release-2023-02-07

release-2023-02-07

.azure-pipelines/util/smoke-test-steps.yml

@@ -78,6 +78,13 @@ jobs:
        Write-Host "List artifacts..."
        Get-ChildItem "$(Pipeline.Workspace)\\LocalRepo\\"
 
+  - task: NuGetCommand@2
+    condition: and(succeeded(), eq('${{ parameters.psVersion }}', '5.1.14'))
+    displayName: 'Download ThreadJob .nupkg File for PowerShell 5.1.14'
+    inputs:
+      command: custom
+      arguments: 'install ThreadJob -directdownload -packagesavemode nupkg -source https://www.powershellgallery.com/api/v2 -OutputDirectory packages'
+
   - task: NuGetCommand@2
     condition: and(succeeded(), eq(variables['GalleryName'], 'LocalRepo'))
     displayName: 'Download Previous Az .nupkg Files'

ChangeLog.md

@@ -1,3 +1,101 @@
+## 9.4.0 - February 2023
+#### Az.Accounts 2.11.2
+* Supported Web Account Manager on ARM64-based Windows systems. Fixed an issue where 'Connect-AzAccount' failed with error 'Unable to load DLL 'msalruntime_arm64''. [#20700]
+* Enabled credential to be found only by applicationId while tenant was not matched when accquire token. [#20484]
+* When Az.Accounts ran in parallel, the waiters were allowed to wait infinitely to avoid throw exception in automation enviroment. [#20455]
+
+#### Az.Aks 5.3.0
+* Added parameter '-AadProfile' for 'New-AzAksCluster' and 'Set-AzAksCluster'
+* Added parameter '-NodeHostGroupID' for 'New-AzAksCluster' and parameter '-HostGroupID' for 'New-AzAksNodePool'
+
+#### Az.ApplicationInsights 2.2.2
+* Added parameter validation for 'Get-AzApplicationInsights' [#20697]
+
+#### Az.Compute 5.4.0
+* Added '-SkipIdentity', '-PathUserIdentity', '-IsTest' parameter to 'Set-AzVMAEMExtension' 
+* Added 'ConsistencyMode' parameter to 'New-AzRestorePoint'.
+* Updated the storage account type value in several locations from the outdated 'StandardLRS' to the current 'Standard_LRS'.
+* Filled in missing parameter descriptions across multiple parameters and improved some existing parameter descriptions.
+* Updated Compute PS to use the new .Net SDK version 59.0.0. This includes an approved breaking change for a non-functional feature. 
+  - The type of the property 'Source' of type 'Microsoft.Azure.Management.Compute.Models.GalleryDataDiskImage', 'Microsoft.Azure.Management.Compute.Models.GalleryOSDiskImage', and 'Microsoft.Azure.Management.Compute.Models.GalleryImageVersionStorageProfile' has changed from 'Microsoft.Azure.Management.Compute.Models.GalleryArtifactVersionSource' to 'Microsoft.Azure.Management.Compute.Models.GalleryDiskImageSource'.
+* Updated the broken 'UbuntuLTS' image alias to use its original sku version of '16.04-LTS' instead of the nonexistent image '20.04-LTS'. This fixes an issue introduced in the version 5.3.0 release. 
+* Updated Set-AzVMRunCommand and Set-AzVmssRunCommand ScriptLocalPath parameter set to work with Linux and with files that have comments.
+* Added '-TargetExtendedLocation' parameter to 'New-AzGalleryImageVersion' and 'Update-AzGalleryImageVersion'
+* Added '-AllowDeletionOfReplicatedLocation' to 'Update-AzGalleryImageVersion'
+
+#### Az.DataFactory 1.16.12
+* Updated ADF .Net SDK version to 9.0.0
+
+#### Az.DataProtection 1.1.0
+* Added support for Immutable backup vaults
+* Added Cross subscription restore flag for backup vaults
+* Added Soft delete setting for backup vaults
+* Fixed issue with Set-AzDataProtectionMSIPermission command
+* Replaced Get-InstalledModule with Get-Module -ListAvailable
+* Added New-AzDataProtectionSoftDeleteSettingObject command
+
+#### Az.EventHub 3.2.1
+* Fixed 'New-AzEventHubAuthorizationRuleSASToken' cmdlet which was returning wrong skn value
+
+#### Az.Monitor 4.4.1
+* Removed default value for time window for autoscale profile [#20660]
+  * 'Get-AzAutoscaleSetting'
+  * 'New-AzAutoscaleSetting'
+
+#### Az.Network 5.4.0
+* Fixed a bug that does not enable to set Perform SNAT to Always
+* Fixed the incorrect type of '-TotalBytesPerSession' in 'New-AzNetworkWatcherPacketCapture'
+
+#### Az.RecoveryServices 6.2.0
+* Added support for enable/disable Public Network Access and PrivateEndpoints
+* Added support for Immutable Vaults
+* Added support for RetainRecoveryPointsAsPerPolicy in Disable-AzRecoveryServicesBackupProtection cmdlet. Now user can suspend backups and retain RPs as per policy
+* Added List Recovery Point expiry time
+* Added RecoveryServices, RecoveryServices.Backup, RecoveryServices.Backup.CrossRegionRestore management SDK
+* Added support for non-UTC time zones with standard policy for workloadType IaasVM, MSSql, AzureFiles
+
+#### Az.RedisCache 1.7.1
+* Updated 'Get-AzRedisCacheLink' and 'New-AzRedisCacheLink' to print 'PrimaryHostName', 'GeoReplicatedPrimaryHostName', 'ServerRole', and 'LinkedRedisCacheLocation'.
+
+#### Az.Resources 6.5.2
+* Fixed query issue when objectId in assignment is empty for 'Get-DenyAssignment'
+* Fixed an issue where running deployment cmdlets with '-WhatIf' throws exception when formatting results with nested array changes
+
+#### Az.Sql 4.3.0
+* Added an optional parameter 'HAReplicaCount' to 'Restore-AzSqlDatabase'
+* Added new cmdlets for managed instance DTC
+    'Get-AzSqlInstanceDtc'
+    'Set-AzSqlInstanceDtc'
+* Added 'TargetSubscriptionId' to 'Restore-AzSqlInstanceDatabase' in order to enable cross subscription restore
+* Enabled support for UserAssignedManagedIdentity in Auditing
+* Fixed WorkspaceResourceId parameter value in 'Set-AzSqlServerAudit'
+
+#### Az.StackHCI 1.4.2
+* Added Remote Support terms and conditions for HCI device types.
+* Unified Resource Group support for both Azure Stack HCI and Arc for server resources.
+* Enhanced error feedback and logging in the Register-AzStackHCI cmdlet.
+* Bug fixes and improvements in Azure Arc for servers enablement in Register-AzStackHCI cmdlet.
+* Improved parameter validations in the Register-AzStackHCI cmdlet.
+* Enabled Managed System Identity (MSI) for Registration in Fairfax Cloud.
+* Minor bug fixes and improvements.
+
+#### Az.Storage 5.4.0
+* Added a warning message for the upcoming breaking change when creating a Storage account
+    - 'New-AzStorageAccount'
+* Removed the ValidateSet of StandardBlobTier parameter
+    - 'Copy-AzStorageBlob'
+    - 'Set-AzStorageBlobContent' 
+    - 'Start-AzStorageBlobCopy'
+
+#### Az.TrafficManager 1.2.0
+* Added a new optional parameter 'AlwaysServe' for endpoints.
+
+### Thanks to our community contributors
+* Arun Sabale (@Ar-Sa), Fix example 1 in Set-AzVirtualNetworkPeering.md (#20588)
+* Hiroshi Yoshioka (@hyoshioka0128)
+  * Fixed typo "resouce group"→"resource group" (#20664)
+  * Typo "resouce group"→"resource group" (#20713)
+
 ## 9.3.0 - January 2023
 #### Az.Accounts
 * Supported Web Account Manager (WAM) as an opt-in interactive login experience. Enable it by 'Update-AzConfig -EnableLoginByWam True'.

documentation/breaking-changes/upcoming-breaking-changes.md

@@ -1205,6 +1205,13 @@
   - The following properties in the output type are being deprecated : 'BackupStorageRedundancy'
   - The following properties are being added to the output type : 'CurrentBackupStorageRedundancy' 'RequestedBackupStorageRedundancy'
 
+## Az.Storage
+
+### `New-AzStorageAccount`
+
+- Cmdlet breaking-change will happen to all parameter set
+  - Default value of AllowBlobPublicAccess will be changed from True to False in a future release. When AllowBlobPublicAccess is False on a storage account, it is not permitted to configure container ACLs to allow anonymous access to blobs within the storage account.
+
 ## Az.StorageSync
 
 ### `Set-AzStorageSyncServerEndpoint`

setup/generate.ps1

@@ -37,7 +37,7 @@ if( (-not (get-command -ea 0 light)) -or (-not (get-command -ea 0 heat)) -or (-n
 $outputName ="Az-Cmdlets"
 
 # generate the product name from the current month/year.
-$productName = "Microsoft Azure PowerShell - January 2023"
+$productName = "Microsoft Azure PowerShell - February 2023"
 
 # where to put temp files
 $tmp = Join-Path $env:temp azure-cmdlets-tmp

src/Accounts/Accounts.Test/AutosaveTests.cs

@@ -51,9 +51,7 @@ private AzKeyStore SetMockedAzKeyStore()
             storageMocker.Setup(f => f.Create()).Returns(storageMocker.Object);
             storageMocker.Setup(f => f.ReadData()).Returns(new byte[0]);
             storageMocker.Setup(f => f.WriteData(It.IsAny<byte[]>())).Callback((byte[] s) => {});
-            var keyStore = new AzKeyStore(AzureSession.Instance.ARMProfileDirectory, "azkeystore", false, false, storageMocker.Object);
-            AzKeyStore.RegisterJsonConverter(typeof(ServicePrincipalKey), typeof(ServicePrincipalKey).Name);
-            AzKeyStore.RegisterJsonConverter(typeof(SecureString), typeof(SecureString).Name, new SecureStringConverter());
+            var keyStore = new AzKeyStore(AzureSession.Instance.ARMProfileDirectory, "azkeystore", true, storageMocker.Object);
             return keyStore;
         }
 

src/Accounts/Accounts.Test/ContextCmdletTests.cs

@@ -23,17 +23,21 @@
 using Microsoft.WindowsAzure.Commands.ScenarioTest;
 using Microsoft.WindowsAzure.Commands.Test.Utilities.Common;
 using Microsoft.WindowsAzure.Commands.Utilities.Common;
-using Xunit;
-using Xunit.Abstractions;
 using Microsoft.Azure.Commands.Common.Authentication.Abstractions;
-using System;
+using Microsoft.Azure.Commands.Common.Authentication.Properties;
 using Microsoft.Azure.Commands.Profile.Context;
-using System.Linq;
 using Microsoft.Azure.Commands.Common.Authentication.ResourceManager;
 using Microsoft.Azure.Commands.Profile.Common;
 using Microsoft.Azure.Commands.ScenarioTest.Mocks;
 using Microsoft.Azure.Commands.TestFx.Mocks;
 using Microsoft.Azure.Commands.TestFx;
+using Microsoft.Azure.Commands.ResourceManager.Common;
+using Moq;
+using System;
+using System.IO;
+using System.Linq;
+using Xunit;
+using Xunit.Abstractions;
 
 namespace Microsoft.Azure.Commands.Profile.Test
 {
@@ -56,6 +60,12 @@ public ContextCmdletTests(ITestOutputHelper output)
             tokenCacheProviderMock = new MockPowerShellTokenCacheProvider();
             AzureSession.Instance.RegisterComponent<PowerShellTokenCacheProvider>(PowerShellTokenCacheProvider.PowerShellTokenCacheProviderKey, () => tokenCacheProviderMock);
             Environment.SetEnvironmentVariable("Azure_PS_Data_Collection", "True");
+
+            Mock<IStorage> storageMocker = new Mock<IStorage>();
+            AzKeyStore azKeyStore = null;
+            string profilePath = Path.Combine(Environment.GetFolderPath(Environment.SpecialFolder.UserProfile), Resources.AzureDirectoryName);
+            azKeyStore = new AzKeyStore(profilePath, AzureSession.Instance.KeyStoreFile, true, storageMocker.Object);
+            AzureSession.Instance.RegisterComponent(AzKeyStore.Name, () => azKeyStore, true);
         }
 
         [Fact]

src/Accounts/Accounts.Test/ProfileCmdletTests.cs

@@ -55,7 +55,7 @@ private AzKeyStore SetMockedAzKeyStore()
             storageMocker.Setup(f => f.Create()).Returns(storageMocker.Object);
             storageMocker.Setup(f => f.ReadData()).Returns(new byte[0]);
             storageMocker.Setup(f => f.WriteData(It.IsAny<byte[]>())).Callback((byte[] s) => { });
-            var keyStore = new AzKeyStore(AzureSession.Instance.ARMProfileDirectory, "azkeystore", false, false, storageMocker.Object);
+            var keyStore = new AzKeyStore(AzureSession.Instance.ARMProfileDirectory, "azkeystore", false, storageMocker.Object);
             return keyStore;
         }
 

src/Accounts/Accounts/Account/ConnectAzureRmAccount.cs

@@ -425,7 +425,7 @@ public override void ExecuteCmdlet()
                 azureAccount.SetProperty(AzureAccount.Property.CertificatePath, resolvedPath);
                 if (CertificatePassword != null)
                 {
-                    keyStore?.SaveKey(new ServicePrincipalKey(AzureAccount.Property.CertificatePassword, azureAccount.Id, Tenant), CertificatePassword);
+                    keyStore?.SaveSecureString(new ServicePrincipalKey(AzureAccount.Property.CertificatePassword, azureAccount.Id, Tenant), CertificatePassword);
                     if (GetContextModificationScope() == ContextModificationScope.CurrentUser && !keyStore.IsProtected)
                     {
                         WriteWarning(string.Format(Resources.ServicePrincipalWarning, AzureSession.Instance.KeyStoreFile, AzureSession.Instance.ARMProfileDirectory));
@@ -451,7 +451,7 @@ public override void ExecuteCmdlet()
 
             if (azureAccount.Type == AzureAccount.AccountType.ServicePrincipal && password != null)
             {
-                keyStore?.SaveKey(new ServicePrincipalKey(AzureAccount.Property.ServicePrincipalSecret
+                keyStore?.SaveSecureString(new ServicePrincipalKey(AzureAccount.Property.ServicePrincipalSecret
                     ,azureAccount.Id, Tenant), password);
                 if (GetContextModificationScope() == ContextModificationScope.CurrentUser && !keyStore.IsProtected)
                 {
@@ -713,9 +713,7 @@ public void OnImport()
                 }
 
                 AzKeyStore keyStore = null;
-                keyStore = new AzKeyStore(AzureSession.Instance.ARMProfileDirectory, AzureSession.Instance.KeyStoreFile, false, autoSaveEnabled);
-                AzKeyStore.RegisterJsonConverter(typeof(ServicePrincipalKey), typeof(ServicePrincipalKey).Name);
-                AzKeyStore.RegisterJsonConverter(typeof(SecureString), typeof(SecureString).Name, new SecureStringConverter());
+                keyStore = new AzKeyStore(AzureSession.Instance.ARMProfileDirectory, AzureSession.Instance.KeyStoreFile, autoSaveEnabled);
                 AzureSession.Instance.RegisterComponent(AzKeyStore.Name, () => keyStore);
 
                 if (!InitializeProfileProvider(autoSaveEnabled))
@@ -724,11 +722,6 @@ public void OnImport()
                     autoSaveEnabled = false;
                 }
 
-                if (!keyStore.LoadStorage())
-                {
-                    WriteInitializationWarnings(Resources.KeyStoreLoadingError);
-                }
-
                 IAuthenticatorBuilder builder = null;
                 if (!AzureSession.Instance.TryGetComponent(AuthenticatorBuilder.AuthenticatorBuilderKey, out builder))
                 {

src/Accounts/Accounts/AutoSave/DisableAzureRmContextAutosave.cs

@@ -94,7 +94,7 @@ void DisableAutosave(IAzureSession session, bool writeAutoSaveFile, out ContextA
 
             if (AzureSession.Instance.TryGetComponent(AzKeyStore.Name, out AzKeyStore keystore))
             {
-                keystore.DisableAutoSaving();
+                keystore.DisableSyncToStorage();
             }
 
             if (writeAutoSaveFile)

src/Accounts/Accounts/AutoSave/EnableAzureRmContextAutosave.cs

@@ -104,11 +104,9 @@ void EnableAutosave(IAzureSession session, bool writeAutoSaveFile, out ContextAu
 
             if (AzureSession.Instance.TryGetComponent(AzKeyStore.Name, out AzKeyStore keystore))
             {
-                keystore.Flush();
-                keystore.DisableAutoSaving();
+                keystore.EnableSyncToStorage();
             }
 
-
             if (writeAutoSaveFile)
             {
                 try

src/Accounts/Accounts/Az.Accounts.psd1

@@ -3,7 +3,7 @@
 #
 # Generated by: Microsoft Corporation
 #
-# Generated on: 1/12/2023
+# Generated on: 2023/2/3
 #
 
 @{
@@ -12,7 +12,7 @@
 # RootModule = ''
 
 # Version number of this module.
-ModuleVersion = '2.11.1'
+ModuleVersion = '2.11.2'
 
 # Supported PSEditions
 CompatiblePSEditions = 'Core', 'Desktop'
@@ -147,7 +147,9 @@ PrivateData = @{
         # IconUri = ''
 
         # ReleaseNotes of this module
-        ReleaseNotes = '* Fixed an issue where Az.Accounts cannot be imported correctly. [#20615]'
+        ReleaseNotes = '* Supported Web Account Manager on ARM64-based Windows systems. Fixed an issue where ''Connect-AzAccount'' failed with error ''Unable to load DLL ''msalruntime_arm64''''. [#20700]
+* Enabled credential to be found only by applicationId while tenant was not matched when accquire token. [#20484]
+* When Az.Accounts ran in parallel, the waiters were allowed to wait infinitely to avoid throw exception in automation enviroment. [#20455]'
 
         # Prerelease string of this module
         # Prerelease = ''

src/Accounts/Accounts/ChangeLog.md

@@ -19,7 +19,11 @@
 -->
 
 ## Upcoming Release
+
+## Version 2.11.2
 * Supported Web Account Manager on ARM64-based Windows systems. Fixed an issue where `Connect-AzAccount` failed with error "Unable to load DLL 'msalruntime_arm64'". [#20700]
+* Enabled credential to be found only by applicationId while tenant was not matched when accquire token. [#20484]
+* When Az.Accounts ran in parallel, the waiters were allowed to wait infinitely to avoid throw exception in automation enviroment. [#20455]
 
 ## Version 2.11.1
 * Fixed an issue where Az.Accounts cannot be imported correctly. [#20615]

src/Accounts/Accounts/Context/ImportAzureRMContext.cs

@@ -78,13 +78,13 @@ void CopyProfile(AzureRmProfile source, IProfileOperations target)
                         var secret = account.GetProperty(AzureAccount.Property.ServicePrincipalSecret);
                         if (!string.IsNullOrEmpty(secret))
                         {
-                            keyStore.SaveKey(new ServicePrincipalKey(AzureAccount.Property.ServicePrincipalSecret, account.Id, context.Value.Tenant?.Id)
+                            keyStore.SaveSecureString(new ServicePrincipalKey(AzureAccount.Property.ServicePrincipalSecret, account.Id, context.Value.Tenant?.Id)
                                 , secret.ConvertToSecureString());
                         }
                         var password = account.GetProperty(AzureAccount.Property.CertificatePassword);
                         if (!string.IsNullOrEmpty(password))
                         {
-                            keyStore.SaveKey(new ServicePrincipalKey(AzureAccount.Property.CertificatePassword, account.Id, context.Value.Tenant?.Id)
+                            keyStore.SaveSecureString(new ServicePrincipalKey(AzureAccount.Property.CertificatePassword, account.Id, context.Value.Tenant?.Id)
                                 ,password.ConvertToSecureString());
                         }
                     }

src/Accounts/Accounts/Context/SetAzureRMContext.cs

@@ -97,13 +97,13 @@ public override void ExecuteCmdlet()
                                     var secret = account.GetProperty(AzureAccount.Property.ServicePrincipalSecret);
                                     if (!string.IsNullOrEmpty(secret))
                                     {
-                                        keyStore.SaveKey(new ServicePrincipalKey(AzureAccount.Property.ServicePrincipalSecret, account.Id, Context.Tenant?.Id)
+                                        keyStore.SaveSecureString(new ServicePrincipalKey(AzureAccount.Property.ServicePrincipalSecret, account.Id, Context.Tenant?.Id)
                                             , secret.ConvertToSecureString());
                                     }
                                     var password = account.GetProperty(AzureAccount.Property.CertificatePassword);
                                     if (!string.IsNullOrEmpty(password))
                                     {
-                                        keyStore.SaveKey(new ServicePrincipalKey(AzureAccount.Property.CertificatePassword, account.Id, Context.Tenant?.Id)
+                                        keyStore.SaveSecureString(new ServicePrincipalKey(AzureAccount.Property.CertificatePassword, account.Id, Context.Tenant?.Id)
                                             , password.ConvertToSecureString());
                                     }
                                 }

src/Accounts/Accounts/Properties/AssemblyInfo.cs

@@ -43,8 +43,8 @@
 // You can specify all the values or you can default the Build and Revision Numbers 
 // by using the '*' as shown below:
 
-[assembly: AssemblyVersion("2.11.1")]
-[assembly: AssemblyFileVersion("2.11.1")]
+[assembly: AssemblyVersion("2.11.2")]
+[assembly: AssemblyFileVersion("2.11.2")]
 #if !SIGN
 [assembly: InternalsVisibleTo("Microsoft.Azure.PowerShell.Cmdlets.Accounts.Test")]
 #endif