[PSCmdAssistant] Grant-AzDiskAccess new parameter SecureVMGuestStateSAS (Azure#24635)

Sandido · web-flow · commit 32d4d91d8577 · 2024-04-25T13:12:25.000+08:00
* initial gen code

* fixes and tests and changelog and help doc

* add private

* remove private to see what happens

* cleanup

* Update Grant-AzDiskAccess.md
diff --git a/src/Compute/Compute.Test/ScenarioTests/DiskRPTests.cs b/src/Compute/Compute.Test/ScenarioTests/DiskRPTests.cs
@@ -192,5 +192,12 @@ public void TestSnapshotConfigTierOptionEnhancedSpeed()
             TestRunner.RunTestScript("Test-SnapshotConfigTierOptionEnhancedSpeed");
         }
 
+        [Fact]
+        [Trait(Category.AcceptanceType, Category.LiveOnly)]
+        public void TestDiskGrantAccessGetSASWithTL()
+        {
+            TestRunner.RunTestScript("Test-DiskGrantAccessGetSASWithTL");
+        }
+
     }
 }
diff --git a/src/Compute/Compute.Test/ScenarioTests/DiskRPTests.ps1 b/src/Compute/Compute.Test/ScenarioTests/DiskRPTests.ps1
@@ -1825,4 +1825,42 @@ function Test-SnapshotConfigTierOptionEnhancedSpeed
         # Cleanup
         Clean-ResourceGroup $rgname
     }
+}
+
+<#
+.SYNOPSIS
+Using a TL disk, use the SecureVmGuestStateSas parameter to get the securityDataAccessSAS value.
+#>
+function Test-DiskGrantAccessGetSASWithTL
+{
+    $rgname = Get-ComputeTestResourceName;
+	$loc = Get-ComputeVMLocation;
+
+	try
+    {
+		New-AzResourceGroup -Name $rgname -Location $loc -Force;
+
+        $diskname = "d" + $rgname;
+
+        $image = Get-AzVMImage -Skus 2022-datacenter-azure-edition -Offer WindowsServer -PublisherName MicrosoftWindowsServer -Location $loc -Version latest;
+        $diskconfig = New-AzDiskConfig -DiskSizeGB 127 -AccountType Premium_LRS -OsType Windows -CreateOption FromImage -Location $loc;
+
+        $diskconfig = Set-AzDiskImageReference -Disk $diskconfig -Id $image.Id;
+
+        $disk = New-AzDisk -ResourceGroupName $rgname -DiskName $diskname -Disk $diskconfig;
+
+        $grantAccess = Grant-AzDiskAccess -ResourceGroupName $rgname -DiskName $diskname -Access 'Read' -DurationInSecond 60 -SecureVMGuestStateSAS;
+        Assert-NotNull $grantAccess.securityDataAccessSAS;
+        Assert-NotNull $grantAccess.AccessSAS;
+
+        $grantAccess = Grant-AzDiskAccess -ResourceGroupName $rgname -DiskName $diskname -Access 'Read' -DurationInSecond 60;
+        Assert-NotNull $grantAccess.AccessSAS;
+        Assert-Null $grantAccess.securityDataAccessSAS;
+
+	}
+    finally 
+    {
+		# Cleanup
+		Clean-ResourceGroup $rgname;
+	}
 }
diff --git a/src/Compute/Compute.Test/SessionRecords/Microsoft.Azure.Commands.Compute.Test.ScenarioTests.DiskRPTests/TestDiskGrantAccessGetSASWithTL.json b/src/Compute/Compute.Test/SessionRecords/Microsoft.Azure.Commands.Compute.Test.ScenarioTests.DiskRPTests/TestDiskGrantAccessGetSASWithTL.json
diff --git a/src/Compute/Compute/ChangeLog.md b/src/Compute/Compute/ChangeLog.md
@@ -22,6 +22,7 @@
 ## Upcoming Release
 * Added cmdlet `Invoke-AzSpotPlacementRecommender`.
 * Fixed `Update-AzCapacityReservationGroup` to remove Subscriptions from SharingProfile.
+* Added new optional parameter `SecureVMGuestStateSAS` to cmdlet `Grant-AzDiskAccess`.
 
 ## Version 7.2.0
 * Added parameters `-scriptUriManagedIdentity`, `-outputBlobManagedIdentity`, `-errorBlobMangedIdentity`, and `-TreatFailureAsDeploymentFailure` to cmdlets `Set-AzVmRunCommand` and `Set-AzVmssRunCommand`. 
diff --git a/src/Compute/Compute/Generated/Disk/DiskGrantAccessMethod.cs b/src/Compute/Compute/Generated/Disk/DiskGrantAccessMethod.cs
@@ -48,6 +48,7 @@ public override void ExecuteCmdlet()
                     var grantAccessData = new GrantAccessData();
                     grantAccessData.Access = this.Access;
                     grantAccessData.DurationInSeconds = this.DurationInSecond;
+                    grantAccessData.GetSecureVMGuestStateSAS = this.SecureVMGuestStateSAS;
 
                     var result = DisksClient.GrantAccess(resourceGroupName, diskName, grantAccessData);
                     var psObject = new PSAccessUri();
@@ -88,5 +89,12 @@ public override void ExecuteCmdlet()
 
         [Parameter(Mandatory = false, HelpMessage = "Run cmdlet in the background")]
         public SwitchParameter AsJob { get; set; }
+
+        [Parameter(
+            ParameterSetName = "DefaultParameter",
+            HelpMessage = "Set this flag to true to get additional SAS for VM guest state.",
+            Mandatory = false,
+            ValueFromPipelineByPropertyName = true)]
+        public SwitchParameter SecureVMGuestStateSAS { get; set; }
     }
 }
diff --git a/src/Compute/Compute/Generated/Models/PSAccessUri.cs b/src/Compute/Compute/Generated/Models/PSAccessUri.cs
@@ -29,5 +29,7 @@ public partial class PSAccessUri
     {
         public string AccessSAS { get; set; }
 
+        public string SecurityDataAccessSAS { get; set; }
+
     }
 }
diff --git a/src/Compute/Compute/help/Grant-AzDiskAccess.md b/src/Compute/Compute/help/Grant-AzDiskAccess.md
@@ -14,7 +14,7 @@ Grants an access to a disk.
 
 ```
 Grant-AzDiskAccess [-ResourceGroupName] <String> [-DiskName] <String> [-Access] <String>
- [[-DurationInSecond] <Int32>] [-AsJob] [-DefaultProfile <IAzureContextContainer>]
+ [[-DurationInSecond] <Int32>] [-AsJob] [-SecureVMGuestStateSAS] [-DefaultProfile <IAzureContextContainer>]
  [-WhatIf] [-Confirm] [<CommonParameters>]
 ```
 
@@ -122,6 +122,21 @@ Accept pipeline input: True (ByPropertyName)
 Accept wildcard characters: False
 ```
 
+### -SecureVMGuestStateSAS
+Set this flag to true to get additional SAS for VM guest state.
+
+```yaml
+Type: System.Management.Automation.SwitchParameter
+Parameter Sets: (All)
+Aliases:
+
+Required: False
+Position: Named
+Default value: None
+Accept pipeline input: True (ByPropertyName)
+Accept wildcard characters: False
+```
+
 ### -Confirm
 Prompts you for confirmation before running the cmdlet.
 

Original file line number	Diff line number	Diff line change
`@@ -192,5 +192,12 @@ public void TestSnapshotConfigTierOptionEnhancedSpeed()`
`192`	`192`	`TestRunner.RunTestScript("Test-SnapshotConfigTierOptionEnhancedSpeed");`
`193`	`193`	`}`
`194`	`194`
	`195`	`+ [Fact]`
	`196`	`+ [Trait(Category.AcceptanceType, Category.LiveOnly)]`
	`197`	`+ public void TestDiskGrantAccessGetSASWithTL()`
	`198`	`+ {`
	`199`	`+ TestRunner.RunTestScript("Test-DiskGrantAccessGetSASWithTL");`
	`200`	`+ }`
	`201`	`+`
`195`	`202`	`}`
`196`	`203`	`}`
Original file line number	Diff line number	Diff line change
`@@ -29,5 +29,7 @@ public partial class PSAccessUri`
`29`	`29`	`{`
`30`	`30`	`public string AccessSAS { get; set; }`
`31`	`31`
	`32`	`+ public string SecurityDataAccessSAS { get; set; }`
	`33`	`+`
`32`	`34`	`}`
`33`	`35`	`}`