New-AzStorageEncryptionScope
Creates an encryption scope for a Storage account.
Syntax
New-AzStorageEncryptionScope
[-ResourceGroupName] <String>
[-StorageAccountName] <String>
-EncryptionScopeName <String>
[-StorageEncryption]
[-RequireInfrastructureEncryption]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] New-AzStorageEncryptionScope
[-ResourceGroupName] <String>
[-StorageAccountName] <String>
-EncryptionScopeName <String>
[-KeyvaultEncryption]
-KeyUri <String>
[-RequireInfrastructureEncryption]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] New-AzStorageEncryptionScope
-StorageAccount <PSStorageAccount>
-EncryptionScopeName <String>
[-StorageEncryption]
[-RequireInfrastructureEncryption]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] New-AzStorageEncryptionScope
-StorageAccount <PSStorageAccount>
-EncryptionScopeName <String>
[-KeyvaultEncryption]
-KeyUri <String>
[-RequireInfrastructureEncryption]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Description
The New-AzStorageEncryptionScope cmdlet creates an encryption scope for a Storage account.
Examples
Example 1: Create an encryption scope with Storage Encryption
New-AzStorageEncryptionScope -ResourceGroupName "myresourcegroup" -AccountName "mystorageaccount" -EncryptionScopeName testscope -StorageEncryption
ResourceGroupName: myresourcegroup, StorageAccountName: mystorageaccount
Name State Source KeyVaultKeyUri RequireInfrastructureEncryption
---- ----- ------ -------------- -------------------------------
testscope Enabled Microsoft.StorageThis command creates an encryption scope with Storage Encryption.
Example 2: Create an encryption scope with Keyvault Encryption, and RequireInfrastructureEncryption
New-AzStorageEncryptionScope -ResourceGroupName "myresourcegroup" -AccountName "mystorageaccount" `
-EncryptionScopeName testscope -KeyvaultEncryption -KeyUri "https://keyvalutname.vault.azure.net:443/keys/keyname/34a0ba563b4243d9a0ef2b1d3c0c7d57" `
-RequireInfrastructureEncryption
ResourceGroupName: myresourcegroup, StorageAccountName: mystorageaccount
Name State Source KeyVaultKeyUri RequireInfrastructureEncryption
---- ----- ------ -------------- -------------------------------
testscope Enabled Microsoft.Keyvault https://keyvalutname.vault.azure.net:443/keys/keyname/34a0ba563b4243d9a0ef2b1d3c0c7d57 TrueThis command creates an encryption scope with Keyvault Encryption and RequireInfrastructureEncryption. The Storage account Identity need have get,wrapkey,unwrapkey permissions to the keyvault key.
Parameters
-Confirm
Prompts you for confirmation before running the cmdlet.
| Type: | SwitchParameter |
| Aliases: | cf |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-DefaultProfile
The credentials, account, tenant, and subscription used for communication with Azure.
| Type: | IAzureContextContainer |
| Aliases: | AzContext, AzureRmContext, AzureCredential |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-EncryptionScopeName
Azure Storage EncryptionScope name
| Type: | String |
| Aliases: | Name |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-KeyUri
The key Uri
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-KeyvaultEncryption
Create encryption scope with keySource as Microsoft.Keyvault
| Type: | SwitchParameter |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-RequireInfrastructureEncryption
The encryption scope will apply a secondary layer of encryption with platform managed keys for data at rest.
| Type: | SwitchParameter |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-ResourceGroupName
Resource Group Name.
| Type: | String |
| Position: | 0 |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-StorageAccount
Storage account object
| Type: | PSStorageAccount |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-StorageAccountName
Storage Account Name.
| Type: | String |
| Aliases: | AccountName |
| Position: | 1 |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-StorageEncryption
Create encryption scope with keySource as Microsoft.Storage.
| Type: | SwitchParameter |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-WhatIf
Shows what would happen if the cmdlet runs. The cmdlet is not run.
| Type: | SwitchParameter |
| Aliases: | wi |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
Inputs
Outputs
Współpracuj z nami w serwisie GitHub
Źródło tej zawartości można znaleźć w witrynie GitHub, gdzie można również tworzyć i przeglądać problemy i żądania ściągnięcia. Więcej informacji znajdziesz w naszym przewodniku dla współtwórców.
