powershell changes for new ssl policies in appgw (#18287)

kaushik-ms · web-flow · commit a193ffa16614 · 2022-06-17T07:46:03.000+08:00
diff --git a/src/Network/Network/ApplicationGateway/SslPolicy/AzureApplicationGatewaySslPolicyBase.cs b/src/Network/Network/ApplicationGateway/SslPolicy/AzureApplicationGatewaySslPolicyBase.cs
@@ -23,13 +23,13 @@ public class AzureApplicationGatewaySslPolicyBase : NetworkBaseCmdlet
     {
         [Parameter(
                HelpMessage = "List of SSL protocols to be disabled")]
-        [ValidateSet("TLSv1_0", "TLSv1_1", "TLSv1_2", IgnoreCase = true)]
+        [ValidateSet("TLSv1_0", "TLSv1_1", "TLSv1_2", "TLSv1_3", IgnoreCase = true)]
         [ValidateNotNullOrEmpty]
         public string[] DisabledSslProtocols { get; set; }
 
         [Parameter(
                HelpMessage = "Type of Ssl Policy")]
-        [ValidateSet("Predefined", "Custom", IgnoreCase = true)]
+        [ValidateSet("Predefined", "Custom", "CustomV2", IgnoreCase = true)]
         public string PolicyType { get; set; }
 
         [Parameter(
@@ -38,12 +38,11 @@ public class AzureApplicationGatewaySslPolicyBase : NetworkBaseCmdlet
 
         [Parameter(
                HelpMessage = "Ssl cipher suites to be enabled in the specified order to application gateway")]
-        [ValidateNotNullOrEmpty]
         public string[] CipherSuite { get; set; }
 
         [Parameter(
                HelpMessage = "Minimum version of Ssl protocol to be supported on application gateway")]
-        [ValidateSet("TLSv1_0", "TLSv1_1", "TLSv1_2", IgnoreCase = true)]
+        [ValidateSet("TLSv1_0", "TLSv1_1", "TLSv1_2", "TLSv1_3", IgnoreCase = true)]
         public string MinProtocolVersion { get; set; }
 
         public override void ExecuteCmdlet()
diff --git a/src/Network/Network/ChangeLog.md b/src/Network/Network/ChangeLog.md
@@ -19,6 +19,10 @@
 --->
 
 ## Upcoming Release
+* Added support for CustomV2 ssl policies for Application Gateway.
+    - Added `CustomV2` to the validation set of `PolicyType`
+    - Added `TLSv1_3` to the validation set of `MinProtocolVersion`
+    - Removed validation for null or empty cipher suites list since there can be empty cipher suites list for min protocol version of tls1.3
 
 ## Version 4.17.0
 * Supported `Microsoft.Network/privateLinkServices` in `Get-AzPrivateEndpointConnection` [#16984].
