Revoke-HgsKeyProtectorAccess
Revokes access for a guardian to a key protector.
Syntax
Revoke-HgsKeyProtectorAccess
-KeyProtector <CimInstance>
-Guardian <CimInstance>
[<CommonParameters>]
Revoke-HgsKeyProtectorAccess
-KeyProtector <CimInstance>
-GuardianFriendlyName <String>
[<CommonParameters>]
Description
The Revoke-HgsKeyProtectorAccess cmdlet revokes access for a Host Guardian Service guardian to a key protector. This operation requires access to private signing key of the owner.
Examples
Example 1: Revoke access for a guardian
PS C:\> $Owner = Get-HgsGuardian -Name "Guardian11"
PS C:\> $GuardianA = Get-HgsGuardian -Name "GuardianA"
PS C:\> $GuardianB = Get-HgsGuardian -Name "GuardianB"
PS C:\> New-HgsKeyProtector -Owner $Owner -Guardians @($GuardianA, $GuardianB)
PS C:\> $Guardian04 = Get-HgsGuardian -Name "GuardianA"
PS C:\> Revoke-HgsKeyProtectorAccess -KeyProtector $KeyProtector -Guardian $Guardian04
The first command gets the guardian object named Guardian11 by using the Get-HgsGuardian cmdlet, and then stores that object in the $Owner variable.
The second and third commands get two guardians named GuardianA and GuardianB. These commands store the guardians in the $GuardianA and $GuardianB variables.
The fifth command gets the guardian object named GuardianA, and then stores that object in the $Guardian04 variable.
The final command revokes access for the guardian stored in $Guardian04 for the key protector.
Parameters
-Guardian
Specifies a guardian from which to revoke access to the key.
Type: | CimInstance |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-GuardianFriendlyName
Specifies a friendly name for a guardian.
Type: | String |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-KeyProtector
Specifies the key protector for which to revoke access.
Type: | CimInstance |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | True |
Accept wildcard characters: | False |
Outputs
CimInstance
The Microsoft.Management.Infrastructure.CimInstance
object is a wrapper class that displays Windows Management Instrumentation (WMI) objects.
The path after the pound sign (#
) provides the namespace and class name for the underlying WMI object.