diff --git a/src/CosmosDB/CosmosDB.Test/ScenarioTests/AccountTests.ps1 b/src/CosmosDB/CosmosDB.Test/ScenarioTests/AccountTests.ps1 index e6c10913c98b..1be61b402df8 100644 --- a/src/CosmosDB/CosmosDB.Test/ScenarioTests/AccountTests.ps1 +++ b/src/CosmosDB/CosmosDB.Test/ScenarioTests/AccountTests.ps1 @@ -32,8 +32,8 @@ function Test-AccountRelatedCmdlets $publicNetworkAccess = "Enabled" $networkAclBypass = "AzureServices" $networkAclBypassResourceId = @("/subscriptions/subId/resourcegroups/rgName/providers/Microsoft.Synapse/workspaces/workspaceName") - - $cosmosDBAccount = New-AzCosmosDBAccount -ResourceGroupName $rgName -Name $cosmosDBAccountName -DefaultConsistencyLevel "BoundedStaleness" -MaxStalenessIntervalInSeconds 10 -MaxStalenessPrefix 20 -Location $location -IpRule $IpRule -Tag $tags -EnableVirtualNetwork -EnableMultipleWriteLocations -EnableAutomaticFailover -ApiKind "MongoDB" -PublicNetworkAccess $publicNetworkAccess -EnableFreeTier 0 -EnableAnalyticalStorage 0 -ServerVersion "3.2" -NetworkAclBypass $NetworkAclBypass -BackupRetentionIntervalInHours 16 -BackupIntervalInMinutes 480 -EnableBurstCapacity 1 + + $cosmosDBAccount = New-AzCosmosDBAccount -ResourceGroupName $rgName -Name $cosmosDBAccountName -DefaultConsistencyLevel "BoundedStaleness" -MaxStalenessIntervalInSeconds 10 -MaxStalenessPrefix 20 -Location $location -IpRule $IpRule -Tag $tags -EnableVirtualNetwork -EnableMultipleWriteLocations -EnableAutomaticFailover -ApiKind "MongoDB" -PublicNetworkAccess $publicNetworkAccess -EnableFreeTier 0 -EnableAnalyticalStorage 0 -ServerVersion "3.2" -NetworkAclBypass $NetworkAclBypass -BackupRetentionIntervalInHours 16 -BackupIntervalInMinutes 480 -EnableBurstCapacity 1 -MinimalTlsVersion "Tls11" Assert-AreEqual $cosmosDBAccountName $cosmosDBAccount.Name Assert-AreEqual "BoundedStaleness" $cosmosDBAccount.ConsistencyPolicy.DefaultConsistencyLevel @@ -51,6 +51,7 @@ function Test-AccountRelatedCmdlets Assert-AreEqual $cosmosDBAccount.BackupPolicy.BackupIntervalInMinutes 480 Assert-AreEqual $cosmosDBAccount.BackupPolicy.BackupRetentionIntervalInHours 16 Assert-AreEqual $cosmosDBAccount.EnableBurstCapacity 1 + Assert-AreEqual $cosmosDBAccount.MinimalTlsVersion "Tls11" # create an existing database Try { @@ -60,7 +61,7 @@ function Test-AccountRelatedCmdlets Assert-AreEqual $_.Exception.Message ("Resource with Name " + $cosmosDBAccountName + " already exists.") } - $updatedCosmosDBAccount = Update-AzCosmosDBAccount -ResourceGroupName $rgName -Name $cosmosDBAccountName -DefaultConsistencyLevel "BoundedStaleness" -MaxStalenessIntervalInSeconds 10 -MaxStalenessPrefix 20 -IpRule $IpRule -Tag $tags -EnableVirtualNetwork 1 -EnableAutomaticFailover 1 -PublicNetworkAccess $publicNetworkAccess -NetworkAclBypassResourceId $networkAclBypassResourceId -EnablePartitionMerge 0 -EnableBurstCapacity 0 + $updatedCosmosDBAccount = Update-AzCosmosDBAccount -ResourceGroupName $rgName -Name $cosmosDBAccountName -DefaultConsistencyLevel "BoundedStaleness" -MaxStalenessIntervalInSeconds 10 -MaxStalenessPrefix 20 -IpRule $IpRule -Tag $tags -EnableVirtualNetwork 1 -EnableAutomaticFailover 1 -PublicNetworkAccess $publicNetworkAccess -NetworkAclBypassResourceId $networkAclBypassResourceId -EnablePartitionMerge 0 -EnableBurstCapacity 0 -MinimalTlsVersion "Tls12" Assert-AreEqual $cosmosDBAccountName $updatedCosmosDBAccount.Name Assert-AreEqual "BoundedStaleness" $updatedCosmosDBAccount.ConsistencyPolicy.DefaultConsistencyLevel @@ -75,6 +76,7 @@ function Test-AccountRelatedCmdlets Assert-AreEqual $updatedCosmosDBAccount.BackupPolicy.BackupRetentionIntervalInHours 16 Assert-AreEqual $updatedCosmosDBAccount.EnablePartitionMerge 0 Assert-AreEqual $updatedCosmosDBAccount.EnableBurstCapacity 0 + Assert-AreEqual $updatedCosmosDBAccount.MinimalTlsVersion "Tls12" $updatedCosmosDBAccount = Update-AzCosmosDBAccount -ResourceGroupName $rgName -Name $cosmosDBAccountName -EnableBurstCapacity 1 Assert-AreEqual $updatedCosmosDBAccount.EnableBurstCapacity 1 diff --git a/src/CosmosDB/CosmosDB/CosmosDBAccount/NewAzCosmosDBAccount.cs b/src/CosmosDB/CosmosDB/CosmosDBAccount/NewAzCosmosDBAccount.cs index b951296d2576..7221195c55de 100644 --- a/src/CosmosDB/CosmosDB/CosmosDBAccount/NewAzCosmosDBAccount.cs +++ b/src/CosmosDB/CosmosDB/CosmosDBAccount/NewAzCosmosDBAccount.cs @@ -60,6 +60,10 @@ public class NewAzCosmosDBAccount : NewOrUpdateAzCosmosDBAccount, IDynamicParame [Parameter(Mandatory = false, HelpMessage = Constants.LocationObjectHelpMessage)] [ValidateNotNullOrEmpty] public PSLocation[] LocationObject { get; set; } + + [Parameter(Mandatory = false, HelpMessage = Constants.MinimalTlsVersionHelpMessage)] + [PSArgumentCompleter(SDKModel.MinimalTlsVersion.Tls, SDKModel.MinimalTlsVersion.Tls11, SDKModel.MinimalTlsVersion.Tls12)] + public string MinimalTlsVersion { get; set; } // As of 03082022, using this list only for Mongo Accounts >= 3.6 [Parameter(Mandatory = false, HelpMessage = Constants.LocationHelpMessage)] @@ -171,6 +175,7 @@ public override void ExecuteCmdlet() Collection networkAclBypassResourceId = NetworkAclBypassResourceId != null ? new Collection(NetworkAclBypassResourceId) : new Collection(); databaseAccountCreateUpdateParameters.NetworkAclBypassResourceIds = networkAclBypassResourceId; databaseAccountCreateUpdateParameters.EnableBurstCapacity = EnableBurstCapacity; + databaseAccountCreateUpdateParameters.MinimalTlsVersion = MinimalTlsVersion; if (IpRule != null && IpRule.Length > 0) { diff --git a/src/CosmosDB/CosmosDB/CosmosDBAccount/NewOrUpdateAzCosmosDBAccount.cs b/src/CosmosDB/CosmosDB/CosmosDBAccount/NewOrUpdateAzCosmosDBAccount.cs index 9fec5da6bc25..21400ebc6c0e 100644 --- a/src/CosmosDB/CosmosDB/CosmosDBAccount/NewOrUpdateAzCosmosDBAccount.cs +++ b/src/CosmosDB/CosmosDB/CosmosDBAccount/NewOrUpdateAzCosmosDBAccount.cs @@ -113,6 +113,10 @@ public class NewOrUpdateAzCosmosDBAccount : AzureCosmosDBCmdletBase [PSArgumentCompleter(SDKModel.AnalyticalStorageSchemaType.WellDefined, SDKModel.AnalyticalStorageSchemaType.FullFidelity)] public string AnalyticalStorageSchemaType { get; set; } + [Parameter(Mandatory = false, HelpMessage = Constants.MinimalTlsVersionHelpMessage)] + [PSArgumentCompleter(SDKModel.MinimalTlsVersion.Tls, SDKModel.MinimalTlsVersion.Tls11, SDKModel.MinimalTlsVersion.Tls12)] + public string MinimalTlsVersion { get; set; } + public ConsistencyPolicy PopoulateConsistencyPolicy(string DefaultConsistencyLevel, int? MaxStalenessIntervalInSeconds, int? MaxStalenessPrefix) { ConsistencyPolicy consistencyPolicy = new ConsistencyPolicy(); diff --git a/src/CosmosDB/CosmosDB/CosmosDBAccount/UpdateAzCosmosDBAccount.cs b/src/CosmosDB/CosmosDB/CosmosDBAccount/UpdateAzCosmosDBAccount.cs index 70c481d9ccbb..8796dd753838 100644 --- a/src/CosmosDB/CosmosDB/CosmosDBAccount/UpdateAzCosmosDBAccount.cs +++ b/src/CosmosDB/CosmosDB/CosmosDBAccount/UpdateAzCosmosDBAccount.cs @@ -50,6 +50,9 @@ public class UpdateAzCosmosDBAccount : NewOrUpdateAzCosmosDBAccount [Parameter(Mandatory = false, HelpMessage = Constants.DisableKeyBasedMetadataWriteAccessHelpMessage)] public bool? DisableKeyBasedMetadataWriteAccess { get; set; } + [Parameter(Mandatory = false, HelpMessage = Constants.MinimalTlsVersionHelpMessage)] + public string MinimalTlsVersion { get; set; } + public override void ExecuteCmdlet() { if (!ParameterSetName.Equals(NameParameterSet, StringComparison.Ordinal)) @@ -229,6 +232,11 @@ public override void ExecuteCmdlet() }; } } + + if(!string.IsNullOrEmpty(MinimalTlsVersion)) + { + databaseAccountUpdateParameters.MinimalTlsVersion = MinimalTlsVersion; + } // Update analytical storage schema type. databaseAccountUpdateParameters.AnalyticalStorageConfiguration = CreateAnalyticalStorageConfiguration(AnalyticalStorageSchemaType); diff --git a/src/CosmosDB/CosmosDB/Helpers/Constants.cs b/src/CosmosDB/CosmosDB/Helpers/Constants.cs index 067fc9ffab18..cc9d8fbad369 100644 --- a/src/CosmosDB/CosmosDB/Helpers/Constants.cs +++ b/src/CosmosDB/CosmosDB/Helpers/Constants.cs @@ -60,6 +60,7 @@ internal static class Constants public const string DatabaseResourceIdHelpMessage = "ResourceId of the database."; public const string AnalyticalStorageSchemaTypeHelpMessage = "The schema type for analytical storage. Valid values include: 'WellDefined' and 'FullFidelity'."; public const string EnablePartitionMergeHelpMessage = "Enables partition merge feature on the Cosmos DB database account. Accepted values: false, true"; + public const string MinimalTlsVersionHelpMessage = "Indicates the minimum allowed Tls version. The default value is Tls 1.2. Cassandra and Mongo APIs only work with Tls 1.2. Possible values include: 'Tls', 'Tls11', 'Tls12'."; //Restore specific help messages public const string IsRestoreRequestHelpMessage = "Indicates that the new Cosmos DB account request is a restore request."; diff --git a/src/CosmosDB/CosmosDB/Models/DatabaseAccount/PSDatabaseAccountGetResults.cs b/src/CosmosDB/CosmosDB/Models/DatabaseAccount/PSDatabaseAccountGetResults.cs index e1ffc02f810e..b5edece2ddad 100644 --- a/src/CosmosDB/CosmosDB/Models/DatabaseAccount/PSDatabaseAccountGetResults.cs +++ b/src/CosmosDB/CosmosDB/Models/DatabaseAccount/PSDatabaseAccountGetResults.cs @@ -68,6 +68,7 @@ public PSDatabaseAccountGetResults(DatabaseAccountGetResults databaseAccountGetR CreateMode = databaseAccountGetResults.CreateMode; AnalyticalStorageConfiguration = new PSAnalyticalStorageConfiguration(databaseAccountGetResults.AnalyticalStorageConfiguration); EnablePartitionMerge = databaseAccountGetResults.EnablePartitionMerge; + MinimalTlsVersion = databaseAccountGetResults.MinimalTlsVersion; } // @@ -234,5 +235,10 @@ public PSDatabaseAccountGetResults(DatabaseAccountGetResults databaseAccountGetR // Summary: // Gets or sets the AnalyticalStorageConfiguration of the CosmosDB Account public PSAnalyticalStorageConfiguration AnalyticalStorageConfiguration { get; set; } + // + // + // Summary: + // Gets or sets the MinimalTlsVersion of the CosmosDB Account + public string MinimalTlsVersion { get; set; } } }