[ServiceBus]: Manual approval cmdlets for private endpoints (#18730)

* adding private endpoint and private link cmdlets

* fixes, testing and documentation

* changelog update

* test records pushing

* Upgrading SB SDK version in eventgrid

* adding eventGrid to ignore RP list

* adding eventGrid to ignore RP list

src/EventGrid/EventGrid.Test/EventGrid.Test.csproj

@@ -14,7 +14,7 @@
     <PackageReference Include="Microsoft.Azure.Management.EventGrid" Version="7.0.0" />
     <PackageReference Include="Microsoft.Azure.Management.EventHub" Version="5.0.0" />
     <PackageReference Include="Microsoft.Azure.Management.Relay" Version="2.0.2" />
-    <PackageReference Include="Microsoft.Azure.Management.ServiceBus" Version="3.0.0" />
+    <PackageReference Include="Microsoft.Azure.Management.ServiceBus" Version="4.0.0" />
     <PackageReference Include="Microsoft.Azure.Management.Storage" Version="24.0.0" />
   </ItemGroup>
 

src/EventGrid/EventGrid.Test/ScenarioTests/EventGridTestRunner.cs

@@ -51,7 +51,8 @@ protected EventGridTestRunner(ITestOutputHelper output)
                         {"Microsoft.Resources", null},
                         {"Microsoft.Features", null},
                         {"Microsoft.Authorization", null},
-                        {"Microsoft.EventHub", null}
+                        {"Microsoft.EventHub", null},
+                        {"Microsoft.ServiceBus", null}
                     }
                 )
                 .Build();

src/ServiceBus/ServiceBus.Test/ScenarioTests/NetworkRuleSet.cs

@@ -14,7 +14,7 @@
 
 namespace Microsoft.Azure.Commands.ServiceBus.Test.ScenarioTests
 {
-    using Microsoft.Azure.Commands.EventHub.Test.ScenarioTests;
+    using Microsoft.Azure.Commands.ServiceBus.Test.ScenarioTests;
     using Microsoft.WindowsAzure.Commands.ScenarioTest;
     using Xunit;
     using Xunit.Abstractions;

src/ServiceBus/ServiceBus.Test/ScenarioTests/ServiceBusDRConfigurations.cs

@@ -14,7 +14,7 @@
 
 namespace Microsoft.Azure.Commands.ServiceBus.Test.ScenarioTests
 {
-    using Microsoft.Azure.Commands.EventHub.Test.ScenarioTests;
+    using Microsoft.Azure.Commands.ServiceBus.Test.ScenarioTests;
     using Microsoft.WindowsAzure.Commands.ScenarioTest;
     using Xunit;
     using Xunit.Abstractions;

src/ServiceBus/ServiceBus.Test/ScenarioTests/ServiceBusMigrationConfigurationTests.cs

@@ -14,7 +14,7 @@
 
 namespace Microsoft.Azure.Commands.ServiceBus.Test.ScenarioTests
 {
-    using Microsoft.Azure.Commands.EventHub.Test.ScenarioTests;
+    using Microsoft.Azure.Commands.ServiceBus.Test.ScenarioTests;
     using Microsoft.WindowsAzure.Commands.ScenarioTest;
     using Xunit;
     using Xunit.Abstractions;

src/ServiceBus/ServiceBus.Test/ScenarioTests/ServiceBusPaginationTests.cs

@@ -14,7 +14,7 @@
 
 namespace Microsoft.Azure.Commands.ServiceBus.Test.ScenarioTests
 {
-    using Microsoft.Azure.Commands.EventHub.Test.ScenarioTests;
+    using Microsoft.Azure.Commands.ServiceBus.Test.ScenarioTests;
     using Microsoft.WindowsAzure.Commands.ScenarioTest;
     using Xunit;
     using Xunit.Abstractions;
@@ -29,6 +29,13 @@ public ServiceBusPaginationTests(ITestOutputHelper output) : base(output)
         public void ServiceBusPaginationTests_CURD()
         {
             TestRunner.RunTestScript("ServiceBusPaginationTests");
-        }        
+        }
+
+        [Fact]
+        [Trait(Category.AcceptanceType, Category.CheckIn)]
+        public void ServiceBusPrivateEndpointPagination()
+        {
+            TestRunner.RunTestScript("PrivateEndpointPagination");
+        }
     }
 }

src/ServiceBus/ServiceBus.Test/ScenarioTests/ServiceBusPaginationTests.ps1

@@ -102,4 +102,18 @@ function ServiceBusPaginationTests {
     }
 
 
-}
+}
+
+function PrivateEndpointPagination{
+	#Max allowed private endpoints : 120
+	$resourceGroupName = "ps-testing"
+	$namespaceName = "sb-ps-pagination-testing"
+
+	$listOfPrivateEndpoints = Get-AzServiceBusPrivateEndpointConnection -ResourceGroupName $resourceGroupName -NamespaceName $namespaceName
+
+	Assert-AreEqual 120 $listOfPrivateEndpoints.Count
+
+    $namespace = Get-AzServiceBusNamespace -ResourceGroupName $resourceGroupName -NamespaceName $namespaceName
+
+    Assert-AreEqual 120 $namespace.PrivateEndpointConnections.Count
+}

src/ServiceBus/ServiceBus.Test/ScenarioTests/ServiceBusPrivateEndpointTests.cs

@@ -0,0 +1,37 @@
+// ----------------------------------------------------------------------------------
+//
+// Copyright Microsoft Corporation
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// http://www.apache.org/licenses/LICENSE-2.0
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+// ----------------------------------------------------------------------------------
+
+namespace Microsoft.Azure.Commands.ServiceBus.Test.ScenarioTests
+{
+    using Microsoft.Azure.Commands.ServiceBus.Test.ScenarioTests;
+    using Microsoft.WindowsAzure.Commands.ScenarioTest;
+    using Microsoft.WindowsAzure.Commands.Test.Utilities.Common;
+    using ServiceManagement.Common.Models;
+    using Xunit;
+    using Xunit.Abstractions;
+    public class ServiceBusPrivateEndpointTests : ServiceBusTestRunner
+    {
+        public ServiceBusPrivateEndpointTests(ITestOutputHelper output) : base(output)
+        {
+
+        }
+
+        [Fact]
+        [Trait(Category.AcceptanceType, Category.CheckIn)]
+        public void ServiceBusPrivateEndpoints()
+        {
+            TestRunner.RunTestScript("PrivateEndpointTest");
+        }
+    }
+}

src/ServiceBus/ServiceBus.Test/ScenarioTests/ServiceBusPrivateEndpointTests.ps1

@@ -0,0 +1,224 @@
+# ----------------------------------------------------------------------------------
+#
+# Copyright Microsoft Corporation
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+# http://www.apache.org/licenses/LICENSE-2.0
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ----------------------------------------------------------------------------------
+
+<#
+.SYNOPSIS
+Tests ServiceBus Private Endpoint Manual Approval Operations
+#>
+
+function WaitforStatetoBeSucceded 
+{
+	param([string]$resourceGroupName,[string]$namespaceName,[string]$privateEndpointName)
+
+	$createdPrivateEndpoint = Get-AzServiceBusPrivateEndpointConnection -ResourceGroup $resourceGroupName -Namespace $namespaceName -Name $privateEndpointName
+
+	while($createdPrivateEndpoint.ProvisioningState -ne "Succeeded")
+	{
+		Wait-Seconds 10
+		$createdPrivateEndpoint = Get-AzServiceBusPrivateEndpointConnection -ResourceGroup $resourceGroupName -Namespace $namespaceName -Name $privateEndpointName
+	}
+
+	return $createdPrivateEndpoint
+}
+
+function PrivateEndpointTest
+{
+	# Setup    
+	$location =  Get-Location
+	$resourceGroupName = getAssetName "RSG-Private-Endpoint"
+	$namespaceName = getAssetName "SB-Namespace-"
+	$peConnectionName1 = getAssetName "pe-connection-ns1-"
+	$peConnectionName2 = getAssetName "pe-connection-ns2-"
+	$peConnectionName3 = getAssetName "pe-connection-ns3-"
+	$peConnectionName4 = getAssetName "pe-connection-ns4-"
+	$peName1 = getAssetName "pe-Name1-"
+	$peName2 = getAssetName "pe-Name2-"
+	$peName3 = getAssetName "pe-Name3-"
+	$peName4 = getAssetName "pe-Name4-"
+	$vnetName1 = getAssetName "vnet-ns1-"
+	$vnetName2 = getAssetName "vnet-ns2-"
+	$subnetName1 = "frontendsubnet"
+	$subnetName2 = "backendsubnet"
+
+	try{
+
+		# Create ResourceGroup
+		Write-Debug " Create resource group"    
+		Write-Debug "Resource group name : $resourceGroupName"
+		New-AzResourceGroup -Name $resourceGroupName -Location $location -Force
+
+		# Create ServiceBus Namespace 
+		Write-Debug " Create new ServiceBus namespace"
+		Write-Debug "Namespace name : $namespaceName"
+		$result = New-AzServiceBusNamespace -ResourceGroup $resourceGroupName -Name $namespaceName -Location $location -SkuName Premium
+
+		$frontendSubnet = New-AzVirtualNetworkSubnetConfig -Name $subnetName1 -AddressPrefix "10.0.1.0/24" ## Create frontend subnet 
+		$backendSubnet = New-AzVirtualNetworkSubnetConfig -Name $subnetName2 -AddressPrefix "10.0.2.0/24"
+		$virtualNetwork = New-AzVirtualNetwork -ResourceGroupName $resourceGroupName -Location $location -Name $vnetName1 -AddressPrefix 10.0.0.0/16 -Subnet $frontendSubnet, $backendSubnet
+
+
+		$privateEndpointConnection = New-AzPrivateLinkServiceConnection -Name $peConnectionName1 -PrivateLinkServiceId $result.Id -GroupId "namespace"
+		$virtualNetwork = Get-AzVirtualNetwork -ResourceGroupName  $resourceGroupName -Name $vnetName1
+		$subnet1 = $virtualNetwork | Select -ExpandProperty subnets | Where-Object  {$_.Name -eq $subnetName1}
+		$privateEndpoint = New-AzPrivateEndpoint -ResourceGroupName $resourceGroupName -Name $peName1 -Location $location -Subnet $subnet1 -PrivateLinkServiceConnection $privateEndpointConnection -ByManualRequest -Force
+
+		$privateEndpointConnection = New-AzPrivateLinkServiceConnection -Name $peConnectionName2 -PrivateLinkServiceId $result.Id -GroupId "namespace" -RequestMessage "Hello"
+		$virtualNetwork = Get-AzVirtualNetwork -ResourceGroupName  $resourceGroupName -Name $vnetName1
+		$subnet2 = $virtualNetwork | Select -ExpandProperty subnets | Where-Object  {$_.Name -eq $subnetName2}
+		$privateEndpoint = New-AzPrivateEndpoint -ResourceGroupName $resourceGroupName -Name $peName2 -Location $location -Subnet $subnet2 -PrivateLinkServiceConnection $privateEndpointConnection -ByManualRequest -Force
+
+		$listOfPrivateEndpoints = Get-AzServiceBusPrivateEndpointConnection -ResourceGroupName $resourceGroupName -NamespaceName $namespaceName
+
+		Assert-AreEqual 2 $listOfPrivateEndpoints.Count
+
+		$privateEndpointId1 = $listOfPrivateEndpoints[0].Name
+		$descriptionId1 = $listOfPrivateEndpoints[0].Description
+
+		$privateEndpointId2 = $listOfPrivateEndpoints[1].Name
+		$descriptionId2 = $listOfPrivateEndpoints[1].Description
+
+		$privateEndpoint1 = Get-AzServiceBusPrivateEndpointConnection -ResourceGroupName $resourceGroupName -NamespaceName $namespaceName -Name $privateEndpointId1
+		Assert-AreEqual $privateEndpoint1.ConnectionState "Pending"
+		Assert-AreEqual $privateEndpoint1.Description $descriptionId1
+
+		$privateEndpoint2 = Get-AzServiceBusPrivateEndpointConnection -ResourceId $listOfPrivateEndpoints[1].Id
+		Assert-AreEqual $privateEndpoint2.ConnectionState "Pending"
+		Assert-AreEqual $privateEndpoint2.Description $descriptionId2
+
+		$privateEndpoint1 = Approve-AzServiceBusPrivateEndpointConnection -ResourceGroupName $resourceGroupName -NamespaceName $namespaceName -Name $privateEndpointId1
+
+		$privateEndpoint1 = WaitforStatetoBeSucceded $resourceGroupName $namespaceName $privateEndpointId1
+
+		Assert-AreEqual $privateEndpoint1.ConnectionState "Approved"
+		Assert-AreEqual $privateEndpoint1.ProvisioningState "Succeeded"
+		Assert-AreEqual $privateEndpoint1.Description ""
+
+		$privateEndpoint2 = Get-AzServiceBusPrivateEndpointConnection -ResourceGroupName $resourceGroupName -NamespaceName $namespaceName -Name $privateEndpointId2
+		Assert-AreEqual $privateEndpoint2.ConnectionState "Pending"
+		Assert-AreEqual $privateEndpoint2.Description $descriptionId2
+
+		$privateEndpoint2 = Approve-AzServiceBusPrivateEndpointConnection -ResourceId $privateEndpoint2.Id
+
+		$privateEndpoint2 = WaitforStatetoBeSucceded $resourceGroupName $namespaceName $privateEndpointId2
+
+		Assert-AreEqual $privateEndpoint2.ConnectionState "Approved"
+		Assert-AreEqual $privateEndpoint2.Description ""
+
+		#
+		$privateEndpoint1 = Get-AzServiceBusPrivateEndpointConnection -ResourceId $privateEndpoint1.Id
+		Assert-AreEqual $privateEndpoint1.ConnectionState "Approved"
+
+		$privateEndpoint2 = Get-AzServiceBusPrivateEndpointConnection -ResourceId $privateEndpoint2.Id
+		Assert-AreEqual $privateEndpoint2.ConnectionState "Approved"
+		Assert-AreEqual $privateEndpoint2.Description ""
+
+		$privateEndpoint2 = Get-AzServiceBusPrivateEndpointConnection -ResourceId $privateEndpoint2.Id.ToLower()
+		Assert-AreEqual $privateEndpoint2.ConnectionState "Approved"
+		Assert-AreEqual $privateEndpoint2.Description ""
+
+		$privateEndpoint1 = Deny-AzServiceBusPrivateEndpointConnection -ResourceId $privateEndpoint1.Id
+		Assert-AreEqual $privateEndpoint1.ProvisioningState "Updating"
+		Assert-AreEqual $privateEndpoint1.ConnectionState "Rejected"
+
+		$privateEndpoint1 = WaitforStatetoBeSucceded $resourceGroupName $namespaceName $privateEndpointId1
+		Assert-AreEqual $privateEndpoint1.ConnectionState "Rejected"
+		Assert-AreEqual $privateEndpoint1.Description ""
+
+		$privateEndpoint2 = Deny-AzServiceBusPrivateEndpointConnection -ResourceGroupName $resourceGroupName -NamespaceName $namespaceName -Name $privateEndpointId2
+		Assert-AreEqual "Updating" $privateEndpoint2.ProvisioningState
+		Assert-AreEqual "Rejected" $privateEndpoint2.ConnectionState
+
+		$privateEndpoint2 = WaitforStatetoBeSucceded $resourceGroupName $namespaceName $privateEndpointId2
+		Assert-AreEqual $privateEndpoint2.ConnectionState "Rejected"
+		Assert-AreEqual $privateEndpoint2.Description ""
+
+		Remove-AzServiceBusPrivateEndpointConnection -ResourceId $privateEndpoint1.Id
+		Remove-AzServiceBusPrivateEndpointConnection -ResourceGroupName $resourceGroupName -NamespaceName $namespaceName -Name $privateEndpointId2
+
+		Wait-Seconds 40
+
+		$listOfPrivateEndpoints = Get-AzServiceBusPrivateEndpointConnection -ResourceId $result.Id
+		Assert-AreEqual 0 $listOfPrivateEndpoints.Count
+
+		$privateEndpointConnection = New-AzPrivateLinkServiceConnection -Name $peConnectionName3 -PrivateLinkServiceId $result.Id -GroupId "namespace"
+		$privateEndpoint = New-AzPrivateEndpoint -ResourceGroupName $resourceGroupName -Name $peName3 -Location $location -Subnet $subnet2 -PrivateLinkServiceConnection $privateEndpointConnection -ByManualRequest -Force
+
+		$listOfPrivateEndpoints = Get-AzServiceBusPrivateEndpointConnection -ResourceId $result.Id
+		Assert-AreEqual 1 $listOfPrivateEndpoints.Count
+
+		$privateEndpointId1 = $listOfPrivateEndpoints[0].Name
+
+		$privateEndpoint1 = WaitforStatetoBeSucceded $resourceGroupName $namespaceName $privateEndpointId1
+		Assert-AreEqual $privateEndpoint1.ConnectionState "Pending"
+
+		Approve-AzServiceBusPrivateEndpointConnection -ResourceGroupName $resourceGroupName -NamespaceName $namespaceName -Name $privateEndpointId1 -Description "Approving this connection"
+
+		$privateEndpoint1 = WaitforStatetoBeSucceded $resourceGroupName $namespaceName $privateEndpointId1
+		Assert-AreEqual $privateEndpoint1.Description "Approving this connection"
+		Assert-AreEqual $privateEndpoint1.ConnectionState "Approved"
+		Assert-AreEqual $privateEndpoint1.ProvisioningState "Succeeded"
+
+		Deny-AzServiceBusPrivateEndpointConnection -ResourceGroupName $resourceGroupName -NamespaceName $namespaceName -Name $privateEndpointId1 -Description "Rejecting this connection"
+
+		$privateEndpoint1 = WaitforStatetoBeSucceded $resourceGroupName $namespaceName $privateEndpointId1
+		Assert-AreEqual $privateEndpoint1.Description "Rejecting this connection"
+		Assert-AreEqual $privateEndpoint1.ConnectionState "Rejected"
+		Assert-AreEqual $privateEndpoint1.ProvisioningState "Succeeded"
+
+		Remove-AzServiceBusPrivateEndpointConnection -ResourceGroupName $resourceGroupName -NamespaceName $namespaceName -Name $privateEndpointId1
+		Wait-Seconds 30
+
+		$privateEndpointConnection = New-AzPrivateLinkServiceConnection -Name $peConnectionName4 -PrivateLinkServiceId $result.Id -GroupId "namespace"
+		$privateEndpoint = New-AzPrivateEndpoint -ResourceGroupName $resourceGroupName -Name $peName4 -Location $location -Subnet $subnet2 -PrivateLinkServiceConnection $privateEndpointConnection -ByManualRequest -Force
+
+		$listOfPrivateEndpoints = Get-AzServiceBusPrivateEndpointConnection -ResourceId $result.Id
+		Assert-AreEqual 1 $listOfPrivateEndpoints.Count
+
+		$privateEndpointId1 = $listOfPrivateEndpoints[0].Name
+
+		$privateEndpoint1 = WaitforStatetoBeSucceded $resourceGroupName $namespaceName $privateEndpointId1
+		Assert-AreEqual $privateEndpoint1.ConnectionState "Pending"
+
+		Approve-AzServiceBusPrivateEndpointConnection -ResourceId $privateEndpoint1.Id -Description "Approving this connection"
+
+		$privateEndpoint1 = WaitforStatetoBeSucceded $resourceGroupName $namespaceName $privateEndpointId1
+		Assert-AreEqual $privateEndpoint1.Description "Approving this connection"
+		Assert-AreEqual $privateEndpoint1.ConnectionState "Approved"
+		Assert-AreEqual $privateEndpoint1.ProvisioningState "Succeeded"
+
+		Deny-AzServiceBusPrivateEndpointConnection -ResourceId $privateEndpoint1.Id -Description "Rejecting this connection"
+
+		$privateEndpoint1 = WaitforStatetoBeSucceded $resourceGroupName $namespaceName $privateEndpointId1
+		Assert-AreEqual $privateEndpoint1.Description "Rejecting this connection"
+		Assert-AreEqual $privateEndpoint1.ConnectionState "Rejected"
+		Assert-AreEqual $privateEndpoint1.ProvisioningState "Succeeded"
+
+		$privateLink = Get-AzServiceBusPrivateLink -ResourceGroupName $resourceGroupName -NamespaceName $namespaceName
+
+		Assert-AreEqual "namespace" $privateLink.GroupId
+		Assert-AreEqual "namespace" $privateLink.Name
+		Assert-AreEqual "Microsoft.ServiceBus/namespaces/privateLinkResources" $privateLink.Type
+		Assert-AreEqual 1 $privateLink.RequiredMembers.Count
+		Assert-AreEqual 1 $privateLink.RequiredZoneNames.Count
+
+		Remove-AzServiceBusPrivateEndpointConnection -ResourceGroupName $resourceGroupName -NamespaceName $namespaceName -Name $privateEndpointId1
+		Wait-Seconds 30
+
+	}
+	finally{
+		Write-Debug " Delete resourcegroup"
+		Remove-AzResourceGroup -Name $resourceGroupName -Force
+	}
+
+}

src/ServiceBus/ServiceBus.Test/ScenarioTests/ServiceBusQueueTests.cs

@@ -14,7 +14,7 @@
 
 namespace Microsoft.Azure.Commands.ServiceBus.Test.ScenarioTests
 {
-    using Microsoft.Azure.Commands.EventHub.Test.ScenarioTests;
+    using Microsoft.Azure.Commands.ServiceBus.Test.ScenarioTests;
     using Microsoft.WindowsAzure.Commands.ScenarioTest;
     using Xunit;
     using Xunit.Abstractions;

src/ServiceBus/ServiceBus.Test/ScenarioTests/ServiceBusRuleTests.cs

@@ -14,7 +14,7 @@
 
 namespace Microsoft.Azure.Commands.ServiceBus.Test.ScenarioTests
 {
-    using Microsoft.Azure.Commands.EventHub.Test.ScenarioTests;
+    using Microsoft.Azure.Commands.ServiceBus.Test.ScenarioTests;
     using Microsoft.WindowsAzure.Commands.ScenarioTest;
     using Xunit;
     using Xunit.Abstractions;

src/ServiceBus/ServiceBus.Test/ScenarioTests/ServiceBusServiceTests.cs

@@ -14,7 +14,7 @@
 
 namespace Microsoft.Azure.Commands.ServiceBus.Test.ScenarioTests
 {
-    using Microsoft.Azure.Commands.EventHub.Test.ScenarioTests;
+    using Microsoft.Azure.Commands.ServiceBus.Test.ScenarioTests;
     using Microsoft.WindowsAzure.Commands.ScenarioTest;
     using Xunit;
     using Xunit.Abstractions;

src/ServiceBus/ServiceBus.Test/ScenarioTests/ServiceBusSubscriptionTests.cs

@@ -14,7 +14,7 @@
 
 namespace Microsoft.Azure.Commands.ServiceBus.Test.ScenarioTests
 {
-    using Microsoft.Azure.Commands.EventHub.Test.ScenarioTests;
+    using Microsoft.Azure.Commands.ServiceBus.Test.ScenarioTests;
     using Microsoft.WindowsAzure.Commands.ScenarioTest;
     using Xunit;
     using Xunit.Abstractions;