private bool AreDataVolumesEncrypted(VirtualMachine vmParameters)
{
if (vmParameters == null || vmParameters.Resources == null)
{
return(false);
}
foreach (VirtualMachineExtension vmExtension in vmParameters.Resources)
{
if (IsAzureDiskEncryptionExtension(vmExtension))
{
AzureDiskEncryptionExtensionContext adeExtension = new AzureDiskEncryptionExtensionContext(vmExtension.ToPSVirtualMachineExtension(this.ResourceGroupName));
if (DataVolumeInExtensionConfig(adeExtension))
{
if (adeExtension.EncryptionOperation.Equals(AzureDiskEncryptionExtensionConstants.enableEncryptionOperation, StringComparison.InvariantCultureIgnoreCase))
{
if (ExtensionProvisioningSucceeded(adeExtension))
{
return(true);
}
}
}
}
}
return(false);
}
private EncryptionStatus AreDataVolumesEncrypted(VirtualMachine vmParameters)
{
// return true if any (non-OS) data volume attached to the VM reports an encrypted state
VirtualMachineInstanceView iv = this.ComputeClient.ComputeManagementClient.VirtualMachines.InstanceView(this.ResourceGroupName, this.VMName);
foreach (DiskInstanceView div in iv.Disks)
{
if (!((div.Name.Equals("osDisk") || div.Name.Contains("_OsDisk_"))) &&
GetLastEncryptionStatus(div).Equals("EncryptionState/encrypted"))
{
return(EncryptionStatus.Encrypted);
}
}
// no encrypted status found in disk instance data, check vm model
if (vmParameters == null || vmParameters.Resources == null)
{
return(EncryptionStatus.Unknown);
}
OSType osType = this.GetOSType(vmParameters);
foreach (VirtualMachineExtension vmExtension in vmParameters.Resources)
{
switch (osType)
{
case OSType.Windows:
case OSType.Linux:
if (IsAzureDiskEncryptionExtension(osType, vmExtension))
{
AzureDiskEncryptionExtensionContext adeExtension = new AzureDiskEncryptionExtensionContext(vmExtension.ToPSVirtualMachineExtension(this.ResourceGroupName, this.VMName));
if (DataVolumeInExtensionConfig(adeExtension))
{
if (adeExtension.EncryptionOperation.Equals(AzureDiskEncryptionExtensionConstants.enableEncryptionOperation, StringComparison.InvariantCultureIgnoreCase))
{
if (ExtensionProvisioningSucceeded(adeExtension))
{
return(EncryptionStatus.Encrypted);
}
}
}
}
break;
case OSType.Unknown:
return(EncryptionStatus.Unknown);
default:
return(EncryptionStatus.Unknown);
}
}
return(EncryptionStatus.NotEncrypted);
}
private bool ExtensionProvisioningSucceeded(AzureDiskEncryptionExtensionContext adeExtension)
{
VirtualMachineExtensionGetResponse extensionStatusViewresult = this.VirtualMachineExtensionClient.GetWithInstanceView(this.ResourceGroupName, this.VMName, adeExtension.Name);
PSVirtualMachineExtension extensionStatusView = extensionStatusViewresult.ToPSVirtualMachineExtension(this.ResourceGroupName);
AzureDiskEncryptionExtensionContext adeExtensionWithStatus = new AzureDiskEncryptionExtensionContext(extensionStatusView);
if (adeExtensionWithStatus.ProvisioningState.Equals(AzureDiskEncryptionExtensionContext.StatusSucceeded, StringComparison.InvariantCultureIgnoreCase))
{
return(true);
}
return(false);
}
private bool DataVolumeInExtensionConfig(AzureDiskEncryptionExtensionContext adeExtension)
{
if (adeExtension != null)
{
if ((string.IsNullOrWhiteSpace(adeExtension.VolumeType)) ||
(adeExtension.VolumeType.Equals(AzureDiskEncryptionExtensionContext.VolumeTypeData, StringComparison.InvariantCultureIgnoreCase)) ||
(adeExtension.VolumeType.Equals(AzureDiskEncryptionExtensionContext.VolumeTypeAll, StringComparison.InvariantCultureIgnoreCase)))
{
return(true);
}
}
return(false);
}
private bool DataVolumeInExtensionConfig(AzureDiskEncryptionExtensionContext adeExtension)
{
if (adeExtension != null)
{
if ((string.IsNullOrWhiteSpace(adeExtension.VolumeType)) ||
(adeExtension.VolumeType.Equals(AzureDiskEncryptionExtensionContext.VolumeTypeData, StringComparison.InvariantCultureIgnoreCase)) ||
(adeExtension.VolumeType.Equals(AzureDiskEncryptionExtensionContext.VolumeTypeAll, StringComparison.InvariantCultureIgnoreCase)))
{
return true;
}
}
return false;
}
private EncryptionStatus AreDataVolumesEncrypted(VirtualMachine vmParameters)
{
if (vmParameters == null || vmParameters.Resources == null)
{
return(EncryptionStatus.Unknown);
}
OSType osType = this.GetOSType(vmParameters);
foreach (VirtualMachineExtension vmExtension in vmParameters.Resources)
{
switch (osType)
{
case OSType.Windows:
case OSType.Linux:
if (IsAzureDiskEncryptionExtension(osType, vmExtension))
{
AzureDiskEncryptionExtensionContext adeExtension = new AzureDiskEncryptionExtensionContext(vmExtension.ToPSVirtualMachineExtension(this.ResourceGroupName, this.VMName));
if (DataVolumeInExtensionConfig(adeExtension))
{
if (adeExtension.EncryptionOperation.Equals(AzureDiskEncryptionExtensionConstants.enableEncryptionOperation, StringComparison.InvariantCultureIgnoreCase))
{
if (ExtensionProvisioningSucceeded(adeExtension))
{
return(EncryptionStatus.Encrypted);
}
}
}
}
break;
case OSType.Unknown:
return(EncryptionStatus.Unknown);
default:
return(EncryptionStatus.Unknown);
}
}
return(EncryptionStatus.NotEncrypted);
}
private bool AreDataVolumesEncrypted(VirtualMachine vmParameters)
{
if (vmParameters == null || vmParameters.Extensions == null)
{
return(false);
}
foreach (VirtualMachineExtension vmExtension in vmParameters.Extensions)
{
if (IsAzureDiskEncryptionExtension(vmExtension))
{
AzureDiskEncryptionExtensionContext adeExtension = new AzureDiskEncryptionExtensionContext(vmExtension.ToPSVirtualMachineExtension(this.ResourceGroupName));
if (DataVolumeInExtensionConfig(adeExtension))
{
if (ExtensionProvisioningSucceeded(adeExtension))
{
return(true);
}
}
}
}
return(false);
}
private EncryptionStatus AreWindowsDataVolumesEncryptedDualPass(VirtualMachine vmParameters)
{
VirtualMachineExtension vmExtension = this.FindEncryptionExtension(vmParameters);
if (vmExtension == null)
{
return(EncryptionStatus.Unknown);
}
AzureDiskEncryptionExtensionContext adeExtension =
new AzureDiskEncryptionExtensionContext(vmExtension.ToPSVirtualMachineExtension(this.ResourceGroupName, this.VMName));
if (DataVolumeInExtensionConfig(adeExtension))
{
if (adeExtension.EncryptionOperation.Equals(AzureDiskEncryptionExtensionConstants.enableEncryptionOperation, StringComparison.InvariantCultureIgnoreCase))
{
if (ExtensionProvisioningSucceeded(adeExtension))
{
return(EncryptionStatus.Encrypted);
}
}
}
return(EncryptionStatus.NotEncrypted);
}
private string GetExtensionStatusMessage()
{
VirtualMachineExtensionGetResponse extensionResult = this.VirtualMachineExtensionClient.GetWithInstanceView(this.ResourceGroupName, this.VMName, this.Name);
if (extensionResult == null)
{
ThrowTerminatingError(new ErrorRecord(new ApplicationFailedException(string.Format(CultureInfo.CurrentUICulture, "Failed to retrieve extension status")),
"InvalidResult",
ErrorCategory.InvalidResult,
null));
}
PSVirtualMachineExtension returnedExtension = extensionResult.ToPSVirtualMachineExtension(this.ResourceGroupName);
if ((returnedExtension == null) ||
(string.IsNullOrWhiteSpace(returnedExtension.Publisher)) ||
(string.IsNullOrWhiteSpace(returnedExtension.ExtensionType)))
{
ThrowTerminatingError(new ErrorRecord(new ApplicationFailedException(string.Format(CultureInfo.CurrentUICulture, "Missing extension publisher and type info")),
"InvalidResult",
ErrorCategory.InvalidResult,
null));
}
bool publisherMatch = false;
if (string.Equals(currentOSType, "Linux", StringComparison.InvariantCultureIgnoreCase))
{
if (returnedExtension.Publisher.Equals(AzureDiskEncryptionExtensionContext.LinuxExtensionDefaultPublisher, StringComparison.InvariantCultureIgnoreCase) &&
returnedExtension.ExtensionType.Equals(AzureDiskEncryptionExtensionContext.LinuxExtensionDefaultName, StringComparison.InvariantCultureIgnoreCase))
{
publisherMatch = true;
}
}
else if (string.Equals(currentOSType, "Windows", StringComparison.InvariantCultureIgnoreCase))
{
if (returnedExtension.Publisher.Equals(AzureDiskEncryptionExtensionContext.ExtensionDefaultPublisher, StringComparison.InvariantCultureIgnoreCase) &&
returnedExtension.ExtensionType.Equals(AzureDiskEncryptionExtensionContext.ExtensionDefaultName, StringComparison.InvariantCultureIgnoreCase))
{
publisherMatch = true;
}
}
if (publisherMatch)
{
AzureDiskEncryptionExtensionContext context = new AzureDiskEncryptionExtensionContext(returnedExtension);
if ((context == null) ||
(context.Statuses == null) ||
(context.Statuses.Count < 1) ||
(string.IsNullOrWhiteSpace(context.Statuses[0].Message)))
{
ThrowTerminatingError(new ErrorRecord(new ApplicationFailedException(string.Format(CultureInfo.CurrentUICulture, "Invalid extension status")),
"InvalidResult",
ErrorCategory.InvalidResult,
null));
}
return(context.Statuses[0].Message);
}
else
{
ThrowTerminatingError(new ErrorRecord(new ApplicationFailedException(string.Format(CultureInfo.CurrentUICulture, "Extension publisher and type mismatched")),
"InvalidResult",
ErrorCategory.InvalidResult,
null));
}
return(null);
}
private EncryptionStatus AreDataVolumesEncrypted(VirtualMachine vmParameters)
{
if (vmParameters == null || vmParameters.Resources == null)
{
return EncryptionStatus.Unknown;
}
OSType osType = this.GetOSType(vmParameters);
foreach (VirtualMachineExtension vmExtension in vmParameters.Resources)
{
switch (osType)
{
case OSType.Windows:
case OSType.Linux:
if (IsAzureDiskEncryptionExtension(osType, vmExtension))
{
AzureDiskEncryptionExtensionContext adeExtension = new AzureDiskEncryptionExtensionContext(vmExtension.ToPSVirtualMachineExtension(this.ResourceGroupName, this.VMName));
if (DataVolumeInExtensionConfig(adeExtension))
{
if (adeExtension.EncryptionOperation.Equals(AzureDiskEncryptionExtensionConstants.enableEncryptionOperation, StringComparison.InvariantCultureIgnoreCase))
{
if (ExtensionProvisioningSucceeded(adeExtension))
{
return EncryptionStatus.Encrypted;
}
}
}
}
break;
case OSType.Unknown:
return EncryptionStatus.Unknown;
default:
return EncryptionStatus.Unknown;
}
}
return EncryptionStatus.NotEncrypted;
}
private bool ExtensionProvisioningSucceeded(AzureDiskEncryptionExtensionContext adeExtension)
{
var extensionStatusViewresult = this.VirtualMachineExtensionClient.GetWithInstanceView(this.ResourceGroupName, this.VMName, adeExtension.Name);
var extensionStatusView = extensionStatusViewresult.ToPSVirtualMachineExtension(this.ResourceGroupName, this.VMName);
var adeExtensionWithStatus = new AzureDiskEncryptionExtensionContext(extensionStatusView);
if (adeExtensionWithStatus.ProvisioningState.Equals(AzureDiskEncryptionExtensionContext.StatusSucceeded, StringComparison.InvariantCultureIgnoreCase))
{
return true;
}
return false;
}
private string GetExtensionStatusMessage(OSType currentOSType, bool returnSubstatusMessage=false)
{
AzureOperationResponse<VirtualMachineExtension> extensionResult = this.VirtualMachineExtensionClient.GetWithInstanceView(this.ResourceGroupName, this.VMName, this.Name);
if (extensionResult == null)
{
ThrowTerminatingError(new ErrorRecord(new ApplicationFailedException(string.Format(CultureInfo.CurrentUICulture, "Failed to retrieve extension status")),
"InvalidResult",
ErrorCategory.InvalidResult,
null));
}
PSVirtualMachineExtension returnedExtension = extensionResult.ToPSVirtualMachineExtension(
this.ResourceGroupName, this.VMName);
if ((returnedExtension == null) ||
(string.IsNullOrWhiteSpace(returnedExtension.Publisher)) ||
(string.IsNullOrWhiteSpace(returnedExtension.ExtensionType)))
{
ThrowTerminatingError(new ErrorRecord(new ApplicationFailedException(string.Format(CultureInfo.CurrentUICulture, "Missing extension publisher and type info")),
"InvalidResult",
ErrorCategory.InvalidResult,
null));
}
bool publisherMatch = false;
if (OSType.Linux.Equals(currentOSType))
{
if (returnedExtension.Publisher.Equals(AzureDiskEncryptionExtensionContext.LinuxExtensionDefaultPublisher, StringComparison.InvariantCultureIgnoreCase) &&
returnedExtension.ExtensionType.Equals(AzureDiskEncryptionExtensionContext.LinuxExtensionDefaultName, StringComparison.InvariantCultureIgnoreCase))
{
publisherMatch = true;
}
}
else if (OSType.Windows.Equals(currentOSType))
{
if (returnedExtension.Publisher.Equals(AzureDiskEncryptionExtensionContext.ExtensionDefaultPublisher, StringComparison.InvariantCultureIgnoreCase) &&
returnedExtension.ExtensionType.Equals(AzureDiskEncryptionExtensionContext.ExtensionDefaultName, StringComparison.InvariantCultureIgnoreCase))
{
publisherMatch = true;
}
}
if (publisherMatch)
{
AzureDiskEncryptionExtensionContext context = new AzureDiskEncryptionExtensionContext(returnedExtension);
if ((context == null) ||
(context.Statuses == null) ||
(context.Statuses.Count < 1) ||
(string.IsNullOrWhiteSpace(context.Statuses[0].Message)))
{
throw new KeyNotFoundException(string.Format(CultureInfo.CurrentUICulture, "Invalid extension status"));
}
if (returnSubstatusMessage)
{
if((context == null) ||
(context.SubStatuses == null) ||
(context.SubStatuses.Count < 1))
{
throw new KeyNotFoundException(string.Format(CultureInfo.CurrentUICulture, "Invalid extension substatus"));
}
else
{
return context.SubStatuses[0].Message;
}
}
return context.Statuses[0].Message;
}
else
{
ThrowTerminatingError(new ErrorRecord(new ApplicationFailedException(string.Format(CultureInfo.CurrentUICulture, "Extension publisher and type mismatched")),
"InvalidResult",
ErrorCategory.InvalidResult,
null));
}
return null;
}
private bool AreDataVolumesEncrypted(VirtualMachine vmParameters)
{
if (vmParameters == null || vmParameters.Extensions == null)
{
return false;
}
foreach (VirtualMachineExtension vmExtension in vmParameters.Extensions)
{
if (IsAzureDiskEncryptionExtension(vmExtension))
{
AzureDiskEncryptionExtensionContext adeExtension = new AzureDiskEncryptionExtensionContext(vmExtension.ToPSVirtualMachineExtension(this.ResourceGroupName));
if (DataVolumeInExtensionConfig(adeExtension))
{
if (ExtensionProvisioningSucceeded(adeExtension))
{
return true;
}
}
}
}
return false;
}
private string GetExtensionStatusMessage(OSType currentOSType, bool returnSubstatusMessage = false)
{
AzureOperationResponse <VirtualMachineExtension> extensionResult = this.VirtualMachineExtensionClient.GetWithInstanceView(this.ResourceGroupName, this.VMName, this.Name);
if (extensionResult == null)
{
ThrowTerminatingError(new ErrorRecord(new ApplicationFailedException(string.Format(CultureInfo.CurrentUICulture, "Failed to retrieve extension status")),
"InvalidResult",
ErrorCategory.InvalidResult,
null));
}
PSVirtualMachineExtension returnedExtension = extensionResult.ToPSVirtualMachineExtension(
this.ResourceGroupName, this.VMName);
if ((returnedExtension == null) ||
(string.IsNullOrWhiteSpace(returnedExtension.Publisher)) ||
(string.IsNullOrWhiteSpace(returnedExtension.ExtensionType)))
{
ThrowTerminatingError(new ErrorRecord(new ApplicationFailedException(string.Format(CultureInfo.CurrentUICulture, "Missing extension publisher and type info")),
"InvalidResult",
ErrorCategory.InvalidResult,
null));
}
bool publisherMatch = false;
if (OSType.Linux.Equals(currentOSType))
{
if (returnedExtension.Publisher.Equals(this.ExtensionPublisherName ?? AzureDiskEncryptionExtensionContext.LinuxExtensionDefaultPublisher, StringComparison.InvariantCultureIgnoreCase) &&
returnedExtension.ExtensionType.Equals(this.ExtensionType ?? AzureDiskEncryptionExtensionContext.LinuxExtensionDefaultType, StringComparison.InvariantCultureIgnoreCase))
{
publisherMatch = true;
}
}
else if (OSType.Windows.Equals(currentOSType))
{
if (returnedExtension.Publisher.Equals(this.ExtensionPublisherName ?? AzureDiskEncryptionExtensionContext.ExtensionDefaultPublisher, StringComparison.InvariantCultureIgnoreCase) &&
returnedExtension.ExtensionType.Equals(this.ExtensionType ?? AzureDiskEncryptionExtensionContext.ExtensionDefaultType, StringComparison.InvariantCultureIgnoreCase))
{
publisherMatch = true;
}
}
if (publisherMatch)
{
AzureDiskEncryptionExtensionContext context = new AzureDiskEncryptionExtensionContext(returnedExtension);
if ((context == null) || (context.Statuses == null) || (context.Statuses.Count < 1))
{
throw new KeyNotFoundException(string.Format(CultureInfo.CurrentUICulture, "Invalid extension status"));
}
if (returnSubstatusMessage)
{
if ((context == null) || (context.SubStatuses == null) || (context.SubStatuses.Count < 1))
{
throw new KeyNotFoundException(string.Format(CultureInfo.CurrentUICulture, "Invalid extension substatus"));
}
else
{
return(context.SubStatuses[0].Message);
}
}
else
{
if (!string.IsNullOrWhiteSpace(context.Statuses[0].Message))
{
return(context.Statuses[0].Message);
}
else
{
// if message is empty, fall back to display status
return(context.Statuses[0].DisplayStatus);
}
}
}
else
{
ThrowTerminatingError(new ErrorRecord(new ApplicationFailedException(string.Format(CultureInfo.CurrentUICulture, "Extension publisher and type mismatched")),
"InvalidResult",
ErrorCategory.InvalidResult,
null));
}
return(null);
}
private bool AreDataVolumesEncrypted(VirtualMachine vmParameters)
{
if (vmParameters == null || vmParameters.Resources == null)
{
return false;
}
foreach (VirtualMachineExtension vmExtension in vmParameters.Resources)
{
if (IsAzureDiskEncryptionExtension(vmExtension))
{
AzureDiskEncryptionExtensionContext adeExtension = new AzureDiskEncryptionExtensionContext(vmExtension.ToPSVirtualMachineExtension(this.ResourceGroupName));
if (DataVolumeInExtensionConfig(adeExtension))
{
if (adeExtension.EncryptionOperation.Equals(AzureDiskEncryptionExtensionConstants.enableEncryptionOperation, StringComparison.InvariantCultureIgnoreCase))
{
if (ExtensionProvisioningSucceeded(adeExtension))
{
return true;
}
}
}
}
}
return false;
}