diff --git a/src/Network/Network/ChangeLog.md b/src/Network/Network/ChangeLog.md index 28335f3d8813..d9987e501bec 100644 --- a/src/Network/Network/ChangeLog.md +++ b/src/Network/Network/ChangeLog.md @@ -21,6 +21,8 @@ ## Upcoming Release * Bugfix in Remove peering and connection commandlet for ExpressrouteCircuit scenario - Remove-AzExpressRouteCircuitPeeringConfig and Remove-AzExpressRouteCircuitConnectionConfig +* Added multiple Authentication support for p2sVpnGateway + - Updated `New-AzVpnServerConfiguration` and `Update-AzVpnServerConfiguration` to allow multiple authentication parameters to be set. ## Version 4.3.0 * Updated below cmdlet - `New-AzLoadBalancerFrontendIpConfigCommand`, `Set-AzLoadBalancerFrontendIpConfigCommand`, `Add-AzLoadBalancerFrontendIpConfigCommand`: diff --git a/src/Network/Network/Cortex/VpnServerConfiguration/NewAzureRmVpnServerConfigurationCommand.cs b/src/Network/Network/Cortex/VpnServerConfiguration/NewAzureRmVpnServerConfigurationCommand.cs index f4f0ec8def31..789b0cffc303 100644 --- a/src/Network/Network/Cortex/VpnServerConfiguration/NewAzureRmVpnServerConfigurationCommand.cs +++ b/src/Network/Network/Cortex/VpnServerConfiguration/NewAzureRmVpnServerConfigurationCommand.cs @@ -31,7 +31,6 @@ namespace Microsoft.Azure.Commands.Network [Cmdlet(VerbsCommon.New, ResourceManager.Common.AzureRMConstants.AzureRMPrefix + "VpnServerConfiguration", - DefaultParameterSetName = CortexParameterSetNames.ByVpnServerConfigurationName + CortexParameterSetNames.ByCertificateAuthentication, SupportsShouldProcess = true), OutputType(typeof(PSVpnServerConfiguration))] public class NewAzureRmVpnServerConfigurationCommand : VpnServerConfigurationBaseCmdlet @@ -76,56 +75,47 @@ public class NewAzureRmVpnServerConfigurationCommand : VpnServerConfigurationBas [Parameter( Mandatory = false, - ParameterSetName = CortexParameterSetNames.ByVpnServerConfigurationName + CortexParameterSetNames.ByCertificateAuthentication, HelpMessage = "A list of VpnClientRootCertificates to be added files' paths")] public string[] VpnClientRootCertificateFilesList { get; set; } [Parameter( Mandatory = false, - ParameterSetName = CortexParameterSetNames.ByVpnServerConfigurationName + CortexParameterSetNames.ByCertificateAuthentication, HelpMessage = "A list of VpnClientCertificates to be revoked files' paths")] public string[] VpnClientRevokedCertificateFilesList { get; set; } [Parameter( Mandatory = false, - ParameterSetName = CortexParameterSetNames.ByVpnServerConfigurationName + CortexParameterSetNames.ByRadiusAuthentication, HelpMessage = "P2S External Radius server address.")] public string RadiusServerAddress { get; set; } [Parameter( Mandatory = false, - ParameterSetName = CortexParameterSetNames.ByVpnServerConfigurationName + CortexParameterSetNames.ByRadiusAuthentication, HelpMessage = "P2S External Radius server secret.")] public SecureString RadiusServerSecret { get; set; } [Parameter( Mandatory = false, - ParameterSetName = CortexParameterSetNames.ByVpnServerConfigurationName + CortexParameterSetNames.ByRadiusAuthentication, HelpMessage = "P2S External multiple radius servers.")] public PSRadiusServer[] RadiusServerList { get; set; } [Parameter( Mandatory = false, - ParameterSetName = CortexParameterSetNames.ByVpnServerConfigurationName + CortexParameterSetNames.ByRadiusAuthentication, HelpMessage = "A list of RadiusClientRootCertificate files' paths")] public string[] RadiusServerRootCertificateFilesList { get; set; } [Parameter( Mandatory = false, - ParameterSetName = CortexParameterSetNames.ByVpnServerConfigurationName + CortexParameterSetNames.ByRadiusAuthentication, HelpMessage = "A list of RadiusClientRootCertificate files' paths")] public string[] RadiusClientRootCertificateFilesList { get; set; } [Parameter( Mandatory = false, - ParameterSetName = CortexParameterSetNames.ByVpnServerConfigurationName + CortexParameterSetNames.ByAadAuthentication, HelpMessage = "AAD tenant for P2S AAD authentication.")] [ValidateNotNullOrEmpty] public string AadTenant { get; set; } [Parameter( Mandatory = false, - ParameterSetName = CortexParameterSetNames.ByVpnServerConfigurationName + CortexParameterSetNames.ByAadAuthentication, HelpMessage = "AAD audience for P2S AAD authentication.")] [ValidateNotNullOrEmpty] public string AadAudience { get; set; } @@ -133,7 +123,6 @@ public class NewAzureRmVpnServerConfigurationCommand : VpnServerConfigurationBas [Parameter( Mandatory = false, - ParameterSetName = CortexParameterSetNames.ByVpnServerConfigurationName + CortexParameterSetNames.ByAadAuthentication, HelpMessage = "AAD issuer for P2S AAD authentication.")] [ValidateNotNullOrEmpty] public string AadIssuer { get; set; } diff --git a/src/Network/Network/Cortex/VpnServerConfiguration/UpdateAzureRmVpnServerConfigurationCommand.cs b/src/Network/Network/Cortex/VpnServerConfiguration/UpdateAzureRmVpnServerConfigurationCommand.cs index c5a99c7ec233..abb85ed42cd4 100644 --- a/src/Network/Network/Cortex/VpnServerConfiguration/UpdateAzureRmVpnServerConfigurationCommand.cs +++ b/src/Network/Network/Cortex/VpnServerConfiguration/UpdateAzureRmVpnServerConfigurationCommand.cs @@ -33,21 +33,13 @@ namespace Microsoft.Azure.Commands.Network [Cmdlet("Update", ResourceManager.Common.AzureRMConstants.AzureRMPrefix + "VpnServerConfiguration", - DefaultParameterSetName = CortexParameterSetNames.ByVpnServerConfigurationName + CortexParameterSetNames.ByCertificateAuthentication, + DefaultParameterSetName = CortexParameterSetNames.ByVpnServerConfigurationName, SupportsShouldProcess = true), OutputType(typeof(PSVpnServerConfiguration))] public class UpdateAzureRmVpnServerConfigurationCommand : VpnServerConfigurationBaseCmdlet { [Parameter( - ParameterSetName = CortexParameterSetNames.ByVpnServerConfigurationName + CortexParameterSetNames.ByCertificateAuthentication, - Mandatory = true, - HelpMessage = "The resource group name.")] - [Parameter( - ParameterSetName = CortexParameterSetNames.ByVpnServerConfigurationName + CortexParameterSetNames.ByRadiusAuthentication, - Mandatory = true, - HelpMessage = "The resource group name.")] - [Parameter( - ParameterSetName = CortexParameterSetNames.ByVpnServerConfigurationName + CortexParameterSetNames.ByAadAuthentication, + ParameterSetName = CortexParameterSetNames.ByVpnServerConfigurationName, Mandatory = true, HelpMessage = "The resource group name.")] [ResourceGroupCompleter] @@ -56,15 +48,7 @@ public class UpdateAzureRmVpnServerConfigurationCommand : VpnServerConfiguration [Alias("ResourceName", "VpnServerConfigurationName")] [Parameter( - ParameterSetName = CortexParameterSetNames.ByVpnServerConfigurationName + CortexParameterSetNames.ByCertificateAuthentication, - Mandatory = true, - HelpMessage = "The resource name.")] - [Parameter( - ParameterSetName = CortexParameterSetNames.ByVpnServerConfigurationName + CortexParameterSetNames.ByRadiusAuthentication, - Mandatory = true, - HelpMessage = "The resource name.")] - [Parameter( - ParameterSetName = CortexParameterSetNames.ByVpnServerConfigurationName + CortexParameterSetNames.ByAadAuthentication, + ParameterSetName = CortexParameterSetNames.ByVpnServerConfigurationName, Mandatory = true, HelpMessage = "The resource name.")] [ResourceNameCompleter("Microsoft.Network/vpnServerConfigurations", "ResourceGroupName")] @@ -73,17 +57,7 @@ public class UpdateAzureRmVpnServerConfigurationCommand : VpnServerConfiguration [Alias("VpnServerConfiguration")] [Parameter( - ParameterSetName = CortexParameterSetNames.ByVpnServerConfigurationObject + CortexParameterSetNames.ByCertificateAuthentication, - Mandatory = true, - ValueFromPipeline = true, - HelpMessage = "The vpn server configuration object to be modified")] - [Parameter( - ParameterSetName = CortexParameterSetNames.ByVpnServerConfigurationObject + CortexParameterSetNames.ByRadiusAuthentication, - Mandatory = true, - ValueFromPipeline = true, - HelpMessage = "The vpn server configuration object to be modified")] - [Parameter( - ParameterSetName = CortexParameterSetNames.ByVpnServerConfigurationObject + CortexParameterSetNames.ByAadAuthentication, + ParameterSetName = CortexParameterSetNames.ByVpnServerConfigurationObject, Mandatory = true, ValueFromPipeline = true, HelpMessage = "The vpn server configuration object to be modified")] @@ -92,17 +66,7 @@ public class UpdateAzureRmVpnServerConfigurationCommand : VpnServerConfiguration [Alias("VpnServerConfigurationId")] [Parameter( - ParameterSetName = CortexParameterSetNames.ByVpnServerConfigurationResourceId + CortexParameterSetNames.ByCertificateAuthentication, - Mandatory = true, - ValueFromPipelineByPropertyName = true, - HelpMessage = "The Azure resource ID for the vpn server configuration.")] - [Parameter( - ParameterSetName = CortexParameterSetNames.ByVpnServerConfigurationResourceId + CortexParameterSetNames.ByRadiusAuthentication, - Mandatory = true, - ValueFromPipelineByPropertyName = true, - HelpMessage = "The Azure resource ID for the vpn server configuration.")] - [Parameter( - ParameterSetName = CortexParameterSetNames.ByVpnServerConfigurationResourceId + CortexParameterSetNames.ByAadAuthentication, + ParameterSetName = CortexParameterSetNames.ByVpnServerConfigurationResourceId, Mandatory = true, ValueFromPipelineByPropertyName = true, HelpMessage = "The Azure resource ID for the vpn server configuration.")] @@ -131,143 +95,143 @@ public class UpdateAzureRmVpnServerConfigurationCommand : VpnServerConfiguration [Parameter( Mandatory = false, - ParameterSetName = CortexParameterSetNames.ByVpnServerConfigurationName + CortexParameterSetNames.ByCertificateAuthentication, + ParameterSetName = CortexParameterSetNames.ByVpnServerConfigurationName, HelpMessage = "A list of VpnClientRootCertificates to be added files' paths")] [Parameter( Mandatory = false, - ParameterSetName = CortexParameterSetNames.ByVpnServerConfigurationObject + CortexParameterSetNames.ByCertificateAuthentication, + ParameterSetName = CortexParameterSetNames.ByVpnServerConfigurationObject, HelpMessage = "A list of VpnClientRootCertificates to be added files' paths")] [Parameter( Mandatory = false, - ParameterSetName = CortexParameterSetNames.ByVpnServerConfigurationResourceId + CortexParameterSetNames.ByCertificateAuthentication, + ParameterSetName = CortexParameterSetNames.ByVpnServerConfigurationResourceId, HelpMessage = "A list of VpnClientRootCertificates to be added files' paths")] public string[] VpnClientRootCertificateFilesList { get; set; } [Parameter( Mandatory = false, - ParameterSetName = CortexParameterSetNames.ByVpnServerConfigurationName + CortexParameterSetNames.ByCertificateAuthentication, + ParameterSetName = CortexParameterSetNames.ByVpnServerConfigurationName, HelpMessage = "A list of VpnClientCertificates to be revoked files' paths")] [Parameter( Mandatory = false, - ParameterSetName = CortexParameterSetNames.ByVpnServerConfigurationObject + CortexParameterSetNames.ByCertificateAuthentication, + ParameterSetName = CortexParameterSetNames.ByVpnServerConfigurationObject, HelpMessage = "A list of VpnClientCertificates to be revoked files' paths")] [Parameter( Mandatory = false, - ParameterSetName = CortexParameterSetNames.ByVpnServerConfigurationResourceId + CortexParameterSetNames.ByCertificateAuthentication, + ParameterSetName = CortexParameterSetNames.ByVpnServerConfigurationResourceId, HelpMessage = "A list of VpnClientCertificates to be revoked files' paths")] public string[] VpnClientRevokedCertificateFilesList { get; set; } [Parameter( Mandatory = false, - ParameterSetName = CortexParameterSetNames.ByVpnServerConfigurationName + CortexParameterSetNames.ByRadiusAuthentication, + ParameterSetName = CortexParameterSetNames.ByVpnServerConfigurationName, HelpMessage = "P2S External Radius server address.")] [Parameter( Mandatory = false, - ParameterSetName = CortexParameterSetNames.ByVpnServerConfigurationObject + CortexParameterSetNames.ByRadiusAuthentication, + ParameterSetName = CortexParameterSetNames.ByVpnServerConfigurationObject, HelpMessage = "P2S External Radius server address.")] [Parameter( Mandatory = false, - ParameterSetName = CortexParameterSetNames.ByVpnServerConfigurationResourceId + CortexParameterSetNames.ByRadiusAuthentication, + ParameterSetName = CortexParameterSetNames.ByVpnServerConfigurationResourceId, HelpMessage = "P2S External Radius server address.")] public string RadiusServerAddress { get; set; } [Parameter( Mandatory = false, - ParameterSetName = CortexParameterSetNames.ByVpnServerConfigurationName + CortexParameterSetNames.ByRadiusAuthentication, + ParameterSetName = CortexParameterSetNames.ByVpnServerConfigurationName, HelpMessage = "P2S External Radius server secret.")] [Parameter( Mandatory = false, - ParameterSetName = CortexParameterSetNames.ByVpnServerConfigurationObject + CortexParameterSetNames.ByRadiusAuthentication, + ParameterSetName = CortexParameterSetNames.ByVpnServerConfigurationObject, HelpMessage = "P2S External Radius server secret.")] [Parameter( Mandatory = false, - ParameterSetName = CortexParameterSetNames.ByVpnServerConfigurationResourceId + CortexParameterSetNames.ByRadiusAuthentication, + ParameterSetName = CortexParameterSetNames.ByVpnServerConfigurationResourceId, HelpMessage = "P2S External Radius server secret.")] public SecureString RadiusServerSecret { get; set; } [Parameter( Mandatory = false, - ParameterSetName = CortexParameterSetNames.ByVpnServerConfigurationName + CortexParameterSetNames.ByRadiusAuthentication, + ParameterSetName = CortexParameterSetNames.ByVpnServerConfigurationName, HelpMessage = "P2S External multiple radius servers.")] [Parameter( Mandatory = false, - ParameterSetName = CortexParameterSetNames.ByVpnServerConfigurationObject + CortexParameterSetNames.ByRadiusAuthentication, + ParameterSetName = CortexParameterSetNames.ByVpnServerConfigurationObject, HelpMessage = "P2S External multiple radius servers.")] [Parameter( Mandatory = false, - ParameterSetName = CortexParameterSetNames.ByVpnServerConfigurationResourceId + CortexParameterSetNames.ByRadiusAuthentication, + ParameterSetName = CortexParameterSetNames.ByVpnServerConfigurationResourceId, HelpMessage = "P2S External multiple radius servers.")] public PSRadiusServer[] RadiusServerList { get; set; } [Parameter( Mandatory = false, - ParameterSetName = CortexParameterSetNames.ByVpnServerConfigurationName + CortexParameterSetNames.ByRadiusAuthentication, + ParameterSetName = CortexParameterSetNames.ByVpnServerConfigurationName, HelpMessage = "A list of RadiusClientRootCertificate files' paths")] [Parameter( Mandatory = false, - ParameterSetName = CortexParameterSetNames.ByVpnServerConfigurationObject + CortexParameterSetNames.ByRadiusAuthentication, + ParameterSetName = CortexParameterSetNames.ByVpnServerConfigurationObject, HelpMessage = "A list of RadiusClientRootCertificate files' paths")] [Parameter( Mandatory = false, - ParameterSetName = CortexParameterSetNames.ByVpnServerConfigurationResourceId + CortexParameterSetNames.ByRadiusAuthentication, + ParameterSetName = CortexParameterSetNames.ByVpnServerConfigurationResourceId, HelpMessage = "A list of RadiusClientRootCertificate files' paths")] public string[] RadiusServerRootCertificateFilesList { get; set; } [Parameter( Mandatory = false, - ParameterSetName = CortexParameterSetNames.ByVpnServerConfigurationName + CortexParameterSetNames.ByRadiusAuthentication, + ParameterSetName = CortexParameterSetNames.ByVpnServerConfigurationName, HelpMessage = "A list of RadiusClientRootCertificate files' paths")] [Parameter( Mandatory = false, - ParameterSetName = CortexParameterSetNames.ByVpnServerConfigurationObject + CortexParameterSetNames.ByRadiusAuthentication, + ParameterSetName = CortexParameterSetNames.ByVpnServerConfigurationObject, HelpMessage = "A list of RadiusClientRootCertificate files' paths")] [Parameter( Mandatory = false, - ParameterSetName = CortexParameterSetNames.ByVpnServerConfigurationResourceId + CortexParameterSetNames.ByRadiusAuthentication, + ParameterSetName = CortexParameterSetNames.ByVpnServerConfigurationResourceId, HelpMessage = "A list of RadiusClientRootCertificate files' paths")] public string[] RadiusClientRootCertificateFilesList { get; set; } [Parameter( Mandatory = false, - ParameterSetName = CortexParameterSetNames.ByVpnServerConfigurationName + CortexParameterSetNames.ByAadAuthentication, + ParameterSetName = CortexParameterSetNames.ByVpnServerConfigurationName, HelpMessage = "AAD tenant for P2S AAD authentication.")] [Parameter( Mandatory = false, - ParameterSetName = CortexParameterSetNames.ByVpnServerConfigurationObject + CortexParameterSetNames.ByAadAuthentication, + ParameterSetName = CortexParameterSetNames.ByVpnServerConfigurationObject, HelpMessage = "AAD tenant for P2S AAD authentication.")] [Parameter( Mandatory = false, - ParameterSetName = CortexParameterSetNames.ByVpnServerConfigurationResourceId + CortexParameterSetNames.ByAadAuthentication, + ParameterSetName = CortexParameterSetNames.ByVpnServerConfigurationResourceId, HelpMessage = "AAD tenant for P2S AAD authentication.")] [ValidateNotNullOrEmpty] public string AadTenant { get; set; } [Parameter( Mandatory = false, - ParameterSetName = CortexParameterSetNames.ByVpnServerConfigurationName + CortexParameterSetNames.ByAadAuthentication, + ParameterSetName = CortexParameterSetNames.ByVpnServerConfigurationName, HelpMessage = "AAD audience for P2S AAD authentication.")] [Parameter( Mandatory = false, - ParameterSetName = CortexParameterSetNames.ByVpnServerConfigurationObject + CortexParameterSetNames.ByAadAuthentication, + ParameterSetName = CortexParameterSetNames.ByVpnServerConfigurationObject, HelpMessage = "AAD audience for P2S AAD authentication.")] [Parameter( Mandatory = false, - ParameterSetName = CortexParameterSetNames.ByVpnServerConfigurationResourceId + CortexParameterSetNames.ByAadAuthentication, + ParameterSetName = CortexParameterSetNames.ByVpnServerConfigurationResourceId, HelpMessage = "AAD audience for P2S AAD authentication.")] [ValidateNotNullOrEmpty] public string AadAudience { get; set; } [Parameter( Mandatory = false, - ParameterSetName = CortexParameterSetNames.ByVpnServerConfigurationName + CortexParameterSetNames.ByAadAuthentication, + ParameterSetName = CortexParameterSetNames.ByVpnServerConfigurationName, HelpMessage = "AAD issuer for P2S AAD authentication.")] [Parameter( Mandatory = false, - ParameterSetName = CortexParameterSetNames.ByVpnServerConfigurationObject + CortexParameterSetNames.ByAadAuthentication, + ParameterSetName = CortexParameterSetNames.ByVpnServerConfigurationObject, HelpMessage = "AAD issuer for P2S AAD authentication.")] [Parameter( Mandatory = false, - ParameterSetName = CortexParameterSetNames.ByVpnServerConfigurationResourceId + CortexParameterSetNames.ByAadAuthentication, + ParameterSetName = CortexParameterSetNames.ByVpnServerConfigurationResourceId, HelpMessage = "AAD issuer for P2S AAD authentication.")] [ValidateNotNullOrEmpty] public string AadIssuer { get; set; } @@ -373,8 +337,14 @@ public override void Execute() } } } + else + { + vpnServerConfigurationToUpdate.VpnClientRevokedCertificates = null; + vpnServerConfigurationToUpdate.VpnClientRootCertificates = null; + } + // VpnAuthenticationType = Radius related validations. - else if (vpnServerConfigurationToUpdate.VpnAuthenticationTypes.Contains(MNM.VpnAuthenticationType.Radius)) + if (vpnServerConfigurationToUpdate.VpnAuthenticationTypes.Contains(MNM.VpnAuthenticationType.Radius)) { if ((this.RadiusServerList != null && this.RadiusServerList.Count() > 0) && (this.RadiusServerAddress != null || this.RadiusServerSecret != null)) { @@ -440,8 +410,17 @@ public override void Execute() } } } + else + { + vpnServerConfigurationToUpdate.RadiusServerAddress = null; + vpnServerConfigurationToUpdate.RadiusServerSecret = null; + vpnServerConfigurationToUpdate.RadiusClientRootCertificates = null; + vpnServerConfigurationToUpdate.RadiusServerRootCertificates = null; + vpnServerConfigurationToUpdate.RadiusServers = null; + } + // VpnAuthenticationType = AAD related validations. - else if (vpnServerConfigurationToUpdate.VpnAuthenticationTypes.Contains(MNM.VpnAuthenticationType.AAD)) + if (vpnServerConfigurationToUpdate.VpnAuthenticationTypes.Contains(MNM.VpnAuthenticationType.AAD)) { if (vpnServerConfigurationToUpdate.AadAuthenticationParameters == null) { @@ -468,6 +447,12 @@ public override void Execute() vpnServerConfigurationToUpdate.AadAuthenticationParameters.AadIssuer = this.AadIssuer; } } + else + { + vpnServerConfigurationToUpdate.AadAuthenticationParameters.AadTenant = null; + vpnServerConfigurationToUpdate.AadAuthenticationParameters.AadIssuer = null; + vpnServerConfigurationToUpdate.AadAuthenticationParameters.AadAudience = null; + } ConfirmAction( Properties.Resources.SettingResourceMessage, diff --git a/src/Network/Network/Cortex/VpnServerConfiguration/VpnServerConfigurationBaseCmdlet.cs b/src/Network/Network/Cortex/VpnServerConfiguration/VpnServerConfigurationBaseCmdlet.cs index 4885634e7382..d4e8e44878f3 100644 --- a/src/Network/Network/Cortex/VpnServerConfiguration/VpnServerConfigurationBaseCmdlet.cs +++ b/src/Network/Network/Cortex/VpnServerConfiguration/VpnServerConfigurationBaseCmdlet.cs @@ -171,7 +171,7 @@ public PSVpnServerConfiguration CreateVpnServerConfigurationObject( } } // VpnAuthenticationType = Radius related validations. - else if (vpnAuthenticationType.Contains(MNM.VpnAuthenticationType.Radius)) + if (vpnAuthenticationType.Contains(MNM.VpnAuthenticationType.Radius)) { if (radiusServerAddress != null) { @@ -224,7 +224,7 @@ public PSVpnServerConfiguration CreateVpnServerConfigurationObject( } } // VpnAuthenticationType = AAD related validations. - else if (vpnAuthenticationType.Contains(MNM.VpnAuthenticationType.AAD)) + if (vpnAuthenticationType.Contains(MNM.VpnAuthenticationType.AAD)) { if (aadTenant == null || aadAudience == null || aadIssuer == null) {