Azure
diff --git a/‎src/Cdn/Cdn.Autorest/custom/Start-AzFrontDoorCdnProfilePrepareMigration.ps1
Lines changed: 34 additions & 24 deletions b/‎src/Cdn/Cdn.Autorest/custom/Start-AzFrontDoorCdnProfilePrepareMigration.ps1
Lines changed: 34 additions & 24 deletions
diff --git a/‎src/Cdn/Cdn/Az.Cdn.psd1
Lines changed: 5 additions & 5 deletions b/‎src/Cdn/Cdn/Az.Cdn.psd1
Lines changed: 5 additions & 5 deletions
diff --git a/‎src/Cdn/Cdn/ChangeLog.md
Lines changed: 1 addition & 0 deletions b/‎src/Cdn/Cdn/ChangeLog.md
Lines changed: 1 addition & 0 deletions
diff --git a/‎src/Cdn/Cdn/help/Clear-AzCdnEndpointContent.md
Lines changed: 19 additions & 4 deletions b/‎src/Cdn/Cdn/help/Clear-AzCdnEndpointContent.md
Lines changed: 19 additions & 4 deletions
diff --git a/‎src/Cdn/Cdn/help/Clear-AzFrontDoorCdnEndpointContent.md
Lines changed: 19 additions & 4 deletions b/‎src/Cdn/Cdn/help/Clear-AzFrontDoorCdnEndpointContent.md
Lines changed: 19 additions & 4 deletions
diff --git a/‎src/Cdn/Cdn/help/Disable-AzCdnCustomDomainCustomHttps.md
Lines changed: 17 additions & 2 deletions b/‎src/Cdn/Cdn/help/Disable-AzCdnCustomDomainCustomHttps.md
Lines changed: 17 additions & 2 deletions
diff --git a/‎src/Cdn/Cdn/help/Enable-AzCdnCustomDomainCustomHttps.md
Lines changed: 17 additions & 2 deletions b/‎src/Cdn/Cdn/help/Enable-AzCdnCustomDomainCustomHttps.md
Lines changed: 17 additions & 2 deletions
diff --git a/‎src/Cdn/Cdn/help/Enable-AzFrontDoorCdnProfileMigration.md
Lines changed: 16 additions & 1 deletion b/‎src/Cdn/Cdn/help/Enable-AzFrontDoorCdnProfileMigration.md
Lines changed: 16 additions & 1 deletion
@@ -238,12 +238,16 @@ function Start-AzFrontDoorCdnProfilePrepareMigration {
             throw "MigrationWebApplicationFirewallMapping parameter instance should be equal to the number of WAF policy instance in the profile."
         }
 
-        if (($PSBoundParameters.ContainsKey('IdentityType')) -ne ($allPoliciesWithVault.count -gt 0)) {
-            throw "MSIIdentity should be associated if the front door has Customer Certificates. If not, remove MSIIdentity parameter."
+        # We should raise a complaint if the customer did not enable managed identity when they have BYOC enabled. 
+        # However, if the customer does not have BYOC but has specified a managed identity, we could ignore the validation for BYOC, no need to keep consisence with Portal behavior.
+        if (($allPoliciesWithVault.count -gt 0) -and !($PSBoundParameters.ContainsKey('IdentityType')))
+        {
+            throw "IdentityType parameter should be provided when the front door has Customer Certificates."
         }
-        Write-Host("The parameters have been successfully validated.")
 
-        # Deal with Waf policy
+        Write-Host("The parameters have been validated successfully.")
+
+        # Step1: Deal with Waf policy
         if ($PSBoundParameters.ContainsKey('MigrationWebApplicationFirewallMapping')) {
             Write-Host("Starting to configure WAF policy upgrades.")
 
@@ -287,7 +291,7 @@ function Start-AzFrontDoorCdnProfilePrepareMigration {
             Write-Host("WAF policy upgrades have been configured successfully.")
         }
 
-        # Create AFDx Profile
+        # Step2: Create AFDx Profile
         # If create AfdX profile firstly, then an error ("Invalid migrated to waf reference.") will be thrown if the migrated-To-WAF is supposed to created. (not exists in current subscription)
         Write-Host("Your new Front Door profile is being created. Please wait until the process has finished completely. This may take several minutes.")
         $null = $PSBoundParameters.Remove('IdentityType')
@@ -302,9 +306,8 @@ function Start-AzFrontDoorCdnProfilePrepareMigration {
 
         Write-Host("Your new Front Door profile with the configuration has been successfully created.")
 
-        # Deal with MSI parameter
-        # if ($PSBoundParameters.ContainsKey('IdentityType')) {
-        if ($allPoliciesWithVault.count -gt 0) {
+        # Step 3: Deal with MSI parameter
+        if (${IdentityType}) {
             Write-Host("Starting to enable managed identity.")
 
             # Waiting for results of profile created return
@@ -318,7 +321,7 @@ function Start-AzFrontDoorCdnProfilePrepareMigration {
 
             $enableMSISuccessMessage = 'Enabling managed identity succeeded.'
             $enableMSIRetryMessage = 'Retrying to enable managed identity...'
-            $enableMSIErrorMessage = "Enableing managed identity failed."
+            $enableMSIErrorMessage = "Enabling managed identity failed."
             $profileIdentity = RetryCommand -Command 'Update-AzFrontDoorCdnProfile' -CommandArgs $commandArgs -RetryTimes 6 -SecondsDelay 20 -SuccessMessage $enableMSISuccessMessage -RetryMessage $enableMSIRetryMessage -ErrorMessage $enableMSIErrorMessage
             $identity = [System.Collections.ArrayList]@()
             foreach ($id in $profileIdentity.IdentityUserAssignedIdentity.Values.PrincipalId) {
@@ -331,24 +334,31 @@ function Start-AzFrontDoorCdnProfilePrepareMigration {
                 $identity.Add($profileIdentity.IdentityPrincipalId) | Out-Null
             }
 
-            # Waiting for MSI granted access...
+            # Waiting for Enabling managed identity...
             Start-Sleep(20)
-            Write-Host("Starting to grant managed identity to key vault.")
-            foreach ($vault in $allPoliciesWithVault) {
-                foreach ($principal in $identity) {
-                    $grantAccessSuccessMessage = 'Granting managed identity to key vault succeeded.'
-                    $grantAccessRetryMessage = 'Retrying to grant managed identity to key vault...'
-                    $grantAccessErrorMessage = 'Granting managed identity to key vault failed.'
-
-                    $commandInfo = @{ VaultName = $vault; ObjectId = $principal; PermissionsToSecrets = 'Get'; PermissionsToCertificates = 'Get'; ErrorAction = 'Stop'; BypassObjectIdValidation = $true}
-
-                    # Set-AzKeyVaultAccessPolicy -VaultName $vault -ObjectId $principal -PermissionsToSecrets Get -PermissionsToCertificates Get
-                    # Adding the parameter `-BypassObjectIdValidation` to bypass the validation when using pipeline to do migration, the type of `-BypassObjectIdValidation` is 'SwitchParameter'.
-                    RetryCommand -Command 'Set-AzKeyVaultAccessPolicy' -CommandArgs $commandInfo -RetryTimes 6 -SecondsDelay 20 -SuccessMessage $grantAccessSuccessMessage -RetryMessage $grantAccessRetryMessage -ErrorMessage $grantAccessErrorMessage
+
+            # When the classic front door has BYOC, need to grant managed identity to the key vault.
+            if ($allPoliciesWithVault.count -gt 0)
+            {
+                Write-Host("Starting to grant managed identity to key vault.")
+                foreach ($vault in $allPoliciesWithVault) {
+                    foreach ($principal in $identity) {
+                        $grantAccessSuccessMessage = 'Granting managed identity to key vault succeeded.'
+                        $grantAccessRetryMessage = 'Retrying to grant managed identity to key vault...'
+                        $grantAccessErrorMessage = 'Granting managed identity to key vault failed.'
+
+                        $commandInfo = @{ VaultName = $vault; ObjectId = $principal; PermissionsToSecrets = 'Get'; PermissionsToCertificates = 'Get'; ErrorAction = 'Stop'; BypassObjectIdValidation = $true}
+
+                        # Set-AzKeyVaultAccessPolicy -VaultName $vault -ObjectId $principal -PermissionsToSecrets Get -PermissionsToCertificates Get
+                        # Adding the parameter `-BypassObjectIdValidation` to bypass the validation when using pipeline to do migration, the type of `-BypassObjectIdValidation` is 'SwitchParameter'.
+                        RetryCommand -Command 'Set-AzKeyVaultAccessPolicy' -CommandArgs $commandInfo -RetryTimes 6 -SecondsDelay 20 -SuccessMessage $grantAccessSuccessMessage -RetryMessage $grantAccessRetryMessage -ErrorMessage $grantAccessErrorMessage
+                    }
                 }
-            }
 
-            Write-Host("Your have successfully granted managed identity to key vault.")
+                Write-Host("Your have successfully granted managed identity to key vault.")
+            }
+        } else {
+            Write-Debug("IdentityType paramter not provided and no BYOC for the current front door, skip Managed Identity step.")
         }
 
         Write-Host("The change need to be committed after this.")
 
@@ -3,7 +3,7 @@
 #
 # Generated by: Microsoft Corporation
 #
-# Generated on: 7/31/2024
+# Generated on: 8/6/2024
 #
 
 @{
@@ -57,10 +57,10 @@ RequiredModules = @(@{ModuleName = 'Az.Accounts'; ModuleVersion = '3.0.3'; })
 RequiredAssemblies = 'Cdn.Autorest/bin/Az.Cdn.private.dll'
 
 # Script files (.ps1) that are run in the caller's environment prior to importing this module.
-# ScriptsToProcess = @()
+ScriptsToProcess = @()
 
 # Type files (.ps1xml) to be loaded when importing this module
-# TypesToProcess = @()
+TypesToProcess = @()
 
 # Format files (.ps1xml) to be loaded when importing this module
 FormatsToProcess = 'Cdn.Autorest/Az.Cdn.format.ps1xml'
@@ -216,7 +216,7 @@ PrivateData = @{
     PSData = @{
 
         # Tags applied to this module. These help with module discovery in online galleries.
-        Tags = 'Azure','ResourceManager','ARM','PSModule','Cdn'
+        Tags = 'Azure', 'ResourceManager', 'ARM', 'PSModule', 'Cdn'
 
         # A URL to the license for this module.
         LicenseUri = 'https://aka.ms/azps-license'
@@ -241,7 +241,7 @@ PrivateData = @{
 
     } # End of PSData hashtable
 
- } # End of PrivateData hashtable
+} # End of PrivateData hashtable
 
 # HelpInfo URI of this module
 # HelpInfoURI = ''
 
@@ -19,6 +19,7 @@
 -->
 
 ## Upcoming Release
+* Added support to enable ManagedIdentity when no BYOC in the classic front door during migration
 
 ## Version 3.2.1
 * Bypassed object id validation for KeyVault access policy during `Start-AzFrontDoorCdnProfilePrepareMigration`
 
@@ -16,26 +16,26 @@ Removes a content from CDN.
 ```
 Clear-AzCdnEndpointContent -EndpointName <String> -ProfileName <String> -ResourceGroupName <String>
  [-SubscriptionId <String>] -ContentPath <String[]> [-DefaultProfile <PSObject>] [-AsJob] [-NoWait] [-PassThru]
- [-WhatIf] [-Confirm] [<CommonParameters>]
+ [-ProgressAction <ActionPreference>] [-WhatIf] [-Confirm] [<CommonParameters>]
 ```
 
 ### Purge1
 ```
 Clear-AzCdnEndpointContent -EndpointName <String> -ProfileName <String> -ResourceGroupName <String>
  [-SubscriptionId <String>] -ContentFilePath <IPurgeParameters> [-DefaultProfile <PSObject>] [-AsJob] [-NoWait]
- [-PassThru] [-WhatIf] [-Confirm] [<CommonParameters>]
+ [-PassThru] [-ProgressAction <ActionPreference>] [-WhatIf] [-Confirm] [<CommonParameters>]
 ```
 
 ### PurgeViaIdentityExpanded1
 ```
 Clear-AzCdnEndpointContent -InputObject <ICdnIdentity> -ContentPath <String[]> [-DefaultProfile <PSObject>]
- [-AsJob] [-NoWait] [-PassThru] [-WhatIf] [-Confirm] [<CommonParameters>]
+ [-AsJob] [-NoWait] [-PassThru] [-ProgressAction <ActionPreference>] [-WhatIf] [-Confirm] [<CommonParameters>]
 ```
 
 ### PurgeViaIdentity1
 ```
 Clear-AzCdnEndpointContent -InputObject <ICdnIdentity> -ContentFilePath <IPurgeParameters>
- [-DefaultProfile <PSObject>] [-AsJob] [-NoWait] [-PassThru] [-WhatIf]
+ [-DefaultProfile <PSObject>] [-AsJob] [-NoWait] [-PassThru] [-ProgressAction <ActionPreference>] [-WhatIf]
  [-Confirm] [<CommonParameters>]
 ```
 
@@ -201,6 +201,21 @@ Accept pipeline input: False
 Accept wildcard characters: False
 ```
 
+### -ProgressAction
+{{ Fill ProgressAction Description }}
+
+```yaml
+Type: System.Management.Automation.ActionPreference
+Parameter Sets: (All)
+Aliases: proga
+
+Required: False
+Position: Named
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
 ### -ResourceGroupName
 Name of the Resource group within the Azure subscription.
 
 
@@ -16,27 +16,27 @@ Removes a content from AzureFrontDoor.
 ```
 Clear-AzFrontDoorCdnEndpointContent -EndpointName <String> -ProfileName <String> -ResourceGroupName <String>
  [-SubscriptionId <String>] -ContentPath <String[]> [-Domain <String[]>] [-DefaultProfile <PSObject>] [-AsJob]
- [-NoWait] [-PassThru] [-WhatIf] [-Confirm] [<CommonParameters>]
+ [-NoWait] [-PassThru] [-ProgressAction <ActionPreference>] [-WhatIf] [-Confirm] [<CommonParameters>]
 ```
 
 ### Purge
 ```
 Clear-AzFrontDoorCdnEndpointContent -EndpointName <String> -ProfileName <String> -ResourceGroupName <String>
  [-SubscriptionId <String>] -Content <IAfdPurgeParameters> [-DefaultProfile <PSObject>] [-AsJob] [-NoWait]
- [-PassThru] [-WhatIf] [-Confirm] [<CommonParameters>]
+ [-PassThru] [-ProgressAction <ActionPreference>] [-WhatIf] [-Confirm] [<CommonParameters>]
 ```
 
 ### PurgeViaIdentityExpanded
 ```
 Clear-AzFrontDoorCdnEndpointContent -InputObject <ICdnIdentity> -ContentPath <String[]> [-Domain <String[]>]
- [-DefaultProfile <PSObject>] [-AsJob] [-NoWait] [-PassThru] [-WhatIf]
+ [-DefaultProfile <PSObject>] [-AsJob] [-NoWait] [-PassThru] [-ProgressAction <ActionPreference>] [-WhatIf]
  [-Confirm] [<CommonParameters>]
 ```
 
 ### PurgeViaIdentity
 ```
 Clear-AzFrontDoorCdnEndpointContent -InputObject <ICdnIdentity> -Content <IAfdPurgeParameters>
- [-DefaultProfile <PSObject>] [-AsJob] [-NoWait] [-PassThru] [-WhatIf]
+ [-DefaultProfile <PSObject>] [-AsJob] [-NoWait] [-PassThru] [-ProgressAction <ActionPreference>] [-WhatIf]
  [-Confirm] [<CommonParameters>]
 ```
 
@@ -217,6 +217,21 @@ Accept pipeline input: False
 Accept wildcard characters: False
 ```
 
+### -ProgressAction
+{{ Fill ProgressAction Description }}
+
+```yaml
+Type: System.Management.Automation.ActionPreference
+Parameter Sets: (All)
+Aliases: proga
+
+Required: False
+Position: Named
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
 ### -ResourceGroupName
 Name of the Resource group within the Azure subscription.
 
 
@@ -16,13 +16,13 @@ Disable https delivery of the custom domain.
 ```
 Disable-AzCdnCustomDomainCustomHttps -CustomDomainName <String> -EndpointName <String> -ProfileName <String>
  -ResourceGroupName <String> [-SubscriptionId <String>] [-DefaultProfile <PSObject>] [-AsJob] [-NoWait]
- [-WhatIf] [-Confirm] [<CommonParameters>]
+ [-ProgressAction <ActionPreference>] [-WhatIf] [-Confirm] [<CommonParameters>]
 ```
 
 ### DisableViaIdentity
 ```
 Disable-AzCdnCustomDomainCustomHttps -InputObject <ICdnIdentity> [-DefaultProfile <PSObject>] [-AsJob]
- [-NoWait] [-WhatIf] [-Confirm] [<CommonParameters>]
+ [-NoWait] [-ProgressAction <ActionPreference>] [-WhatIf] [-Confirm] [<CommonParameters>]
 ```
 
 ## DESCRIPTION
@@ -146,6 +146,21 @@ Accept pipeline input: False
 Accept wildcard characters: False
 ```
 
+### -ProgressAction
+{{ Fill ProgressAction Description }}
+
+```yaml
+Type: System.Management.Automation.ActionPreference
+Parameter Sets: (All)
+Aliases: proga
+
+Required: False
+Position: Named
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
 ### -ResourceGroupName
 Name of the Resource group within the Azure subscription.
 
 
@@ -16,15 +16,15 @@ Enable https delivery of the custom domain.
 ```
 Enable-AzCdnCustomDomainCustomHttps -InputObject <ICdnIdentity>
  -CustomDomainHttpsParameter <ICustomDomainHttpsParameters> [-DefaultProfile <PSObject>] [-AsJob] [-NoWait]
- [-WhatIf] [-Confirm] [<CommonParameters>]
+ [-ProgressAction <ActionPreference>] [-WhatIf] [-Confirm] [<CommonParameters>]
 ```
 
 ### Enable
 ```
 Enable-AzCdnCustomDomainCustomHttps -CustomDomainName <String> -EndpointName <String> -ProfileName <String>
  -ResourceGroupName <String> [-SubscriptionId <String>]
  -CustomDomainHttpsParameter <ICustomDomainHttpsParameters> [-DefaultProfile <PSObject>] [-AsJob] [-NoWait]
- [-WhatIf] [-Confirm] [<CommonParameters>]
+ [-ProgressAction <ActionPreference>] [-WhatIf] [-Confirm] [<CommonParameters>]
 ```
 
 ## DESCRIPTION
@@ -171,6 +171,21 @@ Accept pipeline input: False
 Accept wildcard characters: False
 ```
 
+### -ProgressAction
+{{ Fill ProgressAction Description }}
+
+```yaml
+Type: System.Management.Automation.ActionPreference
+Parameter Sets: (All)
+Aliases: proga
+
+Required: False
+Position: Named
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
 ### -ResourceGroupName
 Name of the Resource group within the Azure subscription.
 
 
@@ -15,7 +15,7 @@ Commit the migrated Azure Front Door(Standard/Premium) profile..
 ```
 Enable-AzFrontDoorCdnProfileMigration -ProfileName <String> -ResourceGroupName <String>
  [-SubscriptionId <String>] [-DefaultProfile <PSObject>] [-AsJob] [-NoWait] [-PassThru]
- [-WhatIf] [-Confirm] [<CommonParameters>]
+ [-ProgressAction <ActionPreference>] [-WhatIf] [-Confirm] [<CommonParameters>]
 ```
 
 ## DESCRIPTION
@@ -114,6 +114,21 @@ Accept pipeline input: False
 Accept wildcard characters: False
 ```
 
+### -ProgressAction
+{{ Fill ProgressAction Description }}
+
+```yaml
+Type: System.Management.Automation.ActionPreference
+Parameter Sets: (All)
+Aliases: proga
+
+Required: False
+Position: Named
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
 ### -ResourceGroupName
 Name of the Resource group within the Azure subscription.