Export-AzKeyVaultSecurityDomain

Exports the security domain data of a managed HSM.

Syntax

Export-AzKeyVaultSecurityDomain
      -Name <String>
      -Certificates <String[]>
      -OutputPath <String>
      [-Force]
      [-PassThru]
      -Quorum <Int32>
      [-DefaultProfile <IAzureContextContainer>]
      [-WhatIf]
      [-Confirm]
      [-SubscriptionId <String>]
      [<CommonParameters>]
Export-AzKeyVaultSecurityDomain
      -InputObject <PSKeyVaultIdentityItem>
      -Certificates <String[]>
      -OutputPath <String>
      [-Force]
      [-PassThru]
      -Quorum <Int32>
      [-DefaultProfile <IAzureContextContainer>]
      [-WhatIf]
      [-Confirm]
      [-SubscriptionId <String>]
      [<CommonParameters>]

Description

Exports the security domain data of a managed HSM for importing on another HSM.

Examples

Example 1

Export-AzKeyVaultSecurityDomain -Name testmhsm -Certificates sd1.cer, sd2.cer, sd3.cer -OutputPath sd.ps.json -Quorum 2

This command retrieves the managed HSM named testmhsm and saves a backup of that managed HSM security domain to the specified output file.

Parameters

-Certificates

Paths to the certificates that are used to encrypt the security domain data.

Type:String[]
Position:Named
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False

-Confirm

Prompts you for confirmation before running the cmdlet.

Type:SwitchParameter
Aliases:cf
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-DefaultProfile

The credentials, account, tenant, and subscription used for communication with Azure.

Type:IAzureContextContainer
Aliases:AzContext, AzureRmContext, AzureCredential
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-Force

Specify whether to overwrite existing file.

Type:SwitchParameter
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-InputObject

Object representing a managed HSM.

Type:PSKeyVaultIdentityItem
Position:Named
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-Name

Name of the managed HSM.

Type:String
Aliases:HsmName
Position:Named
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False

-OutputPath

Specify the path where security domain data will be downloaded to.

Type:String
Position:Named
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False

-PassThru

When specified, a boolean will be returned when cmdlet succeeds.

Type:SwitchParameter
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-Quorum

The minimum number of shares required to decrypt the security domain for recovery.

Type:Int32
Position:Named
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False

-SubscriptionId

The ID of the subscription. By default, cmdlets are executed in the subscription that is set in the current context. If the user specifies another subscription, the current cmdlet is executed in the subscription specified by the user. Overriding subscriptions only take effect during the lifecycle of the current cmdlet. It does not change the subscription in the context, and does not affect subsequent cmdlets.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-WhatIf

Shows what would happen if the cmdlet runs. The cmdlet is not run.

Type:SwitchParameter
Aliases:wi
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

Inputs

PSKeyVaultIdentityItem

Outputs

Boolean