Patch for release 2020 08 25

src/Compute/Compute.Test/ScenarioTests/VirtualMachineTests.cs

@@ -284,6 +284,13 @@ public void TestLowPriorityVirtualMachine()
             TestRunner.RunTestScript("Test-LowPriorityVirtualMachine");
         }
 
+        [Fact]
+        [Trait(Category.AcceptanceType, Category.CheckIn)]
+        public void TestEncryptionAtHostVMNull()
+        {
+            TestRunner.RunTestScript("Test-EncryptionAtHostVMNull");
+        }
+
         [Fact]
         [Trait(Category.AcceptanceType, Category.CheckIn)]
         public void TestEncryptionAtHostVM()

src/Compute/Compute.Test/ScenarioTests/VirtualMachineTests.ps1

@@ -3854,6 +3854,47 @@ function Test-LowPriorityVirtualMachine
     }
 }
 
+<#
+.SYNOPSIS
+Test EncryptionAtHost Virtual Machine
+#>
+function Test-EncryptionAtHostVMNull
+{
+    # Setup
+    $rgname = Get-ComputeTestResourceName
+
+    try
+    {
+        $loc = Get-ComputeVMLocation;
+        New-AzResourceGroup -Name $rgname -Location $loc -Force;
+
+        # VM Profile & Hardware
+        $vmsize = 'Standard_DS2_v2';
+        $vmname = 'vm' + $rgname;
+        [string]$domainNameLabel = "$vmname-$vmname".tolower();
+
+        $user = "Foo2";
+        $password = $PLACEHOLDER;
+        $securePassword = ConvertTo-SecureString $password -AsPlainText -Force;
+        $cred = New-Object System.Management.Automation.PSCredential ($user, $securePassword);
+        $computerName = 'test';
+
+        $vm = New-AzVM -ResourceGroupName $rgname -Name $vmname -Credential $cred -DomainNameLabel $domainNameLabel;
+        Assert-AreEqual $null $vm.SecurityProfile.encryptionathost
+
+        # Get VM
+        $vm = Get-AzVM -ResourceGroupName $rgname -Name $vmname;
+        Assert-AreEqual $null $vm.SecurityProfile.encryptionAtHost
+        Assert-AreEqual $null $vm.encryptionAtHost
+
+    }
+    finally
+    {
+        # Cleanup
+        Clean-ResourceGroup $rgname
+    }
+}
+
 <#
 .SYNOPSIS
 Test EncryptionAtHost Virtual Machine

src/Compute/Compute/ChangeLog.md

@@ -20,6 +20,9 @@
 -->
 ## Upcoming Release
 
+## Version 4.3.1
+* Patched -EncryptionAtHost parameter to remove default value of false
+
 ## Version 4.3.0
 * Added `-EncryptionAtHost` parameter to `New-AzVm`, `New-AzVmss`, `New-AzVMConfig`, `New-AzVmssConfig`, `Update-AzVM`, and `Update-AzVmss`
 * Added `SecurityProfile` to `Get-AzVM` and `Get-AzVmss` return object

src/Compute/Compute/Strategies/ComputeRp/VirtualMachineScaleSetStrategy.cs

@@ -81,10 +81,7 @@ internal static ResourceConfig<VirtualMachineScaleSet> CreateVirtualMachineScale
                     AdditionalCapabilities = ultraSSDEnabled ? new AdditionalCapabilities(true) : null,
                     VirtualMachineProfile = new VirtualMachineScaleSetVMProfile
                     {
-                        SecurityProfile = new SecurityProfile
-                        {
-                            EncryptionAtHost = encryptionAtHost
-                        },
+                        SecurityProfile = (encryptionAtHost == true) ? new SecurityProfile(encryptionAtHost) : null,
                         OsProfile = new VirtualMachineScaleSetOSProfile
                         {
                             ComputerNamePrefix = name.Substring(0, Math.Min(name.Length, 9)),

src/Compute/Compute/Strategies/ComputeRp/VirtualMachineStrategy.cs

@@ -56,7 +56,7 @@ public static ResourceConfig<VirtualMachine> CreateVirtualMachineConfig(
             string priority,
             string evictionPolicy,
             double? maxPrice,
-            bool? encryptionAtHostEnabled)
+            bool encryptionAtHostPresent)
 
             => Strategy.CreateResourceConfig(
                 resourceGroup: resourceGroup,
@@ -97,7 +97,7 @@ public static ResourceConfig<VirtualMachine> CreateVirtualMachineConfig(
                     Priority = priority,
                     EvictionPolicy = evictionPolicy,
                     BillingProfile = (maxPrice == null) ? null : new BillingProfile(maxPrice),
-                    SecurityProfile = (encryptionAtHostEnabled == null) ? null : new SecurityProfile(encryptionAtHostEnabled)
+                    SecurityProfile = (encryptionAtHostPresent == true) ? new SecurityProfile(encryptionAtHostPresent) : null
                 });
 
         public static ResourceConfig<VirtualMachine> CreateVirtualMachineConfig(
@@ -117,7 +117,7 @@ public static ResourceConfig<VirtualMachine> CreateVirtualMachineConfig(
             string priority,
             string evictionPolicy,
             double? maxPrice,
-            bool? encryptionAtHostEnabled
+            bool encryptionAtHostPresent
             )
             => Strategy.CreateResourceConfig(
                 resourceGroup: resourceGroup,
@@ -155,10 +155,7 @@ public static ResourceConfig<VirtualMachine> CreateVirtualMachineConfig(
                     Priority = priority,
                     EvictionPolicy = evictionPolicy,
                     BillingProfile = (maxPrice == null) ? null : new BillingProfile(maxPrice),
-                    SecurityProfile = new SecurityProfile
-                    {
-                        EncryptionAtHost = encryptionAtHostEnabled
-                    }
+                    SecurityProfile = (encryptionAtHostPresent == true) ? new SecurityProfile(encryptionAtHostPresent) : null
                 });
     }
 }

src/Compute/Compute/VirtualMachine/Config/NewAzureVMConfigCommand.cs

@@ -122,7 +122,7 @@ public class NewAzureVMConfigCommand : Microsoft.Azure.Commands.ResourceManager.
            Mandatory = false,
            ValueFromPipelineByPropertyName = false,
            HelpMessage = "EncryptionAtHost property can be used by user in the request to enable or disable the Host Encryption for the virtual machine. This will enable the encryption for all the disks including Resource/Temp disk at host itself.")]
-        public SwitchParameter EncryptionAtHost { get; set; } = false;
+        public SwitchParameter EncryptionAtHost { get; set; }
 
         protected override bool IsUsageMetricEnabled
         {

src/Compute/Compute/VirtualMachine/Operation/NewAzureVMCommand.cs

@@ -258,7 +258,7 @@ public class NewAzureVMCommand : VirtualMachineBaseCmdlet
             HelpMessage = "EncryptionAtHost property can be used by user in the request to enable or disable the Host Encryption for the virtual machine. This will enable the encryption for all the disks including Resource/Temp disk at host itself.")]
         [Parameter(ParameterSetName = DiskFileParameterSet, Mandatory = false,
             HelpMessage = "EncryptionAtHost property can be used by user in the request to enable or disable the Host Encryption for the virtual machine. This will enable the encryption for all the disks including Resource/Temp disk at host itself.")]
-        public SwitchParameter EncryptionAtHost { get; set; } = false;
+        public SwitchParameter EncryptionAtHost { get; set; }
 
         public override void ExecuteCmdlet()
         {
@@ -395,7 +395,7 @@ public async Task<ResourceConfig<VirtualMachine>> CreateConfigAsync()
                         priority: _cmdlet.Priority,
                         evictionPolicy: _cmdlet.EvictionPolicy,
                         maxPrice: _cmdlet.IsParameterBound(c => c.MaxPrice) ? _cmdlet.MaxPrice : (double?)null,
-                        encryptionAtHostEnabled: _cmdlet.EncryptionAtHost.IsPresent
+                        encryptionAtHostPresent: _cmdlet.EncryptionAtHost.IsPresent
                         );
                 }
                 else
@@ -420,8 +420,8 @@ public async Task<ResourceConfig<VirtualMachine>> CreateConfigAsync()
                         priority: _cmdlet.Priority,
                         evictionPolicy: _cmdlet.EvictionPolicy,
                         maxPrice: _cmdlet.IsParameterBound(c => c.MaxPrice) ? _cmdlet.MaxPrice : (double?)null,
-                        encryptionAtHostEnabled: _cmdlet.EncryptionAtHost.IsPresent
-                        );
+                        encryptionAtHostPresent: _cmdlet.EncryptionAtHost.IsPresent
+                    );
                 }
             }
         }