Share via

az keyvault restore

Manage full HSM restore.

Commands

Name Description Type Status
az keyvault restore start

Restore a full backup of a HSM.

 Core GA

az keyvault restore start

Edit

Restore a full backup of a HSM.

az keyvault restore start --backup-folder
                          [--blob-container-name]
                          [--hsm-name]
                          [--id]
                          [--key --key-name]
                          [--storage-account-name]
                          [--storage-container-SAS-token]
                          [--storage-resource-uri]
                          [--use-managed-identity {false, true}]

Required Parameters

--backup-folder

Name of the blob container which contains the backup.

Optional Parameters

The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.

--blob-container-name

Name of Blob Container.

Property Value
Parameter group: Storage Id Arguments
--hsm-name

Name of the HSM. Can be omitted if --id is specified.

Property Value
Parameter group: HSM Id Arguments
--id

Full URI of the HSM.

Property Value
Parameter group: HSM Id Arguments
--key --key-name

Name of a single key in the backup. When set, only this key will be restored.

--storage-account-name

Name of Azure Storage Account.

Property Value
Parameter group: Storage Id Arguments
--storage-container-SAS-token -t

The SAS token pointing to an Azure Blob storage container.

--storage-resource-uri

Azure Blob storage container Uri. If specified all other 'Storage Id' arguments should be omitted.

Property Value
Parameter group: Storage Id Arguments
--use-managed-identity

If True, Managed HSM will use the configured user-assigned managed identity to authenticate with Azure Storage. Otherwise, a sas_token has to be specified.

Property Value
Accepted values: false, true
Global Parameters
--debug

Increase logging verbosity to show all debug logs.

Property Value
Default value: False
--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

Property Value
Default value: False
--output -o

Output format.

Property Value
Default value: json
Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

Property Value
Default value: False