44a2991-98c6-47c3-b59b-2b30d72cfcc2"}' + headers: + cache-control: + - no-cache + content-length: + - '435' + content-type: + - application/json;odata.metadata=minimal;odata.streaming=true;IEEE754Compatible=false;charset=utf-8 + date: + - Tue, 31 May 2022 02:49:39 GMT + odata-version: + - '4.0' + request-id: + - e6d4298f-a24a-49f8-9552-362c48211298 + strict-transport-security: + - max-age=31536000 + transfer-encoding: + - chunked + vary: + - Accept-Encoding + x-ms-ags-diagnostic: + - '{"ServerInfo":{"DataCenter":"Southeast Asia","Slice":"E","Ring":"5","ScaleUnit":"001","RoleInstance":"SI2PEPF00002335"}}' + x-ms-resource-unit: + - '1' + status: + code: 200 + message: OK +- request: + body: '{"location": "centraluseuap", "properties": {"tenantId": "54826b22-38d6-4fb2-bad9-b7b93a3e9c5a", + "sku": {"family": "A", "name": "standard"}, "accessPolicies": [{"tenantId": + "54826b22-38d6-4fb2-bad9-b7b93a3e9c5a", "objectId": "d44a2991-98c6-47c3-b59b-2b30d72cfcc2", + "permissions": {"keys": ["all"], "secrets": ["all"], "certificates": ["all"], + "storage": ["all"]}}], "enableSoftDelete": true, "softDeleteRetentionInDays": + 90, "enablePurgeProtection": true, "networkAcls": {"bypass": "AzureServices", + "defaultAction": "Allow"}}}' + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - keyvault create + Connection: + - keep-alive + Content-Length: + - '526' + Content-Type: + - application/json + ParameterSetName: + - -g -n --enable-purge-protection --enable-soft-delete + User-Agent: + - AZURECLI/2.37.0 azsdk-python-azure-mgmt-keyvault/9.3.0 Python/3.8.10 (Windows-10-10.0.22000-SP0) + method: PUT + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.KeyVault/vaults/vault000002?api-version=2021-06-01-preview + response: + body: + string: '{"id":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.KeyVault/vaults/vault000002","name":"vault000002","type":"Microsoft.KeyVault/vaults","location":"centraluseuap","tags":{},"systemData":{"createdBy":"v-jingszhang@microsoft.com","createdByType":"User","createdAt":"2022-05-31T02:49:44.891Z","lastModifiedBy":"v-jingszhang@microsoft.com","lastModifiedByType":"User","lastModifiedAt":"2022-05-31T02:49:44.891Z"},"properties":{"sku":{"family":"A","name":"standard"},"tenantId":"54826b22-38d6-4fb2-bad9-b7b93a3e9c5a","accessPolicies":[{"tenantId":"54826b22-38d6-4fb2-bad9-b7b93a3e9c5a","objectId":"d44a2991-98c6-47c3-b59b-2b30d72cfcc2","permissions":{"keys":["all"],"secrets":["all"],"certificates":["all"],"storage":["all"]}}],"enabledForDeployment":false,"enableSoftDelete":true,"softDeleteRetentionInDays":90,"enablePurgeProtection":true,"vaultUri":"https://vault000002.vault.azure.net","provisioningState":"RegisteringDns","publicNetworkAccess":"Enabled"}}' + headers: + cache-control: + - no-cache + content-length: + - '1041' + content-type: + - application/json; charset=utf-8 + date: + - Tue, 31 May 2022 02:49:47 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - Microsoft-IIS/10.0 + strict-transport-security: + - max-age=31536000; includeSubDomains + transfer-encoding: + - chunked + vary: + - Accept-Encoding + x-aspnet-version: + - 4.0.30319 + x-content-type-options: + - nosniff + x-ms-keyvault-service-version: + - 1.5.396.0 + x-ms-ratelimit-remaining-subscription-writes: + - '1199' + x-powered-by: + - ASP.NET + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - '*/*' + Accept-Encoding: + - gzip, deflate + CommandName: + - keyvault create + Connection: + - keep-alive + ParameterSetName: + - -g -n --enable-purge-protection --enable-soft-delete + User-Agent: + - AZURECLI/2.37.0 azsdk-python-azure-mgmt-keyvault/9.3.0 Python/3.8.10 (Windows-10-10.0.22000-SP0) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.KeyVault/vaults/vault000002?api-version=2021-06-01-preview + response: + body: + string: '{"id":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.KeyVault/vaults/vault000002","name":"vault000002","type":"Microsoft.KeyVault/vaults","location":"centraluseuap","tags":{},"systemData":{"createdBy":"v-jingszhang@microsoft.com","createdByType":"User","createdAt":"2022-05-31T02:49:44.891Z","lastModifiedBy":"v-jingszhang@microsoft.com","lastModifiedByType":"User","lastModifiedAt":"2022-05-31T02:49:44.891Z"},"properties":{"sku":{"family":"A","name":"standard"},"tenantId":"54826b22-38d6-4fb2-bad9-b7b93a3e9c5a","accessPolicies":[{"tenantId":"54826b22-38d6-4fb2-bad9-b7b93a3e9c5a","objectId":"d44a2991-98c6-47c3-b59b-2b30d72cfcc2","permissions":{"keys":["all"],"secrets":["all"],"certificates":["all"],"storage":["all"]}}],"enabledForDeployment":false,"enableSoftDelete":true,"softDeleteRetentionInDays":90,"enablePurgeProtection":true,"vaultUri":"https://vault000002.vault.azure.net/","provisioningState":"Succeeded","publicNetworkAccess":"Enabled"}}' + headers: + cache-control: + - no-cache + content-length: + - '1037' + content-type: + - application/json; charset=utf-8 + date: + - Tue, 31 May 2022 02:50:18 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - Microsoft-IIS/10.0 + strict-transport-security: + - max-age=31536000; includeSubDomains + transfer-encoding: + - chunked + vary: + - Accept-Encoding + x-aspnet-version: + - 4.0.30319 + x-content-type-options: + - nosniff + x-ms-keyvault-service-version: + - 1.5.396.0 + x-powered-by: + - ASP.NET + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + Connection: + - keep-alive + Content-Length: + - '0' + Content-Type: + - application/json + User-Agent: + - azsdk-python-keyvault-keys/4.5.1 Python/3.8.10 (Windows-10-10.0.22000-SP0) + method: POST + uri: https://vault000002.vault.azure.net/keys/key000003/create?api-version=7.3 + response: + body: + string: '{"error":{"code":"Unauthorized","message":"AKV10000: Request is missing + a Bearer or PoP token."}}' + headers: + cache-control: + - no-cache + content-length: + - '97' + content-type: + - application/json; charset=utf-8 + date: + - Tue, 31 May 2022 02:50:19 GMT + expires: + - '-1' + pragma: + - no-cache + strict-transport-security: + - max-age=31536000;includeSubDomains + www-authenticate: + - Bearer authorization="https://login.microsoftonline.com/54826b22-38d6-4fb2-bad9-b7b93a3e9c5a", + resource="https://vault.azure.net" + x-content-type-options: + - nosniff + x-ms-keyvault-network-info: + - conn_type=Ipv4;addr=167.220.255.20;act_addr_fam=InterNetwork; + x-ms-keyvault-region: + - centraluseuap + x-ms-keyvault-service-version: + - 1.9.422.1 + x-powered-by: + - ASP.NET + status: + code: 401 + message: Unauthorized +- request: + body: '{"kty": "RSA", "attributes": {"enabled": true}}' + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + Connection: + - keep-alive + Content-Length: + - '47' + Content-Type: + - application/json + User-Agent: + - azsdk-python-keyvault-keys/4.5.1 Python/3.8.10 (Windows-10-10.0.22000-SP0) + method: POST + uri: https://vault000002.vault.azure.net/keys/key000003/create?api-version=7.3 + response: + body: + string: '{"key":{"kid":"https://vault000002.vault.azure.net/keys/key000003/76efa76109434ed4bd02d51c23d7e2fb","kty":"RSA","key_ops":["encrypt","decrypt","sign","verify","wrapKey","unwrapKey"],"n":"5l3kkcECDwTq16qf2IKrBy2mBU4jXysL-eAPaoSJEA3VO68-i5geboi8mDKGnSM5l3NilwBzvnG0A-VRh9iFVSC3LG-kSFxTgFzJ1-3hMwMGdPXefbJDmrwuaDgi-JshsJCwgHh7wlG-WgDZ1F3dEMJeG9X3hR3zLd0bFdDpWKfFYCU8ifR4zW8LUvsCOb1ICr-sXZVr4hP5m6FfiBz_9OpchPdQloWIQdhlr3spF-WyczbSrbmzX3Ms89932DjVwWBKKDav4ly5ThbNUbUl1Igx4y0ESOMHfWwzdr2HmIwxF-w_B2b2AASMROJ_6Fn-JzfanLa7MfPM1E2S_QgCpQ","e":"AQAB"},"attributes":{"enabled":true,"created":1653965420,"updated":1653965420,"recoveryLevel":"Recoverable","recoverableDays":90}}' + headers: + cache-control: + - no-cache + content-length: + - '666' + content-type: + - application/json; charset=utf-8 + date: + - Tue, 31 May 2022 02:50:20 GMT + expires: + - '-1' + pragma: + - no-cache + strict-transport-security: + - max-age=31536000;includeSubDomains + x-content-type-options: + - nosniff + x-ms-keyvault-network-info: + - conn_type=Ipv4;addr=167.220.255.20;act_addr_fam=InterNetwork; + x-ms-keyvault-region: + - centraluseuap + x-ms-keyvault-service-version: + - 1.9.422.1 + x-powered-by: + - ASP.NET + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - disk-encryption-set create + Connection: + - keep-alive + ParameterSetName: + - -g -n --key-url --source-vault --encryption-type + User-Agent: + - AZURECLI/2.37.0 azsdk-python-azure-mgmt-resource/21.1.0b1 Python/3.8.10 (Windows-10-10.0.22000-SP0) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/cli_test_os_disk_security_encryption000001?api-version=2021-04-01 + response: + body: + string: '{"id":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption000001","name":"cli_test_os_disk_security_encryption000001","type":"Microsoft.Resources/resourceGroups","location":"centraluseuap","tags":{"product":"azurecli","cause":"automation","date":"2022-05-31T02:49:32Z"},"properties":{"provisioningState":"Succeeded"}}' + headers: + cache-control: + - no-cache + content-length: + - '369' + content-type: + - application/json; charset=utf-8 + date: + - Tue, 31 May 2022 02:50:21 GMT + expires: + - '-1' + pragma: + - no-cache + strict-transport-security: + - max-age=31536000; includeSubDomains + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: '{"location": "centraluseuap", "identity": {"type": "SystemAssigned"}, "properties": + {"encryptionType": "ConfidentialVmEncryptedWithCustomerKey", "activeKey": {"sourceVault": + {"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.KeyVault/vaults/vault000002"}, + "keyUrl": "https://vault000002.vault.azure.net/keys/key000003/76efa76109434ed4bd02d51c23d7e2fb"}}}' + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - disk-encryption-set create + Connection: + - keep-alive + Content-Length: + - '441' + Content-Type: + - application/json + ParameterSetName: + - -g -n --key-url --source-vault --encryption-type + User-Agent: + - AZURECLI/2.37.0 azsdk-python-azure-mgmt-compute/27.0.0 Python/3.8.10 (Windows-10-10.0.22000-SP0) + method: PUT + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.Compute/diskEncryptionSets/des1000004?api-version=2022-03-02 + response: + body: + string: "{\r\n \"location\": \"centraluseuap\",\r\n \"identity\": {\r\n \"type\": + \"SystemAssigned\"\r\n },\r\n \"properties\": {\r\n \"activeKey\": {\r\n + \ \"sourceVault\": {\r\n \"id\": \"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.KeyVault/vaults/vault000002\"\r\n + \ },\r\n \"keyUrl\": \"https://vault000002.vault.azure.net/keys/key000003/76efa76109434ed4bd02d51c23d7e2fb\"\r\n + \ },\r\n \"encryptionType\": \"ConfidentialVmEncryptedWithCustomerKey\",\r\n + \ \"provisioningState\": \"Updating\"\r\n }\r\n}" + headers: + azure-asyncoperation: + - https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Compute/locations/centraluseuap/DiskOperations/44841827-f85f-4c82-b0de-3ddbf721a25b?p=157f1a74-df5f-47b0-a815-476d8af3dce4&api-version=2021-04-01 + cache-control: + - no-cache + content-length: + - '555' + content-type: + - application/json; charset=utf-8 + date: + - Tue, 31 May 2022 02:50:31 GMT + expires: + - '-1' + location: + - https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Compute/locations/centraluseuap/DiskOperations/44841827-f85f-4c82-b0de-3ddbf721a25b?p=157f1a74-df5f-47b0-a815-476d8af3dce4&monitor=true&api-version=2021-04-01 + pragma: + - no-cache + server: + - Microsoft-HTTPAPI/2.0 + - Microsoft-HTTPAPI/2.0 + strict-transport-security: + - max-age=31536000; includeSubDomains + x-content-type-options: + - nosniff + x-ms-ratelimit-remaining-resource: + - Microsoft.Compute/HighCostDiskEncryptionSet3Min;99,Microsoft.Compute/HighCostDiskEncryptionSet30Min;296 + x-ms-ratelimit-remaining-subscription-writes: + - '1199' + status: + code: 202 + message: Accepted +- request: + body: null + headers: + Accept: + - '*/*' + Accept-Encoding: + - gzip, deflate + CommandName: + - disk-encryption-set create + Connection: + - keep-alive + ParameterSetName: + - -g -n --key-url --source-vault --encryption-type + User-Agent: + - AZURECLI/2.37.0 azsdk-python-azure-mgmt-compute/27.0.0 Python/3.8.10 (Windows-10-10.0.22000-SP0) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Compute/locations/centraluseuap/DiskOperations/44841827-f85f-4c82-b0de-3ddbf721a25b?p=157f1a74-df5f-47b0-a815-476d8af3dce4&api-version=2021-04-01 + response: + body: + string: "{\r\n \"startTime\": \"2022-05-31T02:50:31.2973873+00:00\",\r\n \"endTime\": + \"2022-05-31T02:50:31.3754953+00:00\",\r\n \"status\": \"Succeeded\",\r\n + \ \"properties\": {\r\n \"output\": {\"name\":\"des1000004\",\"id\":\"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.Compute/diskEncryptionSets/des1000004\",\"type\":\"Microsoft.Compute/diskEncryptionSets\",\"location\":\"centraluseuap\",\"identity\":{\"type\":\"SystemAssigned\",\"principalId\":\"b43b6542-7642-409f-8b2a-27659e9b327e\",\"tenantId\":\"54826b22-38d6-4fb2-bad9-b7b93a3e9c5a\"},\"properties\":{\"activeKey\":{\"sourceVault\":{\"id\":\"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.KeyVault/vaults/vault000002\"},\"keyUrl\":\"https://vault000002.vault.azure.net/keys/key000003/76efa76109434ed4bd02d51c23d7e2fb\"},\"encryptionType\":\"ConfidentialVmEncryptedWithCustomerKey\",\"provisioningState\":\"Succeeded\"}}\r\n + \ },\r\n \"name\": \"44841827-f85f-4c82-b0de-3ddbf721a25b\"\r\n}" + headers: + cache-control: + - no-cache + content-length: + - '1029' + content-type: + - application/json; charset=utf-8 + date: + - Tue, 31 May 2022 02:51:00 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - Microsoft-HTTPAPI/2.0 + - Microsoft-HTTPAPI/2.0 + strict-transport-security: + - max-age=31536000; includeSubDomains + transfer-encoding: + - chunked + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + x-ms-ratelimit-remaining-resource: + - Microsoft.Compute/GetOperation3Min;49998,Microsoft.Compute/GetOperation30Min;399995 + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - '*/*' + Accept-Encoding: + - gzip, deflate + CommandName: + - disk-encryption-set create + Connection: + - keep-alive + ParameterSetName: + - -g -n --key-url --source-vault --encryption-type + User-Agent: + - AZURECLI/2.37.0 azsdk-python-azure-mgmt-compute/27.0.0 Python/3.8.10 (Windows-10-10.0.22000-SP0) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.Compute/diskEncryptionSets/des1000004?api-version=2022-03-02 + response: + body: + string: "{\r\n \"name\": \"des1000004\",\r\n \"id\": \"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.Compute/diskEncryptionSets/des1000004\",\r\n + \ \"type\": \"Microsoft.Compute/diskEncryptionSets\",\r\n \"location\": \"centraluseuap\",\r\n + \ \"identity\": {\r\n \"type\": \"SystemAssigned\",\r\n \"principalId\": + \"b43b6542-7642-409f-8b2a-27659e9b327e\",\r\n \"tenantId\": \"54826b22-38d6-4fb2-bad9-b7b93a3e9c5a\"\r\n + \ },\r\n \"properties\": {\r\n \"activeKey\": {\r\n \"sourceVault\": + {\r\n \"id\": \"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.KeyVault/vaults/vault000002\"\r\n + \ },\r\n \"keyUrl\": \"https://vault000002.vault.azure.net/keys/key000003/76efa76109434ed4bd02d51c23d7e2fb\"\r\n + \ },\r\n \"encryptionType\": \"ConfidentialVmEncryptedWithCustomerKey\",\r\n + \ \"provisioningState\": \"Succeeded\"\r\n }\r\n}" + headers: + cache-control: + - no-cache + content-length: + - '929' + content-type: + - application/json; charset=utf-8 + date: + - Tue, 31 May 2022 02:51:01 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - Microsoft-HTTPAPI/2.0 + - Microsoft-HTTPAPI/2.0 + strict-transport-security: + - max-age=31536000; includeSubDomains + transfer-encoding: + - chunked + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + x-ms-ratelimit-remaining-resource: + - Microsoft.Compute/LowCostGet3Min;14993,Microsoft.Compute/LowCostGet30Min;119971 + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - disk-encryption-set show + Connection: + - keep-alive + ParameterSetName: + - -g -n + User-Agent: + - AZURECLI/2.37.0 azsdk-python-azure-mgmt-compute/27.0.0 Python/3.8.10 (Windows-10-10.0.22000-SP0) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.Compute/diskEncryptionSets/des1000004?api-version=2022-03-02 + response: + body: + string: "{\r\n \"name\": \"des1000004\",\r\n \"id\": \"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.Compute/diskEncryptionSets/des1000004\",\r\n + \ \"type\": \"Microsoft.Compute/diskEncryptionSets\",\r\n \"location\": \"centraluseuap\",\r\n + \ \"identity\": {\r\n \"type\": \"SystemAssigned\",\r\n \"principalId\": + \"b43b6542-7642-409f-8b2a-27659e9b327e\",\r\n \"tenantId\": \"54826b22-38d6-4fb2-bad9-b7b93a3e9c5a\"\r\n + \ },\r\n \"properties\": {\r\n \"activeKey\": {\r\n \"sourceVault\": + {\r\n \"id\": \"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.KeyVault/vaults/vault000002\"\r\n + \ },\r\n \"keyUrl\": \"https://vault000002.vault.azure.net/keys/key000003/76efa76109434ed4bd02d51c23d7e2fb\"\r\n + \ },\r\n \"encryptionType\": \"ConfidentialVmEncryptedWithCustomerKey\",\r\n + \ \"provisioningState\": \"Succeeded\"\r\n }\r\n}" + headers: + cache-control: + - no-cache + content-length: + - '929' + content-type: + - application/json; charset=utf-8 + date: + - Tue, 31 May 2022 02:51:02 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - Microsoft-HTTPAPI/2.0 + - Microsoft-HTTPAPI/2.0 + strict-transport-security: + - max-age=31536000; includeSubDomains + transfer-encoding: + - chunked + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + x-ms-ratelimit-remaining-resource: + - Microsoft.Compute/LowCostGet3Min;14992,Microsoft.Compute/LowCostGet30Min;119970 + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - keyvault set-policy + Connection: + - keep-alive + ParameterSetName: + - -n --object-id --key-permissions + User-Agent: + - AZURECLI/2.37.0 azsdk-python-azure-mgmt-keyvault/9.3.0 Python/3.8.10 (Windows-10-10.0.22000-SP0) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resources?$filter=resourceType%20eq%20%27Microsoft.KeyVault%2Fvaults%27&api-version=2015-11-01 + response: + body: + string: '{"value":[{"id":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/bez-rg/providers/Microsoft.KeyVault/vaults/bez-kv","name":"bez-kv","type":"Microsoft.KeyVault/vaults","location":"eastus","tags":{"key":"value"}},{"id":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.KeyVault/vaults/vault000002","name":"vault000002","type":"Microsoft.KeyVault/vaults","location":"centraluseuap","tags":{}},{"id":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/clitest.rgekqy3wfedqj4dnzziqlanw3ibaisofsz6xlh5bsdcnxyjexa3urmhyincvvzcb7bu/providers/Microsoft.KeyVault/vaults/sfrp-cli-kv-yfivvc4dy56i","name":"sfrp-cli-kv-yfivvc4dy56i","type":"Microsoft.KeyVault/vaults","location":"eastasia","tags":{}},{"id":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/clitest.rgprt2pgwgmw7uu6esq34k76gdppoc2gnajxvzxn5iy4baxvgcm3iwl6dq4usgbnbc2/providers/Microsoft.KeyVault/vaults/clitestrgprt2pgwgmw7u","name":"clitestrgprt2pgwgmw7u","type":"Microsoft.KeyVault/vaults","location":"westus","tags":{}},{"id":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/python-sdk-test/providers/Microsoft.KeyVault/vaults/python-devops-key","name":"python-devops-key","type":"Microsoft.KeyVault/vaults","location":"eastus","tags":{}},{"id":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/python-sdk-test/providers/Microsoft.KeyVault/vaults/SDKAutoPipelineSecrets","name":"SDKAutoPipelineSecrets","type":"Microsoft.KeyVault/vaults","location":"eastus","tags":{}},{"id":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/yishitest/providers/Microsoft.KeyVault/vaults/ystestkv","name":"ystestkv","type":"Microsoft.KeyVault/vaults","location":"eastus","tags":{}},{"id":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/zb_test/providers/Microsoft.KeyVault/vaults/zblab7701","name":"zblab7701","type":"Microsoft.KeyVault/vaults","location":"eastus","tags":{"hidden-DevTestLabs-LabUId":"301109ba-f89e-4ba1-8c0c-be6e91e47840","CreatedBy":"DevTestLabs"}}]}' + headers: + cache-control: + - no-cache + content-length: + - '2117' + content-type: + - application/json; charset=utf-8 + date: + - Tue, 31 May 2022 02:51:03 GMT + expires: + - '-1' + pragma: + - no-cache + strict-transport-security: + - max-age=31536000; includeSubDomains + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - keyvault set-policy + Connection: + - keep-alive + ParameterSetName: + - -n --object-id --key-permissions + User-Agent: + - AZURECLI/2.37.0 azsdk-python-azure-mgmt-keyvault/9.3.0 Python/3.8.10 (Windows-10-10.0.22000-SP0) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.KeyVault/vaults/vault000002?api-version=2021-06-01-preview + response: + body: + string: '{"id":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.KeyVault/vaults/vault000002","name":"vault000002","type":"Microsoft.KeyVault/vaults","location":"centraluseuap","tags":{},"systemData":{"createdBy":"v-jingszhang@microsoft.com","createdByType":"User","createdAt":"2022-05-31T02:49:44.891Z","lastModifiedBy":"v-jingszhang@microsoft.com","lastModifiedByType":"User","lastModifiedAt":"2022-05-31T02:49:44.891Z"},"properties":{"sku":{"family":"A","name":"standard"},"tenantId":"54826b22-38d6-4fb2-bad9-b7b93a3e9c5a","accessPolicies":[{"tenantId":"54826b22-38d6-4fb2-bad9-b7b93a3e9c5a","objectId":"d44a2991-98c6-47c3-b59b-2b30d72cfcc2","permissions":{"keys":["all"],"secrets":["all"],"certificates":["all"],"storage":["all"]}}],"enabledForDeployment":false,"enableSoftDelete":true,"softDeleteRetentionInDays":90,"enablePurgeProtection":true,"vaultUri":"https://vault000002.vault.azure.net/","provisioningState":"Succeeded","publicNetworkAccess":"Enabled"}}' + headers: + cache-control: + - no-cache + content-length: + - '1037' + content-type: + - application/json; charset=utf-8 + date: + - Tue, 31 May 2022 02:51:05 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - Microsoft-IIS/10.0 + strict-transport-security: + - max-age=31536000; includeSubDomains + transfer-encoding: + - chunked + vary: + - Accept-Encoding + x-aspnet-version: + - 4.0.30319 + x-content-type-options: + - nosniff + x-ms-keyvault-service-version: + - 1.5.396.0 + x-powered-by: + - ASP.NET + status: + code: 200 + message: OK +- request: + body: '{"location": "centraluseuap", "tags": {}, "properties": {"tenantId": "54826b22-38d6-4fb2-bad9-b7b93a3e9c5a", + "sku": {"family": "A", "name": "standard"}, "accessPolicies": [{"tenantId": + "54826b22-38d6-4fb2-bad9-b7b93a3e9c5a", "objectId": "d44a2991-98c6-47c3-b59b-2b30d72cfcc2", + "permissions": {"keys": ["all"], "secrets": ["all"], "certificates": ["all"], + "storage": ["all"]}}, {"tenantId": "54826b22-38d6-4fb2-bad9-b7b93a3e9c5a", "objectId": + "b43b6542-7642-409f-8b2a-27659e9b327e", "permissions": {"keys": ["wrapKey", + "get", "unwrapKey"]}}], "vaultUri": "https://vault000002.vault.azure.net/", + "enabledForDeployment": false, "enableSoftDelete": true, "softDeleteRetentionInDays": + 90, "enablePurgeProtection": true, "provisioningState": "Succeeded", "publicNetworkAccess": + "Enabled"}}' + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - keyvault set-policy + Connection: + - keep-alive + Content-Length: + - '783' + Content-Type: + - application/json + ParameterSetName: + - -n --object-id --key-permissions + User-Agent: + - AZURECLI/2.37.0 azsdk-python-azure-mgmt-keyvault/9.3.0 Python/3.8.10 (Windows-10-10.0.22000-SP0) + method: PUT + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.KeyVault/vaults/vault000002?api-version=2021-06-01-preview + response: + body: + string: '{"id":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.KeyVault/vaults/vault000002","name":"vault000002","type":"Microsoft.KeyVault/vaults","location":"centraluseuap","tags":{},"systemData":{"createdBy":"v-jingszhang@microsoft.com","createdByType":"User","createdAt":"2022-05-31T02:49:44.891Z","lastModifiedBy":"v-jingszhang@microsoft.com","lastModifiedByType":"User","lastModifiedAt":"2022-05-31T02:51:05.855Z"},"properties":{"sku":{"family":"A","name":"standard"},"tenantId":"54826b22-38d6-4fb2-bad9-b7b93a3e9c5a","accessPolicies":[{"tenantId":"54826b22-38d6-4fb2-bad9-b7b93a3e9c5a","objectId":"d44a2991-98c6-47c3-b59b-2b30d72cfcc2","permissions":{"keys":["all"],"secrets":["all"],"certificates":["all"],"storage":["all"]}},{"tenantId":"54826b22-38d6-4fb2-bad9-b7b93a3e9c5a","objectId":"b43b6542-7642-409f-8b2a-27659e9b327e","permissions":{"keys":["wrapKey","get","unwrapKey"]}}],"enabledForDeployment":false,"enableSoftDelete":true,"softDeleteRetentionInDays":90,"enablePurgeProtection":true,"vaultUri":"https://vault000002.vault.azure.net/","provisioningState":"Succeeded","publicNetworkAccess":"Enabled"}}' + headers: + cache-control: + - no-cache + content-length: + - '1192' + content-type: + - application/json; charset=utf-8 + date: + - Tue, 31 May 2022 02:51:05 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - Microsoft-IIS/10.0 + strict-transport-security: + - max-age=31536000; includeSubDomains + transfer-encoding: + - chunked + vary: + - Accept-Encoding + x-aspnet-version: + - 4.0.30319 + x-content-type-options: + - nosniff + x-ms-keyvault-service-version: + - 1.5.396.0 + x-ms-ratelimit-remaining-subscription-writes: + - '1199' + x-powered-by: + - ASP.NET + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - '*/*' + Accept-Encoding: + - gzip, deflate + CommandName: + - role assignment create + Connection: + - keep-alive + ParameterSetName: + - --assignee --role --scope + User-Agent: + - python/3.8.10 (Windows-10-10.0.22000-SP0) AZURECLI/2.37.0 + method: GET + uri: https://graph.microsoft.com/v1.0/servicePrincipals?$filter=servicePrincipalNames/any(c:c%20eq%20'b43b6542-7642-409f-8b2a-27659e9b327e') + response: + body: + string: '{"error":{"code":"Authorization_RequestDenied","message":"Insufficient + privileges to complete the operation.","innerError":{"date":"2022-05-31T02:51:23","request-id":"b303c891-eb02-4595-87d3-dd45ea4342c5","client-request-id":"b303c891-eb02-4595-87d3-dd45ea4342c5"}}}' + headers: + cache-control: + - no-cache + content-length: + - '266' + content-type: + - application/json + date: + - Tue, 31 May 2022 02:51:22 GMT + request-id: + - b303c891-eb02-4595-87d3-dd45ea4342c5 + strict-transport-security: + - max-age=31536000 + transfer-encoding: + - chunked + vary: + - Accept-Encoding + x-ms-ags-diagnostic: + - '{"ServerInfo":{"DataCenter":"Southeast Asia","Slice":"E","Ring":"5","ScaleUnit":"001","RoleInstance":"SI2PEPF00000BCF"}}' + x-ms-resource-unit: + - '1' + status: + code: 403 + message: Forbidden +- request: + body: null + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - role assignment create + Connection: + - keep-alive + ParameterSetName: + - --assignee --role --scope + User-Agent: + - python/3.8.10 (Windows-10-10.0.22000-SP0) msrest/0.6.21 msrest_azure/0.6.4 + azure-mgmt-authorization/0.61.0 Azure-SDK-For-Python AZURECLI/2.37.0 + accept-language: + - en-US + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.KeyVault/vaults/vault000002/providers/Microsoft.Authorization/roleDefinitions?$filter=roleName%20eq%20%27Reader%27&api-version=2018-01-01-preview + response: + body: + string: '{"value":[{"properties":{"roleName":"Reader","type":"BuiltInRole","description":"View + all resources, but does not allow you to make any changes.","assignableScopes":["/"],"permissions":[{"actions":["*/read"],"notActions":[],"dataActions":[],"notDataActions":[]}],"createdOn":"2015-02-02T21:55:09.8806423Z","updatedOn":"2021-11-11T20:13:47.8628684Z","createdBy":null,"updatedBy":null},"id":"/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Authorization/roleDefinitions/acdd72a7-3385-48ef-bd42-f606fba81ae7","type":"Microsoft.Authorization/roleDefinitions","name":"acdd72a7-3385-48ef-bd42-f606fba81ae7"}]}' + headers: + cache-control: + - no-cache + content-length: + - '627' + content-type: + - application/json; charset=utf-8 + date: + - Tue, 31 May 2022 02:51:23 GMT + expires: + - '-1' + pragma: + - no-cache + set-cookie: + - x-ms-gateway-slice=Production; path=/; secure; samesite=none; httponly + strict-transport-security: + - max-age=31536000; includeSubDomains + transfer-encoding: + - chunked + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: '{"properties": {"roleDefinitionId": "/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Authorization/roleDefinitions/acdd72a7-3385-48ef-bd42-f606fba81ae7", + "principalId": "b43b6542-7642-409f-8b2a-27659e9b327e"}}' + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - role assignment create + Connection: + - keep-alive + Content-Length: + - '233' + Content-Type: + - application/json; charset=utf-8 + Cookie: + - x-ms-gateway-slice=Production + ParameterSetName: + - --assignee --role --scope + User-Agent: + - python/3.8.10 (Windows-10-10.0.22000-SP0) msrest/0.6.21 msrest_azure/0.6.4 + azure-mgmt-authorization/0.61.0 Azure-SDK-For-Python AZURECLI/2.37.0 + accept-language: + - en-US + method: PUT + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.KeyVault/vaults/vault000002/providers/Microsoft.Authorization/roleAssignments/88888888-0000-0000-0000-000000000001?api-version=2020-04-01-preview + response: + body: + string: '{"properties":{"roleDefinitionId":"/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Authorization/roleDefinitions/acdd72a7-3385-48ef-bd42-f606fba81ae7","principalId":"b43b6542-7642-409f-8b2a-27659e9b327e","principalType":"ServicePrincipal","scope":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.KeyVault/vaults/vault000002","condition":null,"conditionVersion":null,"createdOn":"2022-05-31T02:51:23.9328173Z","updatedOn":"2022-05-31T02:51:24.4171494Z","createdBy":null,"updatedBy":"d44a2991-98c6-47c3-b59b-2b30d72cfcc2","delegatedManagedIdentityResourceId":null,"description":null},"id":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.KeyVault/vaults/vault000002/providers/Microsoft.Authorization/roleAssignments/88888888-0000-0000-0000-000000000001","type":"Microsoft.Authorization/roleAssignments","name":"88888888-0000-0000-0000-000000000001"}' + headers: + cache-control: + - no-cache + content-length: + - '1035' + content-type: + - application/json; charset=utf-8 + date: + - Tue, 31 May 2022 02:51:28 GMT + expires: + - '-1' + pragma: + - no-cache + set-cookie: + - x-ms-gateway-slice=Production; path=/; secure; samesite=none; httponly + strict-transport-security: + - max-age=31536000; includeSubDomains + x-content-type-options: + - nosniff + x-ms-ratelimit-remaining-subscription-writes: + - '1198' + status: + code: 201 + message: Created +- request: + body: null + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - vm create + Connection: + - keep-alive + ParameterSetName: + - -n -g --size --security-type --image --admin-username --admin-password --enable-vtpm + --enable-secure-boot --os-disk-security-encryption-type --os-disk-secure-vm-disk-encryption-set + User-Agent: + - AZURECLI/2.37.0 azsdk-python-azure-mgmt-resource/21.1.0b1 Python/3.8.10 (Windows-10-10.0.22000-SP0) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/cli_test_os_disk_security_encryption000001?api-version=2021-04-01 + response: + body: + string: '{"id":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption000001","name":"cli_test_os_disk_security_encryption000001","type":"Microsoft.Resources/resourceGroups","location":"centraluseuap","tags":{"product":"azurecli","cause":"automation","date":"2022-05-31T02:49:32Z"},"properties":{"provisioningState":"Succeeded"}}' + headers: + cache-control: + - no-cache + content-length: + - '369' + content-type: + - application/json; charset=utf-8 + date: + - Tue, 31 May 2022 02:51:29 GMT + expires: + - '-1' + pragma: + - no-cache + strict-transport-security: + - max-age=31536000; includeSubDomains + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - vm create + Connection: + - keep-alive + ParameterSetName: + - -n -g --size --security-type --image --admin-username --admin-password --enable-vtpm + --enable-secure-boot --os-disk-security-encryption-type --os-disk-secure-vm-disk-encryption-set + User-Agent: + - AZURECLI/2.37.0 azsdk-python-azure-mgmt-compute/27.0.0 Python/3.8.10 (Windows-10-10.0.22000-SP0) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Compute/locations/centraluseuap/publishers/MicrosoftWindowsServer/artifacttypes/vmimage/offers/WindowsServer/skus/2022-datacenter-smalldisk-g2/versions?$top=1&$orderby=name%20desc&api-version=2022-03-01 + response: + body: + string: "[\r\n {\r\n \"location\": \"CentralUSEUAP\",\r\n \"name\": \"20348.707.220505\",\r\n + \ \"id\": \"/Subscriptions/00000000-0000-0000-0000-000000000000/Providers/Microsoft.Compute/Locations/CentralUSEUAP/Publishers/MicrosoftWindowsServer/ArtifactTypes/VMImage/Offers/WindowsServer/Skus/2022-datacenter-smalldisk-g2/Versions/20348.707.220505\"\r\n + \ }\r\n]" + headers: + cache-control: + - no-cache + content-length: + - '335' + content-type: + - application/json; charset=utf-8 + date: + - Tue, 31 May 2022 02:51:32 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - Microsoft-HTTPAPI/2.0 + - Microsoft-HTTPAPI/2.0 + strict-transport-security: + - max-age=31536000; includeSubDomains + transfer-encoding: + - chunked + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + x-ms-ratelimit-remaining-resource: + - Microsoft.Compute/ListVMImagesVersionsFromLocation3Min;15999,Microsoft.Compute/ListVMImagesVersionsFromLocation30Min;43997 + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - vm create + Connection: + - keep-alive + ParameterSetName: + - -n -g --size --security-type --image --admin-username --admin-password --enable-vtpm + --enable-secure-boot --os-disk-security-encryption-type --os-disk-secure-vm-disk-encryption-set + User-Agent: + - AZURECLI/2.37.0 azsdk-python-azure-mgmt-compute/27.0.0 Python/3.8.10 (Windows-10-10.0.22000-SP0) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Compute/locations/centraluseuap/publishers/MicrosoftWindowsServer/artifacttypes/vmimage/offers/WindowsServer/skus/2022-datacenter-smalldisk-g2/versions/20348.707.220505?api-version=2022-03-01 + response: + body: + string: "{\r\n \"properties\": {\r\n \"hyperVGeneration\": \"V2\",\r\n \"architecture\": + \"x64\",\r\n \"replicaType\": \"Managed\",\r\n \"replicaCount\": 10,\r\n + \ \"disallowed\": {\r\n \"vmDiskType\": \"Unmanaged\"\r\n },\r\n + \ \"automaticOSUpgradeProperties\": {\r\n \"automaticOSUpgradeSupported\": + false\r\n },\r\n \"imageDeprecationStatus\": {\r\n \"imageState\": + \"Active\"\r\n },\r\n \"features\": [\r\n {\r\n \"name\": + \"SecurityType\",\r\n \"value\": \"TrustedLaunchAndConfidentialVmSupported\"\r\n + \ },\r\n {\r\n \"name\": \"IsAcceleratedNetworkSupported\",\r\n + \ \"value\": \"True\"\r\n },\r\n {\r\n \"name\": \"DiskControllerTypes\",\r\n + \ \"value\": \"SCSI\"\r\n },\r\n {\r\n \"name\": \"IsHibernateSupported\",\r\n + \ \"value\": \"False\"\r\n }\r\n ],\r\n \"osDiskImage\": + {\r\n \"operatingSystem\": \"Windows\",\r\n \"sizeInGb\": 30\r\n + \ },\r\n \"dataDiskImages\": []\r\n },\r\n \"location\": \"CentralUSEUAP\",\r\n + \ \"name\": \"20348.707.220505\",\r\n \"id\": \"/Subscriptions/00000000-0000-0000-0000-000000000000/Providers/Microsoft.Compute/Locations/CentralUSEUAP/Publishers/MicrosoftWindowsServer/ArtifactTypes/VMImage/Offers/WindowsServer/Skus/2022-datacenter-smalldisk-g2/Versions/20348.707.220505\"\r\n}" + headers: + cache-control: + - no-cache + content-length: + - '1200' + content-type: + - application/json; charset=utf-8 + date: + - Tue, 31 May 2022 02:51:34 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - Microsoft-HTTPAPI/2.0 + - Microsoft-HTTPAPI/2.0 + strict-transport-security: + - max-age=31536000; includeSubDomains + transfer-encoding: + - chunked + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + x-ms-ratelimit-remaining-resource: + - Microsoft.Compute/GetVMImageFromLocation3Min;12999,Microsoft.Compute/GetVMImageFromLocation30Min;73998 + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json, text/json + Accept-Encoding: + - gzip, deflate + CommandName: + - vm create + Connection: + - keep-alive + ParameterSetName: + - -n -g --size --security-type --image --admin-username --admin-password --enable-vtpm + --enable-secure-boot --os-disk-security-encryption-type --os-disk-secure-vm-disk-encryption-set + User-Agent: + - AZURECLI/2.37.0 azsdk-python-azure-mgmt-network/20.0.0 Python/3.8.10 (Windows-10-10.0.22000-SP0) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.Network/virtualNetworks?api-version=2018-01-01 + response: + body: + string: '{"value":[]}' + headers: + cache-control: + - no-cache + content-length: + - '12' + content-type: + - application/json; charset=utf-8 + date: + - Tue, 31 May 2022 02:51:34 GMT + expires: + - '-1' + pragma: + - no-cache + strict-transport-security: + - max-age=31536000; includeSubDomains + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: '{"properties": {"template": {"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", "parameters": {"adminPassword": {"type": "securestring", + "metadata": {"description": "Secure adminPassword"}}}, "variables": {}, "resources": + [{"name": "vm1000005VNET", "type": "Microsoft.Network/virtualNetworks", "location": + "centraluseuap", "apiVersion": "2015-06-15", "dependsOn": [], "tags": {}, "properties": + {"addressSpace": {"addressPrefixes": ["10.0.0.0/16"]}, "subnets": [{"name": + "vm1000005Subnet", "properties": {"addressPrefix": "10.0.0.0/24"}}]}}, {"type": + "Microsoft.Network/networkSecurityGroups", "name": "vm1000005NSG", "apiVersion": + "2015-06-15", "location": "centraluseuap", "tags": {}, "dependsOn": [], "properties": + {"securityRules": [{"name": "rdp", "properties": {"protocol": "Tcp", "sourcePortRange": + "*", "destinationPortRange": "3389", "sourceAddressPrefix": "*", "destinationAddressPrefix": + "*", "access": "Allow", "priority": 1000, "direction": "Inbound"}}]}}, {"apiVersion": + "2018-01-01", "type": "Microsoft.Network/publicIPAddresses", "name": "vm1000005PublicIP", + "location": "centraluseuap", "tags": {}, "dependsOn": [], "properties": {"publicIPAllocationMethod": + null}}, {"apiVersion": "2015-06-15", "type": "Microsoft.Network/networkInterfaces", + "name": "vm1000005VMNic", "location": "centraluseuap", "tags": {}, "dependsOn": + ["Microsoft.Network/virtualNetworks/vm1000005VNET", "Microsoft.Network/networkSecurityGroups/vm1000005NSG", + "Microsoft.Network/publicIpAddresses/vm1000005PublicIP"], "properties": {"ipConfigurations": + [{"name": "ipconfigvm1000005", "properties": {"privateIPAllocationMethod": "Dynamic", + "subnet": {"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.Network/virtualNetworks/vm1000005VNET/subnets/vm1000005Subnet"}, + "publicIPAddress": {"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.Network/publicIPAddresses/vm1000005PublicIP"}}}], + "networkSecurityGroup": {"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.Network/networkSecurityGroups/vm1000005NSG"}}}, + {"apiVersion": "2022-03-01", "type": "Microsoft.Compute/virtualMachines", "name": + "vm1000005", "location": "centraluseuap", "tags": {}, "dependsOn": ["Microsoft.Network/networkInterfaces/vm1000005VMNic"], + "properties": {"hardwareProfile": {"vmSize": "Standard_DC2as_v5"}, "networkProfile": + {"networkInterfaces": [{"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.Network/networkInterfaces/vm1000005VMNic", + "properties": {"deleteOption": null}}]}, "storageProfile": {"osDisk": {"createOption": + "fromImage", "name": null, "caching": "ReadWrite", "managedDisk": {"storageAccountType": + null, "securityProfile": {"securityEncryptionType": "DiskWithVMGuestState", + "diskEncryptionSet": {"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.Compute/diskEncryptionSets/des1000004"}}}}, + "imageReference": {"publisher": "MicrosoftWindowsServer", "offer": "WindowsServer", + "sku": "2022-datacenter-smalldisk-g2", "version": "latest"}}, "osProfile": {"computerName": + "vm1000005", "adminUsername": "testuser", "adminPassword": "[parameters(''adminPassword'')]"}, + "securityProfile": {"securityType": "ConfidentialVM", "uefiSettings": {"secureBootEnabled": + true, "vTpmEnabled": true}}}}], "outputs": {}}, "parameters": {"adminPassword": + {"value": "testPassword0"}}, "mode": "incremental"}}' + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - vm create + Connection: + - keep-alive + Content-Length: + - '3770' + Content-Type: + - application/json + ParameterSetName: + - -n -g --size --security-type --image --admin-username --admin-password --enable-vtpm + --enable-secure-boot --os-disk-security-encryption-type --os-disk-secure-vm-disk-encryption-set + User-Agent: + - AZURECLI/2.37.0 azsdk-python-azure-mgmt-resource/21.1.0b1 Python/3.8.10 (Windows-10-10.0.22000-SP0) + method: PUT + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.Resources/deployments/mock-deployment?api-version=2021-04-01 + response: + body: + string: '{"id":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.Resources/deployments/vm_deploy_Uz1T8VFsJx06yrfRFyVi80AK3gbctKP4","name":"vm_deploy_Uz1T8VFsJx06yrfRFyVi80AK3gbctKP4","type":"Microsoft.Resources/deployments","properties":{"templateHash":"1228307168060353538","parameters":{"adminPassword":{"type":"SecureString"}},"mode":"Incremental","provisioningState":"Accepted","timestamp":"2022-05-31T02:51:42.7602615Z","duration":"PT0.0000887S","correlationId":"1e47d864-c01e-40a8-8490-1dbecf257e5d","providers":[{"namespace":"Microsoft.Network","resourceTypes":[{"resourceType":"virtualNetworks","locations":["centraluseuap"]},{"resourceType":"networkSecurityGroups","locations":["centraluseuap"]},{"resourceType":"publicIPAddresses","locations":["centraluseuap"]},{"resourceType":"networkInterfaces","locations":["centraluseuap"]}]},{"namespace":"Microsoft.Compute","resourceTypes":[{"resourceType":"virtualMachines","locations":["centraluseuap"]}]}],"dependencies":[{"dependsOn":[{"id":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.Network/virtualNetworks/vm1000005VNET","resourceType":"Microsoft.Network/virtualNetworks","resourceName":"vm1000005VNET"},{"id":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.Network/networkSecurityGroups/vm1000005NSG","resourceType":"Microsoft.Network/networkSecurityGroups","resourceName":"vm1000005NSG"},{"id":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.Network/publicIPAddresses/vm1000005PublicIP","resourceType":"Microsoft.Network/publicIPAddresses","resourceName":"vm1000005PublicIP"}],"id":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.Network/networkInterfaces/vm1000005VMNic","resourceType":"Microsoft.Network/networkInterfaces","resourceName":"vm1000005VMNic"},{"dependsOn":[{"id":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.Network/networkInterfaces/vm1000005VMNic","resourceType":"Microsoft.Network/networkInterfaces","resourceName":"vm1000005VMNic"}],"id":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.Compute/virtualMachines/vm1000005","resourceType":"Microsoft.Compute/virtualMachines","resourceName":"vm1000005"}]}}' + headers: + azure-asyncoperation: + - https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.Resources/deployments/vm_deploy_Uz1T8VFsJx06yrfRFyVi80AK3gbctKP4/operationStatuses/08585476413858650536?api-version=2021-04-01 + cache-control: + - no-cache + content-length: + - '2657' + content-type: + - application/json; charset=utf-8 + date: + - Tue, 31 May 2022 02:51:43 GMT + expires: + - '-1' + pragma: + - no-cache + strict-transport-security: + - max-age=31536000; includeSubDomains + x-content-type-options: + - nosniff + x-ms-ratelimit-remaining-subscription-writes: + - '1199' + status: + code: 201 + message: Created +- request: + body: null + headers: + Accept: + - '*/*' + Accept-Encoding: + - gzip, deflate + CommandName: + - vm create + Connection: + - keep-alive + ParameterSetName: + - -n -g --size --security-type --image --admin-username --admin-password --enable-vtpm + --enable-secure-boot --os-disk-security-encryption-type --os-disk-secure-vm-disk-encryption-set + User-Agent: + - AZURECLI/2.37.0 azsdk-python-azure-mgmt-resource/21.1.0b1 Python/3.8.10 (Windows-10-10.0.22000-SP0) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.Resources/deployments/mock-deployment/operationStatuses/08585476413858650536?api-version=2021-04-01 + response: + body: + string: '{"status":"Running"}' + headers: + cache-control: + - no-cache + content-length: + - '20' + content-type: + - application/json; charset=utf-8 + date: + - Tue, 31 May 2022 02:52:14 GMT + expires: + - '-1' + pragma: + - no-cache + strict-transport-security: + - max-age=31536000; includeSubDomains + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - '*/*' + Accept-Encoding: + - gzip, deflate + CommandName: + - vm create + Connection: + - keep-alive + ParameterSetName: + - -n -g --size --security-type --image --admin-username --admin-password --enable-vtpm + --enable-secure-boot --os-disk-security-encryption-type --os-disk-secure-vm-disk-encryption-set + User-Agent: + - AZURECLI/2.37.0 azsdk-python-azure-mgmt-resource/21.1.0b1 Python/3.8.10 (Windows-10-10.0.22000-SP0) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.Resources/deployments/mock-deployment/operationStatuses/08585476413858650536?api-version=2021-04-01 + response: + body: + string: '{"status":"Running"}' + headers: + cache-control: + - no-cache + content-length: + - '20' + content-type: + - application/json; charset=utf-8 + date: + - Tue, 31 May 2022 02:52:45 GMT + expires: + - '-1' + pragma: + - no-cache + strict-transport-security: + - max-age=31536000; includeSubDomains + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - '*/*' + Accept-Encoding: + - gzip, deflate + CommandName: + - vm create + Connection: + - keep-alive + ParameterSetName: + - -n -g --size --security-type --image --admin-username --admin-password --enable-vtpm + --enable-secure-boot --os-disk-security-encryption-type --os-disk-secure-vm-disk-encryption-set + User-Agent: + - AZURECLI/2.37.0 azsdk-python-azure-mgmt-resource/21.1.0b1 Python/3.8.10 (Windows-10-10.0.22000-SP0) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.Resources/deployments/mock-deployment/operationStatuses/08585476413858650536?api-version=2021-04-01 + response: + body: + string: '{"status":"Running"}' + headers: + cache-control: + - no-cache + content-length: + - '20' + content-type: + - application/json; charset=utf-8 + date: + - Tue, 31 May 2022 02:53:15 GMT + expires: + - '-1' + pragma: + - no-cache + strict-transport-security: + - max-age=31536000; includeSubDomains + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - '*/*' + Accept-Encoding: + - gzip, deflate + CommandName: + - vm create + Connection: + - keep-alive + ParameterSetName: + - -n -g --size --security-type --image --admin-username --admin-password --enable-vtpm + --enable-secure-boot --os-disk-security-encryption-type --os-disk-secure-vm-disk-encryption-set + User-Agent: + - AZURECLI/2.37.0 azsdk-python-azure-mgmt-resource/21.1.0b1 Python/3.8.10 (Windows-10-10.0.22000-SP0) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.Resources/deployments/mock-deployment/operationStatuses/08585476413858650536?api-version=2021-04-01 + response: + body: + string: '{"status":"Running"}' + headers: + cache-control: + - no-cache + content-length: + - '20' + content-type: + - application/json; charset=utf-8 + date: + - Tue, 31 May 2022 02:53:46 GMT + expires: + - '-1' + pragma: + - no-cache + strict-transport-security: + - max-age=31536000; includeSubDomains + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - '*/*' + Accept-Encoding: + - gzip, deflate + CommandName: + - vm create + Connection: + - keep-alive + ParameterSetName: + - -n -g --size --security-type --image --admin-username --admin-password --enable-vtpm + --enable-secure-boot --os-disk-security-encryption-type --os-disk-secure-vm-disk-encryption-set + User-Agent: + - AZURECLI/2.37.0 azsdk-python-azure-mgmt-resource/21.1.0b1 Python/3.8.10 (Windows-10-10.0.22000-SP0) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.Resources/deployments/mock-deployment/operationStatuses/08585476413858650536?api-version=2021-04-01 + response: + body: + string: '{"status":"Running"}' + headers: + cache-control: + - no-cache + content-length: + - '20' + content-type: + - application/json; charset=utf-8 + date: + - Tue, 31 May 2022 02:54:16 GMT + expires: + - '-1' + pragma: + - no-cache + strict-transport-security: + - max-age=31536000; includeSubDomains + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - '*/*' + Accept-Encoding: + - gzip, deflate + CommandName: + - vm create + Connection: + - keep-alive + ParameterSetName: + - -n -g --size --security-type --image --admin-username --admin-password --enable-vtpm + --enable-secure-boot --os-disk-security-encryption-type --os-disk-secure-vm-disk-encryption-set + User-Agent: + - AZURECLI/2.37.0 azsdk-python-azure-mgmt-resource/21.1.0b1 Python/3.8.10 (Windows-10-10.0.22000-SP0) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.Resources/deployments/mock-deployment/operationStatuses/08585476413858650536?api-version=2021-04-01 + response: + body: + string: '{"status":"Running"}' + headers: + cache-control: + - no-cache + content-length: + - '20' + content-type: + - application/json; charset=utf-8 + date: + - Tue, 31 May 2022 02:54:47 GMT + expires: + - '-1' + pragma: + - no-cache + strict-transport-security: + - max-age=31536000; includeSubDomains + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - '*/*' + Accept-Encoding: + - gzip, deflate + CommandName: + - vm create + Connection: + - keep-alive + ParameterSetName: + - -n -g --size --security-type --image --admin-username --admin-password --enable-vtpm + --enable-secure-boot --os-disk-security-encryption-type --os-disk-secure-vm-disk-encryption-set + User-Agent: + - AZURECLI/2.37.0 azsdk-python-azure-mgmt-resource/21.1.0b1 Python/3.8.10 (Windows-10-10.0.22000-SP0) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.Resources/deployments/mock-deployment/operationStatuses/08585476413858650536?api-version=2021-04-01 + response: + body: + string: '{"status":"Running"}' + headers: + cache-control: + - no-cache + content-length: + - '20' + content-type: + - application/json; charset=utf-8 + date: + - Tue, 31 May 2022 02:55:17 GMT + expires: + - '-1' + pragma: + - no-cache + strict-transport-security: + - max-age=31536000; includeSubDomains + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - '*/*' + Accept-Encoding: + - gzip, deflate + CommandName: + - vm create + Connection: + - keep-alive + ParameterSetName: + - -n -g --size --security-type --image --admin-username --admin-password --enable-vtpm + --enable-secure-boot --os-disk-security-encryption-type --os-disk-secure-vm-disk-encryption-set + User-Agent: + - AZURECLI/2.37.0 azsdk-python-azure-mgmt-resource/21.1.0b1 Python/3.8.10 (Windows-10-10.0.22000-SP0) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.Resources/deployments/mock-deployment/operationStatuses/08585476413858650536?api-version=2021-04-01 + response: + body: + string: '{"status":"Running"}' + headers: + cache-control: + - no-cache + content-length: + - '20' + content-type: + - application/json; charset=utf-8 + date: + - Tue, 31 May 2022 02:55:48 GMT + expires: + - '-1' + pragma: + - no-cache + strict-transport-security: + - max-age=31536000; includeSubDomains + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - '*/*' + Accept-Encoding: + - gzip, deflate + CommandName: + - vm create + Connection: + - keep-alive + ParameterSetName: + - -n -g --size --security-type --image --admin-username --admin-password --enable-vtpm + --enable-secure-boot --os-disk-security-encryption-type --os-disk-secure-vm-disk-encryption-set + User-Agent: + - AZURECLI/2.37.0 azsdk-python-azure-mgmt-resource/21.1.0b1 Python/3.8.10 (Windows-10-10.0.22000-SP0) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.Resources/deployments/mock-deployment/operationStatuses/08585476413858650536?api-version=2021-04-01 + response: + body: + string: '{"status":"Running"}' + headers: + cache-control: + - no-cache + content-length: + - '20' + content-type: + - application/json; charset=utf-8 + date: + - Tue, 31 May 2022 02:56:19 GMT + expires: + - '-1' + pragma: + - no-cache + strict-transport-security: + - max-age=31536000; includeSubDomains + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - '*/*' + Accept-Encoding: + - gzip, deflate + CommandName: + - vm create + Connection: + - keep-alive + ParameterSetName: + - -n -g --size --security-type --image --admin-username --admin-password --enable-vtpm + --enable-secure-boot --os-disk-security-encryption-type --os-disk-secure-vm-disk-encryption-set + User-Agent: + - AZURECLI/2.37.0 azsdk-python-azure-mgmt-resource/21.1.0b1 Python/3.8.10 (Windows-10-10.0.22000-SP0) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.Resources/deployments/mock-deployment/operationStatuses/08585476413858650536?api-version=2021-04-01 + response: + body: + string: '{"status":"Running"}' + headers: + cache-control: + - no-cache + content-length: + - '20' + content-type: + - application/json; charset=utf-8 + date: + - Tue, 31 May 2022 02:56:49 GMT + expires: + - '-1' + pragma: + - no-cache + strict-transport-security: + - max-age=31536000; includeSubDomains + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - '*/*' + Accept-Encoding: + - gzip, deflate + CommandName: + - vm create + Connection: + - keep-alive + ParameterSetName: + - -n -g --size --security-type --image --admin-username --admin-password --enable-vtpm + --enable-secure-boot --os-disk-security-encryption-type --os-disk-secure-vm-disk-encryption-set + User-Agent: + - AZURECLI/2.37.0 azsdk-python-azure-mgmt-resource/21.1.0b1 Python/3.8.10 (Windows-10-10.0.22000-SP0) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.Resources/deployments/mock-deployment/operationStatuses/08585476413858650536?api-version=2021-04-01 + response: + body: + string: '{"status":"Running"}' + headers: + cache-control: + - no-cache + content-length: + - '20' + content-type: + - application/json; charset=utf-8 + date: + - Tue, 31 May 2022 02:57:21 GMT + expires: + - '-1' + pragma: + - no-cache + strict-transport-security: + - max-age=31536000; includeSubDomains + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - '*/*' + Accept-Encoding: + - gzip, deflate + CommandName: + - vm create + Connection: + - keep-alive + ParameterSetName: + - -n -g --size --security-type --image --admin-username --admin-password --enable-vtpm + --enable-secure-boot --os-disk-security-encryption-type --os-disk-secure-vm-disk-encryption-set + User-Agent: + - AZURECLI/2.37.0 azsdk-python-azure-mgmt-resource/21.1.0b1 Python/3.8.10 (Windows-10-10.0.22000-SP0) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.Resources/deployments/mock-deployment/operationStatuses/08585476413858650536?api-version=2021-04-01 + response: + body: + string: '{"status":"Running"}' + headers: + cache-control: + - no-cache + content-length: + - '20' + content-type: + - application/json; charset=utf-8 + date: + - Tue, 31 May 2022 02:57:51 GMT + expires: + - '-1' + pragma: + - no-cache + strict-transport-security: + - max-age=31536000; includeSubDomains + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - '*/*' + Accept-Encoding: + - gzip, deflate + CommandName: + - vm create + Connection: + - keep-alive + ParameterSetName: + - -n -g --size --security-type --image --admin-username --admin-password --enable-vtpm + --enable-secure-boot --os-disk-security-encryption-type --os-disk-secure-vm-disk-encryption-set + User-Agent: + - AZURECLI/2.37.0 azsdk-python-azure-mgmt-resource/21.1.0b1 Python/3.8.10 (Windows-10-10.0.22000-SP0) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.Resources/deployments/mock-deployment/operationStatuses/08585476413858650536?api-version=2021-04-01 + response: + body: + string: '{"status":"Running"}' + headers: + cache-control: + - no-cache + content-length: + - '20' + content-type: + - application/json; charset=utf-8 + date: + - Tue, 31 May 2022 02:58:22 GMT + expires: + - '-1' + pragma: + - no-cache + strict-transport-security: + - max-age=31536000; includeSubDomains + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - '*/*' + Accept-Encoding: + - gzip, deflate + CommandName: + - vm create + Connection: + - keep-alive + ParameterSetName: + - -n -g --size --security-type --image --admin-username --admin-password --enable-vtpm + --enable-secure-boot --os-disk-security-encryption-type --os-disk-secure-vm-disk-encryption-set + User-Agent: + - AZURECLI/2.37.0 azsdk-python-azure-mgmt-resource/21.1.0b1 Python/3.8.10 (Windows-10-10.0.22000-SP0) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.Resources/deployments/mock-deployment/operationStatuses/08585476413858650536?api-version=2021-04-01 + response: + body: + string: '{"status":"Running"}' + headers: + cache-control: + - no-cache + content-length: + - '20' + content-type: + - application/json; charset=utf-8 + date: + - Tue, 31 May 2022 02:58:52 GMT + expires: + - '-1' + pragma: + - no-cache + strict-transport-security: + - max-age=31536000; includeSubDomains + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - '*/*' + Accept-Encoding: + - gzip, deflate + CommandName: + - vm create + Connection: + - keep-alive + ParameterSetName: + - -n -g --size --security-type --image --admin-username --admin-password --enable-vtpm + --enable-secure-boot --os-disk-security-encryption-type --os-disk-secure-vm-disk-encryption-set + User-Agent: + - AZURECLI/2.37.0 azsdk-python-azure-mgmt-resource/21.1.0b1 Python/3.8.10 (Windows-10-10.0.22000-SP0) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.Resources/deployments/mock-deployment/operationStatuses/08585476413858650536?api-version=2021-04-01 + response: + body: + string: '{"status":"Running"}' + headers: + cache-control: + - no-cache + content-length: + - '20' + content-type: + - application/json; charset=utf-8 + date: + - Tue, 31 May 2022 02:59:22 GMT + expires: + - '-1' + pragma: + - no-cache + strict-transport-security: + - max-age=31536000; includeSubDomains + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - '*/*' + Accept-Encoding: + - gzip, deflate + CommandName: + - vm create + Connection: + - keep-alive + ParameterSetName: + - -n -g --size --security-type --image --admin-username --admin-password --enable-vtpm + --enable-secure-boot --os-disk-security-encryption-type --os-disk-secure-vm-disk-encryption-set + User-Agent: + - AZURECLI/2.37.0 azsdk-python-azure-mgmt-resource/21.1.0b1 Python/3.8.10 (Windows-10-10.0.22000-SP0) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.Resources/deployments/mock-deployment/operationStatuses/08585476413858650536?api-version=2021-04-01 + response: + body: + string: '{"status":"Running"}' + headers: + cache-control: + - no-cache + content-length: + - '20' + content-type: + - application/json; charset=utf-8 + date: + - Tue, 31 May 2022 02:59:53 GMT + expires: + - '-1' + pragma: + - no-cache + strict-transport-security: + - max-age=31536000; includeSubDomains + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - '*/*' + Accept-Encoding: + - gzip, deflate + CommandName: + - vm create + Connection: + - keep-alive + ParameterSetName: + - -n -g --size --security-type --image --admin-username --admin-password --enable-vtpm + --enable-secure-boot --os-disk-security-encryption-type --os-disk-secure-vm-disk-encryption-set + User-Agent: + - AZURECLI/2.37.0 azsdk-python-azure-mgmt-resource/21.1.0b1 Python/3.8.10 (Windows-10-10.0.22000-SP0) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.Resources/deployments/mock-deployment/operationStatuses/08585476413858650536?api-version=2021-04-01 + response: + body: + string: '{"status":"Running"}' + headers: + cache-control: + - no-cache + content-length: + - '20' + content-type: + - application/json; charset=utf-8 + date: + - Tue, 31 May 2022 03:00:24 GMT + expires: + - '-1' + pragma: + - no-cache + strict-transport-security: + - max-age=31536000; includeSubDomains + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - '*/*' + Accept-Encoding: + - gzip, deflate + CommandName: + - vm create + Connection: + - keep-alive + ParameterSetName: + - -n -g --size --security-type --image --admin-username --admin-password --enable-vtpm + --enable-secure-boot --os-disk-security-encryption-type --os-disk-secure-vm-disk-encryption-set + User-Agent: + - AZURECLI/2.37.0 azsdk-python-azure-mgmt-resource/21.1.0b1 Python/3.8.10 (Windows-10-10.0.22000-SP0) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.Resources/deployments/mock-deployment/operationStatuses/08585476413858650536?api-version=2021-04-01 + response: + body: + string: '{"status":"Running"}' + headers: + cache-control: + - no-cache + content-length: + - '20' + content-type: + - application/json; charset=utf-8 + date: + - Tue, 31 May 2022 03:00:54 GMT + expires: + - '-1' + pragma: + - no-cache + strict-transport-security: + - max-age=31536000; includeSubDomains + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - '*/*' + Accept-Encoding: + - gzip, deflate + CommandName: + - vm create + Connection: + - keep-alive + ParameterSetName: + - -n -g --size --security-type --image --admin-username --admin-password --enable-vtpm + --enable-secure-boot --os-disk-security-encryption-type --os-disk-secure-vm-disk-encryption-set + User-Agent: + - AZURECLI/2.37.0 azsdk-python-azure-mgmt-resource/21.1.0b1 Python/3.8.10 (Windows-10-10.0.22000-SP0) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.Resources/deployments/mock-deployment/operationStatuses/08585476413858650536?api-version=2021-04-01 + response: + body: + string: '{"status":"Running"}' + headers: + cache-control: + - no-cache + content-length: + - '20' + content-type: + - application/json; charset=utf-8 + date: + - Tue, 31 May 2022 03:01:26 GMT + expires: + - '-1' + pragma: + - no-cache + strict-transport-security: + - max-age=31536000; includeSubDomains + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - '*/*' + Accept-Encoding: + - gzip, deflate + CommandName: + - vm create + Connection: + - keep-alive + ParameterSetName: + - -n -g --size --security-type --image --admin-username --admin-password --enable-vtpm + --enable-secure-boot --os-disk-security-encryption-type --os-disk-secure-vm-disk-encryption-set + User-Agent: + - AZURECLI/2.37.0 azsdk-python-azure-mgmt-resource/21.1.0b1 Python/3.8.10 (Windows-10-10.0.22000-SP0) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.Resources/deployments/mock-deployment/operationStatuses/08585476413858650536?api-version=2021-04-01 + response: + body: + string: '{"status":"Succeeded"}' + headers: + cache-control: + - no-cache + content-length: + - '22' + content-type: + - application/json; charset=utf-8 + date: + - Tue, 31 May 2022 03:01:56 GMT + expires: + - '-1' + pragma: + - no-cache + strict-transport-security: + - max-age=31536000; includeSubDomains + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - '*/*' + Accept-Encoding: + - gzip, deflate + CommandName: + - vm create + Connection: + - keep-alive + ParameterSetName: + - -n -g --size --security-type --image --admin-username --admin-password --enable-vtpm + --enable-secure-boot --os-disk-security-encryption-type --os-disk-secure-vm-disk-encryption-set + User-Agent: + - AZURECLI/2.37.0 azsdk-python-azure-mgmt-resource/21.1.0b1 Python/3.8.10 (Windows-10-10.0.22000-SP0) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.Resources/deployments/mock-deployment?api-version=2021-04-01 + response: + body: + string: '{"id":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.Resources/deployments/vm_deploy_Uz1T8VFsJx06yrfRFyVi80AK3gbctKP4","name":"vm_deploy_Uz1T8VFsJx06yrfRFyVi80AK3gbctKP4","type":"Microsoft.Resources/deployments","properties":{"templateHash":"1228307168060353538","parameters":{"adminPassword":{"type":"SecureString"}},"mode":"Incremental","provisioningState":"Succeeded","timestamp":"2022-05-31T03:01:39.4691002Z","duration":"PT9M56.7089274S","correlationId":"1e47d864-c01e-40a8-8490-1dbecf257e5d","providers":[{"namespace":"Microsoft.Network","resourceTypes":[{"resourceType":"virtualNetworks","locations":["centraluseuap"]},{"resourceType":"networkSecurityGroups","locations":["centraluseuap"]},{"resourceType":"publicIPAddresses","locations":["centraluseuap"]},{"resourceType":"networkInterfaces","locations":["centraluseuap"]}]},{"namespace":"Microsoft.Compute","resourceTypes":[{"resourceType":"virtualMachines","locations":["centraluseuap"]}]}],"dependencies":[{"dependsOn":[{"id":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.Network/virtualNetworks/vm1000005VNET","resourceType":"Microsoft.Network/virtualNetworks","resourceName":"vm1000005VNET"},{"id":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.Network/networkSecurityGroups/vm1000005NSG","resourceType":"Microsoft.Network/networkSecurityGroups","resourceName":"vm1000005NSG"},{"id":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.Network/publicIPAddresses/vm1000005PublicIP","resourceType":"Microsoft.Network/publicIPAddresses","resourceName":"vm1000005PublicIP"}],"id":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.Network/networkInterfaces/vm1000005VMNic","resourceType":"Microsoft.Network/networkInterfaces","resourceName":"vm1000005VMNic"},{"dependsOn":[{"id":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.Network/networkInterfaces/vm1000005VMNic","resourceType":"Microsoft.Network/networkInterfaces","resourceName":"vm1000005VMNic"}],"id":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.Compute/virtualMachines/vm1000005","resourceType":"Microsoft.Compute/virtualMachines","resourceName":"vm1000005"}],"outputs":{},"outputResources":[{"id":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.Compute/virtualMachines/vm1000005"},{"id":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.Network/networkInterfaces/vm1000005VMNic"},{"id":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.Network/networkSecurityGroups/vm1000005NSG"},{"id":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.Network/publicIPAddresses/vm1000005PublicIP"},{"id":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.Network/virtualNetworks/vm1000005VNET"}]}}' + headers: + cache-control: + - no-cache + content-length: + - '3589' + content-type: + - application/json; charset=utf-8 + date: + - Tue, 31 May 2022 03:01:56 GMT + expires: + - '-1' + pragma: + - no-cache + strict-transport-security: + - max-age=31536000; includeSubDomains + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - vm create + Connection: + - keep-alive + ParameterSetName: + - -n -g --size --security-type --image --admin-username --admin-password --enable-vtpm + --enable-secure-boot --os-disk-security-encryption-type --os-disk-secure-vm-disk-encryption-set + User-Agent: + - AZURECLI/2.37.0 azsdk-python-azure-mgmt-compute/27.0.0 Python/3.8.10 (Windows-10-10.0.22000-SP0) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.Compute/virtualMachines/vm1000005?$expand=instanceView&api-version=2022-03-01 + response: + body: + string: "{\r\n \"name\": \"vm1000005\",\r\n \"id\": \"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.Compute/virtualMachines/vm1000005\",\r\n + \ \"type\": \"Microsoft.Compute/virtualMachines\",\r\n \"location\": \"centraluseuap\",\r\n + \ \"tags\": {},\r\n \"properties\": {\r\n \"vmId\": \"59c2baec-1215-4270-883d-3fc0854105f7\",\r\n + \ \"hardwareProfile\": {\r\n \"vmSize\": \"Standard_DC2as_v5\"\r\n + \ },\r\n \"storageProfile\": {\r\n \"imageReference\": {\r\n \"publisher\": + \"MicrosoftWindowsServer\",\r\n \"offer\": \"WindowsServer\",\r\n \"sku\": + \"2022-datacenter-smalldisk-g2\",\r\n \"version\": \"latest\",\r\n + \ \"exactVersion\": \"20348.707.220505\"\r\n },\r\n \"osDisk\": + {\r\n \"osType\": \"Windows\",\r\n \"name\": \"vm1000005_OsDisk_1_c7d797bc7bfa41979bcbfe11e5506afe\",\r\n + \ \"createOption\": \"FromImage\",\r\n \"caching\": \"ReadWrite\",\r\n + \ \"managedDisk\": {\r\n \"securityProfile\": {\r\n \"securityEncryptionType\": + \"DiskWithVMGuestState\",\r\n \"diskEncryptionSet\": {\r\n \"id\": + \"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.Compute/diskEncryptionSets/des1000004\"\r\n + \ }\r\n },\r\n \"storageAccountType\": \"Premium_LRS\",\r\n + \ \"id\": \"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.Compute/disks/vm1000005_OsDisk_1_c7d797bc7bfa41979bcbfe11e5506afe\"\r\n + \ },\r\n \"deleteOption\": \"Detach\",\r\n \"diskSizeGB\": + 30\r\n },\r\n \"dataDisks\": []\r\n },\r\n \"osProfile\": + {\r\n \"computerName\": \"vm1000005\",\r\n \"adminUsername\": \"testuser\",\r\n + \ \"windowsConfiguration\": {\r\n \"provisionVMAgent\": true,\r\n + \ \"enableAutomaticUpdates\": true,\r\n \"patchSettings\": {\r\n + \ \"patchMode\": \"AutomaticByOS\",\r\n \"assessmentMode\": + \"ImageDefault\"\r\n },\r\n \"enableVMAgentPlatformUpdates\": + false\r\n },\r\n \"secrets\": [],\r\n \"allowExtensionOperations\": + true,\r\n \"requireGuestProvisionSignal\": true\r\n },\r\n \"securityProfile\": + {\r\n \"uefiSettings\": {\r\n \"secureBootEnabled\": true,\r\n + \ \"vTpmEnabled\": true\r\n },\r\n \"securityType\": \"ConfidentialVM\"\r\n + \ },\r\n \"networkProfile\": {\"networkInterfaces\":[{\"id\":\"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.Network/networkInterfaces/vm1000005VMNic\"}]},\r\n + \ \"provisioningState\": \"Succeeded\",\r\n \"instanceView\": {\r\n \"vmAgent\": + {\r\n \"vmAgentVersion\": \"Unknown\",\r\n \"statuses\": [\r\n + \ {\r\n \"code\": \"ProvisioningState/Unavailable\",\r\n + \ \"level\": \"Warning\",\r\n \"displayStatus\": \"Not + Ready\",\r\n \"message\": \"VM status blob is found but not yet + populated.\",\r\n \"time\": \"2022-05-31T03:01:58+00:00\"\r\n }\r\n + \ ]\r\n },\r\n \"disks\": [\r\n {\r\n \"name\": + \"vm1000005_OsDisk_1_c7d797bc7bfa41979bcbfe11e5506afe\",\r\n \"statuses\": + [\r\n {\r\n \"code\": \"ProvisioningState/succeeded\",\r\n + \ \"level\": \"Info\",\r\n \"displayStatus\": \"Provisioning + succeeded\",\r\n \"time\": \"2022-05-31T03:01:10.1918892+00:00\"\r\n + \ }\r\n ]\r\n }\r\n ],\r\n \"hyperVGeneration\": + \"V2\",\r\n \"statuses\": [\r\n {\r\n \"code\": \"ProvisioningState/succeeded\",\r\n + \ \"level\": \"Info\",\r\n \"displayStatus\": \"Provisioning + succeeded\",\r\n \"time\": \"2022-05-31T03:01:29.9419846+00:00\"\r\n + \ },\r\n {\r\n \"code\": \"PowerState/stopped\",\r\n + \ \"level\": \"Info\",\r\n \"displayStatus\": \"VM stopped\"\r\n + \ }\r\n ]\r\n },\r\n \"timeCreated\": \"2022-05-31T02:52:13.7824634+00:00\"\r\n + \ }\r\n}" + headers: + cache-control: + - no-cache + content-length: + - '3866' + content-type: + - application/json; charset=utf-8 + date: + - Tue, 31 May 2022 03:01:57 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - Microsoft-HTTPAPI/2.0 + - Microsoft-HTTPAPI/2.0 + strict-transport-security: + - max-age=31536000; includeSubDomains + transfer-encoding: + - chunked + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + x-ms-ratelimit-remaining-resource: + - Microsoft.Compute/LowCostGet3Min;3996,Microsoft.Compute/LowCostGet30Min;31969 + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json, text/json + Accept-Encoding: + - gzip, deflate + CommandName: + - vm create + Connection: + - keep-alive + ParameterSetName: + - -n -g --size --security-type --image --admin-username --admin-password --enable-vtpm + --enable-secure-boot --os-disk-security-encryption-type --os-disk-secure-vm-disk-encryption-set + User-Agent: + - AZURECLI/2.37.0 azsdk-python-azure-mgmt-network/20.0.0 Python/3.8.10 (Windows-10-10.0.22000-SP0) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.Network/networkInterfaces/vm1000005VMNic?api-version=2018-01-01 + response: + body: + string: "{\r\n \"name\": \"vm1000005VMNic\",\r\n \"id\": \"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.Network/networkInterfaces/vm1000005VMNic\",\r\n + \ \"etag\": \"W/\\\"9108ca81-3ea8-4c25-8c31-381f602e4733\\\"\",\r\n \"location\": + \"centraluseuap\",\r\n \"tags\": {},\r\n \"properties\": {\r\n \"provisioningState\": + \"Succeeded\",\r\n \"resourceGuid\": \"4e6dd1d3-15d9-4dc5-a4c3-3d483f34dc33\",\r\n + \ \"ipConfigurations\": [\r\n {\r\n \"name\": \"ipconfigvm1000005\",\r\n + \ \"id\": \"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.Network/networkInterfaces/vm1000005VMNic/ipConfigurations/ipconfigvm1000005\",\r\n + \ \"etag\": \"W/\\\"9108ca81-3ea8-4c25-8c31-381f602e4733\\\"\",\r\n + \ \"type\": \"Microsoft.Network/networkInterfaces/ipConfigurations\",\r\n + \ \"properties\": {\r\n \"provisioningState\": \"Succeeded\",\r\n + \ \"privateIPAddress\": \"10.0.0.4\",\r\n \"privateIPAllocationMethod\": + \"Dynamic\",\r\n \"publicIPAddress\": {\r\n \"id\": \"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.Network/publicIPAddresses/vm1000005PublicIP\"\r\n + \ },\r\n \"subnet\": {\r\n \"id\": \"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.Network/virtualNetworks/vm1000005VNET/subnets/vm1000005Subnet\"\r\n + \ },\r\n \"primary\": true,\r\n \"privateIPAddressVersion\": + \"IPv4\"\r\n }\r\n }\r\n ],\r\n \"dnsSettings\": {\r\n \"dnsServers\": + [],\r\n \"appliedDnsServers\": [],\r\n \"internalDomainNameSuffix\": + \"uzefxcfo21uu5fyjjbckdsucec.cdmx.internal.cloudapp.net\"\r\n },\r\n \"macAddress\": + \"60-45-BD-76-7E-C9\",\r\n \"enableIPForwarding\": false,\r\n \"networkSecurityGroup\": + {\r\n \"id\": \"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.Network/networkSecurityGroups/vm1000005NSG\"\r\n + \ },\r\n \"primary\": true,\r\n \"virtualMachine\": {\r\n \"id\": + \"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.Compute/virtualMachines/vm1000005\"\r\n + \ }\r\n },\r\n \"type\": \"Microsoft.Network/networkInterfaces\"\r\n}" + headers: + cache-control: + - no-cache + content-length: + - '2396' + content-type: + - application/json; charset=utf-8 + date: + - Tue, 31 May 2022 03:01:59 GMT + etag: + - W/"9108ca81-3ea8-4c25-8c31-381f602e4733" + expires: + - '-1' + pragma: + - no-cache + server: + - Microsoft-HTTPAPI/2.0 + - Microsoft-HTTPAPI/2.0 + strict-transport-security: + - max-age=31536000; includeSubDomains + transfer-encoding: + - chunked + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + x-ms-arm-service-request-id: + - 5472e652-7d7d-4c65-9ebd-9d036b6f1a44 + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json, text/json + Accept-Encoding: + - gzip, deflate + CommandName: + - vm create + Connection: + - keep-alive + ParameterSetName: + - -n -g --size --security-type --image --admin-username --admin-password --enable-vtpm + --enable-secure-boot --os-disk-security-encryption-type --os-disk-secure-vm-disk-encryption-set + User-Agent: + - AZURECLI/2.37.0 azsdk-python-azure-mgmt-network/20.0.0 Python/3.8.10 (Windows-10-10.0.22000-SP0) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.Network/publicIPAddresses/vm1000005PublicIP?api-version=2018-01-01 + response: + body: + string: "{\r\n \"name\": \"vm1000005PublicIP\",\r\n \"id\": \"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.Network/publicIPAddresses/vm1000005PublicIP\",\r\n + \ \"etag\": \"W/\\\"d83def5d-a736-465b-826a-719e376f7fe7\\\"\",\r\n \"location\": + \"centraluseuap\",\r\n \"tags\": {},\r\n \"properties\": {\r\n \"provisioningState\": + \"Succeeded\",\r\n \"resourceGuid\": \"80ea5f41-0aea-4444-8552-6d6784c13e0f\",\r\n + \ \"ipAddress\": \"20.45.228.191\",\r\n \"publicIPAddressVersion\": \"IPv4\",\r\n + \ \"publicIPAllocationMethod\": \"Dynamic\",\r\n \"idleTimeoutInMinutes\": + 4,\r\n \"ipTags\": [],\r\n \"ipConfiguration\": {\r\n \"id\": \"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.Network/networkInterfaces/vm1000005VMNic/ipConfigurations/ipconfigvm1000005\"\r\n + \ }\r\n },\r\n \"type\": \"Microsoft.Network/publicIPAddresses\",\r\n + \ \"sku\": {\r\n \"name\": \"Basic\"\r\n }\r\n}" + headers: + cache-control: + - no-cache + content-length: + - '962' + content-type: + - application/json; charset=utf-8 + date: + - Tue, 31 May 2022 03:01:59 GMT + etag: + - W/"d83def5d-a736-465b-826a-719e376f7fe7" + expires: + - '-1' + pragma: + - no-cache + server: + - Microsoft-HTTPAPI/2.0 + - Microsoft-HTTPAPI/2.0 + strict-transport-security: + - max-age=31536000; includeSubDomains + transfer-encoding: + - chunked + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + x-ms-arm-service-request-id: + - cc566b3b-7f7c-4d42-ab96-a7fcfe5e2789 + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - vm show + Connection: + - keep-alive + ParameterSetName: + - -n -g + User-Agent: + - AZURECLI/2.37.0 azsdk-python-azure-mgmt-compute/27.0.0 Python/3.8.10 (Windows-10-10.0.22000-SP0) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.Compute/virtualMachines/vm1000005?api-version=2022-03-01 + response: + body: + string: "{\r\n \"name\": \"vm1000005\",\r\n \"id\": \"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.Compute/virtualMachines/vm1000005\",\r\n + \ \"type\": \"Microsoft.Compute/virtualMachines\",\r\n \"location\": \"centraluseuap\",\r\n + \ \"tags\": {},\r\n \"properties\": {\r\n \"vmId\": \"59c2baec-1215-4270-883d-3fc0854105f7\",\r\n + \ \"hardwareProfile\": {\r\n \"vmSize\": \"Standard_DC2as_v5\"\r\n + \ },\r\n \"storageProfile\": {\r\n \"imageReference\": {\r\n \"publisher\": + \"MicrosoftWindowsServer\",\r\n \"offer\": \"WindowsServer\",\r\n \"sku\": + \"2022-datacenter-smalldisk-g2\",\r\n \"version\": \"latest\",\r\n + \ \"exactVersion\": \"20348.707.220505\"\r\n },\r\n \"osDisk\": + {\r\n \"osType\": \"Windows\",\r\n \"name\": \"vm1000005_OsDisk_1_c7d797bc7bfa41979bcbfe11e5506afe\",\r\n + \ \"createOption\": \"FromImage\",\r\n \"caching\": \"ReadWrite\",\r\n + \ \"managedDisk\": {\r\n \"securityProfile\": {\r\n \"securityEncryptionType\": + \"DiskWithVMGuestState\",\r\n \"diskEncryptionSet\": {\r\n \"id\": + \"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.Compute/diskEncryptionSets/des1000004\"\r\n + \ }\r\n },\r\n \"storageAccountType\": \"Premium_LRS\",\r\n + \ \"id\": \"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.Compute/disks/vm1000005_OsDisk_1_c7d797bc7bfa41979bcbfe11e5506afe\"\r\n + \ },\r\n \"deleteOption\": \"Detach\",\r\n \"diskSizeGB\": + 30\r\n },\r\n \"dataDisks\": []\r\n },\r\n \"osProfile\": + {\r\n \"computerName\": \"vm1000005\",\r\n \"adminUsername\": \"testuser\",\r\n + \ \"windowsConfiguration\": {\r\n \"provisionVMAgent\": true,\r\n + \ \"enableAutomaticUpdates\": true,\r\n \"patchSettings\": {\r\n + \ \"patchMode\": \"AutomaticByOS\",\r\n \"assessmentMode\": + \"ImageDefault\"\r\n },\r\n \"enableVMAgentPlatformUpdates\": + false\r\n },\r\n \"secrets\": [],\r\n \"allowExtensionOperations\": + true,\r\n \"requireGuestProvisionSignal\": true\r\n },\r\n \"securityProfile\": + {\r\n \"uefiSettings\": {\r\n \"secureBootEnabled\": true,\r\n + \ \"vTpmEnabled\": true\r\n },\r\n \"securityType\": \"ConfidentialVM\"\r\n + \ },\r\n \"networkProfile\": {\"networkInterfaces\":[{\"id\":\"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption000001/providers/Microsoft.Network/networkInterfaces/vm1000005VMNic\"}]},\r\n + \ \"provisioningState\": \"Succeeded\",\r\n \"timeCreated\": \"2022-05-31T02:52:13.7824634+00:00\"\r\n + \ }\r\n}" + headers: + cache-control: + - no-cache + content-length: + - '2654' + content-type: + - application/json; charset=utf-8 + date: + - Tue, 31 May 2022 03:01:59 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - Microsoft-HTTPAPI/2.0 + - Microsoft-HTTPAPI/2.0 + strict-transport-security: + - max-age=31536000; includeSubDomains + transfer-encoding: + - chunked + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + x-ms-ratelimit-remaining-resource: + - Microsoft.Compute/LowCostGet3Min;3995,Microsoft.Compute/LowCostGet30Min;31968 + status: + code: 200 + message: OK +version: 1 diff --git a/src/azure-cli/azure/cli/command_modules/vm/tests/latest/recordings/test_os_disk_security_encryption_vmss.yaml b/src/azure-cli/azure/cli/command_modules/vm/tests/latest/recordings/test_os_disk_security_encryption_vmss.yaml new file mode 100644 index 00000000000..e81fbbc2300 --- /dev/null +++ b/src/azure-cli/azure/cli/command_modules/vm/tests/latest/recordings/test_os_disk_security_encryption_vmss.yaml @@ -0,0 +1,1309 @@ +interactions: +- request: + body: null + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - keyvault create + Connection: + - keep-alive + ParameterSetName: + - -g -n --enable-purge-protection --enable-soft-delete + User-Agent: + - AZURECLI/2.37.0 azsdk-python-azure-mgmt-resource/21.1.0b1 Python/3.8.10 (Windows-10-10.0.22000-SP0) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/cli_test_os_disk_security_encryption_vmss000001?api-version=2021-04-01 + response: + body: + string: '{"id":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption_vmss000001","name":"cli_test_os_disk_security_encryption_vmss000001","type":"Microsoft.Resources/resourceGroups","location":"centraluseuap","tags":{"product":"azurecli","cause":"automation","date":"2022-05-31T03:37:09Z"},"properties":{"provisioningState":"Succeeded"}}' + headers: + cache-control: + - no-cache + content-length: + - '379' + content-type: + - application/json; charset=utf-8 + date: + - Tue, 31 May 2022 03:37:12 GMT + expires: + - '-1' + pragma: + - no-cache + strict-transport-security: + - max-age=31536000; includeSubDomains + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - keyvault create + Connection: + - keep-alive + ParameterSetName: + - -g -n --enable-purge-protection --enable-soft-delete + User-Agent: + - AZURECLI/2.37.0 azsdk-python-azure-mgmt-keyvault/9.3.0 Python/3.8.10 (Windows-10-10.0.22000-SP0) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption_vmss000001/providers/Microsoft.KeyVault/vaults/vault000002?api-version=2021-06-01-preview + response: + body: + string: '{"error":{"code":"ResourceNotFound","message":"The Resource ''Microsoft.KeyVault/vaults/vault000002'' + under resource group ''cli_test_os_disk_security_encryption_vmss000001'' was + not found. For more details please go to https://aka.ms/ARMResourceNotFoundFix"}}' + headers: + cache-control: + - no-cache + content-length: + - '256' + content-type: + - application/json; charset=utf-8 + date: + - Tue, 31 May 2022 03:37:14 GMT + expires: + - '-1' + pragma: + - no-cache + strict-transport-security: + - max-age=31536000; includeSubDomains + x-content-type-options: + - nosniff + x-ms-failure-cause: + - gateway + status: + code: 404 + message: Not Found +- request: + body: null + headers: + Accept: + - '*/*' + Accept-Encoding: + - gzip, deflate + CommandName: + - keyvault create + Connection: + - keep-alive + ParameterSetName: + - -g -n --enable-purge-protection --enable-soft-delete + User-Agent: + - python/3.8.10 (Windows-10-10.0.22000-SP0) AZURECLI/2.37.0 + method: GET + uri: https://graph.microsoft.com/v1.0/me + response: + body: + string: '{"@odata.context":"https://graph.microsoft.com/v1.0/$metadata#users/$entity","businessPhones":[],"displayName":"Jingsong + Zhang (WICRESOFT NORTH AMERICA LTD)","givenName":null,"jobTitle":null,"mail":"v-jingszhang@microsoft.com","mobilePhone":null,"officeLocation":null,"preferredLanguage":null,"surname":null,"userPrincipalName":"v-jingszhang_microsoft.com#EXT#@AzureSDKTeam.onmicrosoft.com","id":"d44a2991-98c6-47c3-b59b-2b30d72cfcc2"}' + headers: + cache-control: + - no-cache + content-length: + - '435' + content-type: + - application/json;odata.metadata=minimal;odata.streaming=true;IEEE754Compatible=false;charset=utf-8 + date: + - Tue, 31 May 2022 03:37:17 GMT + odata-version: + - '4.0' + request-id: + - 7aac055f-3b6a-40ab-908f-699fe50a883d + strict-transport-security: + - max-age=31536000 + transfer-encoding: + - chunked + vary: + - Accept-Encoding + x-ms-ags-diagnostic: + - '{"ServerInfo":{"DataCenter":"Southeast Asia","Slice":"E","Ring":"5","ScaleUnit":"001","RoleInstance":"SI2PEPF000023FC"}}' + x-ms-resource-unit: + - '1' + status: + code: 200 + message: OK +- request: + body: '{"location": "centraluseuap", "properties": {"tenantId": "54826b22-38d6-4fb2-bad9-b7b93a3e9c5a", + "sku": {"family": "A", "name": "standard"}, "accessPolicies": [{"tenantId": + "54826b22-38d6-4fb2-bad9-b7b93a3e9c5a", "objectId": "d44a2991-98c6-47c3-b59b-2b30d72cfcc2", + "permissions": {"keys": ["all"], "secrets": ["all"], "certificates": ["all"], + "storage": ["all"]}}], "enableSoftDelete": true, "softDeleteRetentionInDays": + 90, "enablePurgeProtection": true, "networkAcls": {"bypass": "AzureServices", + "defaultAction": "Allow"}}}' + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - keyvault create + Connection: + - keep-alive + Content-Length: + - '526' + Content-Type: + - application/json + ParameterSetName: + - -g -n --enable-purge-protection --enable-soft-delete + User-Agent: + - AZURECLI/2.37.0 azsdk-python-azure-mgmt-keyvault/9.3.0 Python/3.8.10 (Windows-10-10.0.22000-SP0) + method: PUT + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption_vmss000001/providers/Microsoft.KeyVault/vaults/vault000002?api-version=2021-06-01-preview + response: + body: + string: '{"id":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption_vmss000001/providers/Microsoft.KeyVault/vaults/vault000002","name":"vault000002","type":"Microsoft.KeyVault/vaults","location":"centraluseuap","tags":{},"systemData":{"createdBy":"v-jingszhang@microsoft.com","createdByType":"User","createdAt":"2022-05-31T03:37:25.064Z","lastModifiedBy":"v-jingszhang@microsoft.com","lastModifiedByType":"User","lastModifiedAt":"2022-05-31T03:37:25.064Z"},"properties":{"sku":{"family":"A","name":"standard"},"tenantId":"54826b22-38d6-4fb2-bad9-b7b93a3e9c5a","accessPolicies":[{"tenantId":"54826b22-38d6-4fb2-bad9-b7b93a3e9c5a","objectId":"d44a2991-98c6-47c3-b59b-2b30d72cfcc2","permissions":{"keys":["all"],"secrets":["all"],"certificates":["all"],"storage":["all"]}}],"enabledForDeployment":false,"enableSoftDelete":true,"softDeleteRetentionInDays":90,"enablePurgeProtection":true,"vaultUri":"https://vault000002.vault.azure.net","provisioningState":"RegisteringDns","publicNetworkAccess":"Enabled"}}' + headers: + cache-control: + - no-cache + content-length: + - '1046' + content-type: + - application/json; charset=utf-8 + date: + - Tue, 31 May 2022 03:37:28 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - Microsoft-IIS/10.0 + strict-transport-security: + - max-age=31536000; includeSubDomains + transfer-encoding: + - chunked + vary: + - Accept-Encoding + x-aspnet-version: + - 4.0.30319 + x-content-type-options: + - nosniff + x-ms-keyvault-service-version: + - 1.5.396.0 + x-ms-ratelimit-remaining-subscription-writes: + - '1199' + x-powered-by: + - ASP.NET + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - '*/*' + Accept-Encoding: + - gzip, deflate + CommandName: + - keyvault create + Connection: + - keep-alive + ParameterSetName: + - -g -n --enable-purge-protection --enable-soft-delete + User-Agent: + - AZURECLI/2.37.0 azsdk-python-azure-mgmt-keyvault/9.3.0 Python/3.8.10 (Windows-10-10.0.22000-SP0) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption_vmss000001/providers/Microsoft.KeyVault/vaults/vault000002?api-version=2021-06-01-preview + response: + body: + string: '{"id":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption_vmss000001/providers/Microsoft.KeyVault/vaults/vault000002","name":"vault000002","type":"Microsoft.KeyVault/vaults","location":"centraluseuap","tags":{},"systemData":{"createdBy":"v-jingszhang@microsoft.com","createdByType":"User","createdAt":"2022-05-31T03:37:25.064Z","lastModifiedBy":"v-jingszhang@microsoft.com","lastModifiedByType":"User","lastModifiedAt":"2022-05-31T03:37:25.064Z"},"properties":{"sku":{"family":"A","name":"standard"},"tenantId":"54826b22-38d6-4fb2-bad9-b7b93a3e9c5a","accessPolicies":[{"tenantId":"54826b22-38d6-4fb2-bad9-b7b93a3e9c5a","objectId":"d44a2991-98c6-47c3-b59b-2b30d72cfcc2","permissions":{"keys":["all"],"secrets":["all"],"certificates":["all"],"storage":["all"]}}],"enabledForDeployment":false,"enableSoftDelete":true,"softDeleteRetentionInDays":90,"enablePurgeProtection":true,"vaultUri":"https://vault000002.vault.azure.net/","provisioningState":"Succeeded","publicNetworkAccess":"Enabled"}}' + headers: + cache-control: + - no-cache + content-length: + - '1042' + content-type: + - application/json; charset=utf-8 + date: + - Tue, 31 May 2022 03:37:58 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - Microsoft-IIS/10.0 + strict-transport-security: + - max-age=31536000; includeSubDomains + transfer-encoding: + - chunked + vary: + - Accept-Encoding + x-aspnet-version: + - 4.0.30319 + x-content-type-options: + - nosniff + x-ms-keyvault-service-version: + - 1.5.396.0 + x-powered-by: + - ASP.NET + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + Connection: + - keep-alive + Content-Length: + - '0' + Content-Type: + - application/json + User-Agent: + - azsdk-python-keyvault-keys/4.5.1 Python/3.8.10 (Windows-10-10.0.22000-SP0) + method: POST + uri: https://vault000002.vault.azure.net/keys/key000003/create?api-version=7.3 + response: + body: + string: '{"error":{"code":"Unauthorized","message":"AKV10000: Request is missing + a Bearer or PoP token."}}' + headers: + cache-control: + - no-cache + content-length: + - '97' + content-type: + - application/json; charset=utf-8 + date: + - Tue, 31 May 2022 03:38:00 GMT + expires: + - '-1' + pragma: + - no-cache + strict-transport-security: + - max-age=31536000;includeSubDomains + www-authenticate: + - Bearer authorization="https://login.microsoftonline.com/54826b22-38d6-4fb2-bad9-b7b93a3e9c5a", + resource="https://vault.azure.net" + x-content-type-options: + - nosniff + x-ms-keyvault-network-info: + - conn_type=Ipv4;addr=167.220.255.20;act_addr_fam=InterNetwork; + x-ms-keyvault-region: + - centraluseuap + x-ms-keyvault-service-version: + - 1.9.422.1 + x-powered-by: + - ASP.NET + status: + code: 401 + message: Unauthorized +- request: + body: '{"kty": "RSA", "attributes": {"enabled": true}}' + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + Connection: + - keep-alive + Content-Length: + - '47' + Content-Type: + - application/json + User-Agent: + - azsdk-python-keyvault-keys/4.5.1 Python/3.8.10 (Windows-10-10.0.22000-SP0) + method: POST + uri: https://vault000002.vault.azure.net/keys/key000003/create?api-version=7.3 + response: + body: + string: '{"key":{"kid":"https://vault000002.vault.azure.net/keys/key000003/b2e54a8863cc41d7b00c9a23bcc3b71a","kty":"RSA","key_ops":["encrypt","decrypt","sign","verify","wrapKey","unwrapKey"],"n":"4qmWsb1Lf26VHJBGfOawiuTRFafdTei-ESkbX4XijwTjKnF8iBEc_QXpJkuFXs6-lLQL4tAo8f177Sya8y6JZPpmnO6ubf3LiWqkQLTcPAdMPYJ_87tY7GxFU88IX7H5dyuZgHLZXNbK82BgmQWhBD1Ku2mpQ2ijncil_HbbF95WatZ0xjyZjfSrhrenlxe21kV6hJ7thaNM1YmWCnk0i5kiSo85teD9W6EBGjB4sOXcYuZvEhAJtqx7UFsmpnvuNtjLdgSMv0j94J47h6tKtfAZ755HTuLt81Eqg1HxWBLmQrOqGHW0mYozwBuWasfUl9WUquMAmu_qcjlZlZwhEQ","e":"AQAB"},"attributes":{"enabled":true,"created":1653968282,"updated":1653968282,"recoveryLevel":"Recoverable","recoverableDays":90}}' + headers: + cache-control: + - no-cache + content-length: + - '666' + content-type: + - application/json; charset=utf-8 + date: + - Tue, 31 May 2022 03:38:02 GMT + expires: + - '-1' + pragma: + - no-cache + strict-transport-security: + - max-age=31536000;includeSubDomains + x-content-type-options: + - nosniff + x-ms-keyvault-network-info: + - conn_type=Ipv4;addr=167.220.255.20;act_addr_fam=InterNetwork; + x-ms-keyvault-region: + - centraluseuap + x-ms-keyvault-service-version: + - 1.9.422.1 + x-powered-by: + - ASP.NET + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - disk-encryption-set create + Connection: + - keep-alive + ParameterSetName: + - -g -n --key-url --source-vault --encryption-type + User-Agent: + - AZURECLI/2.37.0 azsdk-python-azure-mgmt-resource/21.1.0b1 Python/3.8.10 (Windows-10-10.0.22000-SP0) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/cli_test_os_disk_security_encryption_vmss000001?api-version=2021-04-01 + response: + body: + string: '{"id":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption_vmss000001","name":"cli_test_os_disk_security_encryption_vmss000001","type":"Microsoft.Resources/resourceGroups","location":"centraluseuap","tags":{"product":"azurecli","cause":"automation","date":"2022-05-31T03:37:09Z"},"properties":{"provisioningState":"Succeeded"}}' + headers: + cache-control: + - no-cache + content-length: + - '379' + content-type: + - application/json; charset=utf-8 + date: + - Tue, 31 May 2022 03:38:03 GMT + expires: + - '-1' + pragma: + - no-cache + strict-transport-security: + - max-age=31536000; includeSubDomains + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: '{"location": "centraluseuap", "identity": {"type": "SystemAssigned"}, "properties": + {"encryptionType": "ConfidentialVmEncryptedWithCustomerKey", "activeKey": {"sourceVault": + {"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption_vmss000001/providers/Microsoft.KeyVault/vaults/vault000002"}, + "keyUrl": "https://vault000002.vault.azure.net/keys/key000003/b2e54a8863cc41d7b00c9a23bcc3b71a"}}}' + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - disk-encryption-set create + Connection: + - keep-alive + Content-Length: + - '446' + Content-Type: + - application/json + ParameterSetName: + - -g -n --key-url --source-vault --encryption-type + User-Agent: + - AZURECLI/2.37.0 azsdk-python-azure-mgmt-compute/27.0.0 Python/3.8.10 (Windows-10-10.0.22000-SP0) + method: PUT + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption_vmss000001/providers/Microsoft.Compute/diskEncryptionSets/des1000004?api-version=2022-03-02 + response: + body: + string: "{\r\n \"location\": \"centraluseuap\",\r\n \"identity\": {\r\n \"type\": + \"SystemAssigned\"\r\n },\r\n \"properties\": {\r\n \"activeKey\": {\r\n + \ \"sourceVault\": {\r\n \"id\": \"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption_vmss000001/providers/Microsoft.KeyVault/vaults/vault000002\"\r\n + \ },\r\n \"keyUrl\": \"https://vault000002.vault.azure.net/keys/key000003/b2e54a8863cc41d7b00c9a23bcc3b71a\"\r\n + \ },\r\n \"encryptionType\": \"ConfidentialVmEncryptedWithCustomerKey\",\r\n + \ \"provisioningState\": \"Updating\"\r\n }\r\n}" + headers: + azure-asyncoperation: + - https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Compute/locations/centraluseuap/DiskOperations/c3ba53b7-5f92-47b0-9303-2444f2e7b64d?p=157f1a74-df5f-47b0-a815-476d8af3dce4&api-version=2021-04-01 + cache-control: + - no-cache + content-length: + - '560' + content-type: + - application/json; charset=utf-8 + date: + - Tue, 31 May 2022 03:38:09 GMT + expires: + - '-1' + location: + - https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Compute/locations/centraluseuap/DiskOperations/c3ba53b7-5f92-47b0-9303-2444f2e7b64d?p=157f1a74-df5f-47b0-a815-476d8af3dce4&monitor=true&api-version=2021-04-01 + pragma: + - no-cache + server: + - Microsoft-HTTPAPI/2.0 + - Microsoft-HTTPAPI/2.0 + strict-transport-security: + - max-age=31536000; includeSubDomains + x-content-type-options: + - nosniff + x-ms-ratelimit-remaining-resource: + - Microsoft.Compute/HighCostDiskEncryptionSet3Min;99,Microsoft.Compute/HighCostDiskEncryptionSet30Min;297 + x-ms-ratelimit-remaining-subscription-writes: + - '1198' + status: + code: 202 + message: Accepted +- request: + body: null + headers: + Accept: + - '*/*' + Accept-Encoding: + - gzip, deflate + CommandName: + - disk-encryption-set create + Connection: + - keep-alive + ParameterSetName: + - -g -n --key-url --source-vault --encryption-type + User-Agent: + - AZURECLI/2.37.0 azsdk-python-azure-mgmt-compute/27.0.0 Python/3.8.10 (Windows-10-10.0.22000-SP0) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Compute/locations/centraluseuap/DiskOperations/c3ba53b7-5f92-47b0-9303-2444f2e7b64d?p=157f1a74-df5f-47b0-a815-476d8af3dce4&api-version=2021-04-01 + response: + body: + string: "{\r\n \"startTime\": \"2022-05-31T03:38:09.7295866+00:00\",\r\n \"endTime\": + \"2022-05-31T03:38:09.7920801+00:00\",\r\n \"status\": \"Succeeded\",\r\n + \ \"properties\": {\r\n \"output\": {\"name\":\"des1000004\",\"id\":\"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption_vmss000001/providers/Microsoft.Compute/diskEncryptionSets/des1000004\",\"type\":\"Microsoft.Compute/diskEncryptionSets\",\"location\":\"centraluseuap\",\"identity\":{\"type\":\"SystemAssigned\",\"principalId\":\"aad0a3b2-6971-4426-a8fb-6752582785da\",\"tenantId\":\"54826b22-38d6-4fb2-bad9-b7b93a3e9c5a\"},\"properties\":{\"activeKey\":{\"sourceVault\":{\"id\":\"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption_vmss000001/providers/Microsoft.KeyVault/vaults/vault000002\"},\"keyUrl\":\"https://vault000002.vault.azure.net/keys/key000003/b2e54a8863cc41d7b00c9a23bcc3b71a\"},\"encryptionType\":\"ConfidentialVmEncryptedWithCustomerKey\",\"provisioningState\":\"Succeeded\"}}\r\n + \ },\r\n \"name\": \"c3ba53b7-5f92-47b0-9303-2444f2e7b64d\"\r\n}" + headers: + cache-control: + - no-cache + content-length: + - '1039' + content-type: + - application/json; charset=utf-8 + date: + - Tue, 31 May 2022 03:38:41 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - Microsoft-HTTPAPI/2.0 + - Microsoft-HTTPAPI/2.0 + strict-transport-security: + - max-age=31536000; includeSubDomains + transfer-encoding: + - chunked + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + x-ms-ratelimit-remaining-resource: + - Microsoft.Compute/GetOperation3Min;49998,Microsoft.Compute/GetOperation30Min;399995 + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - '*/*' + Accept-Encoding: + - gzip, deflate + CommandName: + - disk-encryption-set create + Connection: + - keep-alive + ParameterSetName: + - -g -n --key-url --source-vault --encryption-type + User-Agent: + - AZURECLI/2.37.0 azsdk-python-azure-mgmt-compute/27.0.0 Python/3.8.10 (Windows-10-10.0.22000-SP0) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption_vmss000001/providers/Microsoft.Compute/diskEncryptionSets/des1000004?api-version=2022-03-02 + response: + body: + string: "{\r\n \"name\": \"des1000004\",\r\n \"id\": \"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption_vmss000001/providers/Microsoft.Compute/diskEncryptionSets/des1000004\",\r\n + \ \"type\": \"Microsoft.Compute/diskEncryptionSets\",\r\n \"location\": \"centraluseuap\",\r\n + \ \"identity\": {\r\n \"type\": \"SystemAssigned\",\r\n \"principalId\": + \"aad0a3b2-6971-4426-a8fb-6752582785da\",\r\n \"tenantId\": \"54826b22-38d6-4fb2-bad9-b7b93a3e9c5a\"\r\n + \ },\r\n \"properties\": {\r\n \"activeKey\": {\r\n \"sourceVault\": + {\r\n \"id\": \"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption_vmss000001/providers/Microsoft.KeyVault/vaults/vault000002\"\r\n + \ },\r\n \"keyUrl\": \"https://vault000002.vault.azure.net/keys/key000003/b2e54a8863cc41d7b00c9a23bcc3b71a\"\r\n + \ },\r\n \"encryptionType\": \"ConfidentialVmEncryptedWithCustomerKey\",\r\n + \ \"provisioningState\": \"Succeeded\"\r\n }\r\n}" + headers: + cache-control: + - no-cache + content-length: + - '939' + content-type: + - application/json; charset=utf-8 + date: + - Tue, 31 May 2022 03:38:41 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - Microsoft-HTTPAPI/2.0 + - Microsoft-HTTPAPI/2.0 + strict-transport-security: + - max-age=31536000; includeSubDomains + transfer-encoding: + - chunked + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + x-ms-ratelimit-remaining-resource: + - Microsoft.Compute/LowCostGet3Min;14990,Microsoft.Compute/LowCostGet30Min;119928 + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - disk-encryption-set show + Connection: + - keep-alive + ParameterSetName: + - -g -n + User-Agent: + - AZURECLI/2.37.0 azsdk-python-azure-mgmt-compute/27.0.0 Python/3.8.10 (Windows-10-10.0.22000-SP0) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption_vmss000001/providers/Microsoft.Compute/diskEncryptionSets/des1000004?api-version=2022-03-02 + response: + body: + string: "{\r\n \"name\": \"des1000004\",\r\n \"id\": \"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption_vmss000001/providers/Microsoft.Compute/diskEncryptionSets/des1000004\",\r\n + \ \"type\": \"Microsoft.Compute/diskEncryptionSets\",\r\n \"location\": \"centraluseuap\",\r\n + \ \"identity\": {\r\n \"type\": \"SystemAssigned\",\r\n \"principalId\": + \"aad0a3b2-6971-4426-a8fb-6752582785da\",\r\n \"tenantId\": \"54826b22-38d6-4fb2-bad9-b7b93a3e9c5a\"\r\n + \ },\r\n \"properties\": {\r\n \"activeKey\": {\r\n \"sourceVault\": + {\r\n \"id\": \"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption_vmss000001/providers/Microsoft.KeyVault/vaults/vault000002\"\r\n + \ },\r\n \"keyUrl\": \"https://vault000002.vault.azure.net/keys/key000003/b2e54a8863cc41d7b00c9a23bcc3b71a\"\r\n + \ },\r\n \"encryptionType\": \"ConfidentialVmEncryptedWithCustomerKey\",\r\n + \ \"provisioningState\": \"Succeeded\"\r\n }\r\n}" + headers: + cache-control: + - no-cache + content-length: + - '939' + content-type: + - application/json; charset=utf-8 + date: + - Tue, 31 May 2022 03:38:42 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - Microsoft-HTTPAPI/2.0 + - Microsoft-HTTPAPI/2.0 + strict-transport-security: + - max-age=31536000; includeSubDomains + transfer-encoding: + - chunked + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + x-ms-ratelimit-remaining-resource: + - Microsoft.Compute/LowCostGet3Min;14989,Microsoft.Compute/LowCostGet30Min;119927 + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - keyvault set-policy + Connection: + - keep-alive + ParameterSetName: + - -n --object-id --key-permissions + User-Agent: + - AZURECLI/2.37.0 azsdk-python-azure-mgmt-keyvault/9.3.0 Python/3.8.10 (Windows-10-10.0.22000-SP0) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resources?$filter=resourceType%20eq%20%27Microsoft.KeyVault%2Fvaults%27&api-version=2015-11-01 + response: + body: + string: '{"value":[{"id":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/bez-rg/providers/Microsoft.KeyVault/vaults/bez-kv","name":"bez-kv","type":"Microsoft.KeyVault/vaults","location":"eastus","tags":{"key":"value"}},{"id":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption_vmss000001/providers/Microsoft.KeyVault/vaults/vault000002","name":"vault000002","type":"Microsoft.KeyVault/vaults","location":"centraluseuap","tags":{}},{"id":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/clitest.rgekqy3wfedqj4dnzziqlanw3ibaisofsz6xlh5bsdcnxyjexa3urmhyincvvzcb7bu/providers/Microsoft.KeyVault/vaults/sfrp-cli-kv-yfivvc4dy56i","name":"sfrp-cli-kv-yfivvc4dy56i","type":"Microsoft.KeyVault/vaults","location":"eastasia","tags":{}},{"id":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/clitest.rghbul6h5kf5snf4tyu4ij2d6xiyi6o43qjpe73fna5wzn234gq3l3q5zs52r2borgk/providers/Microsoft.KeyVault/vaults/sfrp-cli-kv-e4zb3mviyonr","name":"sfrp-cli-kv-e4zb3mviyonr","type":"Microsoft.KeyVault/vaults","location":"eastasia","tags":{}},{"id":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/python-sdk-test/providers/Microsoft.KeyVault/vaults/python-devops-key","name":"python-devops-key","type":"Microsoft.KeyVault/vaults","location":"eastus","tags":{}},{"id":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/python-sdk-test/providers/Microsoft.KeyVault/vaults/SDKAutoPipelineSecrets","name":"SDKAutoPipelineSecrets","type":"Microsoft.KeyVault/vaults","location":"eastus","tags":{}},{"id":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/yishitest/providers/Microsoft.KeyVault/vaults/ystestkv","name":"ystestkv","type":"Microsoft.KeyVault/vaults","location":"eastus","tags":{}},{"id":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/zb_test/providers/Microsoft.KeyVault/vaults/zblab7701","name":"zblab7701","type":"Microsoft.KeyVault/vaults","location":"eastus","tags":{"hidden-DevTestLabs-LabUId":"301109ba-f89e-4ba1-8c0c-be6e91e47840","CreatedBy":"DevTestLabs"}}]}' + headers: + cache-control: + - no-cache + content-length: + - '2130' + content-type: + - application/json; charset=utf-8 + date: + - Tue, 31 May 2022 03:38:43 GMT + expires: + - '-1' + pragma: + - no-cache + strict-transport-security: + - max-age=31536000; includeSubDomains + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - keyvault set-policy + Connection: + - keep-alive + ParameterSetName: + - -n --object-id --key-permissions + User-Agent: + - AZURECLI/2.37.0 azsdk-python-azure-mgmt-keyvault/9.3.0 Python/3.8.10 (Windows-10-10.0.22000-SP0) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption_vmss000001/providers/Microsoft.KeyVault/vaults/vault000002?api-version=2021-06-01-preview + response: + body: + string: '{"id":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption_vmss000001/providers/Microsoft.KeyVault/vaults/vault000002","name":"vault000002","type":"Microsoft.KeyVault/vaults","location":"centraluseuap","tags":{},"systemData":{"createdBy":"v-jingszhang@microsoft.com","createdByType":"User","createdAt":"2022-05-31T03:37:25.064Z","lastModifiedBy":"v-jingszhang@microsoft.com","lastModifiedByType":"User","lastModifiedAt":"2022-05-31T03:37:25.064Z"},"properties":{"sku":{"family":"A","name":"standard"},"tenantId":"54826b22-38d6-4fb2-bad9-b7b93a3e9c5a","accessPolicies":[{"tenantId":"54826b22-38d6-4fb2-bad9-b7b93a3e9c5a","objectId":"d44a2991-98c6-47c3-b59b-2b30d72cfcc2","permissions":{"keys":["all"],"secrets":["all"],"certificates":["all"],"storage":["all"]}}],"enabledForDeployment":false,"enableSoftDelete":true,"softDeleteRetentionInDays":90,"enablePurgeProtection":true,"vaultUri":"https://vault000002.vault.azure.net/","provisioningState":"Succeeded","publicNetworkAccess":"Enabled"}}' + headers: + cache-control: + - no-cache + content-length: + - '1042' + content-type: + - application/json; charset=utf-8 + date: + - Tue, 31 May 2022 03:38:44 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - Microsoft-IIS/10.0 + strict-transport-security: + - max-age=31536000; includeSubDomains + transfer-encoding: + - chunked + vary: + - Accept-Encoding + x-aspnet-version: + - 4.0.30319 + x-content-type-options: + - nosniff + x-ms-keyvault-service-version: + - 1.5.396.0 + x-powered-by: + - ASP.NET + status: + code: 200 + message: OK +- request: + body: '{"location": "centraluseuap", "tags": {}, "properties": {"tenantId": "54826b22-38d6-4fb2-bad9-b7b93a3e9c5a", + "sku": {"family": "A", "name": "standard"}, "accessPolicies": [{"tenantId": + "54826b22-38d6-4fb2-bad9-b7b93a3e9c5a", "objectId": "d44a2991-98c6-47c3-b59b-2b30d72cfcc2", + "permissions": {"keys": ["all"], "secrets": ["all"], "certificates": ["all"], + "storage": ["all"]}}, {"tenantId": "54826b22-38d6-4fb2-bad9-b7b93a3e9c5a", "objectId": + "aad0a3b2-6971-4426-a8fb-6752582785da", "permissions": {"keys": ["unwrapKey", + "get", "wrapKey"]}}], "vaultUri": "https://vault000002.vault.azure.net/", "enabledForDeployment": + false, "enableSoftDelete": true, "softDeleteRetentionInDays": 90, "enablePurgeProtection": + true, "provisioningState": "Succeeded", "publicNetworkAccess": "Enabled"}}' + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - keyvault set-policy + Connection: + - keep-alive + Content-Length: + - '783' + Content-Type: + - application/json + ParameterSetName: + - -n --object-id --key-permissions + User-Agent: + - AZURECLI/2.37.0 azsdk-python-azure-mgmt-keyvault/9.3.0 Python/3.8.10 (Windows-10-10.0.22000-SP0) + method: PUT + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption_vmss000001/providers/Microsoft.KeyVault/vaults/vault000002?api-version=2021-06-01-preview + response: + body: + string: '{"id":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption_vmss000001/providers/Microsoft.KeyVault/vaults/vault000002","name":"vault000002","type":"Microsoft.KeyVault/vaults","location":"centraluseuap","tags":{},"systemData":{"createdBy":"v-jingszhang@microsoft.com","createdByType":"User","createdAt":"2022-05-31T03:37:25.064Z","lastModifiedBy":"v-jingszhang@microsoft.com","lastModifiedByType":"User","lastModifiedAt":"2022-05-31T03:38:45.835Z"},"properties":{"sku":{"family":"A","name":"standard"},"tenantId":"54826b22-38d6-4fb2-bad9-b7b93a3e9c5a","accessPolicies":[{"tenantId":"54826b22-38d6-4fb2-bad9-b7b93a3e9c5a","objectId":"d44a2991-98c6-47c3-b59b-2b30d72cfcc2","permissions":{"keys":["all"],"secrets":["all"],"certificates":["all"],"storage":["all"]}},{"tenantId":"54826b22-38d6-4fb2-bad9-b7b93a3e9c5a","objectId":"aad0a3b2-6971-4426-a8fb-6752582785da","permissions":{"keys":["unwrapKey","get","wrapKey"]}}],"enabledForDeployment":false,"enableSoftDelete":true,"softDeleteRetentionInDays":90,"enablePurgeProtection":true,"vaultUri":"https://vault000002.vault.azure.net/","provisioningState":"Succeeded","publicNetworkAccess":"Enabled"}}' + headers: + cache-control: + - no-cache + content-length: + - '1197' + content-type: + - application/json; charset=utf-8 + date: + - Tue, 31 May 2022 03:38:45 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - Microsoft-IIS/10.0 + strict-transport-security: + - max-age=31536000; includeSubDomains + transfer-encoding: + - chunked + vary: + - Accept-Encoding + x-aspnet-version: + - 4.0.30319 + x-content-type-options: + - nosniff + x-ms-keyvault-service-version: + - 1.5.396.0 + x-ms-ratelimit-remaining-subscription-writes: + - '1199' + x-powered-by: + - ASP.NET + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - '*/*' + Accept-Encoding: + - gzip, deflate + CommandName: + - role assignment create + Connection: + - keep-alive + ParameterSetName: + - --assignee --role --scope + User-Agent: + - python/3.8.10 (Windows-10-10.0.22000-SP0) AZURECLI/2.37.0 + method: GET + uri: https://graph.microsoft.com/v1.0/servicePrincipals?$filter=servicePrincipalNames/any(c:c%20eq%20'aad0a3b2-6971-4426-a8fb-6752582785da') + response: + body: + string: '{"error":{"code":"Authorization_RequestDenied","message":"Insufficient + privileges to complete the operation.","innerError":{"date":"2022-05-31T03:39:02","request-id":"aa051a92-1768-4cbd-b0a6-5481cfb540b3","client-request-id":"aa051a92-1768-4cbd-b0a6-5481cfb540b3"}}}' + headers: + cache-control: + - no-cache + content-length: + - '266' + content-type: + - application/json + date: + - Tue, 31 May 2022 03:39:02 GMT + request-id: + - aa051a92-1768-4cbd-b0a6-5481cfb540b3 + strict-transport-security: + - max-age=31536000 + transfer-encoding: + - chunked + vary: + - Accept-Encoding + x-ms-ags-diagnostic: + - '{"ServerInfo":{"DataCenter":"Southeast Asia","Slice":"E","Ring":"5","ScaleUnit":"001","RoleInstance":"SI2PEPF000023FC"}}' + x-ms-resource-unit: + - '1' + status: + code: 403 + message: Forbidden +- request: + body: null + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - role assignment create + Connection: + - keep-alive + ParameterSetName: + - --assignee --role --scope + User-Agent: + - python/3.8.10 (Windows-10-10.0.22000-SP0) msrest/0.6.21 msrest_azure/0.6.4 + azure-mgmt-authorization/0.61.0 Azure-SDK-For-Python AZURECLI/2.37.0 + accept-language: + - en-US + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption_vmss000001/providers/Microsoft.KeyVault/vaults/vault000002/providers/Microsoft.Authorization/roleDefinitions?$filter=roleName%20eq%20%27Reader%27&api-version=2018-01-01-preview + response: + body: + string: '{"value":[{"properties":{"roleName":"Reader","type":"BuiltInRole","description":"View + all resources, but does not allow you to make any changes.","assignableScopes":["/"],"permissions":[{"actions":["*/read"],"notActions":[],"dataActions":[],"notDataActions":[]}],"createdOn":"2015-02-02T21:55:09.8806423Z","updatedOn":"2021-11-11T20:13:47.8628684Z","createdBy":null,"updatedBy":null},"id":"/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Authorization/roleDefinitions/acdd72a7-3385-48ef-bd42-f606fba81ae7","type":"Microsoft.Authorization/roleDefinitions","name":"acdd72a7-3385-48ef-bd42-f606fba81ae7"}]}' + headers: + cache-control: + - no-cache + content-length: + - '627' + content-type: + - application/json; charset=utf-8 + date: + - Tue, 31 May 2022 03:39:03 GMT + expires: + - '-1' + pragma: + - no-cache + set-cookie: + - x-ms-gateway-slice=Production; path=/; secure; samesite=none; httponly + strict-transport-security: + - max-age=31536000; includeSubDomains + transfer-encoding: + - chunked + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: '{"properties": {"roleDefinitionId": "/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Authorization/roleDefinitions/acdd72a7-3385-48ef-bd42-f606fba81ae7", + "principalId": "aad0a3b2-6971-4426-a8fb-6752582785da"}}' + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - role assignment create + Connection: + - keep-alive + Content-Length: + - '233' + Content-Type: + - application/json; charset=utf-8 + Cookie: + - x-ms-gateway-slice=Production + ParameterSetName: + - --assignee --role --scope + User-Agent: + - python/3.8.10 (Windows-10-10.0.22000-SP0) msrest/0.6.21 msrest_azure/0.6.4 + azure-mgmt-authorization/0.61.0 Azure-SDK-For-Python AZURECLI/2.37.0 + accept-language: + - en-US + method: PUT + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption_vmss000001/providers/Microsoft.KeyVault/vaults/vault000002/providers/Microsoft.Authorization/roleAssignments/88888888-0000-0000-0000-000000000001?api-version=2020-04-01-preview + response: + body: + string: '{"properties":{"roleDefinitionId":"/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Authorization/roleDefinitions/acdd72a7-3385-48ef-bd42-f606fba81ae7","principalId":"aad0a3b2-6971-4426-a8fb-6752582785da","principalType":"ServicePrincipal","scope":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption_vmss000001/providers/Microsoft.KeyVault/vaults/vault000002","condition":null,"conditionVersion":null,"createdOn":"2022-05-31T03:39:03.5851900Z","updatedOn":"2022-05-31T03:39:04.0696177Z","createdBy":null,"updatedBy":"d44a2991-98c6-47c3-b59b-2b30d72cfcc2","delegatedManagedIdentityResourceId":null,"description":null},"id":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption_vmss000001/providers/Microsoft.KeyVault/vaults/vault000002/providers/Microsoft.Authorization/roleAssignments/88888888-0000-0000-0000-000000000001","type":"Microsoft.Authorization/roleAssignments","name":"88888888-0000-0000-0000-000000000001"}' + headers: + cache-control: + - no-cache + content-length: + - '1045' + content-type: + - application/json; charset=utf-8 + date: + - Tue, 31 May 2022 03:39:09 GMT + expires: + - '-1' + pragma: + - no-cache + set-cookie: + - x-ms-gateway-slice=Production; path=/; secure; samesite=none; httponly + strict-transport-security: + - max-age=31536000; includeSubDomains + x-content-type-options: + - nosniff + x-ms-ratelimit-remaining-subscription-writes: + - '1199' + status: + code: 201 + message: Created +- request: + body: null + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - vmss create + Connection: + - keep-alive + ParameterSetName: + - -n -g --vm-sku --security-type --image --admin-username --admin-password --enable-vtpm + --enable-secure-boot --os-disk-security-encryption-type + User-Agent: + - AZURECLI/2.37.0 azsdk-python-azure-mgmt-resource/21.1.0b1 Python/3.8.10 (Windows-10-10.0.22000-SP0) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/cli_test_os_disk_security_encryption_vmss000001?api-version=2021-04-01 + response: + body: + string: '{"id":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption_vmss000001","name":"cli_test_os_disk_security_encryption_vmss000001","type":"Microsoft.Resources/resourceGroups","location":"centraluseuap","tags":{"product":"azurecli","cause":"automation","date":"2022-05-31T03:37:09Z"},"properties":{"provisioningState":"Succeeded"}}' + headers: + cache-control: + - no-cache + content-length: + - '379' + content-type: + - application/json; charset=utf-8 + date: + - Tue, 31 May 2022 03:39:09 GMT + expires: + - '-1' + pragma: + - no-cache + strict-transport-security: + - max-age=31536000; includeSubDomains + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - vmss create + Connection: + - keep-alive + ParameterSetName: + - -n -g --vm-sku --security-type --image --admin-username --admin-password --enable-vtpm + --enable-secure-boot --os-disk-security-encryption-type + User-Agent: + - AZURECLI/2.37.0 azsdk-python-azure-mgmt-compute/27.0.0 Python/3.8.10 (Windows-10-10.0.22000-SP0) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Compute/locations/centraluseuap/publishers/MicrosoftWindowsServer/artifacttypes/vmimage/offers/WindowsServer/skus/2022-datacenter-smalldisk-g2/versions?$top=1&$orderby=name%20desc&api-version=2022-03-01 + response: + body: + string: "[\r\n {\r\n \"location\": \"CentralUSEUAP\",\r\n \"name\": \"20348.707.220505\",\r\n + \ \"id\": \"/Subscriptions/00000000-0000-0000-0000-000000000000/Providers/Microsoft.Compute/Locations/CentralUSEUAP/Publishers/MicrosoftWindowsServer/ArtifactTypes/VMImage/Offers/WindowsServer/Skus/2022-datacenter-smalldisk-g2/Versions/20348.707.220505\"\r\n + \ }\r\n]" + headers: + cache-control: + - no-cache + content-length: + - '335' + content-type: + - application/json; charset=utf-8 + date: + - Tue, 31 May 2022 03:39:11 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - Microsoft-HTTPAPI/2.0 + - Microsoft-HTTPAPI/2.0 + strict-transport-security: + - max-age=31536000; includeSubDomains + transfer-encoding: + - chunked + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + x-ms-ratelimit-remaining-resource: + - Microsoft.Compute/ListVMImagesVersionsFromLocation3Min;15999,Microsoft.Compute/ListVMImagesVersionsFromLocation30Min;43996 + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - vmss create + Connection: + - keep-alive + ParameterSetName: + - -n -g --vm-sku --security-type --image --admin-username --admin-password --enable-vtpm + --enable-secure-boot --os-disk-security-encryption-type + User-Agent: + - AZURECLI/2.37.0 azsdk-python-azure-mgmt-compute/27.0.0 Python/3.8.10 (Windows-10-10.0.22000-SP0) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Compute/locations/centraluseuap/publishers/MicrosoftWindowsServer/artifacttypes/vmimage/offers/WindowsServer/skus/2022-datacenter-smalldisk-g2/versions/20348.707.220505?api-version=2022-03-01 + response: + body: + string: "{\r\n \"properties\": {\r\n \"hyperVGeneration\": \"V2\",\r\n \"architecture\": + \"x64\",\r\n \"replicaType\": \"Managed\",\r\n \"replicaCount\": 10,\r\n + \ \"disallowed\": {\r\n \"vmDiskType\": \"Unmanaged\"\r\n },\r\n + \ \"automaticOSUpgradeProperties\": {\r\n \"automaticOSUpgradeSupported\": + false\r\n },\r\n \"imageDeprecationStatus\": {\r\n \"imageState\": + \"Active\"\r\n },\r\n \"features\": [\r\n {\r\n \"name\": + \"SecurityType\",\r\n \"value\": \"TrustedLaunchAndConfidentialVmSupported\"\r\n + \ },\r\n {\r\n \"name\": \"IsAcceleratedNetworkSupported\",\r\n + \ \"value\": \"True\"\r\n },\r\n {\r\n \"name\": \"DiskControllerTypes\",\r\n + \ \"value\": \"SCSI\"\r\n },\r\n {\r\n \"name\": \"IsHibernateSupported\",\r\n + \ \"value\": \"False\"\r\n }\r\n ],\r\n \"osDiskImage\": + {\r\n \"operatingSystem\": \"Windows\",\r\n \"sizeInGb\": 30\r\n + \ },\r\n \"dataDiskImages\": []\r\n },\r\n \"location\": \"CentralUSEUAP\",\r\n + \ \"name\": \"20348.707.220505\",\r\n \"id\": \"/Subscriptions/00000000-0000-0000-0000-000000000000/Providers/Microsoft.Compute/Locations/CentralUSEUAP/Publishers/MicrosoftWindowsServer/ArtifactTypes/VMImage/Offers/WindowsServer/Skus/2022-datacenter-smalldisk-g2/Versions/20348.707.220505\"\r\n}" + headers: + cache-control: + - no-cache + content-length: + - '1200' + content-type: + - application/json; charset=utf-8 + date: + - Tue, 31 May 2022 03:39:14 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - Microsoft-HTTPAPI/2.0 + - Microsoft-HTTPAPI/2.0 + strict-transport-security: + - max-age=31536000; includeSubDomains + transfer-encoding: + - chunked + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + x-ms-ratelimit-remaining-resource: + - Microsoft.Compute/GetVMImageFromLocation3Min;12999,Microsoft.Compute/GetVMImageFromLocation30Min;73998 + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json, text/json + Accept-Encoding: + - gzip, deflate + CommandName: + - vmss create + Connection: + - keep-alive + ParameterSetName: + - -n -g --vm-sku --security-type --image --admin-username --admin-password --enable-vtpm + --enable-secure-boot --os-disk-security-encryption-type + User-Agent: + - AZURECLI/2.37.0 azsdk-python-azure-mgmt-network/20.0.0 Python/3.8.10 (Windows-10-10.0.22000-SP0) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption_vmss000001/providers/Microsoft.Network/virtualNetworks?api-version=2018-01-01 + response: + body: + string: '{"value":[]}' + headers: + cache-control: + - no-cache + content-length: + - '12' + content-type: + - application/json; charset=utf-8 + date: + - Tue, 31 May 2022 03:39:14 GMT + expires: + - '-1' + pragma: + - no-cache + strict-transport-security: + - max-age=31536000; includeSubDomains + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: '{"properties": {"template": {"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", "parameters": {"adminPassword": {"type": "securestring", + "metadata": {"description": "Secure adminPassword"}}}, "variables": {}, "resources": + [{"name": "vmss000005VNET", "type": "Microsoft.Network/virtualNetworks", "location": + "centraluseuap", "apiVersion": "2015-06-15", "dependsOn": [], "tags": {}, "properties": + {"addressSpace": {"addressPrefixes": ["10.0.0.0/16"]}, "subnets": [{"name": + "vmss000005Subnet", "properties": {"addressPrefix": "10.0.0.0/24"}}]}}, {"apiVersion": + "2018-01-01", "type": "Microsoft.Network/publicIPAddresses", "name": "vmss000005LBPublicIP", + "location": "centraluseuap", "tags": {}, "dependsOn": [], "properties": {"publicIPAllocationMethod": + "Dynamic"}}, {"type": "Microsoft.Network/loadBalancers", "name": "vmss000005LB", + "location": "centraluseuap", "tags": {}, "apiVersion": "2018-01-01", "dependsOn": + ["Microsoft.Network/virtualNetworks/vmss000005VNET", "Microsoft.Network/publicIpAddresses/vmss000005LBPublicIP"], + "properties": {"backendAddressPools": [{"name": "vmss000005LBBEPool"}], "frontendIPConfigurations": + [{"name": "loadBalancerFrontEnd", "properties": {"publicIPAddress": {"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption_vmss000001/providers/Microsoft.Network/publicIPAddresses/vmss000005LBPublicIP"}}}], + "inboundNatPools": [{"name": "vmss000005LBNatPool", "properties": {"frontendIPConfiguration": + {"id": "[concat(resourceId(''Microsoft.Network/loadBalancers'', ''vmss000005LB''), + ''/frontendIPConfigurations/'', ''loadBalancerFrontEnd'')]"}, "protocol": "tcp", + "frontendPortRangeStart": "50000", "frontendPortRangeEnd": "50119", "backendPort": + 3389}}]}}, {"type": "Microsoft.Compute/virtualMachineScaleSets", "name": "vmss000005", + "location": "centraluseuap", "tags": {}, "apiVersion": "2021-11-01", "dependsOn": + ["Microsoft.Network/virtualNetworks/vmss000005VNET", "Microsoft.Network/loadBalancers/vmss000005LB"], + "properties": {"overprovision": true, "upgradePolicy": {"mode": "manual", "rollingUpgradePolicy": + {}}, "singlePlacementGroup": null, "virtualMachineProfile": {"storageProfile": + {"osDisk": {"createOption": "FromImage", "caching": "ReadWrite", "managedDisk": + {"storageAccountType": null, "securityProfile": {"securityEncryptionType": "DiskWithVMGuestState", + "diskEncryptionSet": {"id": null}}}}, "imageReference": {"publisher": "MicrosoftWindowsServer", + "offer": "WindowsServer", "sku": "2022-datacenter-smalldisk-g2", "version": + "latest"}}, "osProfile": {"computerNamePrefix": "vmss21216", "adminUsername": + "testuser", "adminPassword": "[parameters(''adminPassword'')]"}, "securityProfile": + {"securityType": "ConfidentialVM", "uefiSettings": {"secureBootEnabled": true, + "vTpmEnabled": true}}, "networkProfile": {"networkInterfaceConfigurations": + [{"name": "vmss21216Nic", "properties": {"ipConfigurations": [{"name": "vmss21216IPConfig", + "properties": {"subnet": {"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption_vmss000001/providers/Microsoft.Network/virtualNetworks/vmss000005VNET/subnets/vmss000005Subnet"}, + "loadBalancerBackendAddressPools": [{"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption_vmss000001/providers/Microsoft.Network/loadBalancers/vmss000005LB/backendAddressPools/vmss000005LBBEPool"}], + "loadBalancerInboundNatPools": [{"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption_vmss000001/providers/Microsoft.Network/loadBalancers/vmss000005LB/inboundNatPools/vmss000005LBNatPool"}]}}], + "primary": "true"}}]}}, "orchestrationMode": "Uniform"}, "sku": {"name": "Standard_DC2as_v5", + "capacity": 2}}], "outputs": {"VMSS": {"type": "object", "value": "[reference(resourceId(''Microsoft.Compute/virtualMachineScaleSets'', + ''vmss000005''),providers(''Microsoft.Compute'', ''virtualMachineScaleSets'').apiVersions[0])]"}}}, + "parameters": {"adminPassword": {"value": "testPassword0"}}, "mode": "incremental"}}' + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - vmss create + Connection: + - keep-alive + Content-Length: + - '4155' + Content-Type: + - application/json + ParameterSetName: + - -n -g --vm-sku --security-type --image --admin-username --admin-password --enable-vtpm + --enable-secure-boot --os-disk-security-encryption-type + User-Agent: + - AZURECLI/2.37.0 azsdk-python-azure-mgmt-resource/21.1.0b1 Python/3.8.10 (Windows-10-10.0.22000-SP0) + method: PUT + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/cli_test_os_disk_security_encryption_vmss000001/providers/Microsoft.Resources/deployments/mock-deployment?api-version=2021-04-01 + response: + body: + string: '{"id":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption_vmss000001/providers/Microsoft.Resources/deployments/vmss_deploy_FE0KNoeeLtgP1l4TH1ugEfojY7uX6bBy","name":"vmss_deploy_FE0KNoeeLtgP1l4TH1ugEfojY7uX6bBy","type":"Microsoft.Resources/deployments","properties":{"templateHash":"10490482595719570506","parameters":{"adminPassword":{"type":"SecureString"}},"mode":"Incremental","provisioningState":"Accepted","timestamp":"2022-05-31T03:39:33.5602749Z","duration":"PT0.0001477S","correlationId":"b606c372-ac0b-44cf-bf48-2ac87f201fe4","providers":[{"namespace":"Microsoft.Network","resourceTypes":[{"resourceType":"virtualNetworks","locations":["centraluseuap"]},{"resourceType":"publicIPAddresses","locations":["centraluseuap"]},{"resourceType":"loadBalancers","locations":["centraluseuap"]}]},{"namespace":"Microsoft.Compute","resourceTypes":[{"resourceType":"virtualMachineScaleSets","locations":["centraluseuap"]}]}],"dependencies":[{"dependsOn":[{"id":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption_vmss000001/providers/Microsoft.Network/virtualNetworks/vmss000005VNET","resourceType":"Microsoft.Network/virtualNetworks","resourceName":"vmss000005VNET"},{"id":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption_vmss000001/providers/Microsoft.Network/publicIPAddresses/vmss000005LBPublicIP","resourceType":"Microsoft.Network/publicIPAddresses","resourceName":"vmss000005LBPublicIP"}],"id":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption_vmss000001/providers/Microsoft.Network/loadBalancers/vmss000005LB","resourceType":"Microsoft.Network/loadBalancers","resourceName":"vmss000005LB"},{"dependsOn":[{"id":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption_vmss000001/providers/Microsoft.Network/virtualNetworks/vmss000005VNET","resourceType":"Microsoft.Network/virtualNetworks","resourceName":"vmss000005VNET"},{"id":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption_vmss000001/providers/Microsoft.Network/loadBalancers/vmss000005LB","resourceType":"Microsoft.Network/loadBalancers","resourceName":"vmss000005LB"}],"id":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_os_disk_security_encryption_vmss000001/providers/Microsoft.Compute/virtualMachineScaleSets/vmss000005","resourceType":"Microsoft.Compute/virtualMachineScaleSets","resourceName":"vmss000005"}]}}' + headers: + azure-asyncoperation: + - https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/cli_test_os_disk_security_encryption_vmss000001/providers/Microsoft.Resources/deployments/vmss_deploy_FE0KNoeeLtgP1l4TH1ugEfojY7uX6bBy/operationStatuses/08585476385151176122?api-version=2021-04-01 + cache-control: + - no-cache + content-length: + - '2624' + content-type: + - application/json; charset=utf-8 + date: + - Tue, 31 May 2022 03:39:36 GMT + expires: + - '-1' + pragma: + - no-cache + strict-transport-security: + - max-age=31536000; includeSubDomains + x-content-type-options: + - nosniff + x-ms-ratelimit-remaining-subscription-writes: + - '1199' + status: + code: 201 + message: Created +- request: + body: null + headers: + Accept: + - '*/*' + Accept-Encoding: + - gzip, deflate + CommandName: + - vmss create + Connection: + - keep-alive + ParameterSetName: + - -n -g --vm-sku --security-type --image --admin-username --admin-password --enable-vtpm + --enable-secure-boot --os-disk-security-encryption-type + User-Agent: + - AZURECLI/2.37.0 azsdk-python-azure-mgmt-resource/21.1.0b1 Python/3.8.10 (Windows-10-10.0.22000-SP0) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/cli_test_os_disk_security_encryption_vmss000001/providers/Microsoft.Resources/deployments/mock-deployment/operationStatuses/08585476385151176122?api-version=2021-04-01 + response: + body: + string: '{"status":"Running"}' + headers: + cache-control: + - no-cache + content-length: + - '20' + content-type: + - application/json; charset=utf-8 + date: + - Tue, 31 May 2022 03:40:07 GMT + expires: + - '-1' + pragma: + - no-cache + strict-transport-security: + - max-age=31536000; includeSubDomains + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - '*/*' + Accept-Encoding: + - gzip, deflate + CommandName: + - vmss create + Connection: + - keep-alive + ParameterSetName: + - -n -g --vm-sku --security-type --image --admin-username --admin-password --enable-vtpm + --enable-secure-boot --os-disk-security-encryption-type + User-Agent: + - AZURECLI/2.37.0 azsdk-python-azure-mgmt-resource/21.1.0b1 Python/3.8.10 (Windows-10-10.0.22000-SP0) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/cli_test_os_disk_security_encryption_vmss000001/providers/Microsoft.Resources/deployments/mock-deployment/operationStatuses/08585476385151176122?api-version=2021-04-01 + response: + body: + string: '{"status":"Failed","error":{"code":"DeploymentFailed","message":"At + least one resource deployment operation failed. Please list deployment operations + for details. Please see https://aka.ms/DeployOperations for usage details.","details":[{"code":"BadRequest","message":"{\r\n \"error\": + {\r\n \"code\": \"BadRequest\",\r\n \"message\": \"Virtual Machines + Scale Sets do not allow setting managedDisk.securityProfile.diskEncryptionSet.\"\r\n }\r\n}"}]}}' + headers: + cache-control: + - no-cache + content-length: + - '458' + content-type: + - application/json; charset=utf-8 + date: + - Tue, 31 May 2022 03:40:38 GMT + expires: + - '-1' + pragma: + - no-cache + strict-transport-security: + - max-age=31536000; includeSubDomains + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +version: 1 diff --git a/src/azure-cli/azure/cli/command_modules/vm/tests/latest/test_vm_commands.py b/src/azure-cli/azure/cli/command_modules/vm/tests/latest/test_vm_commands.py index 4c5c5e527c8..f8bd97788cf 100644 --- a/src/azure-cli/azure/cli/command_modules/vm/tests/latest/test_vm_commands.py +++ b/src/azure-cli/azure/cli/command_modules/vm/tests/latest/test_vm_commands.py @@ -6993,6 +6993,107 @@ def test_confidential_disk_encryption_set(self, resource_group): ]) + @ResourceGroupPreparer(name_prefix='cli_test_os_disk_security_encryption', location='CentralUSEUAP') + def test_os_disk_security_encryption(self, resource_group): + self.kwargs.update({ + 'vault': self.create_random_name(prefix='vault', length=15), + 'key': self.create_random_name(prefix='key', length=15), + 'des1': self.create_random_name(prefix='des1', length=15), + 'vm1': self.create_random_name(prefix='vm1', length=15), + 'vmss1': self.create_random_name(prefix='vmss', length=15) + }) + + vault_id = self.cmd('keyvault create -g {rg} -n {vault} --enable-purge-protection true --enable-soft-delete true').get_output_in_json()['id'] + kid = self.cmd('keyvault key create -n {key} --vault {vault} --protection software').get_output_in_json()['key']['kid'] + self.kwargs.update({ + 'vault_id': vault_id, + 'kid': kid + }) + + self.cmd('disk-encryption-set create -g {rg} -n {des1} --key-url {kid} --source-vault {vault} --encryption-type confidentialvmencryptedwithcustomerkey') + des1_show_output = self.cmd('disk-encryption-set show -g {rg} -n {des1}').get_output_in_json() + des1_sp_id = des1_show_output['identity']['principalId'] + des1_id = des1_show_output['id'] + self.kwargs.update({ + 'des1_sp_id': des1_sp_id, + 'des1_id': des1_id + }) + + self.cmd('keyvault set-policy -n {vault} --object-id {des1_sp_id} --key-permissions wrapKey unwrapKey get') + + time.sleep(15) + + with mock.patch('azure.cli.command_modules.role.custom._gen_guid', side_effect=self.create_guid): + self.cmd('role assignment create --assignee {des1_sp_id} --role Reader --scope {vault_id}') + + self.cmd('vm create -n {vm1} -g {rg} --size Standard_DC2as_v5 --security-type confidentialvm --image MicrosoftWindowsServer:WindowsServer:2022-datacenter-smalldisk-g2:latest --admin-username testuser --admin-password testPassword0 --enable-vtpm true --enable-secure-boot true --os-disk-security-encryption-type diskwithvmgueststate --os-disk-secure-vm-disk-encryption-set {des1}') + self.cmd('vm show -n {vm1} -g {rg}', checks=[ + self.check('storageProfile.osDisk.managedDisk.securityProfile.securityEncryptionType', 'DiskWithVMGuestState'), + self.check('storageProfile.osDisk.managedDisk.securityProfile.diskEncryptionSet.id', '{des1_id}') + ]) + + @unittest.skip('"Virtual Machines Scale Sets do not allow setting managedDisk.securityProfile.diskEncryptionSet.') + @ResourceGroupPreparer(name_prefix='cli_test_os_disk_security_encryption_vmss', location='CentralUSEUAP') + def test_os_disk_security_encryption_vmss(self, resource_group): + self.kwargs.update({ + 'vault': self.create_random_name(prefix='vault', length=15), + 'key': self.create_random_name(prefix='key', length=15), + 'des1': self.create_random_name(prefix='des1', length=15), + 'vm': self.create_random_name(prefix='vm', length=15), + 'vmss1': self.create_random_name(prefix='vmss', length=15), + 'gallery': self.create_random_name(prefix='gallery', length=15), + 'image': self.create_random_name(prefix='image', length=15), + 'captured': self.create_random_name(prefix='capture', length=15), + 'version': '1.1.1', + 'subId': '0b1f6471-1bf0-4dda-aec3-cb9272f09590', + 'tenantId': '2f4a9838-26b7-47ee-be60-ccc1fdec5953', + }) + + vault_id = self.cmd('keyvault create -g {rg} -n {vault} --enable-purge-protection true --enable-soft-delete true').get_output_in_json()['id'] + kid = self.cmd('keyvault key create -n {key} --vault {vault} --protection software').get_output_in_json()['key']['kid'] + self.kwargs.update({ + 'vault_id': vault_id, + 'kid': kid + }) + + self.cmd('disk-encryption-set create -g {rg} -n {des1} --key-url {kid} --source-vault {vault} --encryption-type ConfidentialVmEncryptedWithCustomerKey') + des1_show_output = self.cmd('disk-encryption-set show -g {rg} -n {des1}').get_output_in_json() + des1_sp_id = des1_show_output['identity']['principalId'] + des1_id = des1_show_output['id'] + self.kwargs.update({ + 'des1_sp_id': des1_sp_id, + 'des1_id': des1_id + }) + + self.cmd('keyvault set-policy -g {rg} -n {vault} --object-id {des1_sp_id} --key-permissions wrapKey unwrapKey get') + + time.sleep(15) + + with mock.patch('azure.cli.command_modules.role.custom._gen_guid', side_effect=self.create_guid): + self.cmd('role assignment create --assignee {des1_sp_id} --role Reader --scope {vault_id}') + + self.cmd('sig create -g {rg} --gallery-name {gallery} --permissions groups ') + self.cmd('sig image-definition create -g {rg} --gallery-name {gallery} --gallery-image-definition {image} --os-type windows -p publisher1 -f offer1 -s sku1 --hyper-v-generation V2') + self.cmd('vm create -g {rg} -n {vm} --image MicrosoftWindowsServer:WindowsServer:2022-datacenter-smalldisk-g2:latest --data-disk-sizes-gb 10 --admin-username clitest1 --admin-password Password001! --generate-ssh-key --nsg-rule None') + self.cmd('vm deallocate -g {rg} -n {vm}') + self.cmd('vm generalize -g {rg} -n {vm}') + + self.cmd('image create -g {rg} -n {captured} --source {vm} --hyper-v-generation V2') + self.cmd('sig image-version create -g {rg} --gallery-name {gallery} --gallery-image-definition {image} --gallery-image-version {version} --managed-image {captured} --replica-count 1') + self.kwargs['unique_name'] = self.cmd('sig show --gallery-name {gallery} --resource-group {rg} --select Permissions').get_output_in_json()['identifier']['uniqueName'] + + self.cmd('sig share add --gallery-name {gallery} -g {rg} --subscription-ids {subId} --tenant-ids {tenantId}') + + self.kwargs['shared_gallery_image_version'] = self.cmd('sig image-version show-shared --gallery-image-definition {image} --gallery-unique-name {unique_name} --location CentralUSEUAP --gallery-image-version {version}').get_output_in_json()[ + 'uniqueId'] + + self.cmd('vmss create -n {vmss1} -g {rg} --vm-sku Standard_DC2as_v5 --security-type Confidentialvm --image {shared_gallery_image_version} --admin-username testuser --admin-password testPassword0 --enable-vtpm true --enable-secure-boot true --os-disk-security-encryption-type DiskwithVMGuestState --os-disk-secure-vm-disk-encryption-set {des1}') + self.cmd('vmss show -n {vmss1} -g {rg}', checks=[ + self.check('virtualMachineProfile.storageProfile.osDisk.managedDisk.securityProfile.securityEncryptionType', 'DiskWithVMGuestState'), + self.check('virtualMachineProfile.storageProfile.osDisk.managedDisk.diskEncryptionSet.id', '{des}') + ]) + + class DiskAccessTest(ScenarioTest): @ResourceGroupPreparer(name_prefix='cli_test_disk_access_', location='centraluseuap')