/// <summary> /// Changes the Vault context /// </summary> /// <param name="vault">vault object</param> /// <returns>credential object</returns> public ASRVaultCreds ChangeVaultContext(ARSVault vault) { string resourceProviderNamespace = string.Empty; string resourceType = string.Empty; Utilities.GetResourceProviderNamespaceAndType(vault.ID, out resourceProviderNamespace, out resourceType); Utilities.UpdateCurrentVaultContext(new ASRVaultCreds() { ResourceGroupName = vault.ResourceGroupName, ResourceName = vault.Name, ResourceNamespace = resourceProviderNamespace, ARMResourceType = resourceType }); // Get Channel Integrity key string getChannelIntegrityKey = this.GetCurrentVaultChannelIntegrityKey(); // Update vault settings along with Channel integrity key Utilities.UpdateCurrentVaultContext(new ASRVaultCreds() { ResourceGroupName = vault.ResourceGroupName, ResourceName = vault.Name, ChannelIntegrityKey = getChannelIntegrityKey, ResourceNamespace = resourceProviderNamespace, ARMResourceType = resourceType }); return(arsVaultCreds); }
/// <summary> /// Gets the vault credential object /// </summary> /// <param name="managementCert">certificate to be uploaded</param> /// <param name="vault">vault object</param> /// <param name="site">site object</param> /// <param name="authType">authentication type</param> /// <returns>credential object</returns> public ASRVaultCreds GenerateVaultCredential( X509Certificate2 managementCert, ARSVault vault, ASRSite site, string authType) { ASRVaultCreds currentVaultContext = PSRecoveryServicesClient.arsVaultCreds; string resourceProviderNamespace = string.Empty; string resourceType = string.Empty; Utilities.GetResourceProviderNamespaceAndType(vault.ID, out resourceProviderNamespace, out resourceType); Logger.Instance.WriteDebug(string.Format( "GenerateVaultCredential resourceProviderNamespace = {0}, resourceType = {1}", resourceProviderNamespace, resourceType)); // Update vault settings with the working vault to generate file Utilities.UpdateCurrentVaultContext(new ASRVaultCreds() { ResourceGroupName = vault.ResourceGroupName, ResourceName = vault.Name, ResourceNamespace = resourceProviderNamespace, ARMResourceType = resourceType }); // Get Channel Integrity key string channelIntegrityKey; string getChannelIntegrityKey = this.GetCurrentVaultChannelIntegrityKey(); // Making sure we can generate the file, once the SDK and portal are inter-operable // upload certificate and fetch of ACIK can be made parallel to improvve the performace. // Upload certificate VaultCertificateResponse uploadCertificate = this.UpdateVaultCertificate( managementCert, authType); channelIntegrityKey = getChannelIntegrityKey; ASRVaultCreds arsVaultCreds = this.GenerateCredentialObject( managementCert, uploadCertificate, channelIntegrityKey, vault, site); // Update back the original vault settings Utilities.UpdateCurrentVaultContext(currentVaultContext); return(arsVaultCreds); }
/// <summary> /// Gets the vault credential object /// </summary> /// <param name="managementCert">certificate to be uploaded</param> /// <param name="vault">vault object</param> /// <returns>credential object</returns> public ASRVaultCreds GenerateVaultCredential(X509Certificate2 managementCert, ARSVault vault, ASRSite site) { ASRVaultCreds currentVaultContext = PSRecoveryServicesClient.asrVaultCreds; string resourceProviderNamespace = string.Empty; string resourceType = string.Empty; Utilities.GetResourceProviderNamespaceAndType(vault.ID, out resourceProviderNamespace, out resourceType); // Update vault settings with the working vault to generate file Utilities.UpdateCurrentVaultContext(new ASRVaultCreds() { ResourceGroupName = vault.ResouceGroupName, ResourceName = vault.Name, ResourceNamespace = resourceProviderNamespace, ARMResourceType = resourceType }); // Get Channel Integrity key string channelIntegrityKey; Task <string> getChannelIntegrityKey = this.GetChannelIntegrityKey(); // Making sure we can generate the file, once the SDK and portal are inter-operable // upload certificate and fetch of ACIK can be made parallel to improvve the performace. getChannelIntegrityKey.Wait(); // Upload certificate UploadCertificateResponse acsDetails; Task <UploadCertificateResponse> uploadCertificate = this.UpdateVaultCertificate(managementCert); uploadCertificate.Wait(); acsDetails = uploadCertificate.Result; channelIntegrityKey = getChannelIntegrityKey.Result; ASRVaultCreds asrVaultCreds = this.GenerateCredentialObject( managementCert, acsDetails, channelIntegrityKey, vault, site); // Update back the original vault settings Utilities.UpdateCurrentVaultContext(currentVaultContext); return(asrVaultCreds); }
/// <summary> /// Initializes a new instance of the <see cref="PSRecoveryServicesClient" /> class with /// required current subscription. /// </summary> /// <param name="azureSubscription">Azure Subscription</param> public PSRecoveryServicesClient(IAzureContext defaultContext) { string resourceType = string.Empty; // Get Resource provider namespace from config if needed to communicate with internal deployments if (string.IsNullOrEmpty(arsVaultCreds.ResourceNamespace)) { Utilities.UpdateCurrentVaultContext(new ASRVaultCreds() { ResourceNamespace = ProductionRpNamespace, ARMResourceType = resourceType }); } this.recoveryServicesClient = AzureSession.ClientFactory.CreateArmClient <RecoveryServicesClient>( defaultContext, AzureEnvironment.Endpoint.ResourceManager); resourceManagementClient = AzureSession.ClientFactory.CreateArmClient <ResourceManagementClient>(defaultContext, AzureEnvironment.Endpoint.ResourceManager); }
/// <summary> /// Initializes a new instance of the <see cref="PSRecoveryServicesClient" /> class with /// required current subscription. /// </summary> /// <param name="azureSubscription">Azure Subscription</param> public PSRecoveryServicesClient(IAzureProfile azureProfile) { System.Configuration.Configuration recoveryServicesConfig = ConfigurationManager.OpenExeConfiguration(System.Reflection.Assembly.GetExecutingAssembly().Location); System.Configuration.AppSettingsSection appSettings = (System.Configuration.AppSettingsSection)recoveryServicesConfig.GetSection("appSettings"); string resourceNamespace = string.Empty; string resourceType = string.Empty; // Get Resource provider namespace from config if needed to communicate with internal deployments if (string.IsNullOrEmpty(arsVaultCreds.ResourceNamespace)) { if (appSettings.Settings.Count == 0) { resourceNamespace = "Microsoft.RecoveryServices"; } else { resourceNamespace = null == appSettings.Settings["ProviderNamespace"] ? "Microsoft.RecoveryServices" : appSettings.Settings["ProviderNamespace"].Value; } Utilities.UpdateCurrentVaultContext(new ASRVaultCreds() { ResourceNamespace = resourceNamespace, ARMResourceType = resourceType }); } this.recoveryServicesClient = AzureSession.ClientFactory.CreateCustomClient <RecoveryServicesManagementClient>( arsVaultCreds.ResourceNamespace, AzureSession.AuthenticationFactory.GetSubscriptionCloudCredentials(azureProfile.Context), azureProfile.Context.Environment.GetEndpointAsUri(AzureEnvironment.Endpoint.ResourceManager)); }
/// <summary> /// Initializes a new instance of the <see cref="PSRecoveryServicesClient" /> class with /// required current subscription. /// </summary> /// <param name="azureSubscription">Azure Subscription</param> public PSRecoveryServicesClient(IAzureContext defaultContext) { System.Configuration.Configuration recoveryServicesConfig = ConfigurationManager.OpenExeConfiguration(System.Reflection.Assembly.GetExecutingAssembly().Location); System.Configuration.AppSettingsSection appSettings = (System.Configuration.AppSettingsSection)recoveryServicesConfig.GetSection("appSettings"); string resourceType = string.Empty; // Get Resource provider namespace from config if needed to communicate with internal deployments if (string.IsNullOrEmpty(arsVaultCreds.ResourceNamespace)) { Utilities.UpdateCurrentVaultContext(new ASRVaultCreds() { ResourceNamespace = ProductionRpNamespace, ARMResourceType = resourceType }); } this.recoveryServicesClient = AzureSession.Instance.ClientFactory.CreateArmClient <RecoveryServicesClient>( defaultContext, AzureEnvironment.Endpoint.ResourceManager); resourceManagementClient = AzureSession.Instance.ClientFactory.CreateArmClient <ResourceManagementClient>(defaultContext, AzureEnvironment.Endpoint.ResourceManager); }
/// <summary> /// Generates vault creds file content for Site Recovery Vault /// </summary> /// <param name="cert">management certificate</param> /// <param name="subscriptionId">subscription Id</param> /// <param name="vaultCertificateResponse">vaultCertificate Response</param> /// <param name="asrSite">asrSite Info</param> /// <returns>xml file in string format</returns> private string GenerateVaultCredsForSiteRecovery(X509Certificate2 cert, string subscriptionId, VaultCertificateResponse vaultCertificateResponse, ASRSite asrSite) { using (var output = new MemoryStream()) { using (var writer = XmlWriter.Create(output, GetXmlWriterSettings())) { ResourceCertificateAndAadDetails aadDetails = vaultCertificateResponse.Properties as ResourceCertificateAndAadDetails; string resourceProviderNamespace = string.Empty; string resourceType = string.Empty; Utilities.GetResourceProviderNamespaceAndType(this.Vault.ID, out resourceProviderNamespace, out resourceType); Logger.Instance.WriteDebug(string.Format( "GenerateVaultCredential resourceProviderNamespace = {0}, resourceType = {1}", resourceProviderNamespace, resourceType)); // Update vault settings with the working vault to generate file Utilities.UpdateCurrentVaultContext(new ASRVaultCreds() { ResourceGroupName = this.Vault.ResourceGroupName, ResourceName = this.Vault.Name, ResourceNamespace = resourceProviderNamespace, ARMResourceType = resourceType }); //Code taken from Ibiza code string aadAudience = string.Format(CultureInfo.InvariantCulture, @"https://RecoveryServiceVault/{0}/{1}/{2}", Vault.Location, Vault.Name, aadDetails.ResourceId); RSVaultAsrCreds vaultCreds = new RSVaultAsrCreds() { VaultDetails = new ASRVaultDetails { SubscriptionId = subscriptionId, ResourceGroup = this.Vault.ResourceGroupName, ResourceName = this.Vault.Name, ResourceId = aadDetails.ResourceId.Value, Location = Vault.Location, ResourceType = RecoveryServicesVaultType, ProviderNamespace = PSRecoveryServicesClient.ProductionRpNamespace }, ManagementCert = CertUtils.SerializeCert(cert, X509ContentType.Pfx), Version = VaultCredentialVersionAad, AadDetails = new ASRVaultAadDetails { AadAuthority = aadDetails.AadAuthority, AadTenantId = aadDetails.AadTenantId, ServicePrincipalClientId = aadDetails.ServicePrincipalClientId, AadVaultAudience = aadAudience, ArmManagementEndpoint = aadDetails.AzureManagementEndpointAudience }, ChannelIntegrityKey = this.RecoveryServicesClient.GetCurrentVaultChannelIntegrityKey(), SiteId = asrSite.ID == null ? String.Empty : asrSite.ID, SiteName = asrSite.Name == null ? String.Empty : asrSite.Name }; DataContractSerializer serializer = new DataContractSerializer(typeof(RSVaultAsrCreds)); serializer.WriteObject(writer, vaultCreds); } return(Encoding.UTF8.GetString(output.ToArray())); } }