Feedback Edit

KeyVaultBackupClient Class

  • Reference

Performs Key Vault backup and restore operations.

Inheritance
azure.keyvault.administration._internal.async_client_base.AsyncKeyVaultClientBase
KeyVaultBackupClient

Constructor

KeyVaultBackupClient(vault_url: str, credential: AsyncTokenCredential, **kwargs: Any)

Parameters

vault_url
str
Required

URL of the vault on which the client will operate. This is also called the vault's "DNS Name".

credential
Required

an object which can provide an access token for the vault, such as a credential from aio

Methods

begin_backup

Begin a full backup of the Key Vault.
begin_restore

Restore a Key Vault backup.

This method restores either a complete Key Vault backup or when key_name has a value, a single key.

begin_backup

Begin a full backup of the Key Vault.

async begin_backup(blob_storage_url: str, sas_token: str, **kwargs: Any) -> AsyncLROPoller[KeyVaultBackupResult]

Parameters

blob_storage_url
str
Required

URL of the blob storage container in which the backup will be stored, for example https://.blob.core.windows.net/backup

sas_token
str
Required

a Shared Access Signature (SAS) token authorizing access to the blob storage resource

continuation_token
str

a continuation token to restart polling from a saved state

Returns

An AsyncLROPoller. Call result() on this object to get a <xref:azure.keyvault.administration.aio.KeyVaultBackupResult>.

Return type

AsyncLROPoller[KeyVaultBackupResult]

Examples

Create a vault backup


   # begin a vault backup
   backup_poller = await backup_client.begin_backup(container_uri, sas_token)

   # check if the backup completed
   done = backup_poller.done()

   # yield until the backup completes
   # result() returns an object with a URL of the backup
   backup_operation = await backup_poller.result()

begin_restore

Restore a Key Vault backup.

This method restores either a complete Key Vault backup or when key_name has a value, a single key.

async begin_restore(folder_url: str, sas_token: str, **kwargs: Any) -> AsyncLROPoller

Parameters

folder_url
str
Required

URL for the blob storage resource, including the path to the blob holding the backup. This would be the folder_url of a <xref:azure.keyvault.administration.aio.KeyVaultBackupResult> returned by begin_backup, for example https://.blob.core.windows.net/backup/mhsm-account-2020090117323313

sas_token
str
Required

a Shared Access Signature (SAS) token authorizing access to the blob storage resource

continuation_token
str

a continuation token to restart polling from a saved state

key_name
str

name of a single key in the backup. When set, only this key will be restored.

Return type

AsyncLROPoller

Examples

Restore a vault backup


   # begin a full vault restore
   restore_poller = await backup_client.begin_restore(folder_url, sas_token)

   # check if the restore completed
   done = restore_poller.done()

   # wait for the restore to complete
   await restore_poller.wait()

Restore a single key


   # begin a restore of a single key from a backed up vault
   restore_poller = await backup_client.begin_restore(folder_url, sas_token, key_name=key_name)

   # check if the restore completed
   done = restore_poller.done()

   # wait for the restore to complete
   await restore_poller.wait()