diff --git a/sdk/resourcemanager/azure-resourcemanager-appservice/CHANGELOG.md b/sdk/resourcemanager/azure-resourcemanager-appservice/CHANGELOG.md index 655c65125f996..88c84a153a176 100644 --- a/sdk/resourcemanager/azure-resourcemanager-appservice/CHANGELOG.md +++ b/sdk/resourcemanager/azure-resourcemanager-appservice/CHANGELOG.md @@ -4,6 +4,8 @@ ### Features Added +- Supported disabling public network access in `WebApp` via `disablePublicNetworkAccess()`, for private link feature. + ### Breaking Changes ### Bugs Fixed diff --git a/sdk/resourcemanager/azure-resourcemanager-appservice/assets.json b/sdk/resourcemanager/azure-resourcemanager-appservice/assets.json index 6c164a5492b81..24e51a5b338b5 100644 --- a/sdk/resourcemanager/azure-resourcemanager-appservice/assets.json +++ b/sdk/resourcemanager/azure-resourcemanager-appservice/assets.json @@ -2,5 +2,5 @@ "AssetsRepo": "Azure/azure-sdk-assets", "AssetsRepoPrefixPath": "java", "TagPrefix": "java/resourcemanager/azure-resourcemanager-appservice", - "Tag": "java/resourcemanager/azure-resourcemanager-appservice_c5279701f3" + "Tag": "java/resourcemanager/azure-resourcemanager-appservice_6d9bee9aaa" } diff --git a/sdk/resourcemanager/azure-resourcemanager-appservice/src/main/java/com/azure/resourcemanager/appservice/implementation/WebAppBaseImpl.java b/sdk/resourcemanager/azure-resourcemanager-appservice/src/main/java/com/azure/resourcemanager/appservice/implementation/WebAppBaseImpl.java index babd6545ca00d..129ae6436e414 100644 --- a/sdk/resourcemanager/azure-resourcemanager-appservice/src/main/java/com/azure/resourcemanager/appservice/implementation/WebAppBaseImpl.java +++ b/sdk/resourcemanager/azure-resourcemanager-appservice/src/main/java/com/azure/resourcemanager/appservice/implementation/WebAppBaseImpl.java @@ -43,6 +43,7 @@ import com.azure.resourcemanager.appservice.models.OperatingSystem; import com.azure.resourcemanager.appservice.models.PhpVersion; import com.azure.resourcemanager.appservice.models.PlatformArchitecture; +import com.azure.resourcemanager.appservice.models.PublicNetworkAccess; import com.azure.resourcemanager.appservice.models.PythonVersion; import com.azure.resourcemanager.appservice.models.RedundancyMode; import com.azure.resourcemanager.appservice.models.RemoteVisualStudioVersion; @@ -1835,6 +1836,31 @@ public FluentImplT withoutIpAddressRangeAccess(String ipAddressCidr) { return (FluentImplT) this; } + @Override + @SuppressWarnings("unchecked") + public FluentImplT enablePublicNetworkAccess() { + if (Objects.isNull(this.siteConfig)) { + this.siteConfig = new SiteConfigResourceInner(); + } + this.siteConfig.withPublicNetworkAccess("Enabled"); + return (FluentImplT) this; + } + + @Override + @SuppressWarnings("unchecked") + public FluentImplT disablePublicNetworkAccess() { + if (Objects.isNull(this.siteConfig)) { + this.siteConfig = new SiteConfigResourceInner(); + } + this.siteConfig.withPublicNetworkAccess("Disabled"); + return (FluentImplT) this; + } + + @Override + public PublicNetworkAccess publicNetworkAccess() { + return Objects.isNull(innerModel().publicNetworkAccess()) ? null : PublicNetworkAccess.fromString(innerModel().publicNetworkAccess()); + } + @Override @SuppressWarnings("unchecked") public FluentImplT withContainerSize(int containerSize) { diff --git a/sdk/resourcemanager/azure-resourcemanager-appservice/src/main/java/com/azure/resourcemanager/appservice/models/PublicNetworkAccess.java b/sdk/resourcemanager/azure-resourcemanager-appservice/src/main/java/com/azure/resourcemanager/appservice/models/PublicNetworkAccess.java new file mode 100644 index 0000000000000..d93b630f80b89 --- /dev/null +++ b/sdk/resourcemanager/azure-resourcemanager-appservice/src/main/java/com/azure/resourcemanager/appservice/models/PublicNetworkAccess.java @@ -0,0 +1,53 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +package com.azure.resourcemanager.appservice.models; + +import com.azure.core.util.ExpandableStringEnum; +import com.fasterxml.jackson.annotation.JsonCreator; + +import java.util.Collection; + +/** + * Whether requests from Public Network are allowed. + */ +public final class PublicNetworkAccess extends ExpandableStringEnum { + /** + * Static value Enabled for PublicNetworkAccess. + */ + public static final PublicNetworkAccess ENABLED = fromString("Enabled"); + + /** + * Static value Disabled for PublicNetworkAccess. + */ + public static final PublicNetworkAccess DISABLED = fromString("Disabled"); + + /** + * Creates a new instance of PublicNetworkAccess value. + * + * @deprecated Use the {@link #fromString(String)} factory method. + */ + @Deprecated + public PublicNetworkAccess() { + } + + /** + * Creates or finds a PublicNetworkAccess from its string representation. + * + * @param name a name to look for. + * @return the corresponding PublicNetworkAccess. + */ + @JsonCreator + public static PublicNetworkAccess fromString(String name) { + return fromString(name, PublicNetworkAccess.class); + } + + /** + * Gets known PublicNetworkAccess values. + * + * @return known PublicNetworkAccess values. + */ + public static Collection values() { + return values(PublicNetworkAccess.class); + } +} diff --git a/sdk/resourcemanager/azure-resourcemanager-appservice/src/main/java/com/azure/resourcemanager/appservice/models/WebAppBase.java b/sdk/resourcemanager/azure-resourcemanager-appservice/src/main/java/com/azure/resourcemanager/appservice/models/WebAppBase.java index 976fb50f74fb1..e3ec0b71638fa 100644 --- a/sdk/resourcemanager/azure-resourcemanager-appservice/src/main/java/com/azure/resourcemanager/appservice/models/WebAppBase.java +++ b/sdk/resourcemanager/azure-resourcemanager-appservice/src/main/java/com/azure/resourcemanager/appservice/models/WebAppBase.java @@ -203,6 +203,13 @@ public interface WebAppBase extends HasName, GroupableResource streamAllLogsAsync(); + /** + * Whether the web app can be accessed from public network. + * + * @return whether the web app can be accessed from public network. + */ + PublicNetworkAccess publicNetworkAccess(); + /** * Verifies the ownership of the domain for a certificate order by verifying a hostname of the domain is bound to * this web app. @@ -940,6 +947,13 @@ interface WithNetworkAccess { * @return the next stage of the definition */ WithCreate withAccessRule(IpSecurityRestriction ipSecurityRule); + + /** + * Disables public network access for the web app. + * + * @return the next stage of the definition + */ + WithCreate disablePublicNetworkAccess(); } /** The stage of web app definition allowing to configure container size. */ @@ -1665,6 +1679,19 @@ interface WithNetworkAccess { * @return the next stage of the update */ Update withoutIpAddressRangeAccess(String ipAddressCidr); + + /** + * Enables public network access for the web app, for private link feature. + * + * @return the next stage of the update + */ + Update enablePublicNetworkAccess(); + /** + * Disables public network access for the web app, for private link feature. + * + * @return the next stage of the update + */ + Update disablePublicNetworkAccess(); } /** The stage of web app update allowing to configure container size. */ diff --git a/sdk/resourcemanager/azure-resourcemanager-appservice/src/test/java/com/azure/resourcemanager/appservice/WebAppsTests.java b/sdk/resourcemanager/azure-resourcemanager-appservice/src/test/java/com/azure/resourcemanager/appservice/WebAppsTests.java index 2f5c914515944..77b2abbaff1fc 100644 --- a/sdk/resourcemanager/azure-resourcemanager-appservice/src/test/java/com/azure/resourcemanager/appservice/WebAppsTests.java +++ b/sdk/resourcemanager/azure-resourcemanager-appservice/src/test/java/com/azure/resourcemanager/appservice/WebAppsTests.java @@ -15,6 +15,7 @@ import com.azure.resourcemanager.appservice.models.LogLevel; import com.azure.resourcemanager.appservice.models.NetFrameworkVersion; import com.azure.resourcemanager.appservice.models.OperatingSystem; +import com.azure.resourcemanager.appservice.models.PublicNetworkAccess; import com.azure.resourcemanager.appservice.models.PricingTier; import com.azure.resourcemanager.appservice.models.RemoteVisualStudioVersion; import com.azure.resourcemanager.appservice.models.WebApp; @@ -284,4 +285,45 @@ public void canUpdateIpRestriction() { Assertions.assertEquals("Allow", webApp1.ipSecurityRules().iterator().next().action()); Assertions.assertEquals("Any", webApp1.ipSecurityRules().iterator().next().ipAddress()); } + + @Test + public void canCreateWebAppWithDisablePublicNetworkAccess() { + resourceManager.resourceGroups().define(rgName1).withRegion(Region.US_WEST).create(); + resourceManager.resourceGroups().define(rgName2).withRegion(Region.US_WEST).create(); + WebApp webApp = + appServiceManager + .webApps() + .define(webappName1) + .withRegion(Region.US_WEST) + .withExistingResourceGroup(rgName1) + .withNewWindowsPlan(appServicePlanName1, PricingTier.BASIC_B1) + .disablePublicNetworkAccess() + .withRemoteDebuggingEnabled(RemoteVisualStudioVersion.VS2019) + .create(); + webApp.refresh(); + Assertions.assertEquals(PublicNetworkAccess.DISABLED, webApp.publicNetworkAccess()); + } + + @Test + public void canUpdatePublicNetworkAccess() { + resourceManager.resourceGroups().define(rgName1).withRegion(Region.US_WEST).create(); + resourceManager.resourceGroups().define(rgName2).withRegion(Region.US_WEST).create(); + WebApp webApp = + appServiceManager + .webApps() + .define(webappName1) + .withRegion(Region.US_WEST) + .withExistingResourceGroup(rgName1) + .withNewWindowsPlan(appServicePlanName1, PricingTier.BASIC_B1) + .withRemoteDebuggingEnabled(RemoteVisualStudioVersion.VS2019) + .create(); + + webApp.update().disablePublicNetworkAccess().apply(); + webApp.refresh(); + Assertions.assertEquals(PublicNetworkAccess.DISABLED, webApp.publicNetworkAccess()); + + webApp.update().enablePublicNetworkAccess().apply(); + webApp.refresh(); + Assertions.assertEquals(PublicNetworkAccess.ENABLED, webApp.publicNetworkAccess()); + } } diff --git a/sdk/resourcemanager/azure-resourcemanager-containerservice/CHANGELOG.md b/sdk/resourcemanager/azure-resourcemanager-containerservice/CHANGELOG.md index 9c7c235d4fe9c..45aa96a5965c4 100644 --- a/sdk/resourcemanager/azure-resourcemanager-containerservice/CHANGELOG.md +++ b/sdk/resourcemanager/azure-resourcemanager-containerservice/CHANGELOG.md @@ -4,6 +4,8 @@ ### Features Added +- Supported disabling public network access in `KubernetesCluster` via `disablePublicNetworkAccess()`, for private link feature. + ### Breaking Changes ### Bugs Fixed diff --git a/sdk/resourcemanager/azure-resourcemanager-containerservice/assets.json b/sdk/resourcemanager/azure-resourcemanager-containerservice/assets.json index 885ec95ce7313..7ec4d96adc784 100644 --- a/sdk/resourcemanager/azure-resourcemanager-containerservice/assets.json +++ b/sdk/resourcemanager/azure-resourcemanager-containerservice/assets.json @@ -2,5 +2,5 @@ "AssetsRepo": "Azure/azure-sdk-assets", "AssetsRepoPrefixPath": "java", "TagPrefix": "java/resourcemanager/azure-resourcemanager-containerservice", - "Tag": "java/resourcemanager/azure-resourcemanager-containerservice_93dbce086c" + "Tag": "java/resourcemanager/azure-resourcemanager-containerservice_bb2ea4e1ac" } diff --git a/sdk/resourcemanager/azure-resourcemanager-containerservice/src/main/java/com/azure/resourcemanager/containerservice/implementation/KubernetesClusterImpl.java b/sdk/resourcemanager/azure-resourcemanager-containerservice/src/main/java/com/azure/resourcemanager/containerservice/implementation/KubernetesClusterImpl.java index da99dfb18ca82..e1a65a2f47883 100644 --- a/sdk/resourcemanager/azure-resourcemanager-containerservice/src/main/java/com/azure/resourcemanager/containerservice/implementation/KubernetesClusterImpl.java +++ b/sdk/resourcemanager/azure-resourcemanager-containerservice/src/main/java/com/azure/resourcemanager/containerservice/implementation/KubernetesClusterImpl.java @@ -40,6 +40,7 @@ import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuName; import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuTier; import com.azure.resourcemanager.containerservice.models.PowerState; +import com.azure.resourcemanager.containerservice.models.PublicNetworkAccess; import com.azure.resourcemanager.containerservice.models.ResourceIdentityType; import com.azure.resourcemanager.containerservice.models.UserAssignedIdentity; import com.azure.resourcemanager.resources.fluentcore.arm.models.PrivateEndpoint; @@ -299,6 +300,11 @@ public String agentPoolResourceGroup() { return innerModel().nodeResourceGroup(); } + @Override + public PublicNetworkAccess publicNetworkAccess() { + return this.innerModel().publicNetworkAccess(); + } + @Override public void start() { this.startAsync().block(); @@ -705,6 +711,18 @@ public KubernetesClusterImpl withAgentPoolResourceGroup(String resourceGroupName return this; } + @Override + public KubernetesClusterImpl enablePublicNetworkAccess() { + this.innerModel().withPublicNetworkAccess(PublicNetworkAccess.ENABLED); + return this; + } + + @Override + public KubernetesClusterImpl disablePublicNetworkAccess() { + this.innerModel().withPublicNetworkAccess(PublicNetworkAccess.DISABLED); + return this; + } + private static final class PrivateLinkResourceImpl implements PrivateLinkResource { private final PrivateLinkResourceInner innerModel; diff --git a/sdk/resourcemanager/azure-resourcemanager-containerservice/src/main/java/com/azure/resourcemanager/containerservice/models/KubernetesCluster.java b/sdk/resourcemanager/azure-resourcemanager-containerservice/src/main/java/com/azure/resourcemanager/containerservice/models/KubernetesCluster.java index 0349723e74795..8e8c57e893c4f 100644 --- a/sdk/resourcemanager/azure-resourcemanager-containerservice/src/main/java/com/azure/resourcemanager/containerservice/models/KubernetesCluster.java +++ b/sdk/resourcemanager/azure-resourcemanager-containerservice/src/main/java/com/azure/resourcemanager/containerservice/models/KubernetesCluster.java @@ -124,6 +124,13 @@ public interface KubernetesCluster */ String agentPoolResourceGroup(); + /** + * Whether the kubernetes cluster can be accessed from public network. + * + * @return whether the kubernetes cluster can be accessed from public network. + */ + PublicNetworkAccess publicNetworkAccess(); + // Actions /** @@ -175,6 +182,7 @@ interface Definition DefinitionStages.WithNetworkProfile, DefinitionStages.WithAddOnProfiles, DefinitionStages.WithManagedClusterSku, + DefinitionStages.WithPublicNetworkAccess, KubernetesCluster.DefinitionStages.WithCreate { } @@ -596,6 +604,16 @@ interface WithAgentPoolResourceGroup { WithCreate withAgentPoolResourceGroup(String resourceGroupName); } + /** The stage of Kubernetes cluster definition allowing to configure network access settings. */ + interface WithPublicNetworkAccess { + /** + * Disables public network access for the kubernetes cluster. + * + * @return the next stage of the definition + */ + WithCreate disablePublicNetworkAccess(); + } + /** * The stage of the definition which contains all the minimum required inputs for the resource to be created, * but also allows for any other optional settings to be specified. @@ -615,6 +633,7 @@ interface WithCreate WithDiskEncryption, WithAgentPoolResourceGroup, WithManagedClusterSku, + WithPublicNetworkAccess, Resource.DefinitionWithTags { } } @@ -630,6 +649,7 @@ interface Update UpdateStages.WithLocalAccounts, UpdateStages.WithVersion, UpdateStages.WithManagedClusterSku, + UpdateStages.WithPublicNetworkAccess, Resource.UpdateWithTags, Appliable { } @@ -807,5 +827,22 @@ interface WithVersion { */ Update withVersion(String kubernetesVersion); } + + + /** The stage of kubernetes cluster update allowing to configure network access settings. */ + interface WithPublicNetworkAccess { + /** + * Enables public network access for the kubernetes cluster. + * + * @return the next stage of the update + */ + Update enablePublicNetworkAccess(); + /** + * Disables public network access for the kubernetes cluster. + * + * @return the next stage of the update + */ + Update disablePublicNetworkAccess(); + } } } diff --git a/sdk/resourcemanager/azure-resourcemanager-containerservice/src/test/java/com/azure/resourcemanager/containerservice/KubernetesClustersTests.java b/sdk/resourcemanager/azure-resourcemanager-containerservice/src/test/java/com/azure/resourcemanager/containerservice/KubernetesClustersTests.java index 550d4a67daf82..3f07b45e56734 100644 --- a/sdk/resourcemanager/azure-resourcemanager-containerservice/src/test/java/com/azure/resourcemanager/containerservice/KubernetesClustersTests.java +++ b/sdk/resourcemanager/azure-resourcemanager-containerservice/src/test/java/com/azure/resourcemanager/containerservice/KubernetesClustersTests.java @@ -25,6 +25,7 @@ import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuTier; import com.azure.resourcemanager.containerservice.models.OSDiskType; import com.azure.resourcemanager.containerservice.models.OrchestratorVersionProfile; +import com.azure.resourcemanager.containerservice.models.PublicNetworkAccess; import com.azure.resourcemanager.containerservice.models.ScaleSetEvictionPolicy; import com.azure.resourcemanager.containerservice.models.ScaleSetPriority; import com.azure.resourcemanager.resources.fluentcore.model.Accepted; @@ -626,4 +627,63 @@ public void testUpdateManagedClusterSkuAndKubernetesSupportPlan() { Assertions.assertEquals(ManagedClusterSkuTier.FREE, kubernetesCluster.sku().tier()); Assertions.assertEquals(KubernetesSupportPlan.KUBERNETES_OFFICIAL, kubernetesCluster.innerModel().supportPlan()); } + + @Test + public void canCreateKubernetesClusterWithDisablePublicNetworkAccess() { + String aksName = generateRandomResourceName("aks", 15); + String dnsPrefix = generateRandomResourceName("dns", 10); + String agentPoolName = generateRandomResourceName("ap0", 10); + + // create + KubernetesCluster kubernetesCluster = + containerServiceManager.kubernetesClusters().define(aksName) + .withRegion(Region.US_SOUTH_CENTRAL) + .withExistingResourceGroup(rgName) + .withDefaultVersion() + .withRootUsername("testaks") + .withSshKey(SSH_KEY) + .withSystemAssignedManagedServiceIdentity() + .defineAgentPool(agentPoolName) + .withVirtualMachineSize(ContainerServiceVMSizeTypes.STANDARD_D2_V2) + .withAgentPoolVirtualMachineCount(1) + .withAgentPoolType(AgentPoolType.VIRTUAL_MACHINE_SCALE_SETS) + .withAgentPoolMode(AgentPoolMode.SYSTEM) + .attach() + .withDnsPrefix("mp1" + dnsPrefix) + .disablePublicNetworkAccess() + .create(); + + Assertions.assertEquals(PublicNetworkAccess.DISABLED, kubernetesCluster.publicNetworkAccess()); + } + + @Test + public void canUpdatePublicNetworkAccess() { + String aksName = generateRandomResourceName("aks", 15); + String dnsPrefix = generateRandomResourceName("dns", 10); + String agentPoolName = generateRandomResourceName("ap0", 10); + + // create + KubernetesCluster kubernetesCluster = + containerServiceManager.kubernetesClusters().define(aksName) + .withRegion(Region.US_SOUTH_CENTRAL) + .withExistingResourceGroup(rgName) + .withDefaultVersion() + .withRootUsername("testaks") + .withSshKey(SSH_KEY) + .withSystemAssignedManagedServiceIdentity() + .defineAgentPool(agentPoolName) + .withVirtualMachineSize(ContainerServiceVMSizeTypes.STANDARD_D2_V2) + .withAgentPoolVirtualMachineCount(1) + .withAgentPoolType(AgentPoolType.VIRTUAL_MACHINE_SCALE_SETS) + .withAgentPoolMode(AgentPoolMode.SYSTEM) + .attach() + .withDnsPrefix("mp1" + dnsPrefix) + .create(); + + kubernetesCluster.update().disablePublicNetworkAccess().apply(); + Assertions.assertEquals(PublicNetworkAccess.DISABLED, kubernetesCluster.publicNetworkAccess()); + + kubernetesCluster.update().enablePublicNetworkAccess().apply(); + Assertions.assertEquals(PublicNetworkAccess.ENABLED, kubernetesCluster.publicNetworkAccess()); + } } diff --git a/sdk/resourcemanager/azure-resourcemanager-cosmos/CHANGELOG.md b/sdk/resourcemanager/azure-resourcemanager-cosmos/CHANGELOG.md index fceae32422d76..18923b19c4fdc 100644 --- a/sdk/resourcemanager/azure-resourcemanager-cosmos/CHANGELOG.md +++ b/sdk/resourcemanager/azure-resourcemanager-cosmos/CHANGELOG.md @@ -4,6 +4,8 @@ ### Features Added +- Supported disabling public network access in `CosmosDBAccount` via `disablePublicNetworkAccess()`, for private link feature. + ### Breaking Changes ### Bugs Fixed diff --git a/sdk/resourcemanager/azure-resourcemanager-cosmos/assets.json b/sdk/resourcemanager/azure-resourcemanager-cosmos/assets.json index 032ea75f28bc7..8537a56123aee 100644 --- a/sdk/resourcemanager/azure-resourcemanager-cosmos/assets.json +++ b/sdk/resourcemanager/azure-resourcemanager-cosmos/assets.json @@ -2,5 +2,5 @@ "AssetsRepo": "Azure/azure-sdk-assets", "AssetsRepoPrefixPath": "java", "TagPrefix": "java/resourcemanager/azure-resourcemanager-cosmos", - "Tag": "java/resourcemanager/azure-resourcemanager-cosmos_166faee5e1" + "Tag": "java/resourcemanager/azure-resourcemanager-cosmos_dbcf178bc8" } diff --git a/sdk/resourcemanager/azure-resourcemanager-cosmos/src/main/java/com/azure/resourcemanager/cosmos/implementation/CosmosDBAccountImpl.java b/sdk/resourcemanager/azure-resourcemanager-cosmos/src/main/java/com/azure/resourcemanager/cosmos/implementation/CosmosDBAccountImpl.java index 3cbaeaade5a86..e27c33399d000 100644 --- a/sdk/resourcemanager/azure-resourcemanager-cosmos/src/main/java/com/azure/resourcemanager/cosmos/implementation/CosmosDBAccountImpl.java +++ b/sdk/resourcemanager/azure-resourcemanager-cosmos/src/main/java/com/azure/resourcemanager/cosmos/implementation/CosmosDBAccountImpl.java @@ -24,6 +24,7 @@ import com.azure.resourcemanager.cosmos.models.IpAddressOrRange; import com.azure.resourcemanager.cosmos.models.KeyKind; import com.azure.resourcemanager.cosmos.models.Location; +import com.azure.resourcemanager.cosmos.models.PublicNetworkAccess; import com.azure.resourcemanager.cosmos.models.PrivateEndpointConnection; import com.azure.resourcemanager.cosmos.models.PrivateLinkResource; import com.azure.resourcemanager.cosmos.models.PrivateLinkServiceConnectionStateProperty; @@ -80,6 +81,11 @@ public DatabaseAccountOfferType databaseAccountOfferType() { return this.innerModel().databaseAccountOfferType(); } + @Override + public PublicNetworkAccess publicNetworkAccess() { + return this.innerModel().publicNetworkAccess(); + } + @Override public String ipRangeFilter() { if (CoreUtils.isNullOrEmpty(ipRules())) { @@ -507,6 +513,8 @@ private DatabaseAccountCreateUpdateParameters createUpdateParametersInner(Databa .withVirtualNetworkRules(new ArrayList(this.virtualNetworkRulesMap.values())); this.virtualNetworkRulesMap = null; } + createUpdateParametersInner.withPublicNetworkAccess(inner.publicNetworkAccess()); + return createUpdateParametersInner; } @@ -529,6 +537,7 @@ private DatabaseAccountUpdateParameters updateParametersInner(DatabaseAccountGet virtualNetworkRulesMap = null; } this.addLocationsForParameters(new UpdateLocationParameters(updateParameters), this.failoverPolicies); + updateParameters.withPublicNetworkAccess(inner.publicNetworkAccess()); return updateParameters; } @@ -787,6 +796,18 @@ public Mono rejectPrivateEndpointConnectionAsync(String privateEndpointCon .then(); } + @Override + public CosmosDBAccountImpl enablePublicNetworkAccess() { + this.innerModel().withPublicNetworkAccess(PublicNetworkAccess.ENABLED); + return this; + } + + @Override + public CosmosDBAccountImpl disablePublicNetworkAccess() { + this.innerModel().withPublicNetworkAccess(PublicNetworkAccess.DISABLED); + return this; + } + interface HasLocations { String location(); diff --git a/sdk/resourcemanager/azure-resourcemanager-cosmos/src/main/java/com/azure/resourcemanager/cosmos/models/CosmosDBAccount.java b/sdk/resourcemanager/azure-resourcemanager-cosmos/src/main/java/com/azure/resourcemanager/cosmos/models/CosmosDBAccount.java index dd04ab0a08741..5687d1343d923 100644 --- a/sdk/resourcemanager/azure-resourcemanager-cosmos/src/main/java/com/azure/resourcemanager/cosmos/models/CosmosDBAccount.java +++ b/sdk/resourcemanager/azure-resourcemanager-cosmos/src/main/java/com/azure/resourcemanager/cosmos/models/CosmosDBAccount.java @@ -36,6 +36,13 @@ public interface CosmosDBAccount /** @return the offer type for the CosmosDB database account */ DatabaseAccountOfferType databaseAccountOfferType(); + /** + * Whether the CosmosDB account can be accessed from public network. + * + * @return whether the CosmosDB account can be accessed from public network. + */ + PublicNetworkAccess publicNetworkAccess(); + /** * @return specifies the set of IP addresses or IP address ranges in CIDR form. * @deprecated use {@link #ipRules()} @@ -397,6 +404,16 @@ interface WithPrivateEndpointConnection { PrivateEndpointConnection.DefinitionStages.Blank defineNewPrivateEndpointConnection( String name); } + + /** The stage of CosmosDB account definition allowing to configure network access settings. */ + interface WithPublicNetworkAccess { + /** + * Disables public network access for the CosmosDB account. + * + * @return the next stage of the definition + */ + WithCreate disablePublicNetworkAccess(); + } /** * The stage of the definition which contains all the minimum required inputs for the resource to be created, * but also allows for any other optional settings to be specified. @@ -411,7 +428,8 @@ interface WithCreate WithConnector, WithKeyBasedMetadataWriteAccess, WithPrivateEndpointConnection, - DefinitionWithTags { + DefinitionWithTags, + WithPublicNetworkAccess { } } @@ -431,7 +449,8 @@ interface WithOptionals UpdateStages.WithConnector, UpdateStages.WithKeyBasedMetadataWriteAccess, UpdateStages.WithPrivateEndpointConnection, - UpdateStages.WithIpRules { + UpdateStages.WithIpRules, + UpdateStages.WithPublicNetworkAccess { } /** The stage of the cosmos db definition allowing the definition of a write location. */ @@ -613,5 +632,21 @@ PrivateEndpointConnection.UpdateDefinitionStages.Blank defineNewP */ WithOptionals withoutPrivateEndpointConnection(String name); } + + /** The stage of CosmosDB account update allowing to configure network access settings. */ + interface WithPublicNetworkAccess { + /** + * Enables public network access for the CosmosDB account. + * + * @return the next stage of the update + */ + Update enablePublicNetworkAccess(); + /** + * Disables public network access for the CosmosDB account. + * + * @return the next stage of the update + */ + Update disablePublicNetworkAccess(); + } } } diff --git a/sdk/resourcemanager/azure-resourcemanager-cosmos/src/test/java/com/azure/resourcemanager/cosmos/CosmosDBTests.java b/sdk/resourcemanager/azure-resourcemanager-cosmos/src/test/java/com/azure/resourcemanager/cosmos/CosmosDBTests.java index 8507bb15299a2..4de8ca0eac4d6 100644 --- a/sdk/resourcemanager/azure-resourcemanager-cosmos/src/test/java/com/azure/resourcemanager/cosmos/CosmosDBTests.java +++ b/sdk/resourcemanager/azure-resourcemanager-cosmos/src/test/java/com/azure/resourcemanager/cosmos/CosmosDBTests.java @@ -13,6 +13,7 @@ import com.azure.resourcemanager.cosmos.models.CosmosDBAccount; import com.azure.resourcemanager.cosmos.models.DatabaseAccountKind; import com.azure.resourcemanager.cosmos.models.DefaultConsistencyLevel; +import com.azure.resourcemanager.cosmos.models.PublicNetworkAccess; import com.azure.resourcemanager.cosmos.models.PrivateEndpointConnection; import com.azure.resourcemanager.network.models.Network; import com.azure.resourcemanager.network.models.PrivateEndpoint; @@ -279,4 +280,49 @@ public void canCreateCosmosDbAzureTableAccount() { Assertions.assertEquals(cosmosDBAccount.readableReplications().size(), 2); Assertions.assertEquals(cosmosDBAccount.defaultConsistencyLevel(), DefaultConsistencyLevel.EVENTUAL); } + + @Test + public void canCreateCosmosDBAccountWithDisablePublicNetworkAccess() { + final String cosmosDbAccountName = generateRandomResourceName("cosmosdb", 22); + + CosmosDBAccount cosmosDBAccount = + cosmosManager + .databaseAccounts() + .define(cosmosDbAccountName) + .withRegion(Region.US_WEST_CENTRAL) + .withNewResourceGroup(rgName) + .withDataModelAzureTable() + .withEventualConsistency() + .withWriteReplication(Region.US_EAST) + .withReadReplication(Region.US_WEST) + .withTag("tag1", "value1") + .disablePublicNetworkAccess() + .create(); + + Assertions.assertEquals(PublicNetworkAccess.DISABLED, cosmosDBAccount.publicNetworkAccess()); + } + + @Test + public void canUpdatePublicNetworkAccess() { + final String cosmosDbAccountName = generateRandomResourceName("cosmosdb", 22); + + CosmosDBAccount cosmosDBAccount = + cosmosManager + .databaseAccounts() + .define(cosmosDbAccountName) + .withRegion(Region.US_WEST_CENTRAL) + .withNewResourceGroup(rgName) + .withDataModelAzureTable() + .withEventualConsistency() + .withWriteReplication(Region.US_EAST) + .withReadReplication(Region.US_WEST) + .withTag("tag1", "value1") + .create(); + + cosmosDBAccount.update().disablePublicNetworkAccess().apply(); + Assertions.assertEquals(PublicNetworkAccess.DISABLED, cosmosDBAccount.publicNetworkAccess()); + + cosmosDBAccount.update().enablePublicNetworkAccess().apply(); + Assertions.assertEquals(PublicNetworkAccess.ENABLED, cosmosDBAccount.publicNetworkAccess()); + } } diff --git a/sdk/resourcemanager/azure-resourcemanager-redis/CHANGELOG.md b/sdk/resourcemanager/azure-resourcemanager-redis/CHANGELOG.md index 72bf157d8a1b9..58d8f089caec6 100644 --- a/sdk/resourcemanager/azure-resourcemanager-redis/CHANGELOG.md +++ b/sdk/resourcemanager/azure-resourcemanager-redis/CHANGELOG.md @@ -4,6 +4,8 @@ ### Features Added +- Supported disabling public network access in `RedisCache` via `disablePublicNetworkAccess()`, for private link feature. + ### Breaking Changes ### Bugs Fixed diff --git a/sdk/resourcemanager/azure-resourcemanager-redis/assets.json b/sdk/resourcemanager/azure-resourcemanager-redis/assets.json index 916cca521e226..fb78b8e4a21aa 100644 --- a/sdk/resourcemanager/azure-resourcemanager-redis/assets.json +++ b/sdk/resourcemanager/azure-resourcemanager-redis/assets.json @@ -2,5 +2,5 @@ "AssetsRepo": "Azure/azure-sdk-assets", "AssetsRepoPrefixPath": "java", "TagPrefix": "java/resourcemanager/azure-resourcemanager-redis", - "Tag": "java/resourcemanager/azure-resourcemanager-redis_df48c9d2b2" + "Tag": "java/resourcemanager/azure-resourcemanager-redis_50169e9af1" } diff --git a/sdk/resourcemanager/azure-resourcemanager-redis/src/main/java/com/azure/resourcemanager/redis/implementation/RedisCacheImpl.java b/sdk/resourcemanager/azure-resourcemanager-redis/src/main/java/com/azure/resourcemanager/redis/implementation/RedisCacheImpl.java index bb5e24a0352a3..ef77728d300a0 100644 --- a/sdk/resourcemanager/azure-resourcemanager-redis/src/main/java/com/azure/resourcemanager/redis/implementation/RedisCacheImpl.java +++ b/sdk/resourcemanager/azure-resourcemanager-redis/src/main/java/com/azure/resourcemanager/redis/implementation/RedisCacheImpl.java @@ -17,6 +17,7 @@ import com.azure.resourcemanager.redis.models.ExportRdbParameters; import com.azure.resourcemanager.redis.models.ImportRdbParameters; import com.azure.resourcemanager.redis.models.ProvisioningState; +import com.azure.resourcemanager.redis.models.PublicNetworkAccess; import com.azure.resourcemanager.redis.models.RebootType; import com.azure.resourcemanager.redis.models.RedisAccessKeys; import com.azure.resourcemanager.redis.models.RedisCache; @@ -196,6 +197,11 @@ public RedisAccessKeys regenerateKey(RedisKeyType keyType) { return cachedAccessKeys; } + @Override + public PublicNetworkAccess publicNetworkAccess() { + return this.innerModel().publicNetworkAccess(); + } + @Override public void forceReboot(RebootType rebootType) { RedisRebootParameters parameters = new RedisRebootParameters().withRebootType(rebootType); @@ -730,6 +736,26 @@ public Mono rejectPrivateEndpointConnectionAsync(String privateEndpointCon .then(); } + @Override + public RedisCacheImpl enablePublicNetworkAccess() { + if (isInCreateMode()) { + createParameters.withPublicNetworkAccess(PublicNetworkAccess.ENABLED); + } else { + updateParameters.withPublicNetworkAccess(PublicNetworkAccess.ENABLED); + } + return this; + } + + @Override + public RedisCacheImpl disablePublicNetworkAccess() { + if (isInCreateMode()) { + createParameters.withPublicNetworkAccess(PublicNetworkAccess.DISABLED); + } else { + updateParameters.withPublicNetworkAccess(PublicNetworkAccess.DISABLED); + } + return this; + } + private static final class PrivateLinkResourceImpl implements PrivateLinkResource { private final PrivateLinkResourceInner innerModel; diff --git a/sdk/resourcemanager/azure-resourcemanager-redis/src/main/java/com/azure/resourcemanager/redis/models/RedisCache.java b/sdk/resourcemanager/azure-resourcemanager-redis/src/main/java/com/azure/resourcemanager/redis/models/RedisCache.java index d90d3224632ef..fa34488de218a 100644 --- a/sdk/resourcemanager/azure-resourcemanager-redis/src/main/java/com/azure/resourcemanager/redis/models/RedisCache.java +++ b/sdk/resourcemanager/azure-resourcemanager-redis/src/main/java/com/azure/resourcemanager/redis/models/RedisCache.java @@ -104,6 +104,13 @@ public interface RedisCache */ RedisAccessKeys regenerateKey(RedisKeyType keyType); + /** + * Whether the redis cache can be accessed from public network. + * + * @return whether the redis cache can be accessed from public network. + */ + PublicNetworkAccess publicNetworkAccess(); + /************************************************************** * Fluent interfaces to provision a RedisCache **************************************************************/ @@ -289,6 +296,13 @@ interface WithCreate extends Creatable, DefinitionWithTags, UpdateStages.WithSku, UpdateStages.WithNonSslPort, - UpdateStages.WithRedisConfiguration { + UpdateStages.WithRedisConfiguration, + UpdateStages.WithPublicNetworkAccess { /** * The number of shards to be created on a Premium Cluster Cache. * diff --git a/sdk/resourcemanager/azure-resourcemanager-redis/src/test/java/com/azure/resourcemanager/redis/RedisCacheOperationsTests.java b/sdk/resourcemanager/azure-resourcemanager-redis/src/test/java/com/azure/resourcemanager/redis/RedisCacheOperationsTests.java index a782314764166..2d30aff4a33c9 100644 --- a/sdk/resourcemanager/azure-resourcemanager-redis/src/test/java/com/azure/resourcemanager/redis/RedisCacheOperationsTests.java +++ b/sdk/resourcemanager/azure-resourcemanager-redis/src/test/java/com/azure/resourcemanager/redis/RedisCacheOperationsTests.java @@ -7,6 +7,7 @@ import com.azure.core.management.Region; import com.azure.core.management.exception.ManagementException; import com.azure.resourcemanager.redis.models.DayOfWeek; +import com.azure.resourcemanager.redis.models.PublicNetworkAccess; import com.azure.resourcemanager.redis.models.RebootType; import com.azure.resourcemanager.redis.models.RedisAccessKeys; import com.azure.resourcemanager.redis.models.RedisCache; @@ -369,6 +370,42 @@ public void canCreateRedisWithRdbAof() { assertSameVersion(RedisCache.RedisVersion.V6, redisCache.redisVersion()); } + @Test + public void canCreateRedisCacheWithDisablePublicNetworkAccess() { + resourceManager.resourceGroups().define(rgNameSecond).withRegion(Region.US_CENTRAL); + + RedisCache redisCache = + redisManager + .redisCaches() + .define(rrName) + .withRegion(Region.ASIA_EAST) + .withNewResourceGroup(rgName) + .withBasicSku() + .disablePublicNetworkAccess() + .create(); + Assertions.assertEquals(PublicNetworkAccess.DISABLED, redisCache.publicNetworkAccess()); + } + + @Test + public void canUpdatePublicNetworkAccess() { + resourceManager.resourceGroups().define(rgNameSecond).withRegion(Region.US_CENTRAL); + + RedisCache redisCache = + redisManager + .redisCaches() + .define(rrName) + .withRegion(Region.ASIA_EAST) + .withNewResourceGroup(rgName) + .withBasicSku() + .create(); + + redisCache.update().disablePublicNetworkAccess().apply(); + Assertions.assertEquals(PublicNetworkAccess.DISABLED, redisCache.publicNetworkAccess()); + + redisCache.update().enablePublicNetworkAccess().apply(); + Assertions.assertEquals(PublicNetworkAccess.ENABLED, redisCache.publicNetworkAccess()); + } + // e.g 6.xxxx private static final Pattern MINOR_VERSION_REGEX = Pattern.compile("([1-9]+)\\..*"); diff --git a/sdk/resourcemanager/azure-resourcemanager-storage/CHANGELOG.md b/sdk/resourcemanager/azure-resourcemanager-storage/CHANGELOG.md index 1fbef57bd71df..0e3a6eb8fba08 100644 --- a/sdk/resourcemanager/azure-resourcemanager-storage/CHANGELOG.md +++ b/sdk/resourcemanager/azure-resourcemanager-storage/CHANGELOG.md @@ -4,6 +4,8 @@ ### Features Added +- Supported disabling public network access in `StorageAccount` via `disablePublicNetworkAccess()`, for private link feature. + ### Breaking Changes ### Bugs Fixed diff --git a/sdk/resourcemanager/azure-resourcemanager-storage/assets.json b/sdk/resourcemanager/azure-resourcemanager-storage/assets.json index 285b19032c728..f11fbbe8e8a3c 100644 --- a/sdk/resourcemanager/azure-resourcemanager-storage/assets.json +++ b/sdk/resourcemanager/azure-resourcemanager-storage/assets.json @@ -2,5 +2,5 @@ "AssetsRepo": "Azure/azure-sdk-assets", "AssetsRepoPrefixPath": "java", "TagPrefix": "java/resourcemanager/azure-resourcemanager-storage", - "Tag": "java/resourcemanager/azure-resourcemanager-storage_9e28ed11a8" + "Tag": "java/resourcemanager/azure-resourcemanager-storage_3aaa86972f" } diff --git a/sdk/resourcemanager/azure-resourcemanager-storage/src/main/java/com/azure/resourcemanager/storage/implementation/StorageAccountImpl.java b/sdk/resourcemanager/azure-resourcemanager-storage/src/main/java/com/azure/resourcemanager/storage/implementation/StorageAccountImpl.java index 5524285d8fc49..b0420002c3a1f 100644 --- a/sdk/resourcemanager/azure-resourcemanager-storage/src/main/java/com/azure/resourcemanager/storage/implementation/StorageAccountImpl.java +++ b/sdk/resourcemanager/azure-resourcemanager-storage/src/main/java/com/azure/resourcemanager/storage/implementation/StorageAccountImpl.java @@ -37,6 +37,7 @@ import com.azure.resourcemanager.storage.models.PrivateLinkServiceConnectionState; import com.azure.resourcemanager.storage.models.ProvisioningState; import com.azure.resourcemanager.storage.models.PublicEndpoints; +import com.azure.resourcemanager.storage.models.PublicNetworkAccess; import com.azure.resourcemanager.storage.models.Sku; import com.azure.resourcemanager.storage.models.StorageAccount; import com.azure.resourcemanager.storage.models.StorageAccountCreateParameters; @@ -280,6 +281,11 @@ public String userAssignedIdentityIdForCustomerEncryptionKey() { return this.encryptionHelper.userAssignedIdentityIdForKeyVault(this.innerModel()); } + @Override + public PublicNetworkAccess publicNetworkAccess() { + return this.innerModel().publicNetworkAccess(); + } + @Override public List getKeys() { return this.getKeysAsync().block(); @@ -667,6 +673,26 @@ public StorageAccountImpl disableDefaultToOAuthAuthentication() { return this; } + @Override + public StorageAccountImpl enablePublicNetworkAccess() { + if (isInCreateMode()) { + createParameters.withPublicNetworkAccess(PublicNetworkAccess.ENABLED); + } else { + updateParameters.withPublicNetworkAccess(PublicNetworkAccess.ENABLED); + } + return this; + } + + @Override + public StorageAccountImpl disablePublicNetworkAccess() { + if (isInCreateMode()) { + createParameters.withPublicNetworkAccess(PublicNetworkAccess.DISABLED); + } else { + updateParameters.withPublicNetworkAccess(PublicNetworkAccess.DISABLED); + } + return this; + } + @Override public StorageAccountImpl withAccessFromAllNetworks() { this.networkRulesHelper.withAccessFromAllNetworks(); diff --git a/sdk/resourcemanager/azure-resourcemanager-storage/src/main/java/com/azure/resourcemanager/storage/models/StorageAccount.java b/sdk/resourcemanager/azure-resourcemanager-storage/src/main/java/com/azure/resourcemanager/storage/models/StorageAccount.java index 67b334aa5da02..ba729c4d2869a 100644 --- a/sdk/resourcemanager/azure-resourcemanager-storage/src/main/java/com/azure/resourcemanager/storage/models/StorageAccount.java +++ b/sdk/resourcemanager/azure-resourcemanager-storage/src/main/java/com/azure/resourcemanager/storage/models/StorageAccount.java @@ -252,6 +252,12 @@ public interface StorageAccount * {@link StorageAccount#identityTypeForCustomerEncryptionKey()} is not {@link IdentityType#USER_ASSIGNED} */ String userAssignedIdentityIdForCustomerEncryptionKey(); + /** + * Whether the storage account can be accessed from public network. + * + * @return whether the storage account can be accessed from public network. + */ + PublicNetworkAccess publicNetworkAccess(); /** Container interface for all the definitions that need to be implemented. */ interface Definition @@ -559,6 +565,12 @@ interface WithBlobAccess { /** The stage of storage account definition allowing to configure network access settings. */ interface WithNetworkAccess { + /** + * Disables public network access for the storage account. + * + * @return the next stage of the definition + */ + WithCreate disablePublicNetworkAccess(); /** * Specifies that by default access to storage account should be allowed from all networks. * @@ -989,6 +1001,20 @@ interface WithBlobAccess { /** The stage of storage account update allowing to configure network access. */ interface WithNetworkAccess { + /** + * Enables public network access for the storage account. + * + * @return the next stage of the update + */ + Update enablePublicNetworkAccess(); + + /** + * Disables public network access for the storage account. + * + * @return the next stage of the update + */ + Update disablePublicNetworkAccess(); + /** * Specifies that by default access to storage account should be allowed from all networks. * diff --git a/sdk/resourcemanager/azure-resourcemanager-storage/src/test/java/com/azure/resourcemanager/storage/StorageAccountOperationsTests.java b/sdk/resourcemanager/azure-resourcemanager-storage/src/test/java/com/azure/resourcemanager/storage/StorageAccountOperationsTests.java index 0131a6df615ff..beef09f1d178f 100644 --- a/sdk/resourcemanager/azure-resourcemanager-storage/src/test/java/com/azure/resourcemanager/storage/StorageAccountOperationsTests.java +++ b/sdk/resourcemanager/azure-resourcemanager-storage/src/test/java/com/azure/resourcemanager/storage/StorageAccountOperationsTests.java @@ -11,6 +11,7 @@ import com.azure.resourcemanager.storage.models.IdentityType; import com.azure.resourcemanager.storage.models.Kind; import com.azure.resourcemanager.storage.models.MinimumTlsVersion; +import com.azure.resourcemanager.storage.models.PublicNetworkAccess; import com.azure.resourcemanager.storage.models.SkuName; import com.azure.resourcemanager.storage.models.StorageAccount; import com.azure.resourcemanager.storage.models.StorageAccountEncryptionStatus; @@ -714,4 +715,35 @@ public void updateIdentityFromNoneToSystemUserAssigned() { Assertions.assertNotNull(storageAccount.systemAssignedManagedServiceIdentityTenantId()); Assertions.assertFalse(storageAccount.userAssignedManagedServiceIdentityIds().isEmpty()); } + + @Test + public void canCreateStorageAccountWithDisabledPublicNetworkAccess() { + resourceManager.resourceGroups().define(rgName).withRegion(Region.US_EAST).create(); + StorageAccount storageAccount = storageManager + .storageAccounts() + .define(saName) + .withRegion(Region.US_EAST) + .withExistingResourceGroup(rgName) + .withSystemAssignedManagedServiceIdentity() + .disablePublicNetworkAccess() + .create(); + Assertions.assertEquals(PublicNetworkAccess.DISABLED, storageAccount.publicNetworkAccess()); + } + + @Test + public void canUpdatePublicNetworkAccess() { + resourceManager.resourceGroups().define(rgName).withRegion(Region.US_EAST).create(); + StorageAccount storageAccount = storageManager + .storageAccounts() + .define(saName) + .withRegion(Region.US_EAST) + .withExistingResourceGroup(rgName) + .withSystemAssignedManagedServiceIdentity() + .create(); + storageAccount.update().disablePublicNetworkAccess().apply(); + Assertions.assertEquals(PublicNetworkAccess.DISABLED, storageAccount.publicNetworkAccess()); + + storageAccount.update().enablePublicNetworkAccess().apply(); + Assertions.assertEquals(PublicNetworkAccess.ENABLED, storageAccount.publicNetworkAccess()); + } }