private PSVpnServerConfigurationPolicyGroup UpdatePolicyGroup()
{
PSVpnServerConfiguration parentVpnServerConfiguration = null;
PSVpnServerConfigurationPolicyGroup policyGroupToUpdate = null;
if (ParameterSetName.Equals(CortexParameterSetNames.ByVpnServerConfigurationObject, StringComparison.OrdinalIgnoreCase))
{
this.ResourceGroupName = this.ServerConfigurationObject.ResourceGroupName;
this.ServerConfigurationName = this.ServerConfigurationObject.Name;
}
else if (ParameterSetName.Equals(CortexParameterSetNames.ByVpnServerConfigurationResourceId, StringComparison.OrdinalIgnoreCase))
{
var parsedResourceId = new ResourceIdentifier(this.ServerConfigurationResourceId);
this.ResourceGroupName = parsedResourceId.ResourceGroupName;
this.ServerConfigurationName = parsedResourceId.ResourceName;
}
if (string.IsNullOrWhiteSpace(this.ResourceGroupName) || string.IsNullOrWhiteSpace(this.ServerConfigurationName))
{
throw new PSArgumentException(Properties.Resources.VpnServerConfigurationRequiredToCreateOrUpdatePolicyGroup);
}
parentVpnServerConfiguration = GetVpnServerConfiguration(this.ResourceGroupName, this.ServerConfigurationName);
if (parentVpnServerConfiguration == null)
{
throw new PSArgumentException(Properties.Resources.VpnServerConfigurationRequiredToCreateOrUpdatePolicyGroup);
}
policyGroupToUpdate = GetVpnServerConfigurationPolicyGroup(this.ResourceGroupName, this.ServerConfigurationName, this.Name);
if (policyGroupToUpdate == null)
{
throw new PSArgumentException(Properties.Resources.VpnServerConfigurationPolicyGroupNotFound);
}
if (this.Priority > 0)
{
policyGroupToUpdate.Priority = this.Priority;
}
if (this.DefaultPolicyGroup.HasValue)
{
policyGroupToUpdate.IsDefault = this.DefaultPolicyGroup.Value;
}
if (this.PolicyMember != null)
{
policyGroupToUpdate.PolicyMembers = new List <PSVpnServerConfigurationPolicyGroupMember>();
policyGroupToUpdate.PolicyMembers.AddRange(this.PolicyMember);
}
this.CreateOrUpdateVpnServerConfigurationPolicyGroup(this.ResourceGroupName, this.ServerConfigurationName, this.Name, policyGroupToUpdate);
return(this.GetVpnServerConfigurationPolicyGroup(this.ResourceGroupName, this.ServerConfigurationName, this.Name));
}
public PSVpnServerConfiguration CreateOrUpdateVpnServerConfiguration(string resourceGroupName, string vpnServerConfigurationName, PSVpnServerConfiguration vpnServerConfiguration, Hashtable tags)
{
var vpnServerConfigurationModel = NetworkResourceManagerProfile.Mapper.Map <MNM.VpnServerConfiguration>(vpnServerConfiguration);
vpnServerConfigurationModel.Location = vpnServerConfiguration.Location;
vpnServerConfigurationModel.Tags = TagsConversionHelper.CreateTagDictionary(tags, validate: true);
WriteObject(vpnServerConfigurationModel);
var vpnServerConfigCreatedOrUpdated = this.VpnServerConfigurationClient.CreateOrUpdate(resourceGroupName, vpnServerConfigurationName, vpnServerConfigurationModel);
PSVpnServerConfiguration vpnServerConfigToReturn = ToPsVpnServerConfiguration(vpnServerConfigCreatedOrUpdated);
vpnServerConfigToReturn.ResourceGroupName = resourceGroupName;
return(vpnServerConfigToReturn);
}
public override void Execute()
{
base.Execute();
PSVpnServerConfiguration vpnServerConfigurationToCreate = new PSVpnServerConfiguration();
vpnServerConfigurationToCreate.ResourceGroupName = this.ResourceGroupName;
vpnServerConfigurationToCreate.Name = this.Name;
vpnServerConfigurationToCreate.Location = this.Location;
if (this.IsVpnServerConfigurationPresent(this.ResourceGroupName, this.Name))
{
throw new PSArgumentException(string.Format(Properties.Resources.ResourceAlreadyPresentInResourceGroup, this.Name, this.ResourceGroupName));
}
vpnServerConfigurationToCreate = this.CreateVpnServerConfigurationObject(
vpnServerConfigurationToCreate,
this.VpnProtocol,
this.VpnAuthenticationType,
this.VpnClientRootCertificateFilesList,
this.VpnClientRevokedCertificateFilesList,
this.RadiusServerAddress,
this.RadiusServerSecret,
this.RadiusServerList,
this.RadiusServerRootCertificateFilesList,
this.RadiusClientRootCertificateFilesList,
this.AadTenant,
this.AadAudience,
this.AadIssuer,
this.VpnClientIpsecPolicy,
this.ConfigurationPolicyGroup);
ConfirmAction(
Properties.Resources.CreatingResourceMessage,
this.Name,
() =>
{
WriteVerbose(String.Format(Properties.Resources.CreatingLongRunningOperationMessage, this.ResourceGroupName, this.Name));
WriteObject(vpnServerConfigurationToCreate);
WriteObject(this.CreateOrUpdateVpnServerConfiguration(this.ResourceGroupName, this.Name, vpnServerConfigurationToCreate, this.Tag));
});
}
public List <PSVpnServerConfiguration> ListVpnServerConfigurations(string resourceGroupName)
{
var vpnServerConfigurations = ShouldListBySubscription(resourceGroupName, null) ?
this.VpnServerConfigurationClient.List() : //// List by SubId
this.VpnServerConfigurationClient.ListByResourceGroup(resourceGroupName); //// List by RG Name
List <PSVpnServerConfiguration> vpnServerConfigsToReturn = new List <PSVpnServerConfiguration>();
if (vpnServerConfigurations != null)
{
foreach (MNM.VpnServerConfiguration vpnServerConfiguration in vpnServerConfigurations)
{
PSVpnServerConfiguration vpnServerConfigToReturn = ToPsVpnServerConfiguration(vpnServerConfiguration);
vpnServerConfigToReturn.ResourceGroupName = NetworkBaseCmdlet.GetResourceGroup(vpnServerConfiguration.Id);
vpnServerConfigsToReturn.Add(vpnServerConfigToReturn);
}
}
return(vpnServerConfigsToReturn);
}
public override void Execute()
{
base.Execute();
PSVpnServerConfiguration vpnServerConfigurationToUpdate = null;
if (ParameterSetName.Contains(CortexParameterSetNames.ByVpnServerConfigurationObject))
{
vpnServerConfigurationToUpdate = this.InputObject;
this.ResourceGroupName = this.InputObject.ResourceGroupName;
this.Name = this.InputObject.Name;
}
else
{
if (ParameterSetName.Contains(CortexParameterSetNames.ByVpnServerConfigurationResourceId))
{
var parsedResourceId = new ResourceIdentifier(this.ResourceId);
this.Name = parsedResourceId.ResourceName;
this.ResourceGroupName = parsedResourceId.ResourceGroupName;
}
vpnServerConfigurationToUpdate = this.GetVpnServerConfiguration(this.ResourceGroupName, this.Name);
}
if (vpnServerConfigurationToUpdate == null)
{
throw new PSArgumentException(Properties.Resources.VpnServerConfigurationNotFound);
}
if (this.VpnProtocol != null)
{
vpnServerConfigurationToUpdate.VpnProtocols = new List <string>(this.VpnProtocol);
}
if (this.VpnAuthenticationType != null)
{
vpnServerConfigurationToUpdate.VpnAuthenticationTypes = new List <string>(this.VpnAuthenticationType);
}
if (this.VpnClientIpsecPolicy != null && VpnClientIpsecPolicy.Length != 0)
{
vpnServerConfigurationToUpdate.VpnClientIpsecPolicies = new List <PSIpsecPolicy>(this.VpnClientIpsecPolicy);
}
// Modify the vpnServerConfigurationPolicyGroups
if (this.ConfigurationPolicyGroup != null)
{
vpnServerConfigurationToUpdate.ConfigurationPolicyGroups = new List <PSVpnServerConfigurationPolicyGroup>();
vpnServerConfigurationToUpdate.ConfigurationPolicyGroups.AddRange(this.ConfigurationPolicyGroup);
}
// VpnAuthenticationType = Certificate related validations.
if (vpnServerConfigurationToUpdate.VpnAuthenticationTypes == null ||
(vpnServerConfigurationToUpdate.VpnAuthenticationTypes != null && vpnServerConfigurationToUpdate.VpnAuthenticationTypes.Contains(MNM.VpnAuthenticationType.Certificate)))
{
// Read the VpnClientRootCertificates if present
if (this.VpnClientRootCertificateFilesList != null)
{
vpnServerConfigurationToUpdate.VpnClientRootCertificates = new List <PSClientRootCertificate>();
foreach (string vpnClientRootCertPath in this.VpnClientRootCertificateFilesList)
{
X509Certificate2 VpnClientRootCertificate = new X509Certificate2(vpnClientRootCertPath);
PSClientRootCertificate vpnClientRootCert = new PSClientRootCertificate()
{
Name = Path.GetFileNameWithoutExtension(vpnClientRootCertPath),
PublicCertData = Convert.ToBase64String(VpnClientRootCertificate.Export(X509ContentType.Cert))
};
vpnServerConfigurationToUpdate.VpnClientRootCertificates.Add(vpnClientRootCert);
}
}
// Read the VpnClientRevokedCertificates if present
if (this.VpnClientRevokedCertificateFilesList != null)
{
vpnServerConfigurationToUpdate.VpnClientRevokedCertificates = new List <PSClientCertificate>();
foreach (string vpnClientRevokedCertPath in this.VpnClientRevokedCertificateFilesList)
{
X509Certificate2 vpnClientRevokedCertificate = new X509Certificate2(vpnClientRevokedCertPath);
PSClientCertificate vpnClientRevokedCert = new PSClientCertificate()
{
Name = Path.GetFileNameWithoutExtension(vpnClientRevokedCertPath),
Thumbprint = vpnClientRevokedCertificate.Thumbprint
};
vpnServerConfigurationToUpdate.VpnClientRevokedCertificates.Add(vpnClientRevokedCert);
}
}
}
else
{
vpnServerConfigurationToUpdate.VpnClientRevokedCertificates = null;
vpnServerConfigurationToUpdate.VpnClientRootCertificates = null;
}
if (vpnServerConfigurationToUpdate.VpnAuthenticationTypes != null)
{
if (vpnServerConfigurationToUpdate.VpnAuthenticationTypes.Contains(MNM.VpnAuthenticationType.Radius))
{
if ((this.RadiusServerList != null && this.RadiusServerList.Count() > 0) && (this.RadiusServerAddress != null || this.RadiusServerSecret != null))
{
throw new ArgumentException("Cannot configure both singular radius server and multiple radius servers at the same time.");
}
if (this.RadiusServerList != null && this.RadiusServerList.Count() > 0)
{
vpnServerConfigurationToUpdate.RadiusServers = this.RadiusServerList.ToList();
vpnServerConfigurationToUpdate.RadiusServerAddress = null;
vpnServerConfigurationToUpdate.RadiusServerSecret = null;
}
else
{
if (this.RadiusServerAddress != null)
{
vpnServerConfigurationToUpdate.RadiusServerAddress = this.RadiusServerAddress;
}
if (this.RadiusServerSecret != null)
{
vpnServerConfigurationToUpdate.RadiusServerSecret = SecureStringExtensions.ConvertToString(this.RadiusServerSecret);
}
vpnServerConfigurationToUpdate.RadiusServers = null;
}
// Read the RadiusServerRootCertificates if present
if (this.RadiusServerRootCertificateFilesList != null)
{
vpnServerConfigurationToUpdate.RadiusServerRootCertificates = new List <PSClientRootCertificate>();
foreach (string radiusServerRootCertPath in this.RadiusServerRootCertificateFilesList)
{
X509Certificate2 RadiusServerRootCertificate = new X509Certificate2(radiusServerRootCertPath);
PSClientRootCertificate radiusServerRootCert = new PSClientRootCertificate()
{
Name = Path.GetFileNameWithoutExtension(radiusServerRootCertPath),
PublicCertData = Convert.ToBase64String(RadiusServerRootCertificate.Export(X509ContentType.Cert))
};
vpnServerConfigurationToUpdate.RadiusServerRootCertificates.Add(radiusServerRootCert);
}
}
// Read the RadiusClientRootCertificates if present
if (this.RadiusClientRootCertificateFilesList != null)
{
vpnServerConfigurationToUpdate.RadiusClientRootCertificates = new List <PSClientCertificate>();
foreach (string radiusClientRootCertPath in this.RadiusClientRootCertificateFilesList)
{
X509Certificate2 radiusClientRootCertificate = new X509Certificate2(radiusClientRootCertPath);
PSClientCertificate radiusClientRootCert = new PSClientCertificate()
{
Name = Path.GetFileNameWithoutExtension(radiusClientRootCertPath),
Thumbprint = radiusClientRootCertificate.Thumbprint
};
vpnServerConfigurationToUpdate.RadiusClientRootCertificates.Add(radiusClientRootCert);
}
}
}
else
{
vpnServerConfigurationToUpdate.RadiusServerAddress = null;
vpnServerConfigurationToUpdate.RadiusServerSecret = null;
vpnServerConfigurationToUpdate.RadiusClientRootCertificates = null;
vpnServerConfigurationToUpdate.RadiusServerRootCertificates = null;
vpnServerConfigurationToUpdate.RadiusServers = null;
}
if (vpnServerConfigurationToUpdate.VpnAuthenticationTypes.Contains(MNM.VpnAuthenticationType.AAD))
{
if (vpnServerConfigurationToUpdate.AadAuthenticationParameters == null)
{
vpnServerConfigurationToUpdate.AadAuthenticationParameters = new PSAadAuthenticationParameters();
}
if ((this.AadTenant == null && vpnServerConfigurationToUpdate.AadAuthenticationParameters.AadTenant == null) ||
(this.AadAudience == null && vpnServerConfigurationToUpdate.AadAuthenticationParameters.AadAudience == null) ||
(this.AadIssuer == null && vpnServerConfigurationToUpdate.AadAuthenticationParameters.AadIssuer == null))
{
throw new ArgumentException("All Aad tenant, Aad audience and Aad issuer must be specified if VpnAuthenticationType is being configured as AAD.");
}
if (this.AadTenant != null)
{
vpnServerConfigurationToUpdate.AadAuthenticationParameters.AadTenant = this.AadTenant;
}
if (this.AadAudience != null)
{
vpnServerConfigurationToUpdate.AadAuthenticationParameters.AadAudience = this.AadAudience;
}
if (this.AadIssuer != null)
{
vpnServerConfigurationToUpdate.AadAuthenticationParameters.AadIssuer = this.AadIssuer;
}
}
else
{
vpnServerConfigurationToUpdate.AadAuthenticationParameters = null;
}
}
ConfirmAction(
Properties.Resources.SettingResourceMessage,
this.Name,
() =>
{
WriteVerbose(String.Format(Properties.Resources.UpdatingLongRunningOperationMessage, this.ResourceGroupName, this.Name));
WriteObject(this.CreateOrUpdateVpnServerConfiguration(this.ResourceGroupName, this.Name, vpnServerConfigurationToUpdate, this.Tag));
});
}
public PSVpnServerConfiguration CreateVpnServerConfigurationObject(
PSVpnServerConfiguration vpnServerConfiguration,
string[] vpnProtocol,
string[] vpnAuthenticationType,
string[] vpnClientRootCertificateFilesList,
string[] vpnClientRevokedCertificateFilesList,
string radiusServerAddress,
SecureString radiusServerSecret,
string[] radiusServerRootCertificateFilesList,
string[] radiusClientRootCertificateFilesList,
string aadTenant,
string aadAudience,
string aadIssuer,
PSIpsecPolicy[] vpnClientIpsecPolicy)
{
if (vpnProtocol != null)
{
vpnServerConfiguration.VpnProtocols = new List <string>(vpnProtocol);
}
if (vpnAuthenticationType != null)
{
vpnServerConfiguration.VpnAuthenticationTypes = new List <string>(vpnAuthenticationType);
}
if (vpnClientIpsecPolicy != null && vpnClientIpsecPolicy.Length != 0)
{
vpnServerConfiguration.VpnClientIpsecPolicies = new List <PSIpsecPolicy>(vpnClientIpsecPolicy);
}
// VpnAuthenticationType = Certificate related validations.
if (vpnAuthenticationType == null ||
(vpnAuthenticationType != null && vpnAuthenticationType.Contains(MNM.VpnAuthenticationType.Certificate)))
{
// Read the VpnClientRootCertificates if present
if (vpnClientRootCertificateFilesList != null)
{
vpnServerConfiguration.VpnClientRootCertificates = new List <PSClientRootCertificate>();
foreach (string vpnClientRootCertPath in vpnClientRootCertificateFilesList)
{
X509Certificate2 VpnClientRootCertificate = new X509Certificate2(vpnClientRootCertPath);
PSClientRootCertificate vpnClientRootCert = new PSClientRootCertificate()
{
Name = Path.GetFileNameWithoutExtension(vpnClientRootCertPath),
PublicCertData = Convert.ToBase64String(VpnClientRootCertificate.Export(X509ContentType.Cert))
};
vpnServerConfiguration.VpnClientRootCertificates.Add(vpnClientRootCert);
}
}
// Read the VpnClientRevokedCertificates if present
if (vpnClientRevokedCertificateFilesList != null)
{
vpnServerConfiguration.VpnClientRevokedCertificates = new List <PSClientCertificate>();
foreach (string vpnClientRevokedCertPath in vpnClientRevokedCertificateFilesList)
{
X509Certificate2 vpnClientRevokedCertificate = new X509Certificate2(vpnClientRevokedCertPath);
PSClientCertificate vpnClientRevokedCert = new PSClientCertificate()
{
Name = Path.GetFileNameWithoutExtension(vpnClientRevokedCertPath),
Thumbprint = vpnClientRevokedCertificate.Thumbprint
};
vpnServerConfiguration.VpnClientRevokedCertificates.Add(vpnClientRevokedCert);
}
}
}
// VpnAuthenticationType = Radius related validations.
else if (vpnAuthenticationType.Contains(MNM.VpnAuthenticationType.Radius))
{
if (radiusServerAddress == null || radiusServerSecret == null)
{
throw new ArgumentException("Both radius server address and secret must be specified if VpnAuthenticationType is being configured as Radius.");
}
vpnServerConfiguration.RadiusServerAddress = radiusServerAddress;
vpnServerConfiguration.RadiusServerSecret = SecureStringExtensions.ConvertToString(radiusServerSecret);
// Read the RadiusServerRootCertificates if present
if (radiusServerRootCertificateFilesList != null)
{
vpnServerConfiguration.RadiusServerRootCertificates = new List <PSClientRootCertificate>();
foreach (string radiusServerRootCertPath in radiusServerRootCertificateFilesList)
{
X509Certificate2 RadiusServerRootCertificate = new X509Certificate2(radiusServerRootCertPath);
PSClientRootCertificate radiusServerRootCert = new PSClientRootCertificate()
{
Name = Path.GetFileNameWithoutExtension(radiusServerRootCertPath),
PublicCertData = Convert.ToBase64String(RadiusServerRootCertificate.Export(X509ContentType.Cert))
};
vpnServerConfiguration.RadiusServerRootCertificates.Add(radiusServerRootCert);
}
}
// Read the RadiusClientRootCertificates if present
if (radiusClientRootCertificateFilesList != null)
{
vpnServerConfiguration.RadiusClientRootCertificates = new List <PSClientCertificate>();
foreach (string radiusClientRootCertPath in radiusClientRootCertificateFilesList)
{
X509Certificate2 radiusClientRootCertificate = new X509Certificate2(radiusClientRootCertPath);
PSClientCertificate radiusClientRootCert = new PSClientCertificate()
{
Name = Path.GetFileNameWithoutExtension(radiusClientRootCertPath),
Thumbprint = radiusClientRootCertificate.Thumbprint
};
vpnServerConfiguration.RadiusClientRootCertificates.Add(radiusClientRootCert);
}
}
}
// VpnAuthenticationType = AAD related validations.
else if (vpnAuthenticationType.Contains(MNM.VpnAuthenticationType.AAD))
{
if (aadTenant == null || aadAudience == null || aadIssuer == null)
{
throw new ArgumentException("All Aad tenant, Aad audience and Aad issuer must be specified if VpnAuthenticationType is being configured as AAD.");
}
vpnServerConfiguration.AadAuthenticationParameters = new PSAadAuthenticationParameters()
{
AadTenant = aadTenant,
AadAudience = aadAudience,
AadIssuer = aadIssuer
};
}
return(vpnServerConfiguration);
}
private PSVpnServerConfigurationPolicyGroup VpnServerConfigurationPolicy()
{
base.Execute();
PSVpnServerConfiguration parentVpnServerConfiguration = null;
//// Resolve the VpnServerConfiguration
if (ParameterSetName.Contains(CortexParameterSetNames.ByVpnServerConfigurationObject))
{
this.ResourceGroupName = this.ServerConfigurationObject.ResourceGroupName;
this.ServerConfigurationName = this.ServerConfigurationObject.Name;
}
else if (ParameterSetName.Contains(CortexParameterSetNames.ByVpnServerConfigurationResourceId))
{
var parsedResourceId = new ResourceIdentifier(this.ServerConfigurationResourceId);
this.ResourceGroupName = parsedResourceId.ResourceGroupName;
this.ServerConfigurationName = parsedResourceId.ResourceName;
}
if (string.IsNullOrWhiteSpace(this.ResourceGroupName) || string.IsNullOrWhiteSpace(this.ServerConfigurationName))
{
throw new PSArgumentException(Properties.Resources.VpnServerConfigurationRequiredToCreateOrUpdatePolicyGroup);
}
//// At this point, we should have the resource name and the resource group for the parent VpnServerConfiguration resolved.
//// This will throw not found exception if the VpnServerConfiguration does not exist
parentVpnServerConfiguration = this.GetVpnServerConfiguration(this.ResourceGroupName, this.ServerConfigurationName);
if (parentVpnServerConfiguration == null)
{
throw new PSArgumentException(Properties.Resources.ParentVpnServerConfigurationNotFound);
}
if (this.IsVpnServerConfigurationPolicyGroupPresent(this.ResourceGroupName, this.ServerConfigurationName, this.Name))
{
throw new PSArgumentException(string.Format(Properties.Resources.ChildResourceAlreadyPresentInResourceGroup, this.Name, this.ResourceGroupName, this.ServerConfigurationName));
}
// Create VpnServerConfigurationPolicyGroup
PSVpnServerConfigurationPolicyGroup policyGroup = new PSVpnServerConfigurationPolicyGroup
{
Name = this.Name,
Priority = this.Priority,
PolicyMembers = new List <PSVpnServerConfigurationPolicyGroupMember>()
};
if (this.DefaultPolicyGroup.IsPresent)
{
policyGroup.IsDefault = true;
}
else
{
policyGroup.IsDefault = false;
}
if (this.PolicyMember != null && this.PolicyMember.Any())
{
policyGroup.PolicyMembers.AddRange(this.PolicyMember);
}
PSVpnServerConfigurationPolicyGroup policyGroupToReturn = null;
ConfirmAction(
Properties.Resources.CreatingResourceMessage,
this.Name,
() =>
{
WriteVerbose(String.Format(Properties.Resources.CreatingChildResourceLongRunningOperationMessage, this.ResourceGroupName, this.ServerConfigurationName, this.Name));
this.CreateOrUpdateVpnServerConfigurationPolicyGroup(this.ResourceGroupName, this.ServerConfigurationName, this.Name, policyGroup);
policyGroupToReturn = this.GetVpnServerConfigurationPolicyGroup(this.ResourceGroupName, this.ServerConfigurationName, this.Name);
});
return(policyGroupToReturn);
}
