Restore-AzKeyVaultKey
Creates a key in a key vault from a backed-up key.
Syntax
ByVaultName (Default)
Restore-AzKeyVaultKey
[-VaultName] <String>
[-InputFile] <String>
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
HsmByVaultName
Restore-AzKeyVaultKey
[-InputFile] <String>
-HsmName <String>
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
Restore-AzKeyVaultKey
[-InputObject] <PSKeyVault>
[-InputFile] <String>
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
Restore-AzKeyVaultKey
[-HsmObject] <PSManagedHsm>
[-InputFile] <String>
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
ByResourceId
Restore-AzKeyVaultKey
[-ResourceId] <String>
[-InputFile] <String>
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
HsmByResourceId
Restore-AzKeyVaultKey
[-InputFile] <String>
-HsmResourceId <String>
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
Description
The Restore-AzKeyVaultKey cmdlet creates a key in the specified key vault.
This key is a replica of the backed-up key in the input file and has the same name as the original key.
If the key vault already has a key by the same name, this cmdlet fails instead of overwriting the original key.
If the backup contains multiple versions of a key, all versions are restored.
The key vault that you restore the key into can be different from the key vault that you backed up the key from.
However, the key vault must use the same subscription and be in an Azure region in the same geography (for example, North America).
See the Microsoft Azure Trust Center (https://azure.microsoft.com/support/trust-center/ ) for the mapping of Azure regions to geographies.
Examples
Example 1: Restore a backed-up key
Restore-AzKeyVaultKey -VaultName 'MyKeyVault' -InputFile "C:\Backup.blob"
Vault Name : MyKeyVault
Name : key1
Version : 394f9379a47a4e2086585468de6c7ae5
Id : https://mykeyvault.vault.azure.net:443/keys/key1/394f9379a47a4e2086585468de6c7ae5
Enabled : True
Expires :
Not Before :
Created : 4/6/2018 11:31:36 PM
Updated : 4/6/2018 11:35:04 PM
Purge Disabled : False
Tags :
This command restores a key, including all of its versions, from the backup file named Backup.blob into the key vault named MyKeyVault.
Parameters
-Confirm
Prompts you for confirmation before running the cmdlet.
Parameter properties
Type: SwitchParameter
Default value: None Supports wildcards: False DontShow: False Aliases: cf
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-DefaultProfile
The credentials, account, tenant, and subscription used for communication with azure
Parameter properties
Type: IAzureContextContainer
Default value: None Supports wildcards: False DontShow: False Aliases: AzContext, AzureRmContext, AzureCredential
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-HsmName
HSM name. Cmdlet constructs the FQDN of a managed HSM based on the name and currently selected environment.
Parameter properties
Type: String
Default value: None Supports wildcards: False DontShow: False
Parameter sets
HsmByVaultName
Position: Named Mandatory: True Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-HsmObject
HSM object
Parameter properties
Type: PSManagedHsm
Default value: None Supports wildcards: False DontShow: False
Parameter sets
HsmByInputObject
Position: 0 Mandatory: True Value from pipeline: True Value from pipeline by property name: False Value from remaining arguments: False
-HsmResourceId
Hsm Resource Id
Parameter properties
Type: String
Default value: None Supports wildcards: False DontShow: False
Parameter sets
HsmByResourceId
Position: Named Mandatory: True Value from pipeline: False Value from pipeline by property name: True Value from remaining arguments: False
Specifies the input file that contains the backup of the key to restore.
Type: String
Default value: None Supports wildcards: False DontShow: False
(All)
Position: 1 Mandatory: True Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
KeyVault object
Type: PSKeyVault
Default value: None Supports wildcards: False DontShow: False
ByInputObject
Position: 0 Mandatory: True Value from pipeline: True Value from pipeline by property name: False Value from remaining arguments: False
-ResourceId
KeyVault Resource Id
Parameter properties
Type: String
Default value: None Supports wildcards: False DontShow: False
Parameter sets
ByResourceId
Position: 0 Mandatory: True Value from pipeline: False Value from pipeline by property name: True Value from remaining arguments: False
-VaultName
Specifies the name of the key vault into which to restore the key.
Parameter properties
Type: String
Default value: None Supports wildcards: False DontShow: False
Parameter sets
ByVaultName
Position: 0 Mandatory: True Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-WhatIf
Shows what would happen if the cmdlet runs.
The cmdlet is not run.
Parameter properties
Type: SwitchParameter
Default value: None Supports wildcards: False DontShow: False Aliases: wi
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
CommonParameters
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable,
-InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable,
-ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see
about_CommonParameters .
Outputs
