Restore-AzKeyVaultKey

Module:

Az.KeyVault

Creates a key in a key vault from a backed-up key.

Note

This is the previous version of our documentation. Please consult the most recent version for up-to-date information.

Syntax

Restore-AzKeyVaultKey
       [-VaultName] <String>
       [-InputFile] <String>
       [-DefaultProfile <IAzureContextContainer>]
       [-WhatIf]
       [-Confirm]
       [<CommonParameters>]

Restore-AzKeyVaultKey
       -HsmName <String>
       [-InputFile] <String>
       [-DefaultProfile <IAzureContextContainer>]
       [-WhatIf]
       [-Confirm]
       [<CommonParameters>]

Restore-AzKeyVaultKey
       [-InputObject] <PSKeyVault>
       [-InputFile] <String>
       [-DefaultProfile <IAzureContextContainer>]
       [-WhatIf]
       [-Confirm]
       [<CommonParameters>]

Restore-AzKeyVaultKey
       [-HsmObject] <PSManagedHsm>
       [-InputFile] <String>
       [-DefaultProfile <IAzureContextContainer>]
       [-WhatIf]
       [-Confirm]
       [<CommonParameters>]

Restore-AzKeyVaultKey
       [-ResourceId] <String>
       [-InputFile] <String>
       [-DefaultProfile <IAzureContextContainer>]
       [-WhatIf]
       [-Confirm]
       [<CommonParameters>]

Restore-AzKeyVaultKey
       -HsmResourceId <String>
       [-InputFile] <String>
       [-DefaultProfile <IAzureContextContainer>]
       [-WhatIf]
       [-Confirm]
       [<CommonParameters>]

Description

The Restore-AzKeyVaultKey cmdlet creates a key in the specified key vault. This key is a replica of the backed-up key in the input file and has the same name as the original key. If the key vault already has a key by the same name, this cmdlet fails instead of overwriting the original key. If the backup contains multiple versions of a key, all versions are restored. The key vault that you restore the key into can be different from the key vault that you backed up the key from. However, the key vault must use the same subscription and be in an Azure region in the same geography (for example, North America). See the Microsoft Azure Trust Center (https://azure.microsoft.com/support/trust-center/) for the mapping of Azure regions to geographies.

Examples

Example 1: Restore a backed-up key

Restore-AzKeyVaultKey -VaultName 'MyKeyVault' -InputFile "C:\Backup.blob"

Vault Name     : MyKeyVault
Name           : key1
Version        : 394f9379a47a4e2086585468de6c7ae5
Id             : https://mykeyvault.vault.azure.net:443/keys/key1/394f9379a47a4e2086585468de6c7ae5
Enabled        : True
Expires        :
Not Before     :
Created        : 4/6/2018 11:31:36 PM
Updated        : 4/6/2018 11:35:04 PM
Purge Disabled : False
Tags           :

This command restores a key, including all of its versions, from the backup file named Backup.blob into the key vault named MyKeyVault.

Parameters

-Confirm

Prompts you for confirmation before running the cmdlet.

Type:	SwitchParameter
Aliases:	cf
Position:	Named
Default value:	None
Accept pipeline input:	False
Accept wildcard characters:	False

-DefaultProfile

The credentials, account, tenant, and subscription used for communication with azure

Type:	IAzureContextContainer
Aliases:	AzContext, AzureRmContext, AzureCredential
Position:	Named
Default value:	None
Accept pipeline input:	False
Accept wildcard characters:	False

-HsmName

HSM name. Cmdlet constructs the FQDN of a managed HSM based on the name and currently selected environment.

Type:	String
Position:	Named
Default value:	None
Accept pipeline input:	False
Accept wildcard characters:	False

-HsmObject

HSM object

Type:	PSManagedHsm
Position:	0
Default value:	None
Accept pipeline input:	True
Accept wildcard characters:	False

-HsmResourceId

Hsm Resource Id

Type:	String
Position:	Named
Default value:	None
Accept pipeline input:	True
Accept wildcard characters:	False

-InputFile

Specifies the input file that contains the backup of the key to restore.

Type:	String
Position:	1
Default value:	None
Accept pipeline input:	False
Accept wildcard characters:	False

-InputObject

KeyVault object

Type:	PSKeyVault
Position:	0
Default value:	None
Accept pipeline input:	True
Accept wildcard characters:	False

-ResourceId

KeyVault Resource Id

Type:	String
Position:	0
Default value:	None
Accept pipeline input:	True
Accept wildcard characters:	False

-VaultName

Specifies the name of the key vault into which to restore the key.

Type:	String
Position:	0
Default value:	None
Accept pipeline input:	False
Accept wildcard characters:	False

-WhatIf

Shows what would happen if the cmdlet runs. The cmdlet is not run.

Type:	SwitchParameter
Aliases:	wi
Position:	Named
Default value:	None
Accept pipeline input:	False
Accept wildcard characters:	False

Inputs

PSKeyVault

String

Outputs

PSKeyVaultKey

Related Links

• Add-AzKeyVaultKey
• Backup-AzKeyVaultKey
• Get-AzKeyVaultKey
• Remove-AzKeyVaultKey