private void UpdateIotDpsAccessPolicy()
{
ArrayList accessRights = new ArrayList();
PSAccessRightsDescription psAccessRightsDescription;
foreach (string permission in this.Permissions)
{
if (!Enum.TryParse <PSAccessRightsDescription>(permission.Trim(), true, out psAccessRightsDescription))
{
throw new ArgumentException("Invalid access policy permission");
}
else
{
accessRights.Add(psAccessRightsDescription.ToString());
}
}
ProvisioningServiceDescription provisioningServiceDescription = GetIotDpsResource(this.ResourceGroupName, this.Name);
IList <SharedAccessSignatureAuthorizationRuleAccessRightsDescription> iotDpsAccessPolicyList = GetIotDpsAccessPolicy(this.ResourceGroupName, this.Name);
SharedAccessSignatureAuthorizationRuleAccessRightsDescription iotDpsAccessPolicy = GetIotDpsAccessPolicy(this.ResourceGroupName, this.Name, this.KeyName);
foreach (SharedAccessSignatureAuthorizationRuleAccessRightsDescription accessPolicy in iotDpsAccessPolicyList)
{
if (accessPolicy.KeyName.Equals(iotDpsAccessPolicy.KeyName))
{
accessPolicy.Rights = string.Join(", ", accessRights.ToArray());
}
}
provisioningServiceDescription.Properties.AuthorizationPolicies = iotDpsAccessPolicyList;
IotDpsCreateOrUpdate(this.ResourceGroupName, this.Name, provisioningServiceDescription);
this.WriteObject(IotDpsUtils.ToPSSharedAccessSignatureAuthorizationRuleAccessRightsDescription(GetIotDpsAccessPolicy(this.ResourceGroupName, this.Name, this.KeyName), this.ResourceGroupName, this.Name), false);
}
public override void ExecuteCmdlet()
{
if (ShouldProcess(Name, DPSResources.RemoveAccessPolicy))
{
if (ParameterSetName.Equals(InputObjectParameterSet))
{
this.ResourceGroupName = this.InputObject.ResourceGroupName;
this.Name = this.InputObject.Name;
this.KeyName = this.InputObject.KeyName;
}
if (ParameterSetName.Equals(ResourceIdParameterSet))
{
this.ResourceGroupName = IotDpsUtils.GetResourceGroupName(this.ResourceId);
this.Name = IotDpsUtils.GetIotDpsName(this.ResourceId);
}
ProvisioningServiceDescription provisioningServiceDescription = GetIotDpsResource(this.ResourceGroupName, this.Name);
IList<SharedAccessSignatureAuthorizationRuleAccessRightsDescription> currentIotDpsAccessPolicyList = GetIotDpsAccessPolicy(this.ResourceGroupName, this.Name);
SharedAccessSignatureAuthorizationRuleAccessRightsDescription iotDpsAccessPolicy = GetIotDpsAccessPolicy(this.ResourceGroupName, this.Name, this.KeyName);
IList<SharedAccessSignatureAuthorizationRuleAccessRightsDescription> updatedIotDpsAccessPolicyList = currentIotDpsAccessPolicyList.Where(x => x.KeyName != iotDpsAccessPolicy.KeyName).ToList();
provisioningServiceDescription.Properties.AuthorizationPolicies = updatedIotDpsAccessPolicyList;
IotDpsCreateOrUpdate(this.ResourceGroupName, this.Name, provisioningServiceDescription);
if (PassThru)
{
this.WriteObject(true);
}
}
}
public static PSIotDpsConnectionString ToPSIotDpsConnectionString(this SharedAccessSignatureAuthorizationRuleAccessRightsDescription authorizationPolicy, string serviceOperationsHostName)
{
return(new PSIotDpsConnectionString()
{
KeyName = authorizationPolicy.KeyName,
PrimaryConnectionString = String.Format(IotDpsConnectionStringTemplate, serviceOperationsHostName, authorizationPolicy.KeyName, authorizationPolicy.PrimaryKey),
SecondaryConnectionString = String.Format(IotDpsConnectionStringTemplate, serviceOperationsHostName, authorizationPolicy.KeyName, authorizationPolicy.SecondaryKey)
});
}
public override void ExecuteCmdlet()
{
if (ShouldProcess(this.DpsName, DPSResources.RemoveEnrollmentGroup))
{
ProvisioningServiceDescription provisioningServiceDescription;
if (ParameterSetName.Equals(InputObjectParameterSet))
{
this.ResourceGroupName = this.DpsObject.ResourceGroupName;
this.DpsName = this.DpsObject.Name;
provisioningServiceDescription = IotDpsUtils.ConvertObject <PSProvisioningServiceDescription, ProvisioningServiceDescription>(this.DpsObject);
}
else
{
if (ParameterSetName.Equals(ResourceIdParameterSet))
{
this.ResourceGroupName = IotDpsUtils.GetResourceGroupName(this.ResourceId);
this.DpsName = IotDpsUtils.GetIotDpsName(this.ResourceId);
}
provisioningServiceDescription = GetIotDpsResource(this.ResourceGroupName, this.DpsName);
}
IEnumerable <SharedAccessSignatureAuthorizationRuleAccessRightsDescription> authPolicies = this.IotDpsClient.IotDpsResource.ListKeys(this.DpsName, this.ResourceGroupName);
SharedAccessSignatureAuthorizationRuleAccessRightsDescription policy = IotDpsUtils.GetPolicy(authPolicies, PSAccessRightsDescription.EnrollmentWrite);
PSIotDpsConnectionString psIotDpsConnectionString = IotDpsUtils.ToPSIotDpsConnectionString(policy, provisioningServiceDescription.Properties.ServiceOperationsHostName);
ProvisioningServiceClient client = ProvisioningServiceClient.CreateFromConnectionString(psIotDpsConnectionString.PrimaryConnectionString);
try
{
if (this.Name != null)
{
client.DeleteEnrollmentGroupAsync(this.Name).GetAwaiter().GetResult();
}
else
{
QueryResult enrollments = client.CreateEnrollmentGroupQuery(new QuerySpecification("select * from enrollments")).NextAsync().GetAwaiter().GetResult();
foreach (PSEnrollmentGroups enrollment in IotDpsUtils.ToPSEnrollmentGroups(enrollments.Items))
{
client.DeleteEnrollmentGroupAsync(enrollment.EnrollmentGroupId).GetAwaiter().GetResult();
}
}
if (PassThru.IsPresent)
{
this.WriteObject(true);
}
}
catch
{
if (PassThru.IsPresent)
{
this.WriteObject(false);
}
}
}
}
private bool TryGetKeyByName(string testName, out SharedAccessSignatureAuthorizationRuleAccessRightsDescription accessPolicy)
{
try
{
accessPolicy = this.provisioningClient.IotDpsResource.ListKeysForKeyName(testName, testName, testName);
return(true);
}
catch (ErrorDetailsException ex)
{
accessPolicy = null;
Assert.Equal(HttpStatusCode.NotFound, ex.Response.StatusCode);
return(false);
}
}
public override void ExecuteCmdlet()
{
if (ShouldProcess(this.DpsName, DPSResources.RemoveRegistration))
{
ProvisioningServiceDescription provisioningServiceDescription;
if (ParameterSetName.Equals(InputObjectParameterSet))
{
this.ResourceGroupName = this.DpsObject.ResourceGroupName;
this.DpsName = this.DpsObject.Name;
provisioningServiceDescription = IotDpsUtils.ConvertObject <PSProvisioningServiceDescription, ProvisioningServiceDescription>(this.DpsObject);
}
else
{
if (ParameterSetName.Equals(ResourceIdParameterSet))
{
this.ResourceGroupName = IotDpsUtils.GetResourceGroupName(this.ResourceId);
this.DpsName = IotDpsUtils.GetIotDpsName(this.ResourceId);
}
provisioningServiceDescription = GetIotDpsResource(this.ResourceGroupName, this.DpsName);
}
IEnumerable <SharedAccessSignatureAuthorizationRuleAccessRightsDescription> authPolicies = this.IotDpsClient.IotDpsResource.ListKeys(this.DpsName, this.ResourceGroupName);
SharedAccessSignatureAuthorizationRuleAccessRightsDescription policy = IotDpsUtils.GetPolicy(authPolicies, PSAccessRightsDescription.EnrollmentWrite);
PSIotDpsConnectionString psIotDpsConnectionString = IotDpsUtils.ToPSIotDpsConnectionString(policy, provisioningServiceDescription.Properties.ServiceOperationsHostName);
ProvisioningServiceClient client = ProvisioningServiceClient.CreateFromConnectionString(psIotDpsConnectionString.PrimaryConnectionString);
try
{
client.DeleteDeviceRegistrationStateAsync(this.RegistrationId).GetAwaiter().GetResult();
if (PassThru.IsPresent)
{
this.WriteObject(true);
}
}
catch
{
if (PassThru.IsPresent)
{
this.WriteObject(false);
}
else
{
throw;
}
}
}
}
private async Task <(bool hasKey, SharedAccessSignatureAuthorizationRuleAccessRightsDescription accessPolicy)> TryGetKeyByNameAsync(string testName)
{
try
{
SharedAccessSignatureAuthorizationRuleAccessRightsDescription accessPolicy = await _provisioningClient.IotDpsResource
.ListKeysForKeyNameAsync(testName, testName, testName)
.ConfigureAwait(false);
return(true, accessPolicy);
}
catch (ErrorDetailsException ex)
{
ex.Response.StatusCode.Should().Be(HttpStatusCode.NotFound);
return(false, null);
}
}
public override void ExecuteCmdlet()
{
ProvisioningServiceDescription provisioningServiceDescription;
if (ParameterSetName.Equals(InputObjectParameterSet))
{
this.ResourceGroupName = this.DpsObject.ResourceGroupName;
this.DpsName = this.DpsObject.Name;
provisioningServiceDescription = IotDpsUtils.ConvertObject <PSProvisioningServiceDescription, ProvisioningServiceDescription>(this.DpsObject);
}
else
{
if (ParameterSetName.Equals(ResourceIdParameterSet))
{
this.ResourceGroupName = IotDpsUtils.GetResourceGroupName(this.ResourceId);
this.DpsName = IotDpsUtils.GetIotDpsName(this.ResourceId);
}
provisioningServiceDescription = GetIotDpsResource(this.ResourceGroupName, this.DpsName);
}
IEnumerable <SharedAccessSignatureAuthorizationRuleAccessRightsDescription> authPolicies = this.IotDpsClient.IotDpsResource.ListKeys(this.DpsName, this.ResourceGroupName);
SharedAccessSignatureAuthorizationRuleAccessRightsDescription policy = IotDpsUtils.GetPolicy(authPolicies, PSAccessRightsDescription.EnrollmentWrite);
PSIotDpsConnectionString psIotDpsConnectionString = IotDpsUtils.ToPSIotDpsConnectionString(policy, provisioningServiceDescription.Properties.ServiceOperationsHostName);
ProvisioningServiceClient client = ProvisioningServiceClient.CreateFromConnectionString(psIotDpsConnectionString.PrimaryConnectionString);
if ((!this.IsParameterBound(c => c.RegistrationId) && !this.IsParameterBound(c => c.EnrollmentId)) ||
(this.IsParameterBound(c => c.RegistrationId) && this.IsParameterBound(c => c.EnrollmentId)))
{
throw new ArgumentException("Please provide either RegistrationId or EnrollmentId.");
}
if (this.IsParameterBound(c => c.RegistrationId))
{
DeviceRegistrationState result = client.GetDeviceRegistrationStateAsync(this.RegistrationId).GetAwaiter().GetResult();
this.WriteObject(IotDpsUtils.ToPSDeviceRegistrationState(result));
}
if (this.IsParameterBound(c => c.EnrollmentId))
{
string query = this.IsParameterBound(c => c.Query) ? this.Query : "select * from enrollments";
QueryResult results = client.CreateEnrollmentGroupRegistrationStateQuery(new QuerySpecification(query), this.EnrollmentId).NextAsync().GetAwaiter().GetResult();
this.WriteObject(IotDpsUtils.ToPSDeviceRegistrationStates(results.Items), true);
}
}
private void AddIotDpsAccessPolicy()
{
ArrayList accessRights = new ArrayList();
PSAccessRightsDescription psAccessRightsDescription;
foreach (string permission in this.Permissions)
{
if (!Enum.TryParse <PSAccessRightsDescription>(permission.Trim(), true, out psAccessRightsDescription))
{
throw new ArgumentException("Invalid access policy permission");
}
else
{
accessRights.Add(psAccessRightsDescription.ToString());
}
}
SharedAccessSignatureAuthorizationRuleAccessRightsDescription iotDpsAccessPolicy = new SharedAccessSignatureAuthorizationRuleAccessRightsDescription()
{
KeyName = this.KeyName,
Rights = string.Join(", ", accessRights.ToArray())
};
ProvisioningServiceDescription provisioningServiceDescription = GetIotDpsResource(this.ResourceGroupName, this.Name);
IList <SharedAccessSignatureAuthorizationRuleAccessRightsDescription> iotDpsAccessPolicyList = GetIotDpsAccessPolicy(this.ResourceGroupName, this.Name);
iotDpsAccessPolicyList.Add(iotDpsAccessPolicy);
provisioningServiceDescription.Properties.AuthorizationPolicies = iotDpsAccessPolicyList;
IotDpsCreateOrUpdate(this.ResourceGroupName, this.Name, provisioningServiceDescription);
iotDpsAccessPolicyList = GetIotDpsAccessPolicy(this.ResourceGroupName, this.Name);
if (iotDpsAccessPolicyList.Count == 1)
{
this.WritePSObject(iotDpsAccessPolicyList[0]);
}
else
{
this.WritePSObjects(iotDpsAccessPolicyList);
}
}
public override void ExecuteCmdlet()
{
ProvisioningServiceDescription provisioningServiceDescription;
if (ParameterSetName.Equals(InputObjectParameterSet))
{
this.ResourceGroupName = this.DpsObject.ResourceGroupName;
this.DpsName = this.DpsObject.Name;
provisioningServiceDescription = IotDpsUtils.ConvertObject <PSProvisioningServiceDescription, ProvisioningServiceDescription>(this.DpsObject);
}
else
{
if (ParameterSetName.Equals(ResourceIdParameterSet))
{
this.ResourceGroupName = IotDpsUtils.GetResourceGroupName(this.ResourceId);
this.DpsName = IotDpsUtils.GetIotDpsName(this.ResourceId);
}
provisioningServiceDescription = GetIotDpsResource(this.ResourceGroupName, this.DpsName);
}
IEnumerable <SharedAccessSignatureAuthorizationRuleAccessRightsDescription> authPolicies = this.IotDpsClient.IotDpsResource.ListKeys(this.DpsName, this.ResourceGroupName);
SharedAccessSignatureAuthorizationRuleAccessRightsDescription policy = IotDpsUtils.GetPolicy(authPolicies, PSAccessRightsDescription.EnrollmentWrite);
PSIotDpsConnectionString psIotDpsConnectionString = IotDpsUtils.ToPSIotDpsConnectionString(policy, provisioningServiceDescription.Properties.ServiceOperationsHostName);
ProvisioningServiceClient client = ProvisioningServiceClient.CreateFromConnectionString(psIotDpsConnectionString.PrimaryConnectionString);
if (this.RegistrationId != null)
{
IndividualEnrollment result = client.GetIndividualEnrollmentAsync(this.RegistrationId).GetAwaiter().GetResult();
this.WriteObject(IotDpsUtils.ToPSIndividualEnrollment(result));
}
else
{
QueryResult enrollments = client.CreateIndividualEnrollmentQuery(new QuerySpecification("select * from enrollments")).NextAsync().GetAwaiter().GetResult();
this.WriteObject(IotDpsUtils.ToPSIndividualEnrollments(enrollments.Items), true);
}
}
private void WritePSObject(SharedAccessSignatureAuthorizationRuleAccessRightsDescription iotDpsAccessPolicy)
{
this.WriteObject(IotDpsUtils.ToPSSharedAccessSignatureAuthorizationRuleAccessRightsDescription(iotDpsAccessPolicy, this.ResourceGroupName, this.Name), false);
}
public static PSSharedAccessSignatureAuthorizationRuleAccessRightsDescription ToPSSharedAccessSignatureAuthorizationRuleAccessRightsDescription(SharedAccessSignatureAuthorizationRuleAccessRightsDescription accessPolicy, string resourceGroupName, string name)
{
PSSharedAccessSignatureAuthorizationRuleAccessRightsDescription psSharedAccessSignatureAuthorizationRuleAccessRightsDescription = ConvertObject <SharedAccessSignatureAuthorizationRuleAccessRightsDescription, PSSharedAccessSignatureAuthorizationRuleAccessRightsDescription>(accessPolicy);
psSharedAccessSignatureAuthorizationRuleAccessRightsDescription.ResourceGroupName = resourceGroupName;
psSharedAccessSignatureAuthorizationRuleAccessRightsDescription.Name = name;
return(psSharedAccessSignatureAuthorizationRuleAccessRightsDescription);
}
public override void ExecuteCmdlet()
{
if (ShouldProcess(this.DpsName, DPSResources.AddEnrollment))
{
ProvisioningServiceDescription provisioningServiceDescription;
if (ParameterSetName.Equals(InputObjectParameterSet))
{
this.ResourceGroupName = this.DpsObject.ResourceGroupName;
this.DpsName = this.DpsObject.Name;
provisioningServiceDescription = IotDpsUtils.ConvertObject <PSProvisioningServiceDescription, ProvisioningServiceDescription>(this.DpsObject);
}
else
{
if (ParameterSetName.Equals(ResourceIdParameterSet))
{
this.ResourceGroupName = IotDpsUtils.GetResourceGroupName(this.ResourceId);
this.DpsName = IotDpsUtils.GetIotDpsName(this.ResourceId);
}
provisioningServiceDescription = GetIotDpsResource(this.ResourceGroupName, this.DpsName);
}
IEnumerable <SharedAccessSignatureAuthorizationRuleAccessRightsDescription> authPolicies = this.IotDpsClient.IotDpsResource.ListKeys(this.DpsName, this.ResourceGroupName);
SharedAccessSignatureAuthorizationRuleAccessRightsDescription policy = IotDpsUtils.GetPolicy(authPolicies, PSAccessRightsDescription.EnrollmentWrite);
PSIotDpsConnectionString psIotDpsConnectionString = IotDpsUtils.ToPSIotDpsConnectionString(policy, provisioningServiceDescription.Properties.ServiceOperationsHostName);
ProvisioningServiceClient client = ProvisioningServiceClient.CreateFromConnectionString(psIotDpsConnectionString.PrimaryConnectionString);
Attestation attestation = null;
TwinCollection tags = new TwinCollection(), desiredProperties = new TwinCollection();
if (this.IsParameterBound(c => c.Tag))
{
tags = new TwinCollection(JsonConvert.SerializeObject(this.Tag));
}
if (this.IsParameterBound(c => c.Desired))
{
desiredProperties = new TwinCollection(JsonConvert.SerializeObject(this.Desired));
}
switch (this.AttestationType)
{
case PSAttestationMechanismType.SymmetricKey:
if ((this.IsParameterBound(c => c.PrimaryKey) && !this.IsParameterBound(c => c.SecondaryKey)) ||
(!this.IsParameterBound(c => c.PrimaryKey) && this.IsParameterBound(c => c.SecondaryKey)))
{
throw new ArgumentException("Please provide both primary and secondary key.");
}
else
{
attestation = new SymmetricKeyAttestation(this.PrimaryKey, this.SecondaryKey);
}
break;
case PSAttestationMechanismType.Tpm:
if (this.IsParameterBound(c => c.EndorsementKey))
{
attestation = new TpmAttestation(this.EndorsementKey, this.IsParameterBound(c => c.StorageRootKey) ? this.StorageRootKey : null);
}
else
{
throw new ArgumentException("Endorsement key is requried.");
}
break;
case PSAttestationMechanismType.X509:
if (!this.IsParameterBound(c => c.PrimaryCertificate) && !this.IsParameterBound(c => c.SecondaryCertificate))
{
if (!this.IsParameterBound(c => c.PrimaryCAName))
{
throw new ArgumentException("Primary CA reference cannot be null or empty.");
}
if (this.IsParameterBound(c => c.SecondaryCAName))
{
attestation = X509Attestation.CreateFromCAReferences(this.PrimaryCAName, this.SecondaryCAName);
}
else
{
attestation = X509Attestation.CreateFromCAReferences(this.PrimaryCAName);
}
}
else if (!this.IsParameterBound(c => c.PrimaryCAName) && !this.IsParameterBound(c => c.SecondaryCAName))
{
string primaryCer = string.Empty, secondaryCer = string.Empty;
if (!this.IsParameterBound(c => c.PrimaryCertificate))
{
throw new ArgumentException("Primary certificate cannot be null or empty.");
}
primaryCer = IotDpsUtils.GetCertificateString(this.PrimaryCertificate);
if (this.IsParameterBound(c => c.SecondaryCertificate))
{
secondaryCer = IotDpsUtils.GetCertificateString(this.PrimaryCertificate);
if (this.IsParameterBound(c => c.RootCertificate))
{
attestation = X509Attestation.CreateFromRootCertificates(primaryCer, secondaryCer);
}
else
{
attestation = X509Attestation.CreateFromClientCertificates(primaryCer, secondaryCer);
}
}
else
{
if (this.IsParameterBound(c => c.RootCertificate))
{
attestation = X509Attestation.CreateFromRootCertificates(primaryCer);
}
else
{
attestation = X509Attestation.CreateFromClientCertificates(primaryCer);
}
}
}
else
{
throw new ArgumentException("Please provide either CA reference or X509 certificate.");
}
break;
default:
throw new ArgumentException("Please provide valid attestation mechanism.");
}
IndividualEnrollment enrollment = new IndividualEnrollment(this.RegistrationId, attestation);
if (this.IsParameterBound(c => c.DeviceId))
{
enrollment.DeviceId = this.DeviceId;
}
enrollment.InitialTwinState = new TwinState(tags, desiredProperties);
enrollment.Capabilities = new DeviceCapabilities()
{
IotEdge = this.EdgeEnabled.IsPresent
};
switch (this.ReprovisionPolicy)
{
case PSReprovisionType.reprovisionandmigratedata:
enrollment.ReprovisionPolicy = new ReprovisionPolicy()
{
UpdateHubAssignment = true, MigrateDeviceData = true
};
break;
case PSReprovisionType.reprovisionandresetdata:
enrollment.ReprovisionPolicy = new ReprovisionPolicy()
{
UpdateHubAssignment = true, MigrateDeviceData = false
};
break;
case PSReprovisionType.never:
enrollment.ReprovisionPolicy = new ReprovisionPolicy()
{
UpdateHubAssignment = false, MigrateDeviceData = false
};
break;
}
if (this.IsParameterBound(c => c.AllocationPolicy))
{
if (this.IsParameterBound(c => c.IotHubHostName))
{
throw new ArgumentException("\"IotHubHostName\" is not required when allocation-policy is defined.");
}
if (this.AllocationPolicy.Equals(PSAllocationPolicy.Static))
{
if (this.IsParameterBound(c => c.IotHub))
{
if (this.IotHub.Length > 1)
{
throw new ArgumentException("Please provide only one hub when allocation-policy is defined as Static.");
}
}
else
{
throw new ArgumentException("Please provide a hub to be assigned with device.");
}
}
if (this.AllocationPolicy.Equals(PSAllocationPolicy.Custom))
{
if (!this.IsParameterBound(c => c.WebhookUrl))
{
throw new ArgumentException("Please provide an Azure function url when allocation-policy is defined as Custom.");
}
if (!this.IsParameterBound(c => c.ApiVersion))
{
throw new ArgumentException("Please provide an Azure function api-version when allocation-policy is defined as Custom.");
}
enrollment.CustomAllocationDefinition = new CustomAllocationDefinition()
{
WebhookUrl = this.WebhookUrl, ApiVersion = this.ApiVersion
};
}
enrollment.AllocationPolicy = (Devices.Provisioning.Service.AllocationPolicy)Enum.Parse(typeof(Devices.Provisioning.Service.AllocationPolicy), this.AllocationPolicy.ToString());
enrollment.IotHubs = this.IotHub;
}
else
{
if (this.IsParameterBound(c => c.IotHub))
{
throw new ArgumentException("Please provide allocation policy.");
}
if (this.IsParameterBound(c => c.IotHubHostName))
{
enrollment.IotHubHostName = this.IotHubHostName;
}
}
if (this.IsParameterBound(c => c.ProvisioningStatus))
{
enrollment.ProvisioningStatus = (ProvisioningStatus)Enum.Parse(typeof(ProvisioningStatus), this.ProvisioningStatus.ToString());
}
IndividualEnrollment result = client.CreateOrUpdateIndividualEnrollmentAsync(enrollment).GetAwaiter().GetResult();
this.WriteObject(IotDpsUtils.ToPSIndividualEnrollment(result));
}
}
public override void ExecuteCmdlet()
{
if (ShouldProcess(this.DpsName, DPSResources.AddEnrollmentGroup))
{
ProvisioningServiceDescription provisioningServiceDescription;
if (ParameterSetName.Equals(InputObjectParameterSet))
{
this.ResourceGroupName = this.DpsObject.ResourceGroupName;
this.DpsName = this.DpsObject.Name;
provisioningServiceDescription = IotDpsUtils.ConvertObject <PSProvisioningServiceDescription, ProvisioningServiceDescription>(this.DpsObject);
}
else
{
if (ParameterSetName.Equals(ResourceIdParameterSet))
{
this.ResourceGroupName = IotDpsUtils.GetResourceGroupName(this.ResourceId);
this.DpsName = IotDpsUtils.GetIotDpsName(this.ResourceId);
}
provisioningServiceDescription = GetIotDpsResource(this.ResourceGroupName, this.DpsName);
}
IEnumerable <SharedAccessSignatureAuthorizationRuleAccessRightsDescription> authPolicies = this.IotDpsClient.IotDpsResource.ListKeys(this.DpsName, this.ResourceGroupName);
SharedAccessSignatureAuthorizationRuleAccessRightsDescription policy = IotDpsUtils.GetPolicy(authPolicies, PSAccessRightsDescription.EnrollmentWrite);
PSIotDpsConnectionString psIotDpsConnectionString = IotDpsUtils.ToPSIotDpsConnectionString(policy, provisioningServiceDescription.Properties.ServiceOperationsHostName);
ProvisioningServiceClient client = ProvisioningServiceClient.CreateFromConnectionString(psIotDpsConnectionString.PrimaryConnectionString);
EnrollmentGroup enrollment = client.GetEnrollmentGroupAsync(this.Name).GetAwaiter().GetResult();
if (enrollment != null)
{
// Updating ProvisioningStatus
if (this.IsParameterBound(c => c.ProvisioningStatus))
{
enrollment.ProvisioningStatus = (ProvisioningStatus)Enum.Parse(typeof(ProvisioningStatus), this.ProvisioningStatus.ToString());
}
// Updating InitialTwinState
if (this.IsParameterBound(c => c.Tag) || this.IsParameterBound(c => c.Desired))
{
TwinCollection tags = this.IsParameterBound(c => c.Tag) ? new TwinCollection(JsonConvert.SerializeObject(this.Tag)) : (enrollment.InitialTwinState != null ? enrollment.InitialTwinState.Tags : new TwinCollection());
TwinCollection desiredProperties = this.IsParameterBound(c => c.Desired) ? new TwinCollection(JsonConvert.SerializeObject(this.Desired)) : (enrollment.InitialTwinState != null ? enrollment.InitialTwinState.DesiredProperties : new TwinCollection());
enrollment.InitialTwinState = new TwinState(tags, desiredProperties);
}
// Updating Capabilities
if (this.IsParameterBound(c => c.EdgeEnabled))
{
enrollment.Capabilities = new DeviceCapabilities()
{
IotEdge = this.EdgeEnabled
};
}
// Updating ReprovisionPolicy
if (this.IsParameterBound(c => c.ReprovisionPolicy))
{
switch (this.ReprovisionPolicy)
{
case PSReprovisionType.reprovisionandmigratedata:
enrollment.ReprovisionPolicy = new ReprovisionPolicy()
{
UpdateHubAssignment = true, MigrateDeviceData = true
};
break;
case PSReprovisionType.reprovisionandresetdata:
enrollment.ReprovisionPolicy = new ReprovisionPolicy()
{
UpdateHubAssignment = true, MigrateDeviceData = false
};
break;
case PSReprovisionType.never:
enrollment.ReprovisionPolicy = new ReprovisionPolicy()
{
UpdateHubAssignment = false, MigrateDeviceData = false
};
break;
}
}
// Updating AllocationPolicy and Hub
if (this.IsParameterBound(c => c.IotHubHostName) && this.IsParameterBound(c => c.AllocationPolicy))
{
throw new ArgumentException("\"IotHubHostName\" is not required when allocation-policy is defined.");
}
if (this.IsParameterBound(c => c.IotHubHostName) && this.IsParameterBound(c => c.IotHub))
{
throw new ArgumentException("\"IotHubHostName\" is not required when IotHub is defined.");
}
if (this.IsParameterBound(c => c.IotHubHostName))
{
enrollment.IotHubHostName = this.IotHubHostName;
enrollment.CustomAllocationDefinition = null;
enrollment.AllocationPolicy = null;
enrollment.IotHubs = null;
}
if (this.IsParameterBound(c => c.AllocationPolicy))
{
enrollment.AllocationPolicy = (Devices.Provisioning.Service.AllocationPolicy)Enum.Parse(typeof(Devices.Provisioning.Service.AllocationPolicy), this.AllocationPolicy.ToString());
}
switch (enrollment.AllocationPolicy)
{
case Devices.Provisioning.Service.AllocationPolicy.Static:
if (this.IsParameterBound(c => c.IotHub))
{
if (this.IotHub.Length > 1)
{
throw new ArgumentException("Please provide only one hub when allocation-policy is defined as Static.");
}
enrollment.IotHubs = this.IotHub;
}
enrollment.CustomAllocationDefinition = null;
enrollment.IotHubHostName = null;
break;
case Devices.Provisioning.Service.AllocationPolicy.Custom:
if (enrollment.CustomAllocationDefinition == null)
{
if (!this.IsParameterBound(c => c.WebhookUrl))
{
throw new ArgumentException("Please provide an Azure function url when allocation-policy is defined as Custom.");
}
if (!this.IsParameterBound(c => c.ApiVersion))
{
throw new ArgumentException("Please provide an Azure function api-version when allocation-policy is defined as Custom.");
}
}
string webhookUrl = string.Empty, apiVersion = string.Empty;
webhookUrl = this.IsParameterBound(c => c.WebhookUrl) ? this.WebhookUrl : enrollment.CustomAllocationDefinition.WebhookUrl;
apiVersion = this.IsParameterBound(c => c.ApiVersion) ? this.ApiVersion : enrollment.CustomAllocationDefinition.ApiVersion;
enrollment.CustomAllocationDefinition = new CustomAllocationDefinition()
{
WebhookUrl = webhookUrl, ApiVersion = apiVersion
};
enrollment.IotHubHostName = null;
if (this.IsParameterBound(c => c.IotHub))
{
enrollment.IotHubs = this.IotHub;
}
break;
case Devices.Provisioning.Service.AllocationPolicy.Hashed:
case Devices.Provisioning.Service.AllocationPolicy.GeoLatency:
if (this.IsParameterBound(c => c.IotHub))
{
enrollment.IotHubs = this.IotHub;
}
enrollment.CustomAllocationDefinition = null;
enrollment.IotHubHostName = null;
break;
default:
if (this.IsParameterBound(c => c.IotHub))
{
throw new ArgumentException("Please provide allocation policy.");
}
break;
}
}
else
{
throw new ArgumentException("The enrollment doesn't exist.");
}
EnrollmentGroup result = client.CreateOrUpdateEnrollmentGroupAsync(enrollment).GetAwaiter().GetResult();
this.WriteObject(IotDpsUtils.ToPSEnrollmentGroup(result));
}
}
