Invoke-AzKeyVaultKeyRotation

Module:

Az.KeyVault

Creates a new key version in Key Vault, stores it, then returns the new key.

Note

This is the previous version of our documentation. Please consult the most recent version for up-to-date information.

Syntax

Invoke-AzKeyVaultKeyRotation
      [-VaultName] <String>
      [-Name] <String>
      [-DefaultProfile <IAzureContextContainer>]
      [-WhatIf]
      [-Confirm]
      [<CommonParameters>]

Invoke-AzKeyVaultKeyRotation
      [-InputObject] <PSKeyVaultKeyIdentityItem>
      [-DefaultProfile <IAzureContextContainer>]
      [-WhatIf]
      [-Confirm]
      [<CommonParameters>]

Description

The cmdlet will rotate the key based on the key policy. It requires the keys/rotate permission. It will returns a new version of the rotate key.

Examples

Example 1

Invoke-AzKeyVaultKeyRotation -VaultName test-kv -Name test-key

Vault/HSM Name : test-kv
Name           : test-key
Key Type       : RSA
Key Size       : 2048
Curve Name     :
Version        : xxxxxxxxxxxxxx4939xxxxxxxxxxxxxxxx
Id             : https://test-kv.vault.azure.net:443/keys/test-key/xxxxxxxxxxxxxx4939xxxxxxxxxxxxxxxx
Enabled        : True
Expires        :
Not Before     :
Created        : 12/10/2021 2:57:58 AM
Updated        : 12/10/2021 2:57:58 AM
Recovery Level : Recoverable+Purgeable
Tags           :

This cmdlet creates a new key version for test-key.

Parameters

-Confirm

Prompts you for confirmation before running the cmdlet.

Type:	SwitchParameter
Aliases:	cf
Position:	Named
Default value:	None
Accept pipeline input:	False
Accept wildcard characters:	False

-DefaultProfile

The credentials, account, tenant, and subscription used for communication with Azure.

Type:	IAzureContextContainer
Aliases:	AzContext, AzureRmContext, AzureCredential
Position:	Named
Default value:	None
Accept pipeline input:	False
Accept wildcard characters:	False

-InputObject

Key object

Type:	PSKeyVaultKeyIdentityItem
Aliases:	Key
Position:	0
Default value:	None
Accept pipeline input:	True
Accept wildcard characters:	False

-Name

Key name.

Type:	String
Aliases:	KeyName
Position:	1
Default value:	None
Accept pipeline input:	False
Accept wildcard characters:	False

-VaultName

Vault name.

Type:	String
Position:	0
Default value:	None
Accept pipeline input:	False
Accept wildcard characters:	False

-WhatIf

Shows what would happen if the cmdlet runs. The cmdlet is not run.

Type:	SwitchParameter
Aliases:	wi
Position:	Named
Default value:	None
Accept pipeline input:	False
Accept wildcard characters:	False

Inputs

PSKeyVaultKeyIdentityItem

Outputs

PSKeyVaultKey

Related Links

• Get-AzKeyVaultKeyRotationPolicy.md
• Set-AzKeyVaultKeyRotationPolicy.md