From 01b63991b7507ffa48a7f07dbef46b9502385f90 Mon Sep 17 00:00:00 2001 From: Zunli Hu Date: Mon, 30 Dec 2019 13:46:17 +0800 Subject: [PATCH 01/13] initialize encryption key feature --- .../azure/cli/command_modules/storage/_params.py | 10 ++++++++++ .../command_modules/storage/operations/account.py | 15 ++++++++++++++- 2 files changed, 24 insertions(+), 1 deletion(-) diff --git a/src/azure-cli/azure/cli/command_modules/storage/_params.py b/src/azure-cli/azure/cli/command_modules/storage/_params.py index 9b4dc0d88ea..da26ff72ba8 100644 --- a/src/azure-cli/azure/cli/command_modules/storage/_params.py +++ b/src/azure-cli/azure/cli/command_modules/storage/_params.py @@ -159,6 +159,16 @@ def load_arguments(self, _): # pylint: disable=too-many-locals, too-many-statem help=" Allow the blob service to exhibit filesystem semantics. This property can be enabled only " "when storage account kind is StorageV2.", min_api='2018-02-01') + c.argument('encryption_key_type_for_table', arg_type=get_enum_type(['Account', 'Service']), is_preview=True, + help='Set the encryption key type for Table encryption service. "Account": Table will be encrypted ' + 'with account-scoped encryption key. "Service": Table will always be encrypted with ' + 'Service-Managed keys. Currently the default encryption key type is "Service".', + min_api='2019-06-01', options_list=['--encryption-key-type-for-table', '-t']) + c.argument('encryption_key_type_for_queue', arg_type=get_enum_type(['Account', 'Service']), is_preview=True, + help='Set the encryption key type for Queue encryption service. "Account": Queue will be encrypted ' + 'with account-scoped encryption key. "Service": Queue will always be encrypted with ' + 'Service-Managed keys. Currently the default encryption key type is "Service".', + min_api='2019-06-01', options_list=['--encryption-key-type-for-queue', '-q']) with self.argument_context('storage account update', resource_type=ResourceType.MGMT_STORAGE) as c: c.register_common_storage_account_options() diff --git a/src/azure-cli/azure/cli/command_modules/storage/operations/account.py b/src/azure-cli/azure/cli/command_modules/storage/operations/account.py index b216342bd89..12e6c406ec4 100644 --- a/src/azure-cli/azure/cli/command_modules/storage/operations/account.py +++ b/src/azure-cli/azure/cli/command_modules/storage/operations/account.py @@ -19,7 +19,8 @@ def create_storage_account(cmd, resource_group_name, account_name, sku=None, loc enable_files_aadds=None, bypass=None, default_action=None, assign_identity=False, enable_large_file_share=None, enable_files_adds=None, domain_name=None, net_bios_domain_name=None, forest_name=None, domain_guid=None, domain_sid=None, - azure_storage_sid=None, enable_hierarchical_namespace=None): + azure_storage_sid=None, enable_hierarchical_namespace=None, + encryption_key_type_for_table=None, encryption_key_type_for_queue=None): StorageAccountCreateParameters, Kind, Sku, CustomDomain, AccessTier, Identity, Encryption, NetworkRuleSet = \ cmd.get_models('StorageAccountCreateParameters', 'Kind', 'Sku', 'CustomDomain', 'AccessTier', 'Identity', 'Encryption', 'NetworkRuleSet') @@ -86,6 +87,18 @@ def create_storage_account(cmd, resource_group_name, account_name, sku=None, loc params.network_rule_set = NetworkRuleSet(bypass=bypass, default_action=default_action, ip_rules=None, virtual_network_rules=None) + if encryption_key_type_for_table is not None or encryption_key_type_for_queue is not None: + EncryptionServices = cmd.get_models('EncryptionServices') + EncryptionService = cmd.get_models('EncryptionService') + params.encryption = Encryption() + params.encryption.services = EncryptionServices() + if encryption_key_type_for_table is not None: + table_encryption_service = EncryptionService(enabled=True, key_type=encryption_key_type_for_table) + params.encryption.services.table = table_encryption_service + if encryption_key_type_for_queue is not None: + queue_encryption_service = EncryptionService(keyType=encryption_key_type_for_queue) + params.encryption.services.queue = queue_encryption_service + return scf.storage_accounts.create(resource_group_name, account_name, params) From 28a10a33ec43a041af8ef297a9fe6e551f3422c8 Mon Sep 17 00:00:00 2001 From: Zunli Hu Date: Mon, 30 Dec 2019 14:34:01 +0800 Subject: [PATCH 02/13] enable key type for queue --- .../azure/cli/command_modules/storage/operations/account.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/azure-cli/azure/cli/command_modules/storage/operations/account.py b/src/azure-cli/azure/cli/command_modules/storage/operations/account.py index 12e6c406ec4..31c4044c055 100644 --- a/src/azure-cli/azure/cli/command_modules/storage/operations/account.py +++ b/src/azure-cli/azure/cli/command_modules/storage/operations/account.py @@ -96,7 +96,7 @@ def create_storage_account(cmd, resource_group_name, account_name, sku=None, loc table_encryption_service = EncryptionService(enabled=True, key_type=encryption_key_type_for_table) params.encryption.services.table = table_encryption_service if encryption_key_type_for_queue is not None: - queue_encryption_service = EncryptionService(keyType=encryption_key_type_for_queue) + queue_encryption_service = EncryptionService(enabled=True, key_type=encryption_key_type_for_queue) params.encryption.services.queue = queue_encryption_service return scf.storage_accounts.create(resource_group_name, account_name, params) From 5c117b65bce0e3273fb37880e602d76ef8d391a1 Mon Sep 17 00:00:00 2001 From: Zunli Hu Date: Mon, 30 Dec 2019 14:42:20 +0800 Subject: [PATCH 03/13] add test --- .../tests/latest/test_storage_account_scenarios.py | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/src/azure-cli/azure/cli/command_modules/storage/tests/latest/test_storage_account_scenarios.py b/src/azure-cli/azure/cli/command_modules/storage/tests/latest/test_storage_account_scenarios.py index 08c4307a4ec..02bd69ac04f 100644 --- a/src/azure-cli/azure/cli/command_modules/storage/tests/latest/test_storage_account_scenarios.py +++ b/src/azure-cli/azure/cli/command_modules/storage/tests/latest/test_storage_account_scenarios.py @@ -190,6 +190,19 @@ def test_storage_create_with_hns_false(self, resource_group): create_cmd = 'az storage account create -n {} -g {} --kind StorageV2 --hns false'.format(name, resource_group) self.cmd(create_cmd, checks=[JMESPathCheck('isHnsEnabled', False)]) + @api_version_constraint(ResourceType.MGMT_STORAGE, min_api='2019-06-01') + @ResourceGroupPreparer(location='eastus2euap', name_prefix='cli_storage_account_encryption') + def test_storage_create_with_encryption_key_type(self, resource_group): + name = self.create_random_name(prefix='cliencryption', length=24) + create_cmd = 'az storage account create -n {} -g {} --kind StorageV2 -t Account -q Service'.format( + name, resource_group) + self.cmd(create_cmd, checks=[ + JMESPathCheck('encryption.services.queue.enabled', True), + JMESPathCheck('encryption.services.queue.keyType', 'Service'), + JMESPathCheck('encryption.services.table.enabled', True), + JMESPathCheck('encryption.services.table.keyType', 'Account'), + ]) + def test_show_usage(self): self.cmd('storage account show-usage -l westus', checks=JMESPathCheck('name.value', 'StorageAccounts')) From 6ef2025434fb4bcb8d08622e00d3b95bc604de0f Mon Sep 17 00:00:00 2001 From: Zunli Hu Date: Mon, 30 Dec 2019 14:54:18 +0800 Subject: [PATCH 04/13] uodate history --- src/azure-cli/HISTORY.rst | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/src/azure-cli/HISTORY.rst b/src/azure-cli/HISTORY.rst index 9b5d88c1d25..4d3ed69c45d 100644 --- a/src/azure-cli/HISTORY.rst +++ b/src/azure-cli/HISTORY.rst @@ -3,6 +3,11 @@ Release History =============== +**Stoarge** + +* Upgrade azure-mgmt-storage version to 7.1.0 +* `az storage account create`: Add --encryption-key-type-for-table and --encryption-key-type-for-queue to support Table and Queue Encryption Service + 2.0.79 ++++++ @@ -60,6 +65,7 @@ Release History * Update azure-mgmt-storage version to 7.0.0 to use api version 2019-06-01 * Add new parameters `--enable-delete-retention` and `--delete-retention-days` to support managing delete retention policy for storage account blob-service-properties. + 2.0.78 ++++++ From 6951ec3c962a0527e395819f49978e12a145bf0b Mon Sep 17 00:00:00 2001 From: Zunli Hu Date: Mon, 30 Dec 2019 16:02:46 +0800 Subject: [PATCH 05/13] fix style --- .../azure/cli/command_modules/storage/operations/account.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/azure-cli/azure/cli/command_modules/storage/operations/account.py b/src/azure-cli/azure/cli/command_modules/storage/operations/account.py index 31c4044c055..96ff1d40d3f 100644 --- a/src/azure-cli/azure/cli/command_modules/storage/operations/account.py +++ b/src/azure-cli/azure/cli/command_modules/storage/operations/account.py @@ -13,7 +13,7 @@ logger = get_logger(__name__) -# pylint: disable=too-many-locals +# pylint: disable=too-many-locals, too-many-statements def create_storage_account(cmd, resource_group_name, account_name, sku=None, location=None, kind=None, tags=None, custom_domain=None, encryption_services=None, access_tier=None, https_only=None, enable_files_aadds=None, bypass=None, default_action=None, assign_identity=False, From ce3541e689a20c375e39a221c9c87ff917216003 Mon Sep 17 00:00:00 2001 From: Zunli Hu Date: Thu, 9 Jan 2020 22:32:08 +0800 Subject: [PATCH 06/13] update package version --- src/azure-cli/requirements.py2.Darwin.txt | 2 +- src/azure-cli/requirements.py2.Linux.txt | 2 +- src/azure-cli/requirements.py2.windows.txt | 2 +- src/azure-cli/requirements.py3.Darwin.txt | 2 +- src/azure-cli/requirements.py3.Linux.txt | 2 +- src/azure-cli/requirements.py3.windows.txt | 2 +- src/azure-cli/setup.py | 2 +- 7 files changed, 7 insertions(+), 7 deletions(-) diff --git a/src/azure-cli/requirements.py2.Darwin.txt b/src/azure-cli/requirements.py2.Darwin.txt index c3b7d3d38c3..66e854beb48 100644 --- a/src/azure-cli/requirements.py2.Darwin.txt +++ b/src/azure-cli/requirements.py2.Darwin.txt @@ -75,7 +75,7 @@ azure-mgmt-servicefabric==0.2.0 azure-mgmt-signalr==0.3.0 azure-mgmt-sql==0.15.0 azure-mgmt-sqlvirtualmachine==0.5.0 -azure-mgmt-storage==7.0.0 +azure-mgmt-storage==7.1.0 azure-mgmt-trafficmanager==0.51.0 azure-mgmt-web==0.42.0 azure-multiapi-storage==0.2.4 diff --git a/src/azure-cli/requirements.py2.Linux.txt b/src/azure-cli/requirements.py2.Linux.txt index c3b7d3d38c3..66e854beb48 100644 --- a/src/azure-cli/requirements.py2.Linux.txt +++ b/src/azure-cli/requirements.py2.Linux.txt @@ -75,7 +75,7 @@ azure-mgmt-servicefabric==0.2.0 azure-mgmt-signalr==0.3.0 azure-mgmt-sql==0.15.0 azure-mgmt-sqlvirtualmachine==0.5.0 -azure-mgmt-storage==7.0.0 +azure-mgmt-storage==7.1.0 azure-mgmt-trafficmanager==0.51.0 azure-mgmt-web==0.42.0 azure-multiapi-storage==0.2.4 diff --git a/src/azure-cli/requirements.py2.windows.txt b/src/azure-cli/requirements.py2.windows.txt index 38d2228d42b..76e76726bdd 100644 --- a/src/azure-cli/requirements.py2.windows.txt +++ b/src/azure-cli/requirements.py2.windows.txt @@ -74,7 +74,7 @@ azure-mgmt-servicefabric==0.2.0 azure-mgmt-signalr==0.3.0 azure-mgmt-sql==0.15.0 azure-mgmt-sqlvirtualmachine==0.5.0 -azure-mgmt-storage==7.0.0 +azure-mgmt-storage==7.1.0 azure-mgmt-trafficmanager==0.51.0 azure-mgmt-web==0.42.0 azure-multiapi-storage==0.2.4 diff --git a/src/azure-cli/requirements.py3.Darwin.txt b/src/azure-cli/requirements.py3.Darwin.txt index 73300b908dc..7b178e4b1a0 100644 --- a/src/azure-cli/requirements.py3.Darwin.txt +++ b/src/azure-cli/requirements.py3.Darwin.txt @@ -75,7 +75,7 @@ azure-mgmt-servicefabric==0.2.0 azure-mgmt-signalr==0.3.0 azure-mgmt-sql==0.15.0 azure-mgmt-sqlvirtualmachine==0.5.0 -azure-mgmt-storage==7.0.0 +azure-mgmt-storage==7.1.0 azure-mgmt-trafficmanager==0.51.0 azure-mgmt-web==0.42.0 azure-multiapi-storage==0.2.4 diff --git a/src/azure-cli/requirements.py3.Linux.txt b/src/azure-cli/requirements.py3.Linux.txt index 73300b908dc..7b178e4b1a0 100644 --- a/src/azure-cli/requirements.py3.Linux.txt +++ b/src/azure-cli/requirements.py3.Linux.txt @@ -75,7 +75,7 @@ azure-mgmt-servicefabric==0.2.0 azure-mgmt-signalr==0.3.0 azure-mgmt-sql==0.15.0 azure-mgmt-sqlvirtualmachine==0.5.0 -azure-mgmt-storage==7.0.0 +azure-mgmt-storage==7.1.0 azure-mgmt-trafficmanager==0.51.0 azure-mgmt-web==0.42.0 azure-multiapi-storage==0.2.4 diff --git a/src/azure-cli/requirements.py3.windows.txt b/src/azure-cli/requirements.py3.windows.txt index 5f67fb995b9..af8ea7a31a3 100644 --- a/src/azure-cli/requirements.py3.windows.txt +++ b/src/azure-cli/requirements.py3.windows.txt @@ -74,7 +74,7 @@ azure-mgmt-servicefabric==0.2.0 azure-mgmt-signalr==0.3.0 azure-mgmt-sql==0.15.0 azure-mgmt-sqlvirtualmachine==0.5.0 -azure-mgmt-storage==7.0.0 +azure-mgmt-storage==7.1.0 azure-mgmt-trafficmanager==0.51.0 azure-mgmt-web==0.42.0 azure-multiapi-storage==0.2.4 diff --git a/src/azure-cli/setup.py b/src/azure-cli/setup.py index 19ad93dc58a..d04709e6019 100644 --- a/src/azure-cli/setup.py +++ b/src/azure-cli/setup.py @@ -122,7 +122,7 @@ 'azure-mgmt-signalr~=0.3.0', 'azure-mgmt-sql~=0.15.0', 'azure-mgmt-sqlvirtualmachine~=0.5.0', - 'azure-mgmt-storage~=7.0.0', + 'azure-mgmt-storage~=7.1.0', 'azure-mgmt-trafficmanager~=0.51.0', 'azure-mgmt-web~=0.42.0', 'azure-multiapi-storage~=0.2.4', From 1712419557a2d742d9b1f8c301fdd67061c53476 Mon Sep 17 00:00:00 2001 From: Zunli Hu Date: Thu, 9 Jan 2020 23:40:21 +0800 Subject: [PATCH 07/13] add test --- ...orage_create_with_encryption_key_type.yaml | 150 ++++++++++++++++++ .../latest/test_storage_account_scenarios.py | 3 +- 2 files changed, 151 insertions(+), 2 deletions(-) create mode 100644 src/azure-cli/azure/cli/command_modules/storage/tests/latest/recordings/test_storage_create_with_encryption_key_type.yaml diff --git a/src/azure-cli/azure/cli/command_modules/storage/tests/latest/recordings/test_storage_create_with_encryption_key_type.yaml b/src/azure-cli/azure/cli/command_modules/storage/tests/latest/recordings/test_storage_create_with_encryption_key_type.yaml new file mode 100644 index 00000000000..3e112de63d1 --- /dev/null +++ b/src/azure-cli/azure/cli/command_modules/storage/tests/latest/recordings/test_storage_create_with_encryption_key_type.yaml @@ -0,0 +1,150 @@ +interactions: +- request: + body: null + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - storage account create + Connection: + - keep-alive + ParameterSetName: + - -n -g --kind -t -q + User-Agent: + - python/3.7.4 (Windows-10-10.0.18362-SP0) msrest/0.6.10 msrest_azure/0.6.2 + azure-mgmt-resource/6.0.0 Azure-SDK-For-Python AZURECLI/2.0.79 + accept-language: + - en-US + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/cli_storage_account_encryption000001?api-version=2019-07-01 + response: + body: + string: '{"id":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_storage_account_encryption000001","name":"cli_storage_account_encryption000001","type":"Microsoft.Resources/resourceGroups","location":"eastus2euap","tags":{"product":"azurecli","cause":"automation","date":"2020-01-09T15:38:38Z"},"properties":{"provisioningState":"Succeeded"}}' + headers: + cache-control: + - no-cache + content-length: + - '433' + content-type: + - application/json; charset=utf-8 + date: + - Thu, 09 Jan 2020 15:38:44 GMT + expires: + - '-1' + pragma: + - no-cache + strict-transport-security: + - max-age=31536000; includeSubDomains + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: '{"sku": {"name": "Standard_RAGRS"}, "kind": "StorageV2", "location": "eastus2euap", + "properties": {"encryption": {"services": {"table": {"enabled": true, "keyType": + "Account"}, "queue": {"enabled": true, "keyType": "Service"}}, "keySource": + "Microsoft.Storage"}}}' + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - storage account create + Connection: + - keep-alive + Content-Length: + - '263' + Content-Type: + - application/json; charset=utf-8 + ParameterSetName: + - -n -g --kind -t -q + User-Agent: + - python/3.7.4 (Windows-10-10.0.18362-SP0) msrest/0.6.10 msrest_azure/0.6.2 + azure-mgmt-storage/7.1.0 Azure-SDK-For-Python AZURECLI/2.0.79 + accept-language: + - en-US + method: PUT + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_storage_account_encryption000001/providers/Microsoft.Storage/storageAccounts/cliencryption000002?api-version=2019-06-01 + response: + body: + string: '' + headers: + cache-control: + - no-cache + content-length: + - '0' + content-type: + - text/plain; charset=utf-8 + date: + - Thu, 09 Jan 2020 15:38:49 GMT + expires: + - '-1' + location: + - https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Storage/locations/eastus2euap/asyncoperations/d8641a9c-2b25-42d1-9c6e-f15ef09124c0?monitor=true&api-version=2019-06-01 + pragma: + - no-cache + server: + - Microsoft-Azure-Storage-Resource-Provider/1.0,Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 + strict-transport-security: + - max-age=31536000; includeSubDomains + x-content-type-options: + - nosniff + x-ms-ratelimit-remaining-subscription-writes: + - '1198' + status: + code: 202 + message: Accepted +- request: + body: null + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - storage account create + Connection: + - keep-alive + ParameterSetName: + - -n -g --kind -t -q + User-Agent: + - python/3.7.4 (Windows-10-10.0.18362-SP0) msrest/0.6.10 msrest_azure/0.6.2 + azure-mgmt-storage/7.1.0 Azure-SDK-For-Python AZURECLI/2.0.79 + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Storage/locations/eastus2euap/asyncoperations/d8641a9c-2b25-42d1-9c6e-f15ef09124c0?monitor=true&api-version=2019-06-01 + response: + body: + string: '{"sku":{"name":"Standard_RAGRS","tier":"Standard"},"kind":"StorageV2","id":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_storage_account_encryption000001/providers/Microsoft.Storage/storageAccounts/cliencryption000002","name":"cliencryption000002","type":"Microsoft.Storage/storageAccounts","location":"eastus2euap","tags":{},"properties":{"privateEndpointConnections":[],"networkAcls":{"bypass":"AzureServices","virtualNetworkRules":[],"ipRules":[],"defaultAction":"Allow"},"supportsHttpsTrafficOnly":true,"encryption":{"services":{"file":{"keyType":"Account","enabled":true,"lastEnabledTime":"2020-01-09T15:38:49.1955953Z"},"table":{"keyType":"Account","enabled":true,"lastEnabledTime":"2020-01-09T15:38:49.1955953Z"},"blob":{"keyType":"Account","enabled":true,"lastEnabledTime":"2020-01-09T15:38:49.1955953Z"}},"keySource":"Microsoft.Storage"},"accessTier":"Hot","provisioningState":"Succeeded","creationTime":"2020-01-09T15:38:49.1331246Z","primaryEndpoints":{"dfs":"https://cliencryption000002.dfs.core.windows.net/","web":"https://cliencryption000002.z3.web.core.windows.net/","blob":"https://cliencryption000002.blob.core.windows.net/","queue":"https://cliencryption000002.queue.core.windows.net/","table":"https://cliencryption000002.table.core.windows.net/","file":"https://cliencryption000002.file.core.windows.net/"},"primaryLocation":"eastus2euap","statusOfPrimary":"available","secondaryLocation":"centraluseuap","statusOfSecondary":"available","secondaryEndpoints":{"dfs":"https://cliencryption000002-secondary.dfs.core.windows.net/","web":"https://cliencryption000002-secondary.z3.web.core.windows.net/","blob":"https://cliencryption000002-secondary.blob.core.windows.net/","queue":"https://cliencryption000002-secondary.queue.core.windows.net/","table":"https://cliencryption000002-secondary.table.core.windows.net/"}}}' + headers: + cache-control: + - no-cache + content-length: + - '1965' + content-type: + - application/json + date: + - Thu, 09 Jan 2020 15:39:08 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - Microsoft-Azure-Storage-Resource-Provider/1.0,Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 + strict-transport-security: + - max-age=31536000; includeSubDomains + transfer-encoding: + - chunked + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +version: 1 diff --git a/src/azure-cli/azure/cli/command_modules/storage/tests/latest/test_storage_account_scenarios.py b/src/azure-cli/azure/cli/command_modules/storage/tests/latest/test_storage_account_scenarios.py index 02bd69ac04f..6792fe89f70 100644 --- a/src/azure-cli/azure/cli/command_modules/storage/tests/latest/test_storage_account_scenarios.py +++ b/src/azure-cli/azure/cli/command_modules/storage/tests/latest/test_storage_account_scenarios.py @@ -197,8 +197,7 @@ def test_storage_create_with_encryption_key_type(self, resource_group): create_cmd = 'az storage account create -n {} -g {} --kind StorageV2 -t Account -q Service'.format( name, resource_group) self.cmd(create_cmd, checks=[ - JMESPathCheck('encryption.services.queue.enabled', True), - JMESPathCheck('encryption.services.queue.keyType', 'Service'), + JMESPathCheck('encryption.services.queue', None), JMESPathCheck('encryption.services.table.enabled', True), JMESPathCheck('encryption.services.table.keyType', 'Account'), ]) From a2f4e1d8f9a236a84b6adda7d25cb7c8197e334c Mon Sep 17 00:00:00 2001 From: Zunli Hu Date: Fri, 10 Jan 2020 11:31:52 +0800 Subject: [PATCH 08/13] add examples --- .../azure/cli/command_modules/storage/_help.py | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/src/azure-cli/azure/cli/command_modules/storage/_help.py b/src/azure-cli/azure/cli/command_modules/storage/_help.py index 0951ea00ce4..e53b1a7e7af 100644 --- a/src/azure-cli/azure/cli/command_modules/storage/_help.py +++ b/src/azure-cli/azure/cli/command_modules/storage/_help.py @@ -61,12 +61,14 @@ long-summary: > The SKU of the storage account defaults to 'Standard_RAGRS'. examples: - - name: Create a storage account 'MyStorageAccount' in resource group 'MyResourceGroup' in the West US region with locally redundant storage. - text: az storage account create -n MyStorageAccount -g MyResourceGroup -l westus --sku Standard_LRS + - name: Create a storage account 'mystorageaccount' in resource group 'MyResourceGroup' in the West US region with locally redundant storage. + text: az storage account create -n mystorageaccount -g MyResourceGroup -l westus --sku Standard_LRS unsupported-profiles: 2017-03-09-profile - - name: Create a storage account 'MyStorageAccount' in resource group 'MyResourceGroup' in the West US region with locally redundant storage. - text: az storage account create -n MyStorageAccount -g MyResourceGroup -l westus --account-type Standard_LRS + - name: Create a storage account 'mystorageaccount' in resource group 'MyResourceGroup' in the West US region with locally redundant storage. + text: az storage account create -n mystorageaccount -g MyResourceGroup -l westus --account-type Standard_LRS supported-profiles: 2017-03-09-profile + - name: Create a storage account 'mystorageaccount' in resource group 'MyResourceGroup' with account-scoped encryption key enabled for Table Service. + text: az storage account create -n mystorageaccount -g MyResourceGroup -t Account """ helps['storage account delete'] = """ From 21f31f611c9295b3ac4498c6012fe801089552c6 Mon Sep 17 00:00:00 2001 From: Zunli Hu Date: Fri, 10 Jan 2020 11:39:40 +0800 Subject: [PATCH 09/13] refine examples --- src/azure-cli/azure/cli/command_modules/storage/_help.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/azure-cli/azure/cli/command_modules/storage/_help.py b/src/azure-cli/azure/cli/command_modules/storage/_help.py index e53b1a7e7af..30af27d526e 100644 --- a/src/azure-cli/azure/cli/command_modules/storage/_help.py +++ b/src/azure-cli/azure/cli/command_modules/storage/_help.py @@ -67,8 +67,8 @@ - name: Create a storage account 'mystorageaccount' in resource group 'MyResourceGroup' in the West US region with locally redundant storage. text: az storage account create -n mystorageaccount -g MyResourceGroup -l westus --account-type Standard_LRS supported-profiles: 2017-03-09-profile - - name: Create a storage account 'mystorageaccount' in resource group 'MyResourceGroup' with account-scoped encryption key enabled for Table Service. - text: az storage account create -n mystorageaccount -g MyResourceGroup -t Account + - name: Create a storage account 'mystorageaccount' in resource group 'MyResourceGroup' in the eastus2euap region with account-scoped encryption key enabled for Table Service. + text: az storage account create -n mystorageaccount -g MyResourceGroup --kind StorageV2 -l eastus2euap -t Account """ helps['storage account delete'] = """ From a5869e1d6f108649a6d229af1e6c2d492b25876d Mon Sep 17 00:00:00 2001 From: Zunli Hu Date: Fri, 10 Jan 2020 11:40:06 +0800 Subject: [PATCH 10/13] remove Preview --- src/azure-cli/azure/cli/command_modules/storage/_params.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/azure-cli/azure/cli/command_modules/storage/_params.py b/src/azure-cli/azure/cli/command_modules/storage/_params.py index da26ff72ba8..d302ba06cd5 100644 --- a/src/azure-cli/azure/cli/command_modules/storage/_params.py +++ b/src/azure-cli/azure/cli/command_modules/storage/_params.py @@ -159,12 +159,12 @@ def load_arguments(self, _): # pylint: disable=too-many-locals, too-many-statem help=" Allow the blob service to exhibit filesystem semantics. This property can be enabled only " "when storage account kind is StorageV2.", min_api='2018-02-01') - c.argument('encryption_key_type_for_table', arg_type=get_enum_type(['Account', 'Service']), is_preview=True, + c.argument('encryption_key_type_for_table', arg_type=get_enum_type(['Account', 'Service']), help='Set the encryption key type for Table encryption service. "Account": Table will be encrypted ' 'with account-scoped encryption key. "Service": Table will always be encrypted with ' 'Service-Managed keys. Currently the default encryption key type is "Service".', min_api='2019-06-01', options_list=['--encryption-key-type-for-table', '-t']) - c.argument('encryption_key_type_for_queue', arg_type=get_enum_type(['Account', 'Service']), is_preview=True, + c.argument('encryption_key_type_for_queue', arg_type=get_enum_type(['Account', 'Service']), help='Set the encryption key type for Queue encryption service. "Account": Queue will be encrypted ' 'with account-scoped encryption key. "Service": Queue will always be encrypted with ' 'Service-Managed keys. Currently the default encryption key type is "Service".', From 1556d042d6b7f55c25567e6dfcc99743db2b0840 Mon Sep 17 00:00:00 2001 From: Zunli Hu Date: Fri, 10 Jan 2020 11:40:49 +0800 Subject: [PATCH 11/13] refine help --- .../azure/cli/command_modules/storage/_params.py | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/azure-cli/azure/cli/command_modules/storage/_params.py b/src/azure-cli/azure/cli/command_modules/storage/_params.py index d302ba06cd5..75f9d03b650 100644 --- a/src/azure-cli/azure/cli/command_modules/storage/_params.py +++ b/src/azure-cli/azure/cli/command_modules/storage/_params.py @@ -160,14 +160,14 @@ def load_arguments(self, _): # pylint: disable=too-many-locals, too-many-statem "when storage account kind is StorageV2.", min_api='2018-02-01') c.argument('encryption_key_type_for_table', arg_type=get_enum_type(['Account', 'Service']), - help='Set the encryption key type for Table encryption service. "Account": Table will be encrypted ' + help='Set the encryption key type for Table service. "Account": Table will be encrypted ' 'with account-scoped encryption key. "Service": Table will always be encrypted with ' - 'Service-Managed keys. Currently the default encryption key type is "Service".', + 'service-scoped keys. Currently the default encryption key type is "Service".', min_api='2019-06-01', options_list=['--encryption-key-type-for-table', '-t']) c.argument('encryption_key_type_for_queue', arg_type=get_enum_type(['Account', 'Service']), - help='Set the encryption key type for Queue encryption service. "Account": Queue will be encrypted ' + help='Set the encryption key type for Queue service. "Account": Queue will be encrypted ' 'with account-scoped encryption key. "Service": Queue will always be encrypted with ' - 'Service-Managed keys. Currently the default encryption key type is "Service".', + 'service-scoped keys. Currently the default encryption key type is "Service".', min_api='2019-06-01', options_list=['--encryption-key-type-for-queue', '-q']) with self.argument_context('storage account update', resource_type=ResourceType.MGMT_STORAGE) as c: From b1d5ba2d14978a703311cd8be5459e2aebc1a1e6 Mon Sep 17 00:00:00 2001 From: Zunli Hu Date: Fri, 10 Jan 2020 11:42:49 +0800 Subject: [PATCH 12/13] fix style --- src/azure-cli/azure/cli/command_modules/storage/_help.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/azure-cli/azure/cli/command_modules/storage/_help.py b/src/azure-cli/azure/cli/command_modules/storage/_help.py index 30af27d526e..734860d39a3 100644 --- a/src/azure-cli/azure/cli/command_modules/storage/_help.py +++ b/src/azure-cli/azure/cli/command_modules/storage/_help.py @@ -68,7 +68,7 @@ text: az storage account create -n mystorageaccount -g MyResourceGroup -l westus --account-type Standard_LRS supported-profiles: 2017-03-09-profile - name: Create a storage account 'mystorageaccount' in resource group 'MyResourceGroup' in the eastus2euap region with account-scoped encryption key enabled for Table Service. - text: az storage account create -n mystorageaccount -g MyResourceGroup --kind StorageV2 -l eastus2euap -t Account + text: az storage account create -n mystorageaccount -g MyResourceGroup --kind StorageV2 -l eastus2euap -t Account """ helps['storage account delete'] = """ From aaaf0c3cfb32066e68ed0e31fcc7f307d529db07 Mon Sep 17 00:00:00 2001 From: Zunli Hu Date: Fri, 10 Jan 2020 11:43:04 +0800 Subject: [PATCH 13/13] refine history --- src/azure-cli/HISTORY.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/azure-cli/HISTORY.rst b/src/azure-cli/HISTORY.rst index 4d3ed69c45d..1b688a4b66c 100644 --- a/src/azure-cli/HISTORY.rst +++ b/src/azure-cli/HISTORY.rst @@ -6,7 +6,7 @@ Release History **Stoarge** * Upgrade azure-mgmt-storage version to 7.1.0 -* `az storage account create`: Add --encryption-key-type-for-table and --encryption-key-type-for-queue to support Table and Queue Encryption Service +* `az storage account create`: Add `--encryption-key-type-for-table` and `--encryption-key-type-for-queue` to support Table and Queue Encryption Service 2.0.79 ++++++