From 075cb51fb353fec9648590cc1db565ddf3443d88 Mon Sep 17 00:00:00 2001 From: Ritvika Nagula Date: Tue, 3 Mar 2020 09:57:36 -0800 Subject: [PATCH 1/6] pass custom headers for cross tenant hubvnet conn --- ...AzureRmHubVirtualNetworkConnectionCommand.cs | 12 +++++++++++- .../Cortex/VirtualHub/VirtualHubBaseCmdlet.cs | 17 +++++++++++++++-- 2 files changed, 26 insertions(+), 3 deletions(-) diff --git a/src/Network/Network/Cortex/HubVnetConnection/NewAzureRmHubVirtualNetworkConnectionCommand.cs b/src/Network/Network/Cortex/HubVnetConnection/NewAzureRmHubVirtualNetworkConnectionCommand.cs index d0c3b586dc3d..3fb771068df3 100644 --- a/src/Network/Network/Cortex/HubVnetConnection/NewAzureRmHubVirtualNetworkConnectionCommand.cs +++ b/src/Network/Network/Cortex/HubVnetConnection/NewAzureRmHubVirtualNetworkConnectionCommand.cs @@ -137,7 +137,8 @@ public class NewHubVirtualNetworkConnectionCommand : HubVnetConnectionBaseCmdlet public override void Execute() { base.Execute(); - + Dictionary> auxAuthHeader = null; + if (ParameterSetName.Contains(CortexParameterSetNames.ByVirtualHubObject)) { this.ResourceGroupName = this.ParentObject.ResourceGroupName; @@ -182,6 +183,14 @@ public override void Execute() parentVirtualHub.VirtualNetworkConnections = new List(); } + List resourceIds = new List(); + resourceIds.Add(hubVnetConnection.RemoteVirtualNetwork.Id); + var auxHeaderDictionary = GetAuxilaryAuthHeaderFromResourceIds(resourceIds); + if (auxHeaderDictionary != null && auxHeaderDictionary.Count > 0) + { + auxAuthHeader = new Dictionary>(auxHeaderDictionary); + } + parentVirtualHub.VirtualNetworkConnections.Add(hubVnetConnection); ConfirmAction( @@ -190,6 +199,7 @@ public override void Execute() () => { WriteVerbose(String.Format(Properties.Resources.CreatingLongRunningOperationMessage, this.ResourceGroupName, this.Name)); + this.VirtualHubClient.CreateOrUpdateWithHttpMessagesAsync(this.ResourceGroupName, this.ParentResourceName, ) this.CreateOrUpdateVirtualHub(this.ResourceGroupName, this.ParentResourceName, parentVirtualHub, parentVirtualHub.Tag); var createdVirtualHub = this.GetVirtualHub(this.ResourceGroupName, this.ParentResourceName); diff --git a/src/Network/Network/Cortex/VirtualHub/VirtualHubBaseCmdlet.cs b/src/Network/Network/Cortex/VirtualHub/VirtualHubBaseCmdlet.cs index a47915fcec4d..9f8b4b944fd2 100644 --- a/src/Network/Network/Cortex/VirtualHub/VirtualHubBaseCmdlet.cs +++ b/src/Network/Network/Cortex/VirtualHub/VirtualHubBaseCmdlet.cs @@ -71,13 +71,26 @@ public bool IsVirtualHubPresent(string resourceGroupName, string name) return psVirtualHub == null ? false : true; } - public PSVirtualHub CreateOrUpdateVirtualHub(string resourceGroupName, string virtualHubName, PSVirtualHub virtualHub, Hashtable tags) + public PSVirtualHub CreateOrUpdateVirtualHub(string resourceGroupName, string virtualHubName, PSVirtualHub virtualHub, Hashtable tags, Dictionary> customHeaders = null) { var virtualHubModel = NetworkResourceManagerProfile.Mapper.Map(virtualHub); virtualHubModel.Location = virtualHub.Location; virtualHubModel.Tags = TagsConversionHelper.CreateTagDictionary(tags, validate: true); + MNM.VirtualHub virtualHubCreatedOrUpdated; + + if (customHeaders == null) + { + virtualHubCreatedOrUpdated = this.VirtualHubClient.CreateOrUpdate(resourceGroupName, virtualHubName, virtualHubModel); + } + else + { + // Execute the create call and pass the custom headers. + using (var _result = this.VirtualHubClient.CreateOrUpdateWithHttpMessagesAsync(resourceGroupName, virtualHubName, virtualHubModel, customHeaders).GetAwaiter().GetResult()) + { + virtualHubCreatedOrUpdated = _result.Body; + } + } - var virtualHubCreatedOrUpdated = this.VirtualHubClient.CreateOrUpdate(resourceGroupName, virtualHubName, virtualHubModel); PSVirtualHub hubToReturn = this.ToPsVirtualHub(virtualHubCreatedOrUpdated); hubToReturn.ResourceGroupName = resourceGroupName; From 4783191f593be41d1a95ed1fb2e3f172d20824e8 Mon Sep 17 00:00:00 2001 From: Ritvika Nagula Date: Tue, 3 Mar 2020 09:59:32 -0800 Subject: [PATCH 2/6] remove extra line --- .../NewAzureRmHubVirtualNetworkConnectionCommand.cs | 1 - 1 file changed, 1 deletion(-) diff --git a/src/Network/Network/Cortex/HubVnetConnection/NewAzureRmHubVirtualNetworkConnectionCommand.cs b/src/Network/Network/Cortex/HubVnetConnection/NewAzureRmHubVirtualNetworkConnectionCommand.cs index 3fb771068df3..a1a502377d18 100644 --- a/src/Network/Network/Cortex/HubVnetConnection/NewAzureRmHubVirtualNetworkConnectionCommand.cs +++ b/src/Network/Network/Cortex/HubVnetConnection/NewAzureRmHubVirtualNetworkConnectionCommand.cs @@ -199,7 +199,6 @@ public override void Execute() () => { WriteVerbose(String.Format(Properties.Resources.CreatingLongRunningOperationMessage, this.ResourceGroupName, this.Name)); - this.VirtualHubClient.CreateOrUpdateWithHttpMessagesAsync(this.ResourceGroupName, this.ParentResourceName, ) this.CreateOrUpdateVirtualHub(this.ResourceGroupName, this.ParentResourceName, parentVirtualHub, parentVirtualHub.Tag); var createdVirtualHub = this.GetVirtualHub(this.ResourceGroupName, this.ParentResourceName); From ca867e16c0dfd3bb50ad50382bcd9293725a4629 Mon Sep 17 00:00:00 2001 From: Ritvika Nagula Date: Tue, 3 Mar 2020 12:30:37 -0800 Subject: [PATCH 3/6] pass auth headers from both cmdlets --- .../NewAzureRmHubVirtualNetworkConnectionCommand.cs | 2 +- ...UpdateAzureRmHubVirtualNetworkConnectionCommand.cs | 11 ++++++++++- 2 files changed, 11 insertions(+), 2 deletions(-) diff --git a/src/Network/Network/Cortex/HubVnetConnection/NewAzureRmHubVirtualNetworkConnectionCommand.cs b/src/Network/Network/Cortex/HubVnetConnection/NewAzureRmHubVirtualNetworkConnectionCommand.cs index a1a502377d18..1c45c3d62ddb 100644 --- a/src/Network/Network/Cortex/HubVnetConnection/NewAzureRmHubVirtualNetworkConnectionCommand.cs +++ b/src/Network/Network/Cortex/HubVnetConnection/NewAzureRmHubVirtualNetworkConnectionCommand.cs @@ -199,7 +199,7 @@ public override void Execute() () => { WriteVerbose(String.Format(Properties.Resources.CreatingLongRunningOperationMessage, this.ResourceGroupName, this.Name)); - this.CreateOrUpdateVirtualHub(this.ResourceGroupName, this.ParentResourceName, parentVirtualHub, parentVirtualHub.Tag); + this.CreateOrUpdateVirtualHub(this.ResourceGroupName, this.ParentResourceName, parentVirtualHub, parentVirtualHub.Tag, auxAuthHeader); var createdVirtualHub = this.GetVirtualHub(this.ResourceGroupName, this.ParentResourceName); WriteObject(createdVirtualHub.VirtualNetworkConnections.FirstOrDefault(hubConnection => hubConnection.Name.Equals(this.Name, StringComparison.OrdinalIgnoreCase))); diff --git a/src/Network/Network/Cortex/HubVnetConnection/UpdateAzureRmHubVirtualNetworkConnectionCommand.cs b/src/Network/Network/Cortex/HubVnetConnection/UpdateAzureRmHubVirtualNetworkConnectionCommand.cs index ebb44aa87d5e..8d4999c8ecda 100644 --- a/src/Network/Network/Cortex/HubVnetConnection/UpdateAzureRmHubVirtualNetworkConnectionCommand.cs +++ b/src/Network/Network/Cortex/HubVnetConnection/UpdateAzureRmHubVirtualNetworkConnectionCommand.cs @@ -89,6 +89,7 @@ public class UpdateAzureRmHubVirtualNetworkConnectionCommand : HubVnetConnection public override void Execute() { base.Execute(); + Dictionary> auxAuthHeader = null; //// Resolve the VirtualHub if (ParameterSetName.Equals(CortexParameterSetNames.ByHubVirtualNetworkConnectionObject, StringComparison.OrdinalIgnoreCase)) @@ -127,12 +128,20 @@ public override void Execute() connectionToModify.EnableInternetSecurity = this.EnableInternetSecurity.Value; } + List resourceIds = new List(); + resourceIds.Add(connectionToModify.RemoteVirtualNetwork.Id); + var auxHeaderDictionary = GetAuxilaryAuthHeaderFromResourceIds(resourceIds); + if (auxHeaderDictionary != null && auxHeaderDictionary.Count > 0) + { + auxAuthHeader = new Dictionary>(auxHeaderDictionary); + } + ConfirmAction( Properties.Resources.SettingResourceMessage, this.Name, () => { - this.CreateOrUpdateVirtualHub(this.ResourceGroupName, this.ParentResourceName, parentVirtualHub, parentVirtualHub.Tag); + this.CreateOrUpdateVirtualHub(this.ResourceGroupName, this.ParentResourceName, parentVirtualHub, parentVirtualHub.Tag, auxAuthHeader); var updatedVirtualHub = this.GetVirtualHub(this.ResourceGroupName, this.ParentResourceName); WriteObject(updatedVirtualHub.VirtualNetworkConnections.FirstOrDefault(hubConnection => hubConnection.Name.Equals(this.Name, StringComparison.OrdinalIgnoreCase))); From 2e89d39088f602bc8f4604a7e896a1081e5cf858 Mon Sep 17 00:00:00 2001 From: Ritvika Nagula Date: Wed, 4 Mar 2020 16:19:27 -0800 Subject: [PATCH 4/6] update virtualhub cmdlets also --- .../VirtualHub/NewAzureRmVirtualHubCommand.cs | 17 ++++++++++++++++- .../UpdateAzureRmVirtualHubCommand.cs | 17 ++++++++++++++++- 2 files changed, 32 insertions(+), 2 deletions(-) diff --git a/src/Network/Network/Cortex/VirtualHub/NewAzureRmVirtualHubCommand.cs b/src/Network/Network/Cortex/VirtualHub/NewAzureRmVirtualHubCommand.cs index b8e0733ef5d8..f8ad686f28d7 100644 --- a/src/Network/Network/Cortex/VirtualHub/NewAzureRmVirtualHubCommand.cs +++ b/src/Network/Network/Cortex/VirtualHub/NewAzureRmVirtualHubCommand.cs @@ -107,6 +107,7 @@ public class NewAzureRmVirtualHubCommand : VirtualHubBaseCmdlet public override void Execute() { base.Execute(); + Dictionary> auxAuthHeader = null; if (this.IsVirtualHubPresent(this.ResourceGroupName, this.Name)) { @@ -155,6 +156,19 @@ public override void Execute() if (this.HubVnetConnection != null) { virtualHub.VirtualNetworkConnections.AddRange(this.HubVnetConnection); + + // get auth headers for cross-tenant hubvnet conn + List resourceIds = new List(); + foreach (var connection in this.HubVnetConnection) + { + resourceIds.Add(connection.RemoteVirtualNetwork.Id); + } + + var auxHeaderDictionary = GetAuxilaryAuthHeaderFromResourceIds(resourceIds); + if (auxHeaderDictionary != null && auxHeaderDictionary.Count > 0) + { + auxAuthHeader = new Dictionary>(auxHeaderDictionary); + } } virtualHub.RouteTable = this.RouteTable; @@ -169,7 +183,8 @@ public override void Execute() this.ResourceGroupName, this.Name, virtualHub, - this.Tag)); + this.Tag, + auxAuthHeader)); }); } } diff --git a/src/Network/Network/Cortex/VirtualHub/UpdateAzureRmVirtualHubCommand.cs b/src/Network/Network/Cortex/VirtualHub/UpdateAzureRmVirtualHubCommand.cs index 47d4606ad12e..cf656b9c41e6 100644 --- a/src/Network/Network/Cortex/VirtualHub/UpdateAzureRmVirtualHubCommand.cs +++ b/src/Network/Network/Cortex/VirtualHub/UpdateAzureRmVirtualHubCommand.cs @@ -107,6 +107,7 @@ public override void Execute() { base.Execute(); PSVirtualHub virtualHubToUpdate = null; + Dictionary> auxAuthHeader = null; if (ParameterSetName.Equals(CortexParameterSetNames.ByVirtualHubObject, StringComparison.OrdinalIgnoreCase)) { @@ -142,6 +143,19 @@ public override void Execute() { virtualHubToUpdate.VirtualNetworkConnections = new List(); virtualHubToUpdate.VirtualNetworkConnections.AddRange(this.HubVnetConnection); + + // get auth headers for cross-tenant hubvnet conn + List resourceIds = new List(); + foreach (var connection in this.HubVnetConnection) + { + resourceIds.Add(connection.RemoteVirtualNetwork.Id); + } + + var auxHeaderDictionary = GetAuxilaryAuthHeaderFromResourceIds(resourceIds); + if (auxHeaderDictionary != null && auxHeaderDictionary.Count > 0) + { + auxAuthHeader = new Dictionary>(auxHeaderDictionary); + } } //// VirtualHubRouteTable @@ -166,7 +180,8 @@ public override void Execute() this.ResourceGroupName, this.Name, virtualHubToUpdate, - this.Tag)); + this.Tag, + auxAuthHeader)); }); } } From 998bf6d399a06f69dc1f0e62b2fc23f8b778a492 Mon Sep 17 00:00:00 2001 From: Ritvika Nagula Date: Thu, 5 Mar 2020 08:27:53 -0800 Subject: [PATCH 5/6] updated changelog --- src/Network/Network/ChangeLog.md | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/src/Network/Network/ChangeLog.md b/src/Network/Network/ChangeLog.md index b54497d1e5fe..782aa0136eaf 100644 --- a/src/Network/Network/ChangeLog.md +++ b/src/Network/Network/ChangeLog.md @@ -26,6 +26,11 @@ * Added Packet Capture example for capture all inner and outer packets in Start-AzVirtualNetworkGatewayConnectionPacketCapture.md and Start-AzVirtualnetworkGatewayPacketCapture.md. * Supported Azure Firewall Policy on VNet Firewalls - No new cmdlets are added. Relaxing the restriction for firewall policy on VNet firewalls +* Updated cmdlets to allow cross-tenant VirtualHubVnetConnections + - New-AzVirtualHubVnetConnection + - Update-AzVirtualHubVnetConnection + - New-AzVirtualHub + - Update-AzVirtualHub ## Version 2.3.0 * New example added to Set-AzNetworkWatcherConfigFlowLog.md to demonstrate Traffic Analytics disable scenario. From 422a33d69ce3c02df94a8de7ccb571cf864fe7bd Mon Sep 17 00:00:00 2001 From: Ritvika Nagula Date: Thu, 5 Mar 2020 08:30:27 -0800 Subject: [PATCH 6/6] updated changelog for upcoming release --- src/Network/Network/ChangeLog.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/src/Network/Network/ChangeLog.md b/src/Network/Network/ChangeLog.md index 782aa0136eaf..400f9bc98281 100644 --- a/src/Network/Network/ChangeLog.md +++ b/src/Network/Network/ChangeLog.md @@ -19,6 +19,11 @@ ---> ## Upcoming Release +* Updated cmdlets to allow cross-tenant VirtualHubVnetConnections + - New-AzVirtualHubVnetConnection + - Update-AzVirtualHubVnetConnection + - New-AzVirtualHub + - Update-AzVirtualHub ## Version 2.3.1 * Added one extra parameter note for parameter `-EnableProxyProtocol` for `New-AzPrivateLinkService` cmdlet. @@ -26,11 +31,6 @@ * Added Packet Capture example for capture all inner and outer packets in Start-AzVirtualNetworkGatewayConnectionPacketCapture.md and Start-AzVirtualnetworkGatewayPacketCapture.md. * Supported Azure Firewall Policy on VNet Firewalls - No new cmdlets are added. Relaxing the restriction for firewall policy on VNet firewalls -* Updated cmdlets to allow cross-tenant VirtualHubVnetConnections - - New-AzVirtualHubVnetConnection - - Update-AzVirtualHubVnetConnection - - New-AzVirtualHub - - Update-AzVirtualHub ## Version 2.3.0 * New example added to Set-AzNetworkWatcherConfigFlowLog.md to demonstrate Traffic Analytics disable scenario.