[Bastion] Add support for 'Premium' Sku and 'enableSessionRecording' feature flag (#25096)

* Init

* Updating help

* Minor fix

* Updating tests

* Update help

* Update ChangeLog.md

* Update ChangeLog.md

---------

Co-authored-by: Abhishek Shah <[email protected]>
Co-authored-by: NoriZC <[email protected]>

Author: 3 people

src/Network/Network.Test/ScenarioTests/BastionTests.ps1

@@ -102,6 +102,7 @@ public PSBastion GetBastion(string resourceGroupName, string name)
             psBastion.EnableTunneling = bastion.EnableTunneling;
             psBastion.EnableIpConnect = bastion.EnableIPConnect;
             psBastion.EnableShareableLink = bastion.EnableShareableLink;
+            psBastion.EnableSessionRecording = bastion.EnableSessionRecording;
 
             return psBastion;
         }
@@ -117,6 +118,7 @@ public PSBastion ToPsBastion(MNM.BastionHost host)
             bastion.EnableTunneling = host.EnableTunneling;
             bastion.EnableIpConnect = host.EnableIPConnect;
             bastion.EnableShareableLink = host.EnableShareableLink;
+            bastion.EnableSessionRecording = host.EnableSessionRecording;
 
             return bastion;
         }
@@ -157,6 +159,13 @@ public bool IsSkuDowngrade(PSBastion bastion, string sku)
                             return true;
                         }
                         return false;
+                    // Premium -> Basic or Standard
+                    case PSBastionSku.Premium:
+                        if (newSkuTier == PSBastionSku.Basic || newSkuTier == PSBastionSku.Standard)
+                        {
+                            return true;
+                        }
+                        return false;
                     default:
                         return true;
                 }
@@ -165,40 +174,43 @@ public bool IsSkuDowngrade(PSBastion bastion, string sku)
             return true;
         }
 
-        public void ValidateScaleUnits(PSBastion bastion, int? scaleUnits = 2)
+        public void ValidateScaleUnits(PSBastion bastion, int? scaleUnits = Constants.MinimumScaleUnits)
         {
+            if (!scaleUnits.HasValue) return;
+
             if (PSBastionSku.TryGetSkuTier(bastion.Sku.Name, out string skuTierValue))
             {
                 switch (skuTierValue)
                 {
                     case PSBastionSku.Basic:
-                        if (scaleUnits != PSBastion.MinimumScaleUnits)
+                        if (scaleUnits != Constants.MinimumScaleUnits)
                         {
-                            throw new ArgumentException($"Bastion scalable host is available on Standard SKU");
+                            throw new ArgumentException(Properties.Resources.BastionScaleUnitUpdateNotAllowedOnBasic);
                         }
                         break;
                     case PSBastionSku.Standard:
-                        if (scaleUnits < PSBastion.MinimumScaleUnits
-                            || scaleUnits > PSBastion.MaximumScaleUnits)
+                        if (scaleUnits < Constants.MinimumScaleUnits
+                            || scaleUnits > Constants.MaximumScaleUnits)
                         {
-                            throw new ArgumentException($"Please select scale units value between {PSBastion.MinimumScaleUnits} and {PSBastion.MaximumScaleUnits}");
+                            throw new ArgumentException(string.Format(Properties.Resources.BastionScaleUnitOutOfRange, Constants.MinimumScaleUnits, Constants.MaximumScaleUnits));
                         }
                         break;
                     default:
-                        throw new ArgumentException($"Please enter a valid value for Bastion SKU");
+                        throw new ArgumentException(Properties.Resources.BastionSkuInvalidValue);
                 }
             }
             else
             {
-                throw new ArgumentException($"Please enter a valid value for Bastion SKU");
+                throw new ArgumentException(Properties.Resources.BastionSkuInvalidValue);
             }
         }
 
         public void ValidateFeatures(PSBastion bastion,
             bool? disableCopyPaste = false,
             bool? enableTunneling = false,
             bool? enableIpConnect = false,
-            bool? enableShareableLink = false)
+            bool? enableShareableLink = false,
+            bool? enableSessionRecording = false)
         {
             if (PSBastionSku.TryGetSkuTier(bastion.Sku.Name, out string skuTierValue))
             {
@@ -207,30 +219,46 @@ public void ValidateFeatures(PSBastion bastion,
                     case PSBastionSku.Basic:
                         if (disableCopyPaste != null && disableCopyPaste != false)
                         {
-                            throw new ArgumentException($"Toggling copy/paste is available on Standard SKU or higher");
+                            throw new ArgumentException(Properties.Resources.BastionCopyPasteInvalidValue);
                         }
                         if (enableTunneling != null && enableTunneling != false)
                         {
-                            throw new ArgumentException($"Toggling tunneling is available on Standard SKU or higher");
+                            throw new ArgumentException(Properties.Resources.BastionTunnelingInvalidValue);
                         }
                         if (enableIpConnect != null && enableIpConnect != false)
                         {
-                            throw new ArgumentException($"Toggling IP connect is available on Standard SKU or higher");
+                            throw new ArgumentException(Properties.Resources.BastionIpConnectInvalidValue);
                         }
                         if (enableShareableLink != null && enableShareableLink != false)
                         {
-                            throw new ArgumentException($"Toggling shareable link is available on Standard SKU or higher");
+                            throw new ArgumentException(Properties.Resources.BastionShareableLinkInvalidValue);
+                        }
+                        if (enableSessionRecording != null && enableSessionRecording != false)
+                        {
+                            throw new ArgumentException(Properties.Resources.BastionSessionRecordingInvalidValue);
                         }
                         break;
                     case PSBastionSku.Standard:
+                        if (enableSessionRecording != null && enableSessionRecording != false)
+                        {
+                            throw new ArgumentException(Properties.Resources.BastionSessionRecordingInvalidValue);
+                        }
+                        break;
+                    case PSBastionSku.Premium:
+                        if ((enableTunneling.GetValueOrDefault(false) && enableSessionRecording.GetValueOrDefault(false))
+                            || (bastion.EnableTunneling.GetValueOrDefault(false) && enableSessionRecording.GetValueOrDefault(false))
+                            || (enableTunneling.GetValueOrDefault(false)&& bastion.EnableSessionRecording.GetValueOrDefault(false)))
+                        {
+                            throw new ArgumentException(Properties.Resources.BastionTunnelingAndSessionRecordingNotAllowed);
+                        }
                         break;
                     default:
-                        throw new ArgumentException($"Please enter a valid value for Bastion SKU");
+                        throw new ArgumentException(Properties.Resources.BastionSkuInvalidValue);
                 }
             }
             else
             {
-                throw new ArgumentException($"Please enter a valid value for Bastion SKU");
+                throw new ArgumentException(Properties.Resources.BastionSkuInvalidValue);
             }
         }
     }

src/Network/Network.Test/SessionRecords/Commands.Network.Test.ScenarioTests.BastionTests/TestBastionCRUD.json

@@ -0,0 +1,29 @@
+// ----------------------------------------------------------------------------------
+//
+// Copyright Microsoft Corporation
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// http://www.apache.org/licenses/LICENSE-2.0
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+// ----------------------------------------------------------------------------------
+
+namespace Microsoft.Azure.Commands.Network.Bastion
+{
+    internal class Constants
+    {
+        // Bastion
+        internal const string BastionResourceName = "Bastion";
+        internal const string BastionResourceType = "Microsoft.Network/bastionHosts";
+        internal const string BastionSubnetName = "AzureBastionSubnet";
+        internal const string BastionIpConfigurationName = "IpConf";
+
+        // Scale Units
+        internal const int MinimumScaleUnits = 2;
+        internal const int MaximumScaleUnits = 50;
+    }
+}

src/Network/Network.Test/SessionRecords/Commands.Network.Test.ScenarioTests.BastionTests/TestBastionCreateWithFeatures.json

@@ -24,7 +24,7 @@ namespace Microsoft.Azure.Commands.Network.Bastion
     using Microsoft.Azure.Management.Network.Models;
 
     [Cmdlet(VerbsCommon.Get,
-         ResourceManager.Common.AzureRMConstants.AzureRMPrefix + "Bastion",
+         ResourceManager.Common.AzureRMConstants.AzureRMPrefix + Constants.BastionResourceName,
          DefaultParameterSetName = BastionParameterSetNames.ListBySubscription,
          SupportsShouldProcess = true),
          OutputType(typeof(PSBastion), typeof(IEnumerable<PSBastion>))]
@@ -55,7 +55,7 @@ public class GetAzBastionCommand : BastionBaseCmdlet
             Mandatory = true,
             ParameterSetName = BastionParameterSetNames.ByResourceGroupName + BastionParameterSetNames.ByName,
             HelpMessage = "The bastion resource name.")]
-        [ResourceNameCompleter("Microsoft.Network/bastionHosts", "ResourceGroupName")]
+        [ResourceNameCompleter(Constants.BastionResourceType, "ResourceGroupName")]
         [ValidateNotNullOrEmpty]
         public string Name { get; set; }
 

src/Network/Network/Bastion/BastionBaseCmdlet.cs

@@ -28,7 +28,7 @@ namespace Microsoft.Azure.Commands.Network.Bastion
     using MNM = Management.Network.Models;
 
     [Cmdlet(VerbsCommon.New,
-       ResourceManager.Common.AzureRMConstants.AzureRMPrefix + "Bastion",
+       ResourceManager.Common.AzureRMConstants.AzureRMPrefix + Constants.BastionResourceName,
        DefaultParameterSetName = BastionParameterSetNames.ByIpObject + BastionParameterSetNames.ByVNObject,
        SupportsShouldProcess = true),
        OutputType(typeof(PSBastion))]
@@ -47,7 +47,7 @@ public class NewAzBastionCommand : BastionBaseCmdlet
             Mandatory = true,
             HelpMessage = "The Bastion resource name.")]
         [ValidateNotNullOrEmpty]
-        [ResourceNameCompleter("Microsoft.Network/bastionHosts", "ResourceGroupName")]
+        [ResourceNameCompleter(Constants.BastionResourceType, "ResourceGroupName")]
         public string Name { get; set; }
 
         [Alias("PublicIpAddressObject")]
@@ -180,18 +180,19 @@ public class NewAzBastionCommand : BastionBaseCmdlet
             Mandatory = false,
             ValueFromPipeline = true,
             HelpMessage = "The Bastion Sku Tier")]
-        [PSArgumentCompleter(PSBastionSku.Basic, PSBastionSku.Standard)]
+        [PSArgumentCompleter(PSBastionSku.Basic, PSBastionSku.Standard, PSBastionSku.Premium)]
         [ValidateSet(
             MNM.BastionHostSkuName.Basic,
             MNM.BastionHostSkuName.Standard,
+            MNM.BastionHostSkuName.Premium,
             IgnoreCase = false)]
         public string Sku { get; set; }
 
         [Parameter(
             Mandatory = false,
             ValueFromPipeline = true,
             HelpMessage = "The Scale Units for Bastion")]
-        [DefaultValue(2)]
+        [DefaultValue(Constants.MinimumScaleUnits)]
         public int? ScaleUnit { get; set; }
 
         [Parameter(
@@ -229,6 +230,13 @@ public class NewAzBastionCommand : BastionBaseCmdlet
         [DefaultValue(false)]
         public bool? EnableShareableLink { get; set; }
 
+        [Parameter(
+           Mandatory = false,
+           ValueFromPipeline = true,
+           HelpMessage = "Session Recording")]
+        [DefaultValue(false)]
+        public bool? EnableSessionRecording { get; set; }
+
         [Parameter(
             Mandatory = false,
             HelpMessage = "Run cmdlet in the background")]
@@ -267,7 +275,7 @@ private PSBastion CreateBastion()
             PSBastion bastion = new PSBastion(this.Name, this.ResourceGroupName, this.VirtualNetwork.Location, this.Sku);
 
             #region Feature Validations
-            ValidateFeatures(bastion, this.DisableCopyPaste, this.EnableTunneling, this.EnableIpConnect, this.EnableShareableLink);
+            ValidateFeatures(bastion, this.DisableCopyPaste, this.EnableTunneling, this.EnableIpConnect, this.EnableShareableLink, this.EnableSessionRecording);
             if (this.EnableKerberos.HasValue)
             {
                 bastion.EnableKerberos = this.EnableKerberos.Value;
@@ -288,6 +296,10 @@ private PSBastion CreateBastion()
             {
                 bastion.EnableShareableLink = this.EnableShareableLink.Value;
             }
+            if (this.EnableSessionRecording.HasValue)
+            {
+                bastion.EnableSessionRecording = this.EnableSessionRecording.Value;
+            }
             #endregion
 
             #region Scale Unit Validations

src/Network/Network/Bastion/Constants.cs

@@ -24,7 +24,7 @@ namespace Microsoft.Azure.Commands.Network.Bastion
     using System.Management.Automation;
 
     [Cmdlet(VerbsCommon.Remove,
-        ResourceManager.Common.AzureRMConstants.AzureRMPrefix + "Bastion",
+        ResourceManager.Common.AzureRMConstants.AzureRMPrefix + Constants.BastionResourceName,
         DefaultParameterSetName = BastionParameterSetNames.ByResourceGroupName,
         SupportsShouldProcess = true),
         OutputType(typeof(bool))]
@@ -44,7 +44,7 @@ public class RemoveAzBastionCommand : BastionBaseCmdlet
             ParameterSetName = BastionParameterSetNames.ByResourceGroupName,
             Mandatory = true,
             HelpMessage = "The bastion resource name to be deleted.")]
-        [ResourceNameCompleter("Microsoft.Network/bastionHosts", "ResourceGroupName")]
+        [ResourceNameCompleter(Constants.BastionResourceType, "ResourceGroupName")]
         [ValidateNotNullOrEmpty]
         public string Name { get; set; }
 
@@ -64,7 +64,7 @@ public class RemoveAzBastionCommand : BastionBaseCmdlet
             ValueFromPipelineByPropertyName = true,
             HelpMessage = "The Azure resource ID for the Bastion to be deleted.")]
         [ValidateNotNullOrEmpty]
-        [ResourceIdCompleter("Microsoft.Network/bastionHosts")]
+        [ResourceIdCompleter(Constants.BastionResourceType)]
         public string ResourceId { get; set; }
 
         [Parameter(

src/Network/Network/Bastion/GetAzBastionCommand.cs

@@ -26,7 +26,7 @@ namespace Microsoft.Azure.Commands.Network.Bastion
     using MNM = Management.Network.Models;
 
     [Cmdlet(VerbsCommon.Set,
-        ResourceManager.Common.AzureRMConstants.AzureRMPrefix + "Bastion",
+        ResourceManager.Common.AzureRMConstants.AzureRMPrefix + Constants.BastionResourceName,
         DefaultParameterSetName = BastionParameterSetNames.ByBastionObject,
         SupportsShouldProcess = true),
         OutputType(typeof(PSBastion))]
@@ -43,10 +43,11 @@ public class SetAzBastionCommand : BastionBaseCmdlet
             Mandatory = false,
             ValueFromPipeline = true,
             HelpMessage = "Bastion Sku")]
-        [PSArgumentCompleter("Basic", "Standard")]
+        [PSArgumentCompleter(PSBastionSku.Basic, PSBastionSku.Standard, PSBastionSku.Premium)]
         [ValidateSet(
             MNM.BastionHostSkuName.Basic,
             MNM.BastionHostSkuName.Standard,
+            MNM.BastionHostSkuName.Premium,
             IgnoreCase = false)]
         public string Sku { get; set; }
 
@@ -86,6 +87,12 @@ public class SetAzBastionCommand : BastionBaseCmdlet
             HelpMessage = "Shareable Link")]
         public bool? EnableShareableLink { get; set; }
 
+        [Parameter(
+           Mandatory = false,
+           ValueFromPipeline = true,
+           HelpMessage = "Session Recording")]
+        public bool? EnableSessionRecording { get; set; }
+
         [Parameter(
             Mandatory = false,
             ValueFromPipeline = true,
@@ -122,7 +129,7 @@ public override void Execute()
                             // Check if InputObject Sku is being downgraded
                             if (IsSkuDowngrade(this.InputObject, this.Sku))
                             {
-                                throw new ArgumentException("Downgrading Sku is not allowed");
+                                throw new ArgumentException(Properties.Resources.BastionSkuDowngradeNotAllowed);
                             }
 
                             this.InputObject.Sku = new PSBastionSku(this.Sku);
@@ -133,15 +140,15 @@ public override void Execute()
                             // Check if getBastionHost Sku is being downgraded from InputObject by setting InputObject.Sku.Name
                             if (IsSkuDowngrade(getBastionHost, this.InputObject.Sku.Name))
                             {
-                                throw new ArgumentException("Downgrading Sku is not allowed");
+                                throw new ArgumentException(Properties.Resources.BastionSkuDowngradeNotAllowed);
                             }
 
                             this.InputObject.Sku = new PSBastionSku(getBastionHost.Sku.Name);
                         }
                         #endregion
 
                         #region Feature validations and updates
-                        ValidateFeatures(this.InputObject, this.DisableCopyPaste, this.EnableTunneling, this.EnableIpConnect, this.EnableShareableLink);
+                        ValidateFeatures(this.InputObject, this.DisableCopyPaste, this.EnableTunneling, this.EnableIpConnect, this.EnableShareableLink, this.EnableSessionRecording);
                         if (this.EnableKerberos.HasValue)
                         {
                             this.InputObject.EnableKerberos = this.EnableKerberos.Value;
@@ -162,6 +169,10 @@ public override void Execute()
                         {
                             this.InputObject.EnableShareableLink = this.EnableShareableLink.Value;
                         }
+                        if (this.EnableSessionRecording.HasValue)
+                        {
+                            this.InputObject.EnableSessionRecording = this.EnableSessionRecording.Value;
+                        }
                         #endregion
 
                         #region Scale unit validations and update

src/Network/Network/Bastion/NewAzBastionCommand.cs

@@ -19,6 +19,10 @@
 --->
 
 ## Upcoming Release
+* Updated Network.Management SDK to consume newer Swagger version
+* Updated cmdlet to add 'Premium' as a valid value for 'Sku' parameter and 'enableSessionRecording' feature for Bastion resources
+    - `New-AzBastion`
+    - `Set-AzBastion`
 * Updated cmdlet `Add-AzVirtualNetworkSubnetConfig`, `Set-AzVirtualNetworkSubnetConfig` and `New-AzVirtualNetworkSubnetConfig` to support Network Identifier for Subnet Service Endpoint.
 * Added cmdlet `Restart-AzNetworkVirtualAppliance` for allowing a restart of Network Virtual Appliance instances from the customer subscription.
 * Fixed a bug in `Update-AzNetworkVirtualApplianceConnection`