Recoveryservices Powershell module changes for get vault credential file

src/RecoveryServices/RecoveryServices.Backup.ServiceClientAdapter/RecoveryServices.Backup.ServiceClientAdapter.csproj

@@ -12,7 +12,7 @@
   </PropertyGroup>
 
   <ItemGroup>
-	  <PackageReference Include="Microsoft.Azure.Management.RecoveryServices" Version="4.3.2-preview" />
+	  <PackageReference Include="Microsoft.Azure.Management.RecoveryServices" Version="4.3.3-preview" />
 	  <PackageReference Include="Microsoft.Azure.Management.RecoveryServices.Backup" Version="4.2.0-preview" />
 	  <PackageReference Include="System.Configuration.ConfigurationManager" Version="4.4.1" />
   </ItemGroup>

src/RecoveryServices/RecoveryServices.Backup.Test/RecoveryServices.Backup.Test.csproj

@@ -13,7 +13,7 @@
   <ItemGroup>
     <PackageReference Include="Microsoft.Azure.Management.Compute" Version="49.2.0" />
     <PackageReference Include="Microsoft.Azure.Management.Network" Version="21.0.0" />
-    <PackageReference Include="Microsoft.Azure.Management.RecoveryServices" Version="4.3.2-preview" />
+    <PackageReference Include="Microsoft.Azure.Management.RecoveryServices" Version="4.3.3-preview" />
     <PackageReference Include="Microsoft.Azure.Management.RecoveryServices.Backup" Version="4.2.0-preview" />
   </ItemGroup>
 

src/RecoveryServices/RecoveryServices.Backup/RecoveryServices.Backup.csproj

@@ -12,7 +12,7 @@
   </PropertyGroup>
 
   <ItemGroup>
-	  <PackageReference Include="Microsoft.Azure.Management.RecoveryServices" Version="4.3.2-preview" />
+	  <PackageReference Include="Microsoft.Azure.Management.RecoveryServices" Version="4.3.3-preview" />
 	  <PackageReference Include="Microsoft.Azure.Management.RecoveryServices.Backup" Version="4.2.0-preview" />
   </ItemGroup>
 

src/RecoveryServices/RecoveryServices.SiteRecovery.Test/RecoveryServices.SiteRecovery.Test.csproj

@@ -13,7 +13,7 @@
   <ItemGroup>
     <PackageReference Include="Microsoft.Azure.Management.Compute" Version="49.2.0" />
     <PackageReference Include="Microsoft.Azure.Management.Network" Version="21.0.0" />
-    <PackageReference Include="Microsoft.Azure.Management.RecoveryServices" Version="4.3.2-preview" />
+    <PackageReference Include="Microsoft.Azure.Management.RecoveryServices" Version="4.3.3-preview" />
     <PackageReference Include="Microsoft.Azure.Management.RecoveryServices.Backup" Version="4.2.0-preview" />
     <PackageReference Include="Microsoft.Azure.Management.Storage" Version="14.3.0" />
     <PackageReference Include="Microsoft.Azure.Management.RecoveryServices.SiteRecovery" Version="2.1.6-preview" />

src/RecoveryServices/RecoveryServices.SiteRecovery/RecoveryServices.SiteRecovery.csproj

@@ -13,7 +13,7 @@
 
   <ItemGroup>
     <PackageReference Include="AutoMapper" Version="6.2.2" />
-    <PackageReference Include="Microsoft.Azure.Management.RecoveryServices" Version="4.3.2-preview" />
+    <PackageReference Include="Microsoft.Azure.Management.RecoveryServices" Version="4.3.3-preview" />
     <PackageReference Include="Microsoft.Azure.Management.RecoveryServices.SiteRecovery" Version="2.1.6-preview" />
   </ItemGroup>
 

src/RecoveryServices/RecoveryServices.Test/RecoveryServices.Test.csproj

@@ -11,7 +11,7 @@
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="Microsoft.Azure.Management.RecoveryServices" Version="4.3.2-preview" />
+    <PackageReference Include="Microsoft.Azure.Management.RecoveryServices" Version="4.3.3-preview" />
 	<PackageReference Include="Microsoft.Azure.Management.RecoveryServices.Backup" Version="4.2.0-preview" />
   </ItemGroup>
 

src/RecoveryServices/RecoveryServices/Models/RSBackupVaultAADCreds.cs

@@ -86,21 +86,27 @@ public class RSBackupVaultAADCreds
         public string AadTenantId { get; set; }
 
         /// <summary>
-        /// Gets or sets the Service Principal Client Id.
+        /// Gets or sets the values for AadAudience.
         /// </summary>
         [DataMember(Order = 11)]
+        public string AadAudience { get; set; }
+
+        /// <summary>
+        /// Gets or sets the Service Principal Client Id.
+        /// </summary>
+        [DataMember(Order = 12)]
         public string ServicePrincipalClientId { get; set; }
 
         /// <summary>
         /// Gets or sets the Id Management Endpoint.
         /// </summary>
-        [DataMember(Order = 12)]
+        [DataMember(Order = 13)]
         public string IdMgmtRestEndpoint { get; set; }
 
         /// <summary>
         /// Gets or sets the agent links
         /// </summary>
-        [DataMember(Order = 13)]
+        [DataMember(Order = 14)]
         public string AgentLinks { get; set; }
     }
 }

src/RecoveryServices/RecoveryServices/RecoveryServices.csproj

@@ -11,7 +11,7 @@
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="Microsoft.Azure.Management.RecoveryServices" Version="4.3.2-preview" />
+    <PackageReference Include="Microsoft.Azure.Management.RecoveryServices" Version="4.3.3-preview" />
 	<PackageReference Include="Microsoft.Azure.Management.RecoveryServices.Backup" Version="4.2.0-preview" />
     <PackageReference Include="System.Security.Cryptography.Cng" Version="4.4.0" />
   </ItemGroup>

src/RecoveryServices/RecoveryServices/Vault/GetAzureRMRecoveryServicesVaultSettingsFile.cs

@@ -235,25 +235,16 @@ private void GetBackupCredentialsWithCertificate(string certificate)
             {
                 // Upload cert into ID Mgmt
                 WriteDebug(string.Format(CultureInfo.InvariantCulture, Resources.UploadingCertToIdmgmt));
-                X509Certificate2 x509 = new X509Certificate2();
-                byte[] data = Convert.FromBase64String(certificate);
-                x509.Import(data);
-                var bytes = x509.RawData;
-                var certificateArgs = new CertificateRequest
-                {
-                    Properties = new RawCertificateData {Certificate = bytes, AuthType = AuthType.AAD}
-                };
-
 
                 var dateString = DateTime.Now.ToString("M-d-yyyy");
 
-                var friendlyName = string.Format("{0}{1}-{2}-vaultcredentials", Vault.Name, subscriptionId, dateString);
+                var friendlyName = string.Format("CN={0}{1}-{2}-vaultcredentials", Vault.Name, subscriptionId, dateString);
 
                 vaultCertificateResponse = RecoveryServicesClient.GetRecoveryServicesClient.VaultCertificates.CreateWithHttpMessagesAsync(
                     Vault.ResourceGroupName,
                     Vault.Name,
                     friendlyName,
-                    certificateArgs.Properties,
+                    null,
                     RecoveryServicesClient.GetRequestHeaders()).Result.Body;
                 WriteDebug(string.Format(CultureInfo.InvariantCulture, Resources.UploadedCertToIdmgmt));
             }
@@ -263,7 +254,7 @@ private void GetBackupCredentialsWithCertificate(string certificate)
             }
 
             // generate vault credentials
-            var vaultCredsFileContent = GenerateVaultCredsForBackup(certificate, subscriptionId, vaultCertificateResponse);
+            var vaultCredsFileContent = GenerateVaultCredsForBackup(subscriptionId, vaultCertificateResponse);
 
             // NOTE: One of the scenarios for this cmdlet is to generate a file which will be an input 
             //       to DPM servers. 
@@ -307,28 +298,18 @@ private void GetSiteRecoveryCredentialsWithCertificate(string certificate)
                 var fullFilePath = System.IO.Path.Combine(filePath, fileName);
                 // Upload cert into ID Mgmt
                 WriteDebug(string.Format(CultureInfo.InvariantCulture, Resources.UploadingCertToIdmgmt));
-                X509Certificate2 x509 = new X509Certificate2();
-                byte[] data = Convert.FromBase64String(certificate);
-                x509.Import(data);
-                var bytes = x509.RawData;
-                var certificateArgs = new CertificateRequest
-                {
-                    Properties = new RawCertificateData {Certificate = bytes, AuthType = AuthType.AAD}
-                };
 
                 var dateString = DateTime.Now.ToString("M-d-yyyy");
-
-                var friendlyName = string.Format("{0}{1}-{2}-vaultcredentials", Vault.Name, subscriptionId, dateString);
+                var friendlyName = string.Format("CN={0}{1}-{2}-vaultcredentials", Vault.Name, subscriptionId, dateString);
                 var vaultCertificateResponse = RecoveryServicesClient.GetRecoveryServicesClient.VaultCertificates.CreateWithHttpMessagesAsync(
                     Vault.ResourceGroupName,
                     Vault.Name,
                     friendlyName,
-                    certificateArgs.Properties,
+                    null,
                     RecoveryServicesClient.GetRequestHeaders()).Result.Body;
                 WriteDebug(string.Format(CultureInfo.InvariantCulture, Resources.UploadedCertToIdmgmt));
 
                 var vaultCredsFileContent = GenerateVaultCredsForSiteRecovery(
-                        certificate,
                         subscriptionId,
                         vaultCertificateResponse,
                         site);
@@ -418,7 +399,6 @@ private void GetSiteRecoveryCredentials()
                     var managementCert = CertUtils.SerializeCert(cert, X509ContentType.Pfx);
                     // generate vault credentials
                     var vaultCredsFileContent = GenerateVaultCredsForSiteRecovery(
-                        managementCert,
                         subscription.Id,
                         vaultCertificateResponse,
                         site);
@@ -548,7 +528,7 @@ private string GenerateVaultCreds(X509Certificate2 cert, string subscriptionId,
             try
             {
                 var certString = CertUtils.SerializeCert(cert, X509ContentType.Pfx);
-                return GenerateVaultCredsForBackup(certString, subscriptionId, vaultCertificateResponse);
+                return GenerateVaultCredsForBackup(subscriptionId, vaultCertificateResponse);
             }
             catch (Exception exception)
             {
@@ -559,19 +539,31 @@ private string GenerateVaultCreds(X509Certificate2 cert, string subscriptionId,
         /// <summary>
         /// Generates vault creds file content for backup Vault
         /// </summary>
-        /// <param name="cert">management certificate</param>
         /// <param name="subscriptionId">subscription Id</param>
         /// <param name="acsNamespace">acs namespace</param>
         /// <returns>xml file in string format</returns>
-        private string GenerateVaultCredsForBackup(string certificateString, string subscriptionId,
+        private string GenerateVaultCredsForBackup(string subscriptionId,
             VaultCertificateResponse vaultCertificateResponse)
         {
+            string certificateString = Convert.ToBase64String(
+                vaultCertificateResponse.Properties.Certificate);
+
             using (var output = new MemoryStream())
             {
                 using (var writer = XmlWriter.Create(output, GetXmlWriterSettings()))
                 {
                     var aadDetails = vaultCertificateResponse.Properties as ResourceCertificateAndAadDetails;
 
+                    string aadAudience = aadDetails.AadAudience;
+                    if (string.IsNullOrEmpty(aadAudience))
+                    {
+                        aadAudience = string.Format(CultureInfo.InvariantCulture,
+                            @"https://RecoveryServiceVault/{0}/{1}/{2}",
+                            Vault.Location,
+                            Vault.Name,
+                            aadDetails.ResourceId);
+                    }
+
                     var vaultCreds = new RSBackupVaultAADCreds
                     {
                         SubscriptionId = subscriptionId,
@@ -580,6 +572,7 @@ private string GenerateVaultCredsForBackup(string certificateString, string subs
                         ResourceId = aadDetails.ResourceId.Value,
                         AadAuthority = aadDetails.AadAuthority,
                         AadTenantId = aadDetails.AadTenantId,
+                        AadAudience = aadAudience,
                         ServicePrincipalClientId = aadDetails.ServicePrincipalClientId,
                         IdMgmtRestEndpoint = aadDetails.AzureManagementEndpointAudience,
                         ProviderNamespace = PSRecoveryServicesClient.ProductionRpNamespace,
@@ -603,12 +596,11 @@ private string GenerateVaultCredsForBackup(string certificateString, string subs
         /// <summary>
         /// Generates vault creds file content for Site Recovery Vault
         /// </summary>
-        /// <param name="cert">management certificate</param>
         /// <param name="subscriptionId">subscription Id</param>
         /// <param name="vaultCertificateResponse">vaultCertificate Response</param>
         /// <param name="asrSite">asrSite Info</param>
         /// <returns>xml file in string format</returns>
-        private string GenerateVaultCredsForSiteRecovery(string managementCert, string subscriptionId,
+        private string GenerateVaultCredsForSiteRecovery(string subscriptionId,
             VaultCertificateResponse vaultCertificateResponse, ASRSite asrSite)
         {
             using (var output = new MemoryStream())
@@ -618,6 +610,8 @@ private string GenerateVaultCredsForSiteRecovery(string managementCert, string s
                     var aadDetails = vaultCertificateResponse.Properties as ResourceCertificateAndAadDetails;
                     var resourceProviderNamespace = string.Empty;
                     var resourceType = string.Empty;
+                    string certificateString =
+                        Convert.ToBase64String(vaultCertificateResponse.Properties.Certificate);
 
                     Utilities.GetResourceProviderNamespaceAndType(Vault.ID, out resourceProviderNamespace, out resourceType);
 
@@ -635,12 +629,16 @@ private string GenerateVaultCredsForSiteRecovery(string managementCert, string s
                         ARMResourceType = resourceType
                     });
 
-                    //Code taken from Ibiza code
-                    var aadAudience = string.Format(CultureInfo.InvariantCulture,
-                        @"https://RecoveryServiceVault/{0}/{1}/{2}",
-                        Vault.Location,
-                        Vault.Name,
-                        aadDetails.ResourceId);
+                    string aadAudience = aadDetails.AadAudience;
+                    if (string.IsNullOrEmpty(aadAudience))
+                    {
+                        //Code taken from Ibiza code
+                        aadAudience = string.Format(CultureInfo.InvariantCulture,
+                            @"https://RecoveryServiceVault/{0}/{1}/{2}",
+                            Vault.Location,
+                            Vault.Name,
+                            aadDetails.ResourceId);
+                    }
 
                     var vaultCreds = new RSVaultAsrCreds
                     {
@@ -654,7 +652,7 @@ private string GenerateVaultCredsForSiteRecovery(string managementCert, string s
                             ResourceType = RecoveryServicesVaultType,
                             ProviderNamespace = PSRecoveryServicesClient.ProductionRpNamespace
                         },
-                        ManagementCert = managementCert,
+                        ManagementCert = certificateString,
                         Version = VaultCredentialVersionAad,
                         AadDetails = new ASRVaultAadDetails
                         {