Backup-AzureRmKeyVaultKey
Backup-AzureRmKeyVaultKey
Backs up a key in a vault.
Syntax
Parameter Set: Default
Backup-AzureRmKeyVaultKey [-VaultName] <String> [-Name] <String> [[-OutputFile] <String> ] [ <CommonParameters>]
Detailed Description
The Backup-AzureRMKeyVaultKey cmdlet backs up a specified key in a vault by downloading it and storing it in a file. If there are multiple versions of the key, all versions are included in the backup. Because the downloaded content is encrypted, it cannot be used outside of Azure Key Vault. You can restore a backed-up key to any key vault in the subscription that it was backed up from.
Typical reasons to use this cmdlet are:
-- You want to escrow a copy of your key, so that you have an offline copy in case you accidentally delete your key in your key vault.
-- You created a key using Azure Key Vault and now want to clone the key into a different Azure region, so that you can use it from all instances of your distributed application. Use the Backup-AzureRMKeyVaultKey cmdlet to retrieve the key in encrypted format and then use the Restore-AzureRmKeyVaultKey cmdlet and specify a key vault in the second region.
Parameters
-Name<String>
Specifies the name of the key to back up.
Aliases |
KeyName |
Required? |
true |
Position? |
2 |
Default Value |
none |
Accept Pipeline Input? |
true(ByPropertyName) |
Accept Wildcard Characters? |
false |
-OutputFile<String>
Specifies the output file in which the backup blob is stored. If you do not specify this parameter, this cmdlet generates a file name for you. If you specify the name of an existing output file, the operation will not complete and returns an error message that the backup file already exists.
Aliases |
none |
Required? |
false |
Position? |
3 |
Default Value |
none |
Accept Pipeline Input? |
true(ByPropertyName) |
Accept Wildcard Characters? |
false |
-VaultName<String>
Specifies the name of the key vault that contains the key to back up.
Aliases |
none |
Required? |
true |
Position? |
1 |
Default Value |
none |
Accept Pipeline Input? |
true(ByPropertyName) |
Accept Wildcard Characters? |
false |
<CommonParameters>
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.
Inputs
The input type is the type of the objects that you can pipe to the cmdlet.
Outputs
The output type is the type of the objects that the cmdlet emits.
Examples
Example 1: Back up a key with an automatically generated file name
This command retrieves the key named MyKey from the vault named MyKeyVault and saves a backup of that key to a file that is automatically named for you, and displays the file name.
PS C:\> Backup-AzureRMKeyVaultKey -VaultName 'MyKeyVault' -Name 'MyKey'
Example 2: Back up a key to a specified file name
This command retrieves the key named MyKey from the vault named MyKeyVault and saves a backup of that key to a file named Backup.blob.
PS C:\> Backup-AzureRMKeyVaultKey -VaultName 'MyKeyVault' -Name 'MyKey' -OutputFile 'C:\Backup.blob'