/// <summary> /// Disables encryption on the given disk volume. /// </summary> /// <param name="volumeType">The disk volume.</param> /// <return>An observable that emits the decryption status.</return> ///GENMHASH:B980B0A762D67885E3B127392FD42890:A65E5C07D8DA37A2AB5EC199276933B9 internal async Task <Microsoft.Azure.Management.Compute.Fluent.IDiskVolumeEncryptionMonitor> DisableEncryptionAsync(DiskVolumeType volumeType, CancellationToken cancellationToken = default(CancellationToken)) { var encryptConfig = EncryptionSettings.CreateDisable(volumeType); await ValidateBeforeDecryptAsync(volumeType, cancellationToken); // Update the encryption extension if already installed // IVirtualMachineExtension extension = await GetEncryptionExtensionInstalledInVMAsync(cancellationToken); IVirtualMachine virtualMachine = await UpdateEncryptionExtensionAsync(encryptConfig, extension, cancellationToken); bool isNoAAD = EncryptionExtensionIdentifier.IsNoAADVersion(osType, extension.VersionName); if (virtualMachine != null && !isNoAAD) { // Validate and retrieve the encryption extension status // string status = await RetrieveEncryptionExtensionStatusStringAsync(ERROR_ENCRYPTION_EXTENSION_STATUS_IS_EMPTY, cancellationToken); // Update the VM's OS profile by marking encryption disabled // virtualMachine = await UpdateVMStorageProfileAsync(encryptConfig, cancellationToken); } // Gets the encryption status // return(await GetDiskVolumeEncryptDecryptStatusAsync(virtualMachine, isNoAAD, cancellationToken)); }
private async Task <IVirtualMachineExtension> GetEncryptionExtensionAsync(CancellationToken cancellationToken = default(CancellationToken)) { var extensions = await this.virtualMachine.ListExtensionsAsync(); foreach (var extension in extensions) { if (EncryptionExtensionIdentifier.IsEncryptionPublisherName(extension.PublisherName) && EncryptionExtensionIdentifier.IsEncryptionTypeName(extension.TypeName, this.virtualMachine.OSType)) { return(extension); } } return(null); }
public async Task <Microsoft.Azure.Management.Compute.Fluent.IDiskVolumeEncryptionMonitor> RefreshAsync(CancellationToken cancellationToken = default(CancellationToken)) { this.virtualMachine = await RetrieveVirtualMachineAsync(cancellationToken); if (virtualMachine.InstanceView != null && virtualMachine.InstanceView.Extensions != null) { foreach (var extension in virtualMachine.InstanceView.Extensions) { if (extension.Type != null && extension.Type.ToLower().StartsWith(EncryptionExtensionIdentifier.GetPublisherName().ToLower()) && extension.Name != null && EncryptionExtensionIdentifier.IsEncryptionTypeName(extension.Name, this.OSType())) { this.extensionInstanceView = extension; break; } } } return(this); }
///GENMHASH:5A2D79502EDA81E37A36694062AEDC65:061A846F0F7CA8B3F2DF8CA79A8D8B5A public async Task <Microsoft.Azure.Management.Compute.Fluent.IDiskVolumeEncryptionMonitor> RefreshAsync(CancellationToken cancellationToken = default(CancellationToken)) { // Refreshes the cached Windows virtual machine and installed encryption extension // var virtualMachine = await RetrieveVirtualMachineAsync(cancellationToken); this.virtualMachine = virtualMachine; if (virtualMachine.Resources != null) { foreach (var extension in virtualMachine.Resources) { if (EncryptionExtensionIdentifier.IsEncryptionPublisherName(extension.Publisher) && EncryptionExtensionIdentifier.IsEncryptionTypeName(extension.VirtualMachineExtensionType, OperatingSystemTypes.Windows)) { this.encryptionExtension = extension; break; } } } return(this); }
public IDictionary <string, InstanceViewStatus> DiskInstanceViewEncryptionStatuses() { if (virtualMachine.InstanceView == null || virtualMachine.InstanceView.Disks == null) { return(new Dictionary <string, InstanceViewStatus>()); } // var div = new Dictionary <string, InstanceViewStatus>(); foreach (DiskInstanceView diskInstanceView in virtualMachine.InstanceView.Disks) { foreach (InstanceViewStatus status in diskInstanceView.Statuses) { if (EncryptionExtensionIdentifier.GetEncryptionStatusFromCode(status.Code) != null) { div.Add(diskInstanceView.Name, status); break; } } } return(div); }
///GENMHASH:F5C4065BE678A5CA018C264CAFF7901A:1C7F0F2F318A44EF8EF32F689B1ABFB4 public async Task <Microsoft.Azure.Management.Compute.Fluent.IDiskVolumeEncryptionMonitor> GetMonitorAsync(CancellationToken cancellationToken = default(CancellationToken)) { var extension = await GetEncryptionExtensionAsync(cancellationToken); if (extension == null) { return(null); } bool isNoAAD = EncryptionExtensionIdentifier.IsNoAADVersion(this.virtualMachine.OSType, extension.VersionName); IDiskVolumeEncryptionMonitor monitor = null; if (this.virtualMachine.OSType == OperatingSystemTypes.Linux) { if (isNoAAD) { monitor = new LinuxDiskVolumeNoAADEncryptionMonitorImpl(virtualMachine.Id, virtualMachine.Manager); } else { monitor = new LinuxDiskVolumeLegacyEncryptionMonitorImpl(virtualMachine.Id, virtualMachine.Manager); } } else { if (isNoAAD) { monitor = new WindowsVolumeNoAADEncryptionMonitorImpl(virtualMachine.Id, virtualMachine.Manager); } else { monitor = new WindowsVolumeLegacyEncryptionMonitorImpl(virtualMachine.Id, virtualMachine.Manager); } } return(await monitor.RefreshAsync(cancellationToken)); }
public EncryptionStatus OSDiskStatus() { if (virtualMachine.InstanceView == null || virtualMachine.InstanceView.Disks == null) { return(EncryptionStatus.Unknown); } foreach (DiskInstanceView diskInstanceView in virtualMachine.InstanceView.Disks) { // encryptionSettings will be set only for OSDisk if (diskInstanceView.EncryptionSettings != null) { foreach (InstanceViewStatus status in diskInstanceView.Statuses) { EncryptionStatus encryptionStatus = EncryptionExtensionIdentifier.GetEncryptionStatusFromCode(status.Code); if (encryptionStatus != null) { return(encryptionStatus); } } break; } } return(EncryptionStatus.Unknown); }
public EncryptionStatus DataDiskStatus() { if (virtualMachine.InstanceView == null || virtualMachine.InstanceView.Disks == null) { return(EncryptionStatus.Unknown); } var encryptStatuses = new HashSet <EncryptionStatus>(); foreach (DiskInstanceView diskInstanceView in virtualMachine.InstanceView.Disks) { // encryptionSettings will be null for data disks and non-null for os disk. if (diskInstanceView.EncryptionSettings != null) { continue; } foreach (InstanceViewStatus status in diskInstanceView.Statuses) { EncryptionStatus encryptionStatus = EncryptionExtensionIdentifier.GetEncryptionStatusFromCode(status.Code); if (encryptionStatus != null) { encryptStatuses.Add(encryptionStatus); break; } } } // Derive an overall encryption status for all data disks. // -------------- if (encryptStatuses.Count == 0) { // Zero disks or disks without encryption state status. return(EncryptionStatus.Unknown); } else if (encryptStatuses.Count == 1) { // Single item indicate all disks are of the same encryption state. // return(encryptStatuses.First()); } // // More than one encryptStatuses indicates multiple disks with different encryption states. // The precedence is UNKNOWN > NOT_MOUNTED > ENCRYPTION_INPROGRESS > VM_RESTART_PENDING if (encryptStatuses.Contains(EncryptionStatus.Unknown)) { return(EncryptionStatus.Unknown); } else if (encryptStatuses.Contains(EncryptionStatus.NotMounted)) { return(EncryptionStatus.NotMounted); } else if (encryptStatuses.Contains(EncryptionStatus.EncryptionInProgress)) { return(EncryptionStatus.EncryptionInProgress); } else if (encryptStatuses.Contains(EncryptionStatus.VMRestartPending)) { return(EncryptionStatus.VMRestartPending); } else { return(EncryptionStatus.Unknown); } }