public override void ExecuteCmdlet()
{
base.ExecuteCmdlet();
ExecuteClientAction(() =>
{
VirtualMachine virtualMachineResponse = this.ComputeClient.ComputeManagementClient.VirtualMachines.GetWithInstanceView(
this.ResourceGroupName, this.VMName).Body;
this.validateRetreivedVirtualMachine(virtualMachineResponse);
AzureDiskEncryptionMode adeMode = GetAzureDiskEncryptionMode(virtualMachineResponse);
AzureDiskEncryptionStatusContext status = null;
switch (adeMode)
{
case AzureDiskEncryptionMode.SinglePass:
status = this.getStatusSinglePass(virtualMachineResponse);
break;
case AzureDiskEncryptionMode.DualPass:
status = this.getStatusDualPass(virtualMachineResponse);
break;
case AzureDiskEncryptionMode.None:
status = new AzureDiskEncryptionStatusContext
{
OsVolumeEncrypted = EncryptionStatus.NotEncrypted,
DataVolumesEncrypted = EncryptionStatus.NotEncrypted,
OsVolumeEncryptionSettings = null,
ProgressMessage = "No Encryption extension or metadata found on the VM"
};
break;
}
WriteObject(status);
return;
});
}
private AzureDiskEncryptionStatusContext getStatusSinglePass(VirtualMachine vm)
{
// First get extension status from disk instance view
AzureDiskEncryptionStatusContext status = this.GetStatusFromInstanceView(vm);
// Get Data Disk status from extension for Native Disk VMs
if (status.DataVolumesEncrypted != EncryptionStatus.NoDiskFound && isNativeDiskVM(vm))
{
// We use logic that's otherwise only used for Windows VMs in Dual Pass
status.DataVolumesEncrypted = this.AreWindowsDataVolumesEncryptedDualPass(vm);
}
// Get the extension status message
try
{
status.ProgressMessage = GetExtensionStatusMessage(vm);
}
catch (KeyNotFoundException)
{
status.ProgressMessage = string.Format(CultureInfo.CurrentUICulture, "Extension status not available on the VM");
}
// While this is enough for Windows, we may need more information for Linux from the extension substatus
if (vm.StorageProfile.OsDisk.OsType == OperatingSystemTypes.Linux)
{
try
{
Dictionary <string, string> encryptionStatusParsed = null;
string encryptionStatusJson = GetExtensionStatusMessage(vm, returnSubstatusMessage: true);
encryptionStatusParsed = JsonConvert.DeserializeObject <Dictionary <string, string> >(encryptionStatusJson);
status.OsVolumeEncrypted = (EncryptionStatus)Enum.Parse(typeof(EncryptionStatus), encryptionStatusParsed[AzureDiskEncryptionExtensionConstants.encryptionResultOsKey]);
status.DataVolumesEncrypted = (EncryptionStatus)Enum.Parse(typeof(EncryptionStatus), encryptionStatusParsed[AzureDiskEncryptionExtensionConstants.encryptionResultDataKey]);
}
catch (KeyNotFoundException)
{
;// Do nothing
}
}
return(status);
}
protected override void ProcessRecord()
{
base.ProcessRecord();
ExecuteClientAction(() =>
{
VirtualMachine vmParameters = (this.ComputeClient.ComputeManagementClient.VirtualMachines.Get(this.ResourceGroupName, this.VMName)).VirtualMachine;
bool osVolumeEncrypted = IsOsVolumeEncrypted(vmParameters);
DiskEncryptionSettings osVolumeEncryptionSettings = GetOsVolumeEncryptionSettings(vmParameters);
bool dataVolumesEncrypted = AreDataVolumesEncrypted(vmParameters);
AzureDiskEncryptionStatusContext encryptionStatus = new AzureDiskEncryptionStatusContext
{
OsVolumeEncrypted = osVolumeEncrypted,
OsVolumeEncryptionSettings = osVolumeEncryptionSettings,
DataVolumesEncrypted = dataVolumesEncrypted
};
WriteObject(encryptionStatus);
});
}
private AzureDiskEncryptionStatusContext getStatusDualPass(VirtualMachine vm)
{
DiskEncryptionSettings osVolumeEncryptionSettings = GetOsVolumeEncryptionSettingsDualPass(vm);
AzureDiskEncryptionStatusContext encryptionStatus = null;
switch (vm.StorageProfile.OsDisk.OsType)
{
case OperatingSystemTypes.Windows:
EncryptionStatus osVolumeEncrypted = IsWindowsOsVolumeEncryptedDualPass(vm);
EncryptionStatus dataVolumesEncrypted = AreWindowsDataVolumesEncryptedDualPass(vm);
encryptionStatus = new AzureDiskEncryptionStatusContext
{
OsVolumeEncrypted = osVolumeEncrypted,
DataVolumesEncrypted = dataVolumesEncrypted,
OsVolumeEncryptionSettings = osVolumeEncryptionSettings,
ProgressMessage = string.Format(CultureInfo.CurrentUICulture, "OsVolume: {0}, DataVolumes: {1}", osVolumeEncrypted, dataVolumesEncrypted)
};
break;
case OperatingSystemTypes.Linux:
if (!this.IsExtensionInstalled(vm) && this.isVMRunning(vm))
{
VirtualMachineExtension parameters = GetDualPassQueryVmExtensionParameters(vm);
this.VirtualMachineExtensionClient.CreateOrUpdateWithHttpMessagesAsync(
this.ResourceGroupName,
this.VMName,
this.Name,
parameters).GetAwaiter().GetResult();
}
Dictionary <string, string> encryptionStatusParsed = null;
try
{
string encryptionStatusJson = GetExtensionStatusMessage(vm, returnSubstatusMessage: true);
encryptionStatusParsed = JsonConvert.DeserializeObject <Dictionary <string, string> >(encryptionStatusJson);
}
catch (KeyNotFoundException)
{
encryptionStatusParsed = new Dictionary <string, string>()
{
{ AzureDiskEncryptionExtensionConstants.encryptionResultOsKey, EncryptionStatus.Unknown.ToString() },
{ AzureDiskEncryptionExtensionConstants.encryptionResultDataKey, EncryptionStatus.Unknown.ToString() }
};
}
string progressMessage = null;
try
{
progressMessage = GetExtensionStatusMessage(vm);
}
catch (KeyNotFoundException)
{
progressMessage = string.Format(CultureInfo.CurrentUICulture, "Extension status not available on the VM");
}
encryptionStatus = new AzureDiskEncryptionStatusContext
{
OsVolumeEncrypted = (EncryptionStatus)Enum.Parse(typeof(EncryptionStatus), encryptionStatusParsed[AzureDiskEncryptionExtensionConstants.encryptionResultOsKey]),
DataVolumesEncrypted = (EncryptionStatus)Enum.Parse(typeof(EncryptionStatus), encryptionStatusParsed[AzureDiskEncryptionExtensionConstants.encryptionResultDataKey]),
OsVolumeEncryptionSettings = osVolumeEncryptionSettings,
ProgressMessage = progressMessage
};
break;
default:
ThrowTerminatingError(new ErrorRecord(new ApplicationException(string.Format(CultureInfo.CurrentUICulture, "OS type unknown.")),
"InvalidResult",
ErrorCategory.InvalidResult,
null));
break;
}
return(encryptionStatus);
}
private AzureDiskEncryptionStatusContext GetStatusFromInstanceView(VirtualMachine vm)
{
AzureDiskEncryptionStatusContext result = new AzureDiskEncryptionStatusContext();
result.OsVolumeEncrypted = EncryptionStatus.Unknown;
result.DataVolumesEncrypted = EncryptionStatus.Unknown;
StorageProfile storageProfile = vm.StorageProfile;
VirtualMachineInstanceView iv = vm.InstanceView;
if (iv != null)
{
result.OsVolumeEncrypted = EncryptionStatus.NoDiskFound;
result.DataVolumesEncrypted = EncryptionStatus.NoDiskFound;
foreach (DiskInstanceView div in iv.Disks)
{
if (div.Name.Equals(storageProfile.OsDisk.Name))
{
// check os volume status
string status = GetLastEncryptionStatus(div);
switch (status)
{
case "EncryptionState/encrypted":
result.OsVolumeEncrypted = EncryptionStatus.Encrypted;
break;
case "EncryptionState/notEncrypted":
case "":
result.OsVolumeEncrypted = EncryptionStatus.NotEncrypted;
break;
default:
break;
}
result.OsVolumeEncryptionSettings = (div.EncryptionSettings != null) ? div.EncryptionSettings[0] : null;
}
else
{
// check data volume status
// Mark DataVolumesEncrypted as Encrypted if even one of the disks is Encrypted
// Skip if DataVolumesEncrypted has already been marked Encrypted
if (result.DataVolumesEncrypted == EncryptionStatus.Encrypted)
{
continue;
}
string status = GetLastEncryptionStatus(div);
switch (status)
{
case "EncryptionState/encrypted":
result.DataVolumesEncrypted = EncryptionStatus.Encrypted;
break;
case "EncryptionState/notEncrypted":
case "":
result.DataVolumesEncrypted = EncryptionStatus.NotEncrypted;
break;
default:
break;
}
}
}
}
return(result);
}
public override void ExecuteCmdlet()
{
base.ExecuteCmdlet();
ExecuteClientAction(() =>
{
VirtualMachine vmParameters = (this.ComputeClient.ComputeManagementClient.VirtualMachines.Get(this.ResourceGroupName, this.VMName));
EncryptionStatus osVolumeEncrypted = IsOsVolumeEncrypted(vmParameters);
DiskEncryptionSettings osVolumeEncryptionSettings = GetOsVolumeEncryptionSettings(vmParameters);
EncryptionStatus dataVolumesEncrypted = AreDataVolumesEncrypted(vmParameters);
AzureDiskEncryptionStatusContext encryptionStatus = null;
string progressMessage = null;
OSType osType = GetOSType(vmParameters);
switch (osType)
{
case OSType.Windows:
encryptionStatus = new AzureDiskEncryptionStatusContext
{
OsVolumeEncrypted = osVolumeEncrypted,
DataVolumesEncrypted = dataVolumesEncrypted,
OsVolumeEncryptionSettings = osVolumeEncryptionSettings,
ProgressMessage = string.Format(CultureInfo.CurrentUICulture, "OsVolume: {0}, DataVolumes: {1}", osVolumeEncrypted, dataVolumesEncrypted)
};
WriteObject(encryptionStatus);
break;
case OSType.Linux:
if (!IsExtensionInstalled(osType))
{
VirtualMachine virtualMachineResponse = this.ComputeClient.ComputeManagementClient.VirtualMachines.GetWithInstanceView(
this.ResourceGroupName, VMName).Body;
VirtualMachineExtension parameters = GetVmExtensionParameters(virtualMachineResponse, osType);
this.VirtualMachineExtensionClient.CreateOrUpdateWithHttpMessagesAsync(
this.ResourceGroupName,
this.VMName,
this.Name,
parameters).GetAwaiter().GetResult();
}
Dictionary <string, string> encryptionStatusParsed = null;
try
{
string encryptionStatusJson = GetExtensionStatusMessage(osType, returnSubstatusMessage: true);
encryptionStatusParsed = JsonConvert.DeserializeObject <Dictionary <string, string> >(encryptionStatusJson);
}
catch (KeyNotFoundException)
{
encryptionStatusParsed = new Dictionary <string, string>()
{
{ AzureDiskEncryptionExtensionConstants.encryptionResultOsKey, EncryptionStatus.Unknown.ToString() },
{ AzureDiskEncryptionExtensionConstants.encryptionResultDataKey, EncryptionStatus.Unknown.ToString() }
};
}
try
{
progressMessage = GetExtensionStatusMessage(osType);
}
catch (KeyNotFoundException)
{
progressMessage = string.Format(CultureInfo.CurrentUICulture, "Extension status not available on the VM");
}
encryptionStatus = new AzureDiskEncryptionStatusContext
{
OsVolumeEncrypted = (EncryptionStatus)Enum.Parse(typeof(EncryptionStatus), encryptionStatusParsed[AzureDiskEncryptionExtensionConstants.encryptionResultOsKey]),
DataVolumesEncrypted = (EncryptionStatus)Enum.Parse(typeof(EncryptionStatus), encryptionStatusParsed[AzureDiskEncryptionExtensionConstants.encryptionResultDataKey]),
OsVolumeEncryptionSettings = osVolumeEncryptionSettings,
ProgressMessage = progressMessage
};
WriteObject(encryptionStatus);
break;
case OSType.Unknown:
ThrowTerminatingError(new ErrorRecord(new ApplicationException(string.Format(CultureInfo.CurrentUICulture, "OS type unknown.")),
"InvalidResult",
ErrorCategory.InvalidResult,
null));
break;
}
});
}
