Update-AzStorageEncryptionScope
Modify an encryption scope for a Storage account.
Syntax
AccountName (Default)
Update-AzStorageEncryptionScope
[-ResourceGroupName] <String>
[-StorageAccountName] <String>
-EncryptionScopeName <String>
[-StorageEncryption]
[-State <String>]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
AccountNameKeyVault
Update-AzStorageEncryptionScope
[-ResourceGroupName] <String>
[-StorageAccountName] <String>
-EncryptionScopeName <String>
-KeyUri <String>
[-KeyvaultEncryption]
[-State <String>]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
AccountObject
Update-AzStorageEncryptionScope
-StorageAccount <PSStorageAccount>
-EncryptionScopeName <String>
[-StorageEncryption]
[-State <String>]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
AccountObjectKeyVault
Update-AzStorageEncryptionScope
-StorageAccount <PSStorageAccount>
-EncryptionScopeName <String>
-KeyUri <String>
[-KeyvaultEncryption]
[-State <String>]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
EncryptionScopeObject
Update-AzStorageEncryptionScope
-InputObject <PSEncryptionScope>
[-StorageEncryption]
[-State <String>]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
EncryptionScopeObjectKeyVault
Update-AzStorageEncryptionScope
-InputObject <PSEncryptionScope>
-KeyUri <String>
[-KeyvaultEncryption]
[-State <String>]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
Description
The Update-AzStorageEncryptionScope cmdlet modifies an encryption scope for a Storage account.
Examples
Example 1: Disable an encryption scope
Update-AzStorageEncryptionScope -ResourceGroupName "myresourcegroup" -AccountName "mystorageaccount" -EncryptionScopeName testscope -State Disabled
ResourceGroupName: myresourcegroup, StorageAccountName: mystorageaccount
Name State Source KeyVaultKeyUri RequireInfrastructureEncryption
---- ----- ------ -------------- -------------------------------
testscope Disabled Microsoft.Storage
This command disables an encryption scope.
Example 2: Enable an encryption scope
Update-AzStorageEncryptionScope -ResourceGroupName "myresourcegroup" -AccountName "mystorageaccount" -EncryptionScopeName testscope -State Enabled
ResourceGroupName: myresourcegroup, StorageAccountName: mystorageaccount
Name State Source KeyVaultKeyUri RequireInfrastructureEncryption
---- ----- ------ -------------- -------------------------------
testscope Enabled Microsoft.Storage
This command enables an encryption scope.
Example 3: Update an encryption scope to use Storage Encryption
Update-AzStorageEncryptionScope -ResourceGroupName "myresourcegroup" -AccountName "mystorageaccount" -EncryptionScopeName testscope -StorageEncryption
ResourceGroupName: myresourcegroup, StorageAccountName: mystorageaccount
Name State Source KeyVaultKeyUri RequireInfrastructureEncryption
---- ----- ------ -------------- -------------------------------
testscope Enabled Microsoft.Storage
This command updates an encryption scope to use Storage Encryption.
Example 4: Update an encryption scope to use Keyvault Encryption
Update-AzStorageEncryptionScope -ResourceGroupName "myresourcegroup" -AccountName "mystorageaccount" -EncryptionScopeName testscope -KeyvaultEncryption -KeyUri "https://keyvalutname.vault.azure.net:443/keys/keyname/34a0ba563b4243d9a0ef2b1d3c0c7d57"
ResourceGroupName: myresourcegroup, StorageAccountName: mystorageaccount
Name State Source KeyVaultKeyUri RequireInfrastructureEncryption
---- ----- ------ -------------- -------------------------------
testscope Enabled Microsoft.Keyvault https://keyvalutname.vault.azure.net:443/keys/keyname/34a0ba563b4243d9a0ef2b1d3c0c7d57
This command updates an encryption scope to use Keyvault Encryption.
The Storage account Identity need have get, wrapkey, unwrapkey permissions to the keyvault key.
Parameters
-Confirm
Prompts you for confirmation before running the cmdlet.
Parameter properties
Type: SwitchParameter
Default value: None Supports wildcards: False DontShow: False Aliases: cf
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-DefaultProfile
The credentials, account, tenant, and subscription used for communication with Azure.
Parameter properties
Type: IAzureContextContainer
Default value: None Supports wildcards: False DontShow: False Aliases: AzContext, AzureRmContext, AzureCredential
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-EncryptionScopeName
Azure Storage EncryptionScope name
Parameter properties
Type: String
Default value: None Supports wildcards: False DontShow: False Aliases: Name
Parameter sets
AccountName
Position: Named Mandatory: True Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
AccountNameKeyVault
Position: Named Mandatory: True Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
AccountObject
Position: Named Mandatory: True Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
AccountObjectKeyVault
Position: Named Mandatory: True Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
EncryptionScope object
EncryptionScopeObject
Position: Named Mandatory: True Value from pipeline: True Value from pipeline by property name: False Value from remaining arguments: False
EncryptionScopeObjectKeyVault
Position: Named Mandatory: True Value from pipeline: True Value from pipeline by property name: False Value from remaining arguments: False
-KeyUri
The key Uri
Parameter properties
Type: String
Default value: None Supports wildcards: False DontShow: False
Parameter sets
AccountNameKeyVault
Position: Named Mandatory: True Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
AccountObjectKeyVault
Position: Named Mandatory: True Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
EncryptionScopeObjectKeyVault
Position: Named Mandatory: True Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-KeyvaultEncryption
Create encryption scope with keySource as Microsoft.Keyvault
Parameter properties
Type: SwitchParameter
Default value: None Supports wildcards: False DontShow: False
Parameter sets
AccountNameKeyVault
Position: Named Mandatory: True Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
AccountObjectKeyVault
Position: Named Mandatory: True Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
EncryptionScopeObjectKeyVault
Position: Named Mandatory: True Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-ResourceGroupName
Resource Group Name.
Parameter properties
Type: String
Default value: None Supports wildcards: False DontShow: False
Parameter sets
AccountName
Position: 0 Mandatory: True Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
AccountNameKeyVault
Position: 0 Mandatory: True Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-State
Update encryption scope State, Possible values include: 'Enabled', 'Disabled'.
Parameter properties
Type: String
Default value: None Accepted values: Enabled, Disabled Supports wildcards: False DontShow: False
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-StorageAccount
Storage account object
Parameter properties
Type: PSStorageAccount
Default value: None Supports wildcards: False DontShow: False
Parameter sets
AccountObject
Position: Named Mandatory: True Value from pipeline: True Value from pipeline by property name: False Value from remaining arguments: False
AccountObjectKeyVault
Position: Named Mandatory: True Value from pipeline: True Value from pipeline by property name: False Value from remaining arguments: False
-StorageAccountName
Storage Account Name.
Parameter properties
Type: String
Default value: None Supports wildcards: False DontShow: False Aliases: AccountName
Parameter sets
AccountName
Position: 1 Mandatory: True Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
AccountNameKeyVault
Position: 1 Mandatory: True Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-StorageEncryption
Create encryption scope with keySource as Microsoft.Storage.
Parameter properties
Type: SwitchParameter
Default value: None Supports wildcards: False DontShow: False
Parameter sets
AccountName
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
AccountObject
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
EncryptionScopeObject
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-WhatIf
Shows what would happen if the cmdlet runs.
The cmdlet is not run.
Parameter properties
Type: SwitchParameter
Default value: None Supports wildcards: False DontShow: False Aliases: wi
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
CommonParameters
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable,
-InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable,
-ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see
about_CommonParameters .
Outputs
