/// <summary> /// Initialize VMSS's identity property. /// </summary> /// <param name="identityType">The identity type to set.</param> private void InitVMSSIdentity(ResourceIdentityType identityType) { if (!identityType.Equals(ResourceIdentityType.UserAssigned) && !identityType.Equals(ResourceIdentityType.SystemAssigned)) { throw new ArgumentException("Invalid argument: " + identityType); } var scaleSetInner = this.scaleSet.Inner; if (scaleSetInner.Identity == null) { scaleSetInner.Identity = new VirtualMachineScaleSetIdentity(); } if (scaleSetInner.Identity.Type == null || scaleSetInner.Identity.Type.Equals(ResourceIdentityTypeEnumExtension.ToSerializedValue(ResourceIdentityType.None), StringComparison.OrdinalIgnoreCase) || scaleSetInner.Identity.Type.Equals(ResourceIdentityTypeEnumExtension.ToSerializedValue(identityType), StringComparison.OrdinalIgnoreCase)) { scaleSetInner.Identity.Type = ResourceIdentityTypeEnumExtension.ToSerializedValue(identityType); } else { scaleSetInner.Identity.Type = ResourceIdentityTypeEnumExtension.ToSerializedValue(ResourceIdentityType.SystemAssignedUserAssigned); } }
private static void InitVMIdentity(VirtualMachineInner vmInner, ResourceIdentityType identityType) { if (!identityType.Equals(ResourceIdentityType.UserAssigned) && !identityType.Equals(ResourceIdentityType.SystemAssigned)) { throw new ArgumentException("Invalid argument: " + identityType); } if (vmInner.Identity == null) { vmInner.Identity = new VirtualMachineIdentity(); } ResourceIdentityType?parsedIdentityType = ResourceIdentityTypeEnumExtension.ParseResourceIdentityType(vmInner.Identity.Type); if (parsedIdentityType == null || parsedIdentityType.Equals(ResourceIdentityType.None) || parsedIdentityType.Equals(identityType)) { vmInner.Identity.Type = ResourceIdentityTypeEnumExtension.ToSerializedValue(identityType); } else { vmInner.Identity.Type = ResourceIdentityTypeEnumExtension.ToSerializedValue(ResourceIdentityType.SystemAssignedUserAssigned); } if (vmInner.Identity.IdentityIds == null) { if (identityType.Equals(ResourceIdentityType.UserAssigned) || identityType.Equals(ResourceIdentityType.SystemAssignedUserAssigned)) { vmInner.Identity.IdentityIds = new List <string>(); } } }
/// <summary> /// Gets the MSI identity type. /// </summary> /// <param name="inner">the virtual machine inner</param> /// <returns>the MSI identity type</returns> internal static ResourceIdentityType?ManagedServiceIdentityType(VirtualMachineInner inner) { if (inner.Identity != null) { return(ResourceIdentityTypeEnumExtension.ParseResourceIdentityType(inner.Identity.Type)); } return(null); }
/// <summary> /// Gets the MSI identity type. /// </summary> /// <param name="inner">the virtual machine scale set inner</param> /// <returns>the MSI identity type</returns> internal static ResourceIdentityType?ManagedServiceIdentityType(VirtualMachineScaleSetInner inner) { if (inner.Identity != null) { //ResourceIdentityTypeEnumExtension.ToSerializedValue(ResourceIdentityType.SystemAssigned); return(ResourceIdentityTypeEnumExtension.ParseResourceIdentityType(inner.Identity.Type)); } return(null); }
/// <summary> /// Set user assigned identity ids to the given virtual machine inner model /// </summary> /// <param name="virtualMachineInner">the virtual machine inner model</param> /// <param name="vmTaskGroup">the virtual machine task group</param> internal void HandleUserAssignedIdentities(VirtualMachineInner virtualMachineInner, CreatorTaskGroup <IHasId> vmTaskGroup) { try { if (virtualMachineInner.Identity == null || virtualMachineInner.Identity.Type == null) { return; } ResourceIdentityType?parsedIdentityType = ResourceIdentityTypeEnumExtension.ParseResourceIdentityType(virtualMachineInner.Identity.Type); if (parsedIdentityType.Equals(ResourceIdentityType.None) || parsedIdentityType.Equals(ResourceIdentityType.SystemAssigned)) { return; } foreach (var key in this.userAssignedIdentityCreatableKeys) { var identity = (IIdentity)vmTaskGroup.CreatedResource(key); if (!this.userAssignedIdentityIdsToAssociate.Contains(identity.Id)) { this.userAssignedIdentityIdsToAssociate.Add(identity.Id); } } if (virtualMachineInner.Identity.IdentityIds == null) { virtualMachineInner.Identity.IdentityIds = new List <string>(); } foreach (var identityId in this.userAssignedIdentityIdsToAssociate) { if (!virtualMachineInner.Identity.IdentityIds.Contains(identityId)) { virtualMachineInner.Identity.IdentityIds.Add(identityId); } } foreach (var identityId in this.userAssignedIdentityIdsToRemove) { if (virtualMachineInner.Identity.IdentityIds.Contains(identityId)) { virtualMachineInner.Identity.IdentityIds.Remove(identityId); } } if (virtualMachineInner.Identity.IdentityIds.Any()) { this.installExtensionIfNotInstalled = true; } } finally { this.userAssignedIdentityCreatableKeys.Clear(); this.userAssignedIdentityIdsToAssociate.Clear(); this.userAssignedIdentityIdsToRemove.Clear(); } }
/// <summary> /// Checks system assigned identity is enabled for the virtual machine. /// </summary> /// <param name="virtualMachine">the virtual machine</param> /// <returns>true if system assigned MSI is enabled, false otherwise</returns> private static bool IsSystemAssignedMSIEnabled(IVirtualMachine virtualMachine) { VirtualMachineInner VMInner = virtualMachine.Inner; if (VMInner.Identity == null) { return(false); } ResourceIdentityType?parsedIdentityType = ResourceIdentityTypeEnumExtension.ParseResourceIdentityType(VMInner.Identity.Type); if (parsedIdentityType == null || parsedIdentityType.Equals(ResourceIdentityType.None)) { return(false); } else { return(parsedIdentityType.Equals(ResourceIdentityType.SystemAssigned) || parsedIdentityType.Equals(ResourceIdentityType.SystemAssignedUserAssigned)); } }
/// <summary> /// Specifies that Local Managed Service Identity needs to be disabled in the virtual machine scale set. /// </summary> /// <return>VirtualMachineScaleSetMsiHandler.</return> internal VirtualMachineScaleSetMsiHelper WithoutLocalManagedServiceIdentity() { if (this.scaleSet.Inner.Identity == null || this.scaleSet.Inner.Identity.Type == null || this.scaleSet.Inner.Identity.Type.Equals(ResourceIdentityTypeEnumExtension.ToSerializedValue(ResourceIdentityType.None), StringComparison.OrdinalIgnoreCase) || this.scaleSet.Inner.Identity.Type.Equals(ResourceIdentityTypeEnumExtension.ToSerializedValue(ResourceIdentityType.UserAssigned), StringComparison.OrdinalIgnoreCase)) { return(this); } else if (this.scaleSet.Inner.Identity.Type.Equals(ResourceIdentityTypeEnumExtension.ToSerializedValue(ResourceIdentityType.SystemAssigned), StringComparison.OrdinalIgnoreCase)) { this.scaleSet.Inner.Identity.Type = ResourceIdentityTypeEnumExtension.ToSerializedValue(ResourceIdentityType.None); } else if (this.scaleSet.Inner.Identity.Type.Equals(ResourceIdentityTypeEnumExtension.ToSerializedValue(ResourceIdentityType.SystemAssignedUserAssigned), StringComparison.OrdinalIgnoreCase)) { this.scaleSet.Inner.Identity.Type = ResourceIdentityTypeEnumExtension.ToSerializedValue(ResourceIdentityType.UserAssigned); } return(this); }
/// <summary> /// Method that handle the case where user request indicates all it want to do is remove all identities associated /// with the virtual machine. /// </summary> /// <param name="vmssUpdate">The vm update payload model.</param> /// <return>True if user indented to remove all the identities.</return> private bool HandleRemoveAllExternalIdentitiesCase(VirtualMachineScaleSetUpdate vmssUpdate) { if (this.userAssignedIdentities.Any()) { int rmCount = 0; foreach (var v in this.userAssignedIdentities.Values) { if (v == null) { rmCount++; } else { break; } } bool containsRemoveOnly = rmCount > 0 && rmCount == this.userAssignedIdentities.Count; // Check if user request contains only request for removal of identities. if (containsRemoveOnly) { var currentIds = new HashSet <string>(); var currentIdentity = this.scaleSet.Inner.Identity; if (currentIdentity != null && currentIdentity.UserAssignedIdentities != null) { foreach (var id in currentIdentity.UserAssignedIdentities.Keys) { currentIds.Add(id.ToLower()); } } var removeIds = new HashSet <string>(); foreach (var entrySet in this.userAssignedIdentities) { if (entrySet.Value == null) { removeIds.Add(entrySet.Key.ToLower()); } } // If so check user want to remove all the identities bool removeAllCurrentIds = currentIds.Count == removeIds.Count && !removeIds.Any(id => !currentIds.Contains(id)); // Java part looks like this -> && currentIds.ContainsAll(removeIds); if (removeAllCurrentIds) { // If so adjust the identity type [Setting type to SYSTEM_ASSIGNED orNONE will remove all the identities] if (currentIdentity == null || currentIdentity.Type == null) { vmssUpdate.Identity = new VirtualMachineScaleSetIdentity { Type = ResourceIdentityTypeEnumExtension.ToSerializedValue(ResourceIdentityType.None) }; } else if (currentIdentity.Type.Equals(ResourceIdentityTypeEnumExtension.ToSerializedValue(ResourceIdentityType.SystemAssignedUserAssigned), StringComparison.OrdinalIgnoreCase)) { vmssUpdate.Identity = currentIdentity; vmssUpdate.Identity.Type = ResourceIdentityTypeEnumExtension.ToSerializedValue(ResourceIdentityType.SystemAssigned); } else if (currentIdentity.Type.Equals(ResourceIdentityTypeEnumExtension.ToSerializedValue(ResourceIdentityType.UserAssigned), StringComparison.OrdinalIgnoreCase)) { vmssUpdate.Identity = currentIdentity; vmssUpdate.Identity.Type = ResourceIdentityTypeEnumExtension.ToSerializedValue(ResourceIdentityType.None); } // and set identities property in the payload model to null so that it won't be sent vmssUpdate.Identity.UserAssignedIdentities = null; return(true); } else { // Check user is asking to remove identities though there is no identities currently associated if (currentIds.Count == 0 && removeIds.Count != 0 && currentIdentity == null) { // If so we are in a invalid state but we want to send user input to service and let service // handle it (ignore or error). vmssUpdate.Identity = new VirtualMachineScaleSetIdentity { Type = ResourceIdentityTypeEnumExtension.ToSerializedValue(ResourceIdentityType.None) }; vmssUpdate.Identity.UserAssignedIdentities = null; return(true); } } } } return(false); }