public void TestConfigureCloudAppliance()
{
//checking for prerequisites
var device = Helpers.CheckAndGetDevice(this, DeviceType.Series8000VirtualAppliance, DeviceStatus.ReadyToSetup);
var deviceName = device.Name;
//the service data encryption key from rollovered device
var serviceDataEncryptionKey = "ZJOCJNA3k0g5WSHqskiMug==";
try
{
// Device admin password and snapshot manager password
AsymmetricEncryptedSecret deviceAdminpassword = this.Client.Managers.GetAsymmetricEncryptedSecret(this.ResourceGroupName, this.ManagerName, "test-adminp13");
AsymmetricEncryptedSecret snapshotmanagerPassword = this.Client.Managers.GetAsymmetricEncryptedSecret(this.ResourceGroupName, this.ManagerName, "test-ssmpas1235");
//cloud appliance settings
CloudApplianceSettings cloudApplianceSettings = new CloudApplianceSettings();
cloudApplianceSettings.ServiceDataEncryptionKey = EncryptSecretUsingDEK(this.ResourceGroupName, this.ManagerName, deviceName, serviceDataEncryptionKey);
var managerExtendedInfo = this.Client.Managers.GetExtendedInfo(this.ResourceGroupName, this.ManagerName);
cloudApplianceSettings.ChannelIntegrityKey = EncryptSecretUsingDEK(this.ResourceGroupName, this.ManagerName, deviceName, managerExtendedInfo.IntegrityKey);
//security settings patch
SecuritySettingsPatch securitySettingsPatch = new SecuritySettingsPatch()
{
DeviceAdminPassword = deviceAdminpassword,
SnapshotPassword = snapshotmanagerPassword,
CloudApplianceSettings = cloudApplianceSettings
};
//update security settings - this will configure the SCA too.
this.Client.DeviceSettings.UpdateSecuritySettings(
deviceName.GetDoubleEncoded(),
securitySettingsPatch,
this.ResourceGroupName,
this.ManagerName);
var securitySettings = this.Client.DeviceSettings.GetSecuritySettings(
deviceName.GetDoubleEncoded(),
this.ResourceGroupName,
this.ManagerName);
//validation
Assert.True(securitySettings != null, "Creation of Security Setting was not successful.");
//validate that SCA got configured, by checking device is online now.
Helpers.CheckAndGetConfiguredDevice(this, deviceName);
}
catch (Exception e)
{
Assert.Null(e);
}
}
/// <summary>
/// Create SecuritySettings on the Device.
/// </summary>
private SecuritySettings CreateAndValidateSecuritySettings(string deviceName)
{
RemoteManagementSettingsPatch remoteManagementSettings = new RemoteManagementSettingsPatch(
RemoteManagementModeConfiguration.HttpsAndHttpEnabled);
AsymmetricEncryptedSecret deviceAdminpassword = this.Client.Managers.GetAsymmetricEncryptedSecret(
this.ResourceGroupName,
this.ManagerName,
"test-adminp13");
AsymmetricEncryptedSecret snapshotmanagerPassword = this.Client.Managers.GetAsymmetricEncryptedSecret(
this.ResourceGroupName,
this.ManagerName,
"test-ssmpas1235");
ChapSettings chapSettings = new ChapSettings(
"test-initiator-user",
this.Client.Managers.GetAsymmetricEncryptedSecret(this.ResourceGroupName, this.ManagerName, "chapsetInitP124"),
"test-target-user",
this.Client.Managers.GetAsymmetricEncryptedSecret(this.ResourceGroupName, this.ManagerName, "chapsetTargP1235"));
SecuritySettingsPatch securitySettingsPatch = new SecuritySettingsPatch(
remoteManagementSettings,
deviceAdminpassword,
snapshotmanagerPassword,
chapSettings);
this.Client.DeviceSettings.UpdateSecuritySettings(
deviceName.GetDoubleEncoded(),
securitySettingsPatch,
this.ResourceGroupName,
this.ManagerName);
var securitySettings = this.Client.DeviceSettings.GetSecuritySettings(
deviceName.GetDoubleEncoded(),
this.ResourceGroupName,
this.ManagerName);
//validation
Assert.True(securitySettings != null &&
securitySettings.RemoteManagementSettings.RemoteManagementMode.Equals(RemoteManagementModeConfiguration.HttpsAndHttpEnabled) &&
securitySettings.ChapSettings.InitiatorUser.Equals("test-initiator-user") &&
securitySettings.ChapSettings.TargetUser.Equals("test-target-user"), "Creation of Security Setting was not successful.");
return(securitySettings);
}
public void TestUpdateServiceDataEncryptionKeyOnCloudAppliance()
{
//checking for prerequisites
var device = Helpers.CheckAndGetDevice(this, DeviceType.Series8000VirtualAppliance);
var deviceName = device.Name;
//the new service data encryption key from rollovered device
var newServiceDataEncryptionKey = "ZJOCJNA3k0g5WSHqskiMug==";
try
{
//cloud appliance settings
CloudApplianceSettings cloudApplianceSettings = new CloudApplianceSettings();
cloudApplianceSettings.ServiceDataEncryptionKey = EncryptSecretUsingDEK(this.ResourceGroupName, this.ManagerName, deviceName, newServiceDataEncryptionKey);
var managerExtendedInfo = this.Client.Managers.GetExtendedInfo(this.ResourceGroupName, this.ManagerName);
cloudApplianceSettings.ChannelIntegrityKey = EncryptSecretUsingDEK(this.ResourceGroupName, this.ManagerName, deviceName, managerExtendedInfo.IntegrityKey);
//security settings patch
SecuritySettingsPatch securitySettingsPatch = new SecuritySettingsPatch()
{
CloudApplianceSettings = cloudApplianceSettings
};
//update security settings
this.Client.DeviceSettings.UpdateSecuritySettings(
deviceName.GetDoubleEncoded(),
securitySettingsPatch,
this.ResourceGroupName,
this.ManagerName);
var securitySettings = this.Client.DeviceSettings.GetSecuritySettings(
deviceName.GetDoubleEncoded(),
this.ResourceGroupName,
this.ManagerName);
//validation
Assert.True(securitySettings != null, "Creation of Security Setting was not successful.");
}
catch (Exception e)
{
Assert.Null(e);
}
}
public void TestSyncRemoteManagementCertificateAPI()
{
var device = Helpers.CheckAndGetConfiguredDevice(this, TestConstants.DefaultDeviceName);
var deviceName = device.Name;
try
{
//update remote management settings
RemoteManagementSettingsPatch remoteManagementSettings =
new RemoteManagementSettingsPatch(RemoteManagementModeConfiguration.HttpsAndHttpEnabled);
SecuritySettingsPatch securitySettingsPatch = new SecuritySettingsPatch()
{
RemoteManagementSettings = remoteManagementSettings
};
this.Client.DeviceSettings.UpdateSecuritySettings(
deviceName.GetDoubleEncoded(),
securitySettingsPatch,
this.ResourceGroupName,
this.ManagerName);
//sync remote management certificate between appliance and service
this.Client.DeviceSettings.SyncRemotemanagementCertificate(
deviceName.GetDoubleEncoded(),
this.ResourceGroupName,
this.ManagerName);
//validation
var securitySettings = this.Client.DeviceSettings.GetSecuritySettings(
deviceName.GetDoubleEncoded(),
this.ResourceGroupName,
this.ManagerName);
var remoteManagementCertificate = securitySettings.RemoteManagementSettings.RemoteManagementCertificate;
Assert.True(!string.IsNullOrEmpty(remoteManagementCertificate), "Remote management certificate is not synced correctly.");
}
catch (Exception e)
{
Assert.Null(e);
}
}
/// <summary>
/// Patch Security properties of the specified device name.
/// </summary>
/// <param name='operations'>
/// The operations group for this extension method.
/// </param>
/// <param name='deviceName'>
/// The device name
/// </param>
/// <param name='parameters'>
/// The security settings properties to be patched.
/// </param>
/// <param name='resourceGroupName'>
/// The resource group name
/// </param>
/// <param name='managerName'>
/// The manager name
/// </param>
/// <param name='cancellationToken'>
/// The cancellation token.
/// </param>
public static async Task <SecuritySettings> BeginUpdateSecuritySettingsAsync(this IDeviceSettingsOperations operations, string deviceName, SecuritySettingsPatch parameters, string resourceGroupName, string managerName, CancellationToken cancellationToken = default(CancellationToken))
{
using (var _result = await operations.BeginUpdateSecuritySettingsWithHttpMessagesAsync(deviceName, parameters, resourceGroupName, managerName, null, cancellationToken).ConfigureAwait(false))
{
return(_result.Body);
}
}
/// <summary>
/// Patch Security properties of the specified device name.
/// </summary>
/// <param name='operations'>
/// The operations group for this extension method.
/// </param>
/// <param name='deviceName'>
/// The device name
/// </param>
/// <param name='parameters'>
/// The security settings properties to be patched.
/// </param>
/// <param name='resourceGroupName'>
/// The resource group name
/// </param>
/// <param name='managerName'>
/// The manager name
/// </param>
public static SecuritySettings BeginUpdateSecuritySettings(this IDeviceSettingsOperations operations, string deviceName, SecuritySettingsPatch parameters, string resourceGroupName, string managerName)
{
return(operations.BeginUpdateSecuritySettingsAsync(deviceName, parameters, resourceGroupName, managerName).GetAwaiter().GetResult());
}
