Skip to content

Commit 8b6fd9b

Browse files
grizzlytheodoregrizzlytheodore
authored
Trusted Launch for VM/VMSS (#27260)
1 parent ccdd553 commit 8b6fd9b

25 files changed

+31353
-22715
lines changed

src/Compute/Compute.Test/ScenarioTests/VirtualMachineScaleSetTests.ps1

Lines changed: 23 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -3831,6 +3831,7 @@ function Test-VirtualMachineScaleSetConfidentialVMSSSecurityType
38313831
Assert-NotNull $vmssvms;
38323832
$vmssvm = Get-AzVmssvm -ResourceGroupName $rgname -VMScaleSetName $vmssName -InstanceId $vmssvms[0].InstanceId;
38333833
Assert-AreEqual $securityEncryptionType $vmssvm.StorageProfile.OsDIsk.ManagedDisk.SecurityProfile.SecurityEncryptionType;
3834+
38343835
}
38353836
finally
38363837
{
@@ -4466,7 +4467,7 @@ function Test-VirtualMachineScaleSetSecurityType
44664467
{
44674468
# Setup
44684469
$rgname = Get-ComputeTestResourceName;
4469-
$loc = Get-ComputeVMLocation;
4470+
$loc = "eastus2euap";
44704471

44714472
try
44724473
{
@@ -4534,6 +4535,17 @@ function Test-VirtualMachineScaleSetSecurityType
45344535
Assert-AreEqual $vmssGet.VirtualMachineProfile.SecurityProfile.UefiSettings.SecureBootEnabled $true;
45354536
# Vmss Identity is now in fact only UserAssigned as expected.
45364537

4538+
4539+
# Update SecurityType to Standard.
4540+
Stop-Azvmss -ResourceGroupName $rgname -Name $vmssName2 -Force
4541+
Update-AzVmss -ResourceGroupName $rgname -Name $vmssName2 -SecurityType "Standard"
4542+
Start-AzVmss -ResourceGroupName $rgname -Name $vmssName2
4543+
$updated_vmss = Get-AzVmss -ResourceGroupName $rgname -Name $vmssName2;
4544+
4545+
Assert-Null $updated_vmss.VirtualMAchineProfile.SecurityProfile.SecurityType;
4546+
Assert-Null $updated_vmss.VirtualMAchineProfile.SecurityProfile.UefiSettings;
4547+
Assert-Null $updated_vmss.VirtualMAchineProfile.SecurityProfile.SecurityType;
4548+
45374549
# Guest Attestation extension defaulting test
45384550
# Removed this portion as this logic was removed as per feature team request.
45394551
<#
@@ -4570,7 +4582,7 @@ function Test-VirtualMachineScaleSetSecurityTypeWithoutConfig
45704582
{
45714583
# Setup
45724584
$rgname = Get-ComputeTestResourceName;
4573-
$loc = Get-ComputeVMLocation;
4585+
$loc = "westus2";
45744586

45754587
try
45764588
{
@@ -4648,7 +4660,7 @@ function Test-VirtualMachineScaleSetSecurityTypeStandard
46484660
{
46494661
# Setup
46504662
$rgname = Get-ComputeTestResourceName;
4651-
$loc = Get-ComputeVMLocation;
4663+
$loc = "westus2";
46524664

46534665
try
46544666
{
@@ -4690,7 +4702,7 @@ function Test-VirtualMachineScaleSetSecurityTypeStandardWithConfig
46904702
{
46914703
# Setup
46924704
$rgname = Get-ComputeTestResourceName;
4693-
$loc = Get-ComputeVMLocation;
4705+
$loc = "westus2";
46944706

46954707
try
46964708
{
@@ -4831,7 +4843,7 @@ function Test-VirtualMachineScaleSetSecurityTypeWithoutConfigUpdate
48314843
{
48324844
# Setup
48334845
$rgname = Get-ComputeTestResourceName;
4834-
$loc = Get-ComputeVMLocation;
4846+
$loc = "westus2";
48354847

48364848
try
48374849
{
@@ -4886,7 +4898,7 @@ function Test-VirtualMachineScaleSetSecurityTypeUpdate
48864898
{
48874899
# Setup
48884900
$rgname = Get-ComputeTestResourceName;
4889-
$loc = Get-ComputeVMLocation;
4901+
$loc = "westus2";
48904902

48914903
try
48924904
{
@@ -4967,7 +4979,7 @@ function Test-VirtualMachineScaleSetSecurityTypeDefaulting
49674979
{
49684980
# Setup
49694981
$rgname = Get-ComputeTestResourceName;
4970-
$loc = Get-ComputeVMLocation;
4982+
$loc = "westus2";
49714983

49724984
try
49734985
{
@@ -5046,7 +5058,7 @@ function Test-VirtualMachineScaleSetSecurityTypeDefaultingFromImage
50465058
{
50475059
# Setup
50485060
$rgname = Get-ComputeTestResourceName;
5049-
$loc = Get-ComputeVMLocation;
5061+
$loc = "westus2";
50505062

50515063
try
50525064
{
@@ -5209,7 +5221,7 @@ function Test-VirtualMachineScaleSetSecurityTypeNoVMProfile
52095221
{
52105222
# Setup
52115223
$rgname = Get-ComputeTestResourceName;
5212-
$loc = Get-ComputeVMLocation;
5224+
$loc = "westus2";
52135225

52145226
try
52155227
{
@@ -5241,7 +5253,7 @@ function Test-VirtualMachineScaleSetSecurityTypeAndFlexDefaults
52415253
{
52425254
# Setup
52435255
$rgname = Get-ComputeTestResourceName;
5244-
$loc = Get-ComputeVMLocation;
5256+
$loc = "westus2";
52455257

52465258
try
52475259
{
@@ -5283,7 +5295,7 @@ function Test-VirtualMachineScaleSetDefaultImgWhenStandard
52835295
{
52845296
# Setup
52855297
$rgname = Get-ComputeTestResourceName;
5286-
$loc = Get-ComputeVMLocation;
5298+
$loc = "westus2";
52875299

52885300
try
52895301
{

src/Compute/Compute.Test/ScenarioTests/VirtualMachineTests.ps1

Lines changed: 18 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -6705,7 +6705,7 @@ function Test-VirtualMachineSecurityType
67056705
{
67066706
# Setup
67076707
$rgname = Get-ComputeTestResourceName;
6708-
$loc = Get-ComputeVMLocation;
6708+
$loc = "westus2";
67096709

67106710
try
67116711
{
@@ -6820,7 +6820,7 @@ function Test-VirtualMachineSecurityTypeWithoutConfig
68206820
{
68216821
# Setup
68226822
$rgname = Get-ComputeTestResourceName;
6823-
$loc = Get-ComputeVMLocation;
6823+
$loc = "eastus2euap";
68246824
try
68256825
{
68266826
New-AzResourceGroup -Name $rgname -Location $loc -Force;
@@ -6864,6 +6864,16 @@ function Test-VirtualMachineSecurityTypeWithoutConfig
68646864

68656865
Assert-AreEqual $updated_vm.SecurityProfile.UefiSettings.VTpmEnabled $true;
68666866

6867+
# Update SecurityType to Standard. Errors - Changing property 'securityProfile.securityType' is not allowed.
6868+
Stop-AzVM -ResourceGroupName $rgname -Name $vmname2 -Force
6869+
Update-AzVm -ResourceGroupName $rgname -VM $res -SecurityType "Standard"
6870+
Start-AzVM -ResourceGroupName $rgname -Name $vmname2
6871+
$updated_vm = Get-AzVM -ResourceGroupName $rgname -Name $vmname2;
6872+
6873+
Assert-Null $updated_vm.SecurityProfile.SecurityType;
6874+
Assert-Null $updated_vm.SecurityProfile.UefiSettings;
6875+
Assert-Null $updated_vm.SecurityProfile.SecurityType;
6876+
68676877
# validate GA extension
68686878
# We removed this logic as per request fro the feature team.
68696879
# Keeping this code here as this may be added back in the future.
@@ -6895,7 +6905,7 @@ function Test-VirtualMachineSecurityTypeStandard
68956905
{
68966906
# Setup
68976907
$rgname = Get-ComputeTestResourceName;
6898-
$loc = Get-ComputeVMLocation;
6908+
$loc = "Westus2"
68996909
try
69006910
{
69016911
New-AzResourceGroup -Name $rgname -Location $loc -Force;
@@ -6918,7 +6928,10 @@ function Test-VirtualMachineSecurityTypeStandard
69186928
New-AzVM -ResourceGroupName $rgname -Location $loc -Name $vmname1 -Credential $cred -Size $vmsize -Image $imageName -DomainNameLabel $domainNameLabel1 -SecurityType $securityTypeStnd;
69196929
# Verify security value
69206930
$vm1 = Get-AzVM -ResourceGroupName $rgname -Name $vmname1;
6931+
6932+
# VM Gets created with SecurityType: Standard but response has securityProfile null
69216933
Assert-Null $vm1.SecurityProfile;
6934+
#Assert-AreEqual $vm1.SecurityProfile.SecurityType "Standard";
69226935

69236936
# validate GA extension is not installed by default.
69246937
$extDefaultName = "GuestAttestation";
@@ -7010,7 +7023,7 @@ function Test-VMDefaultsToTrustedLaunch
70107023
{
70117024
# Setup
70127025
$rgname = Get-ComputeTestResourceName;
7013-
$loc = Get-ComputeVMLocation;
7026+
$loc = "westus2"
70147027

70157028
try
70167029
{
@@ -7267,7 +7280,7 @@ function Test-VMDefaultsToTrustedLaunchWithNullEncryptionAtHost
72677280
{
72687281
# Setup
72697282
$rgname = Get-ComputeTestResourceName;
7270-
$loc = Get-ComputeVMLocation;
7283+
$loc = "westus2"
72717284

72727285
try
72737286
{

src/Compute/Compute.Test/SessionRecords/Microsoft.Azure.Commands.Compute.Test.ScenarioTests.VirtualMachineScaleSetTests/TestVirtualMachineScaleSetDefaultImgWhenStandard.json

Lines changed: 833 additions & 1037 deletions
Large diffs are not rendered by default.

src/Compute/Compute.Test/SessionRecords/Microsoft.Azure.Commands.Compute.Test.ScenarioTests.VirtualMachineScaleSetTests/TestVirtualMachineScaleSetSecurityType.json

Lines changed: 11684 additions & 1275 deletions
Large diffs are not rendered by default.

src/Compute/Compute.Test/SessionRecords/Microsoft.Azure.Commands.Compute.Test.ScenarioTests.VirtualMachineScaleSetTests/TestVirtualMachineScaleSetSecurityTypeAndFlexDefaults.json

Lines changed: 1389 additions & 687 deletions
Large diffs are not rendered by default.

src/Compute/Compute.Test/SessionRecords/Microsoft.Azure.Commands.Compute.Test.ScenarioTests.VirtualMachineScaleSetTests/TestVirtualMachineScaleSetSecurityTypeDefaulting.json

Lines changed: 1771 additions & 2686 deletions
Large diffs are not rendered by default.

src/Compute/Compute.Test/SessionRecords/Microsoft.Azure.Commands.Compute.Test.ScenarioTests.VirtualMachineScaleSetTests/TestVirtualMachineScaleSetSecurityTypeDefaultingFromImage.json

Lines changed: 1078 additions & 1360 deletions
Large diffs are not rendered by default.

src/Compute/Compute.Test/SessionRecords/Microsoft.Azure.Commands.Compute.Test.ScenarioTests.VirtualMachineScaleSetTests/TestVirtualMachineScaleSetSecurityTypeNoVMProfile.json

Lines changed: 173 additions & 197 deletions
Large diffs are not rendered by default.

src/Compute/Compute.Test/SessionRecords/Microsoft.Azure.Commands.Compute.Test.ScenarioTests.VirtualMachineScaleSetTests/TestVirtualMachineScaleSetSecurityTypeStandard.json

Lines changed: 951 additions & 699 deletions
Large diffs are not rendered by default.

src/Compute/Compute.Test/SessionRecords/Microsoft.Azure.Commands.Compute.Test.ScenarioTests.VirtualMachineScaleSetTests/TestVirtualMachineScaleSetSecurityTypeStandardWithConfig.json

Lines changed: 1533 additions & 835 deletions
Large diffs are not rendered by default.

0 commit comments

Comments
 (0)