[Az.Network] Use SecureString for sas url inputs in GetNetworkVirtualApplianceBootDiagnosticsCommand (#27187)

* use SecureString for sas url inputs in cmdlet

* remove unused directives

* updating help file

* update test and help

* Revert "update test and help"

This reverts commit f3c19cd.

* update test

---------

Co-authored-by: Nori Zhang <[email protected]>

Author: nanditaashok-ms

src/Network/Network.Test/ScenarioTests/NetworkVirtualApplianceBootDiagnosticsTest.ps1

@@ -60,13 +60,15 @@ function Test-NetworkVirtualApplianceBootDiagnostics
 
         # Generate SAS token for the existing Blob
         #$sasToken = New-AzStorageBlobSASToken -Container $containerName -Blob $blobName -Context $storageAccountContext -Permission "rw" -ExpiryTime ([System.DateTime]::UtcNow).AddDays(1) -StartTime ([System.DateTime]::UtcNow).AddHours(-1) -FullUri
-        $sasToken = "placeholder"
+        $sasToken = "******"
         Assert-NotNull $sasToken
         Write-Host "SAS uri for the blob '$blobName' is: $sasToken"
+        $sasTokenEncrypt = ConvertTo-SecureString -String $sasToken -AsPlainText -Force
 
-        $sasUrlScreenShot = "placeholder"
+        $sasUrlScreenShot = "******"
+        $sasUrlScreenShotEncrypt = ConvertTo-SecureString -String $sasUrlScreenShot -AsPlainText -Force
 
-        $nvabootdiagnostics = Get-AzNetworkVirtualApplianceBootDiagnostics -ResourceGroupName $rgname -Name $nvaname -InstanceId 0 -SerialConsoleStorageSasUrl $sasToken -ConsoleScreenshotStorageSasUrl $sasUrlScreenShot
+        $nvabootdiagnostics = Get-AzNetworkVirtualApplianceBootDiagnostics -ResourceGroupName $rgname -Name $nvaname -InstanceId 0 -SerialConsoleStorageSasUrl $sasTokenEncrypt -ConsoleScreenshotStorageSasUrl $sasUrlScreenShotEncrypt
         Assert-AreEqual $nvabootdiagnostics.Status "Succeeded"
    	} 
     finally{

src/Network/Network/NetworkVirtualAppliance/GetNetworkVirtualApplianceBootDiagnosticsCommand.cs

@@ -21,6 +21,8 @@
 using System;
 using System.Collections.Generic;
 using System.Management.Automation;
+using System.Security;
+using Microsoft.WindowsAzure.Commands.Common;
 
 namespace Microsoft.Azure.Commands.Network
 {
@@ -59,13 +61,13 @@ public class GetNetworkVirtualApplianceBootDiagnosticsCommand : NetworkVirtualAp
             Mandatory = false,
             ValueFromPipelineByPropertyName = true,
             HelpMessage = "Storage blob (eg. txt file) sas url into which serial console logs for requested VM instance is copied")]
-        public string SerialConsoleStorageSasUrl { get; set; }
+        public SecureString SerialConsoleStorageSasUrl { get; set; }
 
         [Parameter(
             Mandatory = false,
             ValueFromPipelineByPropertyName = true,
             HelpMessage = "Storage blob (eg. png file) sas url into which console screen shot for requested VM instance is copied")]
-        public string ConsoleScreenshotStorageSasUrl { get; set; }
+        public SecureString ConsoleScreenshotStorageSasUrl { get; set; }
 
         [Parameter(
            Mandatory = true,
@@ -108,8 +110,8 @@ public override void Execute()
                 var bootDiagParams = new NetworkVirtualApplianceBootDiagnosticParameters()
                 {
                     InstanceId = instanceId,
-                    SerialConsoleStorageSasUrl = this.SerialConsoleStorageSasUrl,
-                    ConsoleScreenshotStorageSasUrl = this.ConsoleScreenshotStorageSasUrl
+                    SerialConsoleStorageSasUrl = this.SerialConsoleStorageSasUrl?.ConvertToString(),
+                    ConsoleScreenshotStorageSasUrl = this.ConsoleScreenshotStorageSasUrl?.ConvertToString()
                 };
 
                 var result = this.NetworkVirtualAppliancesClient.GetBootDiagnosticLogsWithHttpMessagesAsync(resourceGroupName: this.ResourceGroupName, networkVirtualApplianceName: this.Name, request: bootDiagParams).GetAwaiter().GetResult();

src/Network/Network/help/Get-AzNetworkVirtualApplianceBootDiagnostics.md

@@ -15,14 +15,14 @@ Retrieves boot diagnostic logs for a given NetworkVirtualAppliance VM instance
 ### ResourceNameParameterSet (Default)
 ```
 Get-AzNetworkVirtualApplianceBootDiagnostics -ResourceGroupName <String> -Name <String> [-InstanceId <Int32>]
- [-SerialConsoleStorageSasUrl <String>] [-ConsoleScreenshotStorageSasUrl <String>] [-AsJob]
+ [-SerialConsoleStorageSasUrl <SecureString>] [-ConsoleScreenshotStorageSasUrl <SecureString>] [-AsJob]
  [-DefaultProfile <IAzureContextContainer>] [-WhatIf] [-Confirm] [<CommonParameters>]
 ```
 
 ### ResourceIdParameterSet
 ```
-Get-AzNetworkVirtualApplianceBootDiagnostics [-InstanceId <Int32>] [-SerialConsoleStorageSasUrl <String>]
- [-ConsoleScreenshotStorageSasUrl <String>] -ResourceId <String> [-AsJob]
+Get-AzNetworkVirtualApplianceBootDiagnostics [-InstanceId <Int32>] [-SerialConsoleStorageSasUrl <SecureString>]
+ [-ConsoleScreenshotStorageSasUrl <SecureString>] -ResourceId <String> [-AsJob]
  [-DefaultProfile <IAzureContextContainer>] [-WhatIf] [-Confirm] [<CommonParameters>]
 ```
 
@@ -75,7 +75,7 @@ Storage blob (eg.
 png file) sas url into which console screen shot for requested VM instance is copied
 
 ```yaml
-Type: String
+Type: SecureString
 Parameter Sets: (All)
 Aliases:
 
@@ -166,7 +166,7 @@ Storage blob (eg.
 txt file) sas url into which serial console logs for requested VM instance is copied
 
 ```yaml
-Type: String
+Type: SecureString
 Parameter Sets: (All)
 Aliases: