def test_dps_lifecycle(self, group_name, group_location):
dps_name = self.create_random_name('dps', 20)
hub_name = self.create_random_name('iot', 20)
self.cmd('iot hub create -n {} -g {} --sku S1'.format(
hub_name, group_name),
checks=[
self.check('resourcegroup', group_name),
self.check('name', hub_name),
self.check('sku.name', 'S1')
])
# Create DPS
self.cmd('az iot dps create -g {} -n {}'.format(group_name, dps_name),
checks=[
self.check('name', dps_name),
self.check('location', group_location)
])
# List DPS
self.cmd('az iot dps list -g {}'.format(group_name),
checks=[
self.check('length([*])', 1),
self.check('[0].name', dps_name),
self.check('[0].location', group_location)
])
# Get DPS
self.cmd('az iot dps show -g {} -n {}'.format(group_name, dps_name),
checks=[
self.check('name', dps_name),
self.check('location', group_location)
])
property_to_update = 'properties.allocationPolicy'
updated_value = 'GeoLatency'
# Update DPS
self.cmd('az iot dps update -g {} -n {} --set {}="{}"'.format(
group_name, dps_name, property_to_update, updated_value),
checks=[
self.check('name', dps_name),
self.check('location', group_location),
self.check(property_to_update, updated_value)
])
# Test DPS Access Policy Lifecycle
policy_name = self.create_random_name('policy', 20)
right = 'EnrollmentRead'
new_right = 'EnrollmentWrite'
# Create access policy
self.cmd('az iot dps policy create -g {} --dps-name {} --pn {} -r {}'.
format(group_name, dps_name, policy_name, right),
checks=[
self.check('keyName', policy_name),
self.check('rights', right)
])
# List access policy
self.cmd('az iot dps policy list -g {} --dps-name {}'.format(
group_name, dps_name),
checks=[
self.check('length([*])', 2),
self.check('[1].keyName', policy_name),
self.check('[1].rights', right)
])
# Get access policy
self.cmd('az iot dps policy show -g {} --dps-name {} --pn {}'.format(
group_name, dps_name, policy_name),
checks=[
self.check('keyName', policy_name),
self.check('rights', right)
])
# Create update policy
self.cmd('az iot dps policy update -g {} --dps-name {} --pn {} -r {}'.
format(group_name, dps_name, policy_name, new_right),
checks=[
self.check('keyName', policy_name),
self.check('rights', new_right)
])
# Delete policy
self.cmd('az iot dps policy delete -g {} --dps-name {} --pn {}'.format(
group_name, dps_name, policy_name))
# Test DPS Certificate Lifecycle
cert_name = self.create_random_name('certificate', 20)
# Set up cert file for test
verification_file = "verify.cer"
cert_file = "testcert.cer"
key_file = "testkey.pvk"
max_int = 9223372036854775807
_create_test_cert(
cert_file, key_file,
self.create_random_name(prefix='TESTCERT', length=24), 3,
random.randint(0, max_int))
# Create certificate
self.cmd(
'az iot dps certificate create --dps-name {} -g {} --name {} -p {}'
.format(dps_name, group_name, cert_name, cert_file),
checks=[
self.check('name', cert_name),
self.check('properties.isVerified', False)
])
# List certificates
self.cmd('az iot dps certificate list --dps-name {} -g {}'.format(
dps_name, group_name))
# Get certificate
etag = self.cmd(
'az iot dps certificate show --dps-name {} -g {} --name {}'.format(
dps_name, group_name, cert_name),
checks=[
self.check('name', cert_name),
self.check('properties.isVerified', False)
]).get_output_in_json()['etag']
# Update certificate
etag = self.cmd(
'az iot dps certificate update --dps-name {} -g {} --name {} -p {} --etag {}'
.format(dps_name, group_name, cert_name, cert_file, etag),
checks=[
self.check('name', cert_name),
self.check('properties.isVerified', False)
]).get_output_in_json()['etag']
# Generate verification code
output = self.cmd(
'az iot dps certificate generate-verification-code --dps-name {} -g {} -n {} --etag {}'
.format(dps_name, group_name, cert_name, etag),
checks=[
self.check('name', cert_name),
self.check('properties.isVerified', False)
]).get_output_in_json()
verification_code = output['properties']['verificationCode']
etag = output['etag']
_create_verification_cert(cert_file, key_file, verification_file,
verification_code, 3,
random.randint(0, max_int))
# Verify certificate
etag = self.cmd(
'az iot dps certificate verify --dps-name {} -g {} -n {} -p {} --etag {}'
.format(dps_name, group_name, cert_name, verification_file, etag),
checks=[
self.check('name', cert_name),
self.check('properties.isVerified', True)
]).get_output_in_json()['etag']
# Delete certificate
self.cmd(
'az iot dps certificate delete --dps-name {} -g {} --name {} --etag {}'
.format(dps_name, group_name, cert_name, etag))
_delete_test_cert(cert_file, key_file, verification_file)
# Test DPS Linked Hub Lifecycle
key_name = self.create_random_name('key', 20)
permission = 'RegistryWrite'
# Set up a hub with a policy to be link
hub_host_name = '{}.azure-devices.net'.format(hub_name)
self.cmd(
'az iot hub policy create --hub-name {} -n {} --permissions {}'.
format(hub_name, key_name, permission))
connection_string = self._show_hub_connection_string(
hub_name, group_name)
self.cmd(
'az iot dps linked-hub create --dps-name {} -g {} --connection-string {} -l {}'
.format(dps_name, group_name, connection_string, group_location))
self.cmd('az iot dps linked-hub list --dps-name {} -g {}'.format(
dps_name, group_name),
checks=[
self.check('length([*])', 1),
self.check('[0].name',
'{}.azure-devices.net'.format(hub_name)),
self.check('[0].location', group_location)
])
self.cmd(
'az iot dps linked-hub show --dps-name {} -g {} --linked-hub {}'.
format(dps_name, group_name, hub_host_name),
checks=[
self.check('name', hub_host_name),
self.check('location', group_location)
])
allocationWeight = 10
applyAllocationPolicy = True
self.cmd(
'az iot dps linked-hub update --dps-name {} -g {} --linked-hub {} --allocation-weight {} --apply-allocation-policy {}'
.format(dps_name, group_name, hub_host_name, allocationWeight,
applyAllocationPolicy))
self.cmd(
'az iot dps linked-hub show --dps-name {} -g {} --linked-hub {}'.
format(dps_name, group_name, hub_host_name),
checks=[
self.check('name', hub_host_name),
self.check('location', group_location),
self.check('allocationWeight', allocationWeight),
self.check('applyAllocationPolicy', applyAllocationPolicy)
])
self.cmd(
'az iot dps linked-hub delete --dps-name {} -g {} --linked-hub {}'.
format(dps_name, group_name, hub_host_name))
# Delete DPS
self.cmd('az iot dps delete -g {} -n {}'.format(group_name, dps_name))
def __del__(self):
_delete_test_cert(CERT_FILE, KEY_FILE, VERIFICATION_FILE)
def test_dps_lifecycle(self, group_name, group_location):
dps_name = self.create_random_name('dps', 20)
hub_name = self.create_random_name('iot', 20)
self.cmd('iot hub create -n {} -g {} --sku S1'.format(hub_name, group_name),
checks=[self.check('resourceGroup', group_name),
self.check('name', hub_name),
self.check('sku.name', 'S1')])
# Create DPS
self.cmd('az iot dps create -g {} -n {}'.format(group_name, dps_name), checks=[
self.check('name', dps_name),
self.check('location', group_location)
])
# List DPS
self.cmd('az iot dps list -g {}'.format(group_name), checks=[
self.check('length([*])', 1),
self.check('[0].name', dps_name),
self.check('[0].location', group_location)
])
# Get DPS
self.cmd('az iot dps show -g {} -n {}'.format(group_name, dps_name), checks=[
self.check('name', dps_name),
self.check('location', group_location)
])
property_to_update = 'properties.allocationPolicy'
updated_value = 'GeoLatency'
# Update DPS
self.cmd('az iot dps update -g {} -n {} --set {}="{}"'.format(group_name, dps_name, property_to_update, updated_value), checks=[
self.check('name', dps_name),
self.check('location', group_location),
self.check(property_to_update, updated_value)
])
# Test DPS Access Policy Lifecycle
policy_name = self.create_random_name('policy', 20)
right = 'EnrollmentRead'
new_right = 'EnrollmentWrite'
# Create access policy
self.cmd('az iot dps access-policy create -g {} --dps-name {} -n {} -r {}'.format(group_name, dps_name, policy_name, right), checks=[
self.check('keyName', policy_name),
self.check('rights', right)
])
# List access policy
self.cmd('az iot dps access-policy list -g {} --dps-name {}'.format(group_name, dps_name), checks=[
self.check('length([*])', 2),
self.check('[1].keyName', policy_name),
self.check('[1].rights', right)
])
# Get access policy
self.cmd('az iot dps access-policy show -g {} --dps-name {} -n {}'.format(group_name, dps_name, policy_name), checks=[
self.check('keyName', policy_name),
self.check('rights', right)
])
# Create update policy
self.cmd('az iot dps access-policy update -g {} --dps-name {} -n {} -r {}'.format(group_name, dps_name, policy_name, new_right),
checks=[
self.check('keyName', policy_name),
self.check('rights', new_right)
])
# Delete policy
self.cmd('az iot dps access-policy delete -g {} --dps-name {} -n {}'.format(group_name, dps_name, policy_name))
# Test DPS Certificate Lifecycle
cert_name = self.create_random_name('certificate', 20)
# Set up cert file for test
verification_file = "verify.cer"
cert_file = "testcert.cer"
key_file = "testkey.pvk"
max_int = 9223372036854775807
_create_test_cert(cert_file, key_file, self.create_random_name(prefix='TESTCERT', length=24), 3, random.randint(0, max_int))
# Create certificate
self.cmd('az iot dps certificate create --dps-name {} -g {} --name {} -p {}'.format(dps_name, group_name, cert_name, cert_file),
checks=[
self.check('name', cert_name),
self.check('properties.isVerified', False)
])
# List certificates
self.cmd('az iot dps certificate list --dps-name {} -g {}'.format(dps_name, group_name))
# Get certificate
etag = self.cmd('az iot dps certificate show --dps-name {} -g {} --name {}'.format(dps_name, group_name, cert_name), checks=[
self.check('name', cert_name),
self.check('properties.isVerified', False)
]).get_output_in_json()['etag']
# Update certificate
etag = self.cmd('az iot dps certificate update --dps-name {} -g {} --name {} -p {} --etag {}'
.format(dps_name, group_name, cert_name, cert_file, etag),
checks=[
self.check('name', cert_name),
self.check('properties.isVerified', False)
]).get_output_in_json()['etag']
# Generate verification code
output = self.cmd('az iot dps certificate generate-verification-code --dps-name {} -g {} -n {} --etag {}'
.format(dps_name, group_name, cert_name, etag),
checks=[
self.check('name', cert_name),
self.check('properties.isVerified', False)
]).get_output_in_json()
verification_code = output['properties']['verificationCode']
etag = output['etag']
_create_verification_cert(cert_file, key_file, verification_file, verification_code, 3, random.randint(0, max_int))
# Verify certificate
etag = self.cmd('iot dps certificate verify --dps-name {} -g {} -n {} -p {} --etag {}'.format(dps_name, group_name, cert_name, verification_file, etag),
checks=[
self.check('name', cert_name),
self.check('properties.isVerified', True)
]).get_output_in_json()['etag']
# Delete certificate
self.cmd('az iot dps certificate delete --dps-name {} -g {} --name {} --etag {}'.format(dps_name, group_name, cert_name, etag))
_delete_test_cert(cert_file, key_file, verification_file)
# Test DPS Linked Hub Lifecycle
key_name = self.create_random_name('key', 20)
permission = 'RegistryWrite'
# Set up a hub with a policy to be link
hub_host_name = '{}.azure-devices.net'.format(hub_name)
self.cmd('az iot hub policy create --hub-name {} -n {} --permissions {}'.format(hub_name, key_name, permission))
primary_key = self._get_hub_policy_primary_key(hub_name, key_name)
connection_string = 'HostName={};SharedAccessKeyName={};SharedAccessKey={}'.format(hub_host_name, key_name, primary_key)
self.cmd('az iot dps linked-hub create --dps-name {} -g {} --connection-string {} -l {}'
.format(dps_name, group_name, connection_string, group_location))
self.cmd('az iot dps linked-hub list --dps-name {} -g {}'.format(dps_name, group_name), checks=[
self.check('length([*])', 1),
self.check('[0].name', '{}.azure-devices.net'.format(hub_name)),
self.check('[0].location', group_location)
])
self.cmd('az iot dps linked-hub show --dps-name {} -g {} --linked-hub {}'.format(dps_name, group_name, hub_host_name), checks=[
self.check('name', hub_host_name),
self.check('location', group_location)
])
allocationWeight = 10
applyAllocationPolicy = True
self.cmd('az iot dps linked-hub update --dps-name {} -g {} --linked-hub {} --allocation-weight {} --apply-allocation-policy {}'
.format(dps_name, group_name, hub_host_name, allocationWeight, applyAllocationPolicy))
self.cmd('az iot dps linked-hub show --dps-name {} -g {} --linked-hub {}'.format(dps_name, group_name, hub_host_name), checks=[
self.check('name', hub_host_name),
self.check('location', group_location),
self.check('allocationWeight', allocationWeight),
self.check('applyAllocationPolicy', applyAllocationPolicy)
])
self.cmd('az iot dps linked-hub delete --dps-name {} -g {} --linked-hub {}'.format(dps_name, group_name, hub_host_name))
# Delete DPS
self.cmd('az iot dps delete -g {} -n {}'.format(group_name, dps_name))
def __del__(self):
_delete_test_cert(CERT_FILE, KEY_FILE, VERIFICATION_FILE)
def test_dps_certificate_lifecycle(self, group_name, group_location):
dps_name = self.create_random_name('dps', 20)
# Create DPS
self.cmd('az iot dps create -g {} -n {}'.format(group_name, dps_name),
checks=[
self.check('name', dps_name),
self.check('location', group_location)
])
# Test DPS Certificate Lifecycle
cert_name = self.create_random_name('certificate', 20)
cert_name_verified = self.create_random_name(
prefix='verified-certificate-', length=48)
# Set up cert file for test
verification_file = "verify.cer"
cert_file = "testcert.cer"
key_file = "testkey.pvk"
max_int = 9223372036854775807
_create_test_cert(
cert_file, key_file,
self.create_random_name(prefix='TESTCERT', length=24), 3,
random.randint(0, max_int))
# Create certificates
self.cmd(
'az iot dps certificate create --dps-name {} -g {} --name {} -p {}'
.format(dps_name, group_name, cert_name, cert_file),
checks=[
self.check('name', cert_name),
self.check('properties.isVerified', False)
])
etag_verified = self.cmd(
'az iot dps certificate create --dps-name {} -g {} --name {} -p {} --verified'
.format(dps_name, group_name, cert_name_verified, cert_file),
checks=[
self.check('name', cert_name_verified),
self.check('properties.isVerified', True)
]).get_output_in_json()['etag']
# List certificates
cert_list = self.cmd(
'az iot dps certificate list --dps-name {} -g {}'.format(
dps_name, group_name),
checks=[self.check('length(value)',
2)]).get_output_in_json()['value']
for cert in cert_list:
assert cert['name'] == cert_name_verified if cert['properties'][
'isVerified'] else cert_name
assert cert_list[0]['name'] != cert_list[1]['name']
# Get certificate
etag = self.cmd(
'az iot dps certificate show --dps-name {} -g {} --name {}'.format(
dps_name, group_name, cert_name),
checks=[
self.check('name', cert_name),
self.check('properties.isVerified', False)
]).get_output_in_json()['etag']
# Update certificate
etag = self.cmd(
'az iot dps certificate update --dps-name {} -g {} --name {} -p {} --etag {}'
.format(dps_name, group_name, cert_name, cert_file, etag),
checks=[
self.check('name', cert_name),
self.check('properties.isVerified', False)
]).get_output_in_json()['etag']
# Generate verification code
output = self.cmd(
'az iot dps certificate generate-verification-code --dps-name {} -g {} -n {} --etag {}'
.format(dps_name, group_name, cert_name, etag),
checks=[
self.check('name', cert_name),
self.check('properties.isVerified', False)
]).get_output_in_json()
verification_code = output['properties']['verificationCode']
etag = output['etag']
_create_verification_cert(cert_file, key_file, verification_file,
verification_code, 3,
random.randint(0, max_int))
# Verify certificate
etag = self.cmd(
'az iot dps certificate verify --dps-name {} -g {} -n {} -p {} --etag {}'
.format(dps_name, group_name, cert_name, verification_file, etag),
checks=[
self.check('name', cert_name),
self.check('properties.isVerified', True)
]).get_output_in_json()['etag']
# Delete certificates
self.cmd(
'az iot dps certificate delete --dps-name {} -g {} --name {} --etag {}'
.format(dps_name, group_name, cert_name, etag))
self.cmd(
'az iot dps certificate delete --dps-name {} -g {} --name {} --etag {}'
.format(dps_name, group_name, cert_name_verified, etag_verified))
_delete_test_cert(cert_file, key_file, verification_file)
# Delete DPS
self.cmd('az iot dps delete -g {} -n {}'.format(group_name, dps_name))
