public void TestSetManagedInstanceActiveDirectoryAdministrator() { string aadAdmin = "aadadmin"; string managedInstanceName = "miaadadmin"; using (SqlManagementTestContext context = new SqlManagementTestContext(this)) { Guid objectId = new Guid(TestEnvironmentUtilities.GetUserObjectId()); Guid tenantId = new Guid(TestEnvironmentUtilities.GetTenantId()); SqlManagementClient sqlClient = context.GetClient <SqlManagementClient>(); ResourceGroup resourceGroup = context.CreateResourceGroup(); // Create vnet and get the subnet id VirtualNetwork vnet = ManagedInstanceTestFixture.CreateVirtualNetwork(context, resourceGroup, TestEnvironmentUtilities.DefaultLocationId); Sku sku = new Sku(); sku.Name = "MIGP8G4"; sku.Tier = "GeneralPurpose"; ManagedInstance instance = sqlClient.ManagedInstances.CreateOrUpdate(resourceGroup.Name, "crud-tests-" + managedInstanceName, new ManagedInstance() { AdministratorLogin = SqlManagementTestUtilities.DefaultLogin, AdministratorLoginPassword = SqlManagementTestUtilities.DefaultPassword, Sku = sku, SubnetId = vnet.Subnets[0].Id, Tags = new Dictionary <string, string>(), Location = TestEnvironmentUtilities.DefaultLocationId, }); Assert.NotNull(instance); // Add new Active Directory Admin ManagedInstanceAdministrator newAdmin = new ManagedInstanceAdministrator(login: aadAdmin, sid: objectId, tenantId: tenantId); ManagedInstanceAdministrator createResult = sqlClient.ManagedInstanceAdministrators.CreateOrUpdate(resourceGroup.Name, instance.Name, newAdmin); Assert.Equal(aadAdmin, createResult.Login); // Get the current Active Directory Admin ManagedInstanceAdministrator getResult = sqlClient.ManagedInstanceAdministrators.Get(resourceGroup.Name, instance.Name); Assert.Equal(aadAdmin, getResult.Login); Assert.Equal(objectId, getResult.Sid); Assert.Equal(tenantId, getResult.TenantId); // Delete the Active Directory Admin on server sqlClient.ManagedInstanceAdministrators.Delete(resourceGroup.Name, instance.Name); // List all Active Directory Admins for isntance. Microsoft.Azure.Management.Sql.Models.Page1 <ManagedInstanceAdministrator> admins = (Microsoft.Azure.Management.Sql.Models.Page1 <ManagedInstanceAdministrator>)sqlClient.ManagedInstanceAdministrators.ListByInstance(resourceGroup.Name, instance.Name); Assert.True(admins == null || !admins.GetEnumerator().MoveNext()); } }
public void TestSetServerActiveDirectoryAdministrator() { string aadAdmin = "DSEngAll"; Dictionary <string, string> tags = new Dictionary <string, string>(); using (SqlManagementTestContext context = new SqlManagementTestContext(this)) { Guid objectId = new Guid(TestEnvironmentUtilities.GetUserObjectId()); Guid tenantId = new Guid(TestEnvironmentUtilities.GetTenantId()); SqlManagementClient sqlClient = context.GetClient <SqlManagementClient>(); ResourceGroup resourceGroup = context.CreateResourceGroup(); Server server = context.CreateServer(resourceGroup); // Add new Active Directory Admin ServerAzureADAdministrator newAdmin = new ServerAzureADAdministrator( aadAdmin, objectId, tenantId); ServerAzureADAdministrator createResult = sqlClient.ServerAzureADAdministrators.CreateOrUpdate(resourceGroup.Name, server.Name, newAdmin); Assert.Equal(aadAdmin, createResult.Login); // Get the current Active Directory Admin ServerAzureADAdministrator getResult = sqlClient.ServerAzureADAdministrators.Get(resourceGroup.Name, server.Name); Assert.Equal(aadAdmin, getResult.Login); Assert.Equal(objectId, getResult.Sid); Assert.Equal(tenantId, getResult.TenantId); // Delete the Active Directory Admin on server sqlClient.ServerAzureADAdministrators.Delete(resourceGroup.Name, server.Name); // List all Active Directory Admin List <ServerAzureADAdministrator> admins = sqlClient.ServerAzureADAdministrators.ListByServer(resourceGroup.Name, server.Name) as List <ServerAzureADAdministrator>; Assert.True(admins == null || admins.Count == 0); } }
public void TestSetManagedInstanceActiveDirectoryAdministrator() { string aadAdmin = "aadadmin"; string managedInstanceName = "miaadadmin"; using (SqlManagementTestContext context = new SqlManagementTestContext(this)) { Guid objectId = new Guid(TestEnvironmentUtilities.GetUserObjectId()); Guid tenantId = new Guid(TestEnvironmentUtilities.GetTenantId()); SqlManagementClient sqlClient = context.GetClient <SqlManagementClient>(); ResourceGroup resourceGroup = context.CreateResourceGroup(); ManagedInstance instance = context.CreateManagedInstance(resourceGroup); Assert.NotNull(instance); // Add new Active Directory Admin ManagedInstanceAdministrator newAdmin = new ManagedInstanceAdministrator(login: aadAdmin, sid: objectId, tenantId: tenantId); ManagedInstanceAdministrator createResult = sqlClient.ManagedInstanceAdministrators.CreateOrUpdate(resourceGroup.Name, instance.Name, newAdmin); Assert.Equal(aadAdmin, createResult.Login); // Get the current Active Directory Admin ManagedInstanceAdministrator getResult = sqlClient.ManagedInstanceAdministrators.Get(resourceGroup.Name, instance.Name); Assert.Equal(aadAdmin, getResult.Login); Assert.Equal(objectId, getResult.Sid); Assert.Equal(tenantId, getResult.TenantId); // Delete the Active Directory Admin on server sqlClient.ManagedInstanceAdministrators.Delete(resourceGroup.Name, instance.Name); // List all Active Directory Admins for isntance. Microsoft.Azure.Management.Sql.Models.Page1 <ManagedInstanceAdministrator> admins = (Microsoft.Azure.Management.Sql.Models.Page1 <ManagedInstanceAdministrator>)sqlClient.ManagedInstanceAdministrators.ListByInstance(resourceGroup.Name, instance.Name); Assert.True(admins == null || !admins.GetEnumerator().MoveNext()); } }
private static KeyBundle CreateKeyVaultKeyAccessibleByIdentity(SqlManagementTestContext context, ResourceGroup resourceGroup, ResourceIdentityWithUserAssignedIdentities identity) { var sqlClient = context.GetClient <SqlManagementClient>(); var keyVaultManagementClient = context.GetClient <KeyVaultManagementClient>(); var keyVaultClient = TestEnvironmentUtilities.GetKeyVaultClient(); // Prepare vault permissions for the server var permissions = new Permissions() { Keys = new List <string>() { KeyPermissions.WrapKey, KeyPermissions.UnwrapKey, KeyPermissions.Get, KeyPermissions.List } }; var aclEntry = new AccessPolicyEntry(identity.TenantId.Value, identity.PrincipalId.Value.ToString(), permissions); // Prepare vault permissions for the app used in this test var appPermissions = new Permissions() { Keys = new List <string>() { KeyPermissions.Create, KeyPermissions.Delete, KeyPermissions.Get, KeyPermissions.List } }; string authObjectId = TestEnvironmentUtilities.GetUserObjectId(); var aclEntryUser = new AccessPolicyEntry(identity.TenantId.Value, authObjectId, appPermissions); // Create a vault var accessPolicy = new List <AccessPolicyEntry>() { aclEntry, aclEntryUser }; string vaultName = SqlManagementTestUtilities.GenerateName(); string vaultLocation = TestEnvironmentUtilities.DefaultLocation; var vault = keyVaultManagementClient.Vaults.CreateOrUpdate(resourceGroup.Name, vaultName, new VaultCreateOrUpdateParameters() { Location = vaultLocation, Properties = new VaultProperties() { AccessPolicies = accessPolicy, TenantId = identity.TenantId.Value, EnableSoftDelete = true } }); // Create a key // This can be flaky if attempted immediately after creating the vault. Adding short sleep to improve robustness. TestUtilities.Wait(TimeSpan.FromSeconds(3)); string keyName = SqlManagementTestUtilities.GenerateName(); return(keyVaultClient.CreateKeyAsync(vault.Properties.VaultUri, keyName, JsonWebKeyType.Rsa, keyOps: JsonWebKeyOperation.AllOperations).GetAwaiter().GetResult()); }