Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

DiskRP swagger changes for TVM and CVM of version 2021-08-01 #16671

Merged
merged 13 commits into from
Nov 30, 2021
Merged

DiskRP swagger changes for TVM and CVM of version 2021-08-01 #16671

Show file tree
Hide file tree
Changes from 12 commits
Commits
Show all changes
13 commits
Select commit Hold shift + click to select a range
ae3e5dd
DiskRP swagger changes for TVM and CVM of version 2021-08-01
anshulsolanki21 Nov 4, 2021
942a526
adding examples for CVM
anshulsolanki21 Nov 6, 2021
70c5006
fix errors
anshulsolanki21 Nov 9, 2021
bd1dfe0
fix errors
anshulsolanki21 Nov 9, 2021
a187682
fix unreferences example file
anshulsolanki21 Nov 9, 2021
e93c42a
fix for: additional properties not allowed error
anshulsolanki21 Nov 9, 2021
1c77c83
fix spell check error
anshulsolanki21 Nov 9, 2021
867e57b
fix spell check for secureVMDiskEncryptionSetId property
anshulsolanki21 Nov 11, 2021
afb078b
fix prettier check
anshulsolanki21 Nov 12, 2021
85d7a26
Merge remote-tracking branch 'upstream/feature/cplat-2021-08-01' into…
anshulsolanki21 Nov 15, 2021
af9c152
Merge remote-tracking branch 'upstream/feature/cplat-2021-08-01' into…
anshulsolanki21 Nov 16, 2021
939c938
addressing comment
anshulsolanki21 Nov 22, 2021
b911f24
addressing comments
anshulsolanki21 Nov 24, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
76 changes: 72 additions & 4 deletions specification/compute/resource-manager/Microsoft.Compute/stable/2021-08-01/disk.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -117,6 +117,15 @@
},
"Create a managed disk with security profile": {
"$ref": "./examples/CreateAManagedDiskWithSecurityProfile.json"
},
"Create a managed disk from ImportSecure create option": {
"$ref": "./examples/CreateAManagedDiskFromImportSecure.json"
},
"Create a managed disk from UploadPreparedSecure create option": {
"$ref": "./examples/CreateAManagedDiskFromUploadPreparedSecure.json"
},
"Create a confidential VM supported disk encrypted with customer managed key": {
"$ref": "./examples/CreateAConfidentialVMDiskEncryptedWithCMK.json"
}
},
"x-ms-long-running-operation": true
Expand Down Expand Up @@ -375,6 +384,9 @@
"x-ms-examples": {
"Get a sas on a managed disk.": {
"$ref": "./examples/BeginGetAccessManagedDisk.json"
},
"Get sas on managed disk and VM guest state blob": {
"$ref": "./examples/BeginGetAccessManagedDiskWithVMGuestState.json"
}
},
"x-ms-long-running-operation": true,
Expand Down Expand Up @@ -2293,6 +2305,10 @@
"type": "string",
"description": "ARM id of the DiskAccess resource for using private endpoints on disks."
},
"securityProfile": {
"$ref": "#/definitions/DiskSecurityProfile",
"description": "Contains the security related information for the resource."
},
"supportsHibernation": {
"type": "boolean",
"description": "Indicates the OS on a snapshot supports hibernation."
Expand Down Expand Up @@ -2459,7 +2475,8 @@
"enum": [
"EncryptionAtRestWithPlatformKey",
"EncryptionAtRestWithCustomerKey",
"EncryptionAtRestWithPlatformAndCustomerKeys"
"EncryptionAtRestWithPlatformAndCustomerKeys",
"ConfidentialVmEncryptedWithCustomerKey"
],
"x-ms-enum": {
"name": "EncryptionType",
Expand All @@ -2476,6 +2493,10 @@
{
"value": "EncryptionAtRestWithPlatformAndCustomerKeys",
"description": "Disk is encrypted at rest with 2 layers of encryption. One of the keys is Customer managed and the other key is Platform managed."
},
{
"value": "ConfidentialVmEncryptedWithCustomerKey",
"description": "Confidential VM supported disk encrypted with customer managed key."
anshulsolanki21 marked this conversation as resolved.
Show resolved Hide resolved
}
]
}
Expand All @@ -2485,7 +2506,8 @@
"description": "The type of key used to encrypt the data of the disk.",
"enum": [
"EncryptionAtRestWithCustomerKey",
"EncryptionAtRestWithPlatformAndCustomerKeys"
"EncryptionAtRestWithPlatformAndCustomerKeys",
"ConfidentialVmEncryptedWithCustomerKey"
],
"x-ms-enum": {
"name": "DiskEncryptionSetType",
Expand All @@ -2498,6 +2520,10 @@
{
"value": "EncryptionAtRestWithPlatformAndCustomerKeys",
"description": "Resource using diskEncryptionSet would be encrypted at rest with two layers of encryption. One of the keys is Customer managed and the other key is Platform managed."
},
{
"value": "ConfidentialVmEncryptedWithCustomerKey",
"description": "Confidential VM supported disk encrypted with customer managed key."
anshulsolanki21 marked this conversation as resolved.
Show resolved Hide resolved
}
]
}
Expand Down Expand Up @@ -2777,7 +2803,9 @@
"Copy",
"Restore",
"Upload",
"CopyStart"
"CopyStart",
"ImportSecure",
"UploadPreparedSecure"
],
"x-ms-enum": {
"name": "DiskCreateOption",
Expand Down Expand Up @@ -2814,6 +2842,14 @@
{
"value": "CopyStart",
"description": "Create a new disk by using a deep copy process, where the resource creation is considered complete only after all data has been copied from the source."
},
{
"value": "ImportSecure",
"description": "Similar to Import create option. Create a new Trusted Launch VM or Confidential VM supported disk by importing additional VM guest state blob specified by securityDataUri in storage account specified by storageAccountId"
},
{
"value": "UploadPreparedSecure",
"description": "Similar to Upload create option. Create a new Trusted Launch VM or Confidential VM supported disk and upload using write token in both disk and VM guest state blob"
}
]
},
Expand Down Expand Up @@ -2853,6 +2889,10 @@
"type": "integer",
"format": "int32",
"description": "Logical sector size in bytes for Ultra disks. Supported values are 512 ad 4096. 4096 is the default."
},
"securityDataUri": {
"type": "string",
"description": "If createOption is ImportSecure, this is the URI of a VM guest state blob to be imported."
}
},
"required": [
Expand Down Expand Up @@ -2926,7 +2966,10 @@
"type": "string",
"description": "Specifies the SecurityType of the VM. Applicable for OS disks only.",
"enum": [
"TrustedLaunch"
"TrustedLaunch",
"ConfidentialVM_VMGuestStateOnlyEncryptedWithPlatformKey",
"ConfidentialVM_DiskEncryptedWithPlatformKey",
"ConfidentialVM_DiskEncryptedWithCustomerKey"
],
"x-ms-enum": {
"name": "DiskSecurityTypes",
Expand All @@ -2935,6 +2978,18 @@
{
"value": "TrustedLaunch",
"description": "Trusted Launch provides security features such as secure boot and virtual Trusted Platform Module (vTPM)"
},
{
"value": "ConfidentialVM_VMGuestStateOnlyEncryptedWithPlatformKey",
"description": "Indicates Confidential VM disk with only VM guest state blob encrypted"
},
{
"value": "ConfidentialVM_DiskEncryptedWithPlatformKey",
"description": "Indicates Confidential VM disk with both OS disk blob and VM guest state blob encrypted with a platform managed key"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

don't mention blobs.. both Os disk and VM guest state encrypted

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

same for all other additions.. remove any references to blob

Copy link
Contributor Author

@anshulsolanki21 anshulsolanki21 Nov 24, 2021
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

removed blob references:
also modified descriptions for "ImportSecure" and "SecurityDataUri", please help review that too

},
{
"value": "ConfidentialVM_DiskEncryptedWithCustomerKey",
"description": "Indicates Confidential VM disk with both OS disk blob and VM guest state blob encrypted with a customer managed key"
}
]
}
Expand All @@ -2943,6 +2998,10 @@
"properties": {
"securityType": {
"$ref": "#/definitions/DiskSecurityType"
},
"secureVMDiskEncryptionSetId": {
"type": "string",
"description": "ResourceId of the disk encryption set associated to Confidential VM supported disk encrypted with customer managed key"
}
},
"description": "Contains the security related information for the resource."
Expand All @@ -2965,6 +3024,10 @@
"type": "integer",
"format": "int32",
"description": "Time duration in seconds until the SAS access expires."
},
"getSecureVMGuestStateSAS": {
"type": "boolean",
"description": "Set this flag to true to get additional SAS for VM guest state blob"
}
},
"required": [
Expand All @@ -2979,6 +3042,11 @@
"readOnly": true,
"type": "string",
"description": "A SAS uri for accessing a disk."
},
"securityDataAccessSAS": {
"readOnly": true,
"type": "string",
"description": "A SAS uri for accessing a VM guest state blob."
anshulsolanki21 marked this conversation as resolved.
Show resolved Hide resolved
}
},
"description": "A disk access SAS uri."
Expand Down
22 changes: 22 additions & 0 deletions ...crosoft.Compute/stable/2021-08-01/examples/BeginGetAccessManagedDiskWithVMGuestState.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
{
"parameters": {
"subscriptionId": "{subscription-id}",
"resourceGroupName": "myResourceGroup",
"diskName": "myDisk",
"api-version": "2021-08-01",
"grantAccessData": {
"access": "Read",
"durationInSeconds": 300,
"getSecureVMGuestStateSAS": true
}
},
"responses": {
"200": {
"body": {
"accessSAS": "https://md-gpvmcxzlzxgd.partition.blob.storage.azure.net/xx3cqcx53f0v/abcd?sv=2014-02-14&sr=b&sk=key1&sig=XXX&st=2021-05-24T18:02:34Z&se=2021-05-24T18:19:14Z&sp=r",
"securityDataAccessSAS": "https://md-gpvmcxzlzxgd.partition.blob.storage.azure.net/xx3cqcx53f0v/b9bf5824-6122-49e0-ba22-042f76ccd8a1_vmgs?sv=2014-02-14&sr=b&sk=key1&sig=XXX&st=2021-05-24T18:02:34Z&se=2021-05-24T18:19:14Z&sp=r"
}
},
"202": {}
}
}
66 changes: 66 additions & 0 deletions ...crosoft.Compute/stable/2021-08-01/examples/CreateAConfidentialVMDiskEncryptedWithCMK.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,66 @@
{
"parameters": {
"subscriptionId": "{subscriptionId}",
"resourceGroupName": "myResourceGroup",
"api-version": "2021-08-01",
"diskName": "myDisk",
"disk": {
"location": "West US",
"properties": {
"osType": "Windows",
"securityProfile": {
"securityType": "ConfidentialVM_DiskEncryptedWithCustomerKey",
"secureVMDiskEncryptionSetId": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Compute/diskEncryptionSets/{diskEncryptionSetName}"
},
"creationData": {
"createOption": "FromImage",
"imageReference": {
"id": "/Subscriptions/{subscriptionId}/Providers/Microsoft.Compute/Locations/westus/Publishers/{publisher}/ArtifactTypes/VMImage/Offers/{offer}/Skus/{sku}/Versions/1.0.0"
}
}
}
}
},
"responses": {
"202": {
"body": {
"name": "myDisk",
"location": "West US",
"properties": {
"provisioningState": "Updating",
"osType": "Windows",
"securityProfile": {
"securityType": "ConfidentialVM_DiskEncryptedWithCustomerKey",
"secureVMDiskEncryptionSetId": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Compute/diskEncryptionSets/{diskEncryptionSetName}"
},
"creationData": {
"createOption": "FromImage",
"imageReference": {
"id": "/Subscriptions/{subscriptionId}/Providers/Microsoft.Compute/Locations/westus/Publishers/{publisher}/ArtifactTypes/VMImage/Offers/{offer}/Skus/{sku}/Versions/1.0.0"
}
}
}
}
},
"200": {
"body": {
"name": "myDisk",
"location": "West US",
"properties": {
"provisioningState": "Succeeded",
"osType": "Windows",
"securityProfile": {
"securityType": "ConfidentialVM_DiskEncryptedWithCustomerKey",
"secureVMDiskEncryptionSetId": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Compute/diskEncryptionSets/{diskEncryptionSetName}"
},
"creationData": {
"createOption": "FromImage",
"imageReference": {
"id": "/Subscriptions/{subscriptionId}/Providers/Microsoft.Compute/Locations/westus/Publishers/{publisher}/ArtifactTypes/VMImage/Offers/{offer}/Skus/{sku}/Versions/1.0.0"
}
}
}
}
}
}
}
63 changes: 63 additions & 0 deletions ...ager/Microsoft.Compute/stable/2021-08-01/examples/CreateAManagedDiskFromImportSecure.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,63 @@
{
"parameters": {
"subscriptionId": "{subscription-id}",
"resourceGroupName": "myResourceGroup",
"api-version": "2021-08-01",
"diskName": "myDisk",
"disk": {
"location": "West US",
"properties": {
"osType": "Windows",
"securityProfile": {
"securityType": "ConfidentialVM_VMGuestStateOnlyEncryptedWithPlatformKey"
},
"creationData": {
"createOption": "ImportSecure",
"storageAccountId": "subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Storage/storageAccounts/myStorageAccount",
"sourceUri": "https://mystorageaccount.blob.core.windows.net/osimages/osimage.vhd",
"securityDataUri": "https://mystorageaccount.blob.core.windows.net/osimages/vmgs.vhd"
}
}
}
},
"responses": {
"202": {
"body": {
"name": "myDisk",
"location": "West US",
"properties": {
"provisioningState": "Updating",
"osType": "Windows",
"securityProfile": {
"securityType": "ConfidentialVM_VMGuestStateOnlyEncryptedWithPlatformKey"
},
"creationData": {
"createOption": "ImportSecure",
"storageAccountId": "subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Storage/storageAccounts/myStorageAccount",
"sourceUri": "https://mystorageaccount.blob.core.windows.net/osimages/osimage.vhd",
"securityDataUri": "https://mystorageaccount.blob.core.windows.net/osimages/vmgs.vhd"
}
}
}
},
"200": {
"body": {
"name": "myDisk",
"location": "West US",
"properties": {
"provisioningState": "Succeeded",
"osType": "Windows",
"securityProfile": {
"securityType": "ConfidentialVM_VMGuestStateOnlyEncryptedWithPlatformKey"
},
"creationData": {
"createOption": "ImportSecure",
"storageAccountId": "subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.Storage/storageAccounts/myStorageAccount",
"sourceUri": "https://mystorageaccount.blob.core.windows.net/osimages/osimage.vhd",
"securityDataUri": "https://mystorageaccount.blob.core.windows.net/osimages/vmgs.vhd"
}
}
}
}
}
}
57 changes: 57 additions & 0 deletions ...rosoft.Compute/stable/2021-08-01/examples/CreateAManagedDiskFromUploadPreparedSecure.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,57 @@
{
"parameters": {
"subscriptionId": "{subscription-id}",
"resourceGroupName": "myResourceGroup",
"api-version": "2021-08-01",
"diskName": "myDisk",
"disk": {
"location": "West US",
"properties": {
"osType": "Windows",
"securityProfile": {
"securityType": "TrustedLaunch"
},
"creationData": {
"createOption": "UploadPreparedSecure",
"uploadSizeBytes": 10737418752
}
}
}
},
"responses": {
"202": {
"body": {
"properties": {
"osType": "Windows",
"securityProfile": {
"securityType": "TrustedLaunch"
},
"creationData": {
"createOption": "UploadPreparedSecure",
"uploadSizeBytes": 10737418752
},
"provisioningState": "Updating"
},
"location": "West US",
"name": "myDisk"
}
},
"200": {
"body": {
"properties": {
"osType": "Windows",
"securityProfile": {
"securityType": "TrustedLaunch"
},
"creationData": {
"createOption": "UploadPreparedSecure",
"uploadSizeBytes": 10737418752
},
"provisioningState": "Succeeded"
},
"location": "West US",
"name": "myDisk"
}
}
}
}
Loading