Set-AzureRmKeyVaultKeyAttribute
Set-AzureRmKeyVaultKeyAttribute
Updates the attributes of a key in a vault.
Syntax
Parameter Set: Default
Set-AzureRmKeyVaultKeyAttribute [-VaultName] <String> [-Name] <String> [[-Version] <String> ] [-Enable <Boolean> ] [-Expires <DateTime> ] [-KeyOps <String[]> ] [-NotBefore <DateTime> ] [-PassThru] [-Tags <Hashtable> ] [ <CommonParameters>]
Detailed Description
The Set-AzureKeyVaultKeyAttribute cmdlet updates the editable attributes of a key in an Azure Key Vault instance.
Parameters
-Enable<Boolean>
Specifies whether to enable or disable a key. A value of $True enables the key. A value of $False disables the key. If you do not specify this parameter, this cmdlet does not modify the status of the key.
Aliases |
none |
Required? |
false |
Position? |
named |
Default Value |
none |
Accept Pipeline Input? |
false |
Accept Wildcard Characters? |
false |
-Expires<DateTime>
Specifies the expiration time, as a DateTime object, for the key that this cmdlet updates. This parameter uses Coordinated Universal Time (UTC). To obtain a DateTime object, use the Get-Date cmdlet. For more information, type Get-Help Get-Date.
Aliases |
none |
Required? |
false |
Position? |
named |
Default Value |
none |
Accept Pipeline Input? |
true(ByPropertyName) |
Accept Wildcard Characters? |
false |
-KeyOps<String[]>
Specifies an array of operations that can be performed by using the key that this cmdlet adds. If you do not specify this parameter, all operations can be performed.
The acceptable values for this parameter are a comma-separated list of key operations as defined by the JSON Web Key specification. These values (case-sensitive) are:
-- encrypt
-- decrypt
-- wrap
-- unwrap
-- sign
-- verify
-- backup
-- restore
Aliases |
none |
Required? |
false |
Position? |
named |
Default Value |
none |
Accept Pipeline Input? |
true(ByPropertyName) |
Accept Wildcard Characters? |
false |
-Name<String>
Specifies the name of the key to update. This cmdlet constructs the fully qualified domain name (FQDN) of a key based on the name that this parameter specifies, the name of the vault, and your current environment.
Aliases |
KeyName |
Required? |
true |
Position? |
2 |
Default Value |
none |
Accept Pipeline Input? |
true(ByPropertyName) |
Accept Wildcard Characters? |
false |
-NotBefore<DateTime>
Specifies the time, as a DateTime object, before which the key cannot be used. This parameter uses UTC. To obtain a DateTime object, use the Get-Date cmdlet.
Aliases |
none |
Required? |
false |
Position? |
named |
Default Value |
none |
Accept Pipeline Input? |
true(ByPropertyName) |
Accept Wildcard Characters? |
false |
-PassThru
Returns an object representing the item with which you are working. By default, this cmdlet does not generate any output.
Aliases |
none |
Required? |
false |
Position? |
named |
Default Value |
none |
Accept Pipeline Input? |
false |
Accept Wildcard Characters? |
false |
-Tags<Hashtable>
Specifies a hash table that represents tags for a secret. If you do not specify this parameter, there is no change to the current secret's tags. To remove a tag, specify an empty hash table. For more information about resource tags, see Using tags to organize your Azure resources (https://go.microsoft.com/fwlink/?LinkId=613624).
Aliases |
none |
Required? |
false |
Position? |
named |
Default Value |
none |
Accept Pipeline Input? |
true(ByPropertyName) |
Accept Wildcard Characters? |
false |
-VaultName<String>
Specifies the name of the vault in which this cmdlet modifies the key. This cmdlet constructs the FQDN of a vault based on the name that this parameter specifies and your current environment.
Aliases |
none |
Required? |
true |
Position? |
1 |
Default Value |
none |
Accept Pipeline Input? |
true(ByPropertyName) |
Accept Wildcard Characters? |
false |
-Version<String>
Specifies the key version. This cmdlet constructs the FQDN of a key based on the vault name, your currently selected environment, the key name, and the key version.
Aliases |
KeyVersion |
Required? |
false |
Position? |
3 |
Default Value |
none |
Accept Pipeline Input? |
true(ByPropertyName) |
Accept Wildcard Characters? |
false |
<CommonParameters>
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.
Inputs
The input type is the type of the objects that you can pipe to the cmdlet.
- String, Boolean, DateTime
Outputs
The output type is the type of the objects that the cmdlet emits.
- Microsoft.Azure.Commands.KeyVault.Models.KeyBundle
Examples
Example 1: Modify a key to enable it, and set the expiration date and tags
The first command creates a DateTime object by using the Get-Date cmdlet. That object specifies a time two years in the future. The command stores that date in the $Expires variable. For more information, type Get-Help Get-Date.
The second command creates a variable to store tag values of high severity and Accounting.
The final command modifies a key named ITSoftware. The command enables the key, sets its expiration time to the time stored in $Expires, and sets the tags that are stored in $Tags.
PS C:\> $Expires = (Get-Date).AddYears(2).ToUniversalTime()
PS C:\> $Tags = @{'Severity' = 'high'; 'Accounting' = null}
PS C:\> Set-AzureKeyVaultKeyAttribute -VaultName 'Contoso' -Name 'ITSoftware' -Expires $Expires -Enable $True -Tags $Tags -PassThru
Example 2: Modify a key to delete all tags
This commands deletes all tags for a specific version of a key named ITSoftware.
PS C:\> Set-AzureKeyVaultKeyAttribute -VaultName 'Contoso' -Name 'ITSoftware' –Version '7EEA45C6EE50490B9C3176F80AC1A0DG' –Tags @{}