Modifier

Partager via


Update-AzKeyVaultManagedHsm

Update the state of an Azure managed HSM.

Syntax

Update-AzKeyVaultManagedHsm
      -Name <String>
      -ResourceGroupName <String>
      [-EnablePurgeProtection]
      [-PublicNetworkAccess <String>]
      [-UserAssignedIdentity <String[]>]
      [-Tag <Hashtable>]
      [-DefaultProfile <IAzureContextContainer>]
      [-WhatIf]
      [-Confirm]
      [-SubscriptionId <String>]
      [<CommonParameters>]
Update-AzKeyVaultManagedHsm
      -InputObject <PSManagedHsm>
      [-EnablePurgeProtection]
      [-PublicNetworkAccess <String>]
      [-UserAssignedIdentity <String[]>]
      [-Tag <Hashtable>]
      [-DefaultProfile <IAzureContextContainer>]
      [-WhatIf]
      [-Confirm]
      [-SubscriptionId <String>]
      [<CommonParameters>]
Update-AzKeyVaultManagedHsm
      -ResourceId <String>
      [-EnablePurgeProtection]
      [-PublicNetworkAccess <String>]
      [-UserAssignedIdentity <String[]>]
      [-Tag <Hashtable>]
      [-DefaultProfile <IAzureContextContainer>]
      [-WhatIf]
      [-Confirm]
      [-SubscriptionId <String>]
      [<CommonParameters>]

Description

This cmdlet updates the state of an Azure managed HSM.

Examples

Example 1: Update a managed Hsm directly

Update-AzKeyVaultManagedHsm -Name $hsmName -ResourceGroupName $resourceGroupName -Tag @{testKey="testValue"} | Format-List

Managed HSM Name                    : testmhsm
Resource Group Name                 : testmhsm
Location                            : eastus2euap
Resource ID                         : /subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/testmhsm/provid
                                      ers/Microsoft.KeyVault/managedHSMs/testmhsm
HSM Pool URI                        :
Tenant ID                           : xxxxxx-xxxx-xxxx-xxxxxxxxxxxx
Initial Admin Object Ids            : xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
SKU                                 : StandardB1
Soft Delete Enabled?                : True
Enabled Purge Protection?           : False
Soft Delete Retention Period (days) : 90
Provisioning State                  : Provisioning
Status Message                      : Resource creation in progress. Starting service...
Tags                                :
                                      Name        Value
                                      ====        =====
                                      testKey     testValued

Updates tags for the managed Hsm named $hsmName in resource group $resourceGroupName.

Example 2: Update a managed Hsm using piping

Get-AzKeyVaultManagedHsm -Name $hsmName -ResourceGroupName $resourceGroupName | Update-AzKeyVaultManagedHsm -Tag @{testKey="testValue"}

Updates tags for the managed Hsm using piping syntax.

Example 3: Enable purge protection for a managed Hsm

Update-AzKeyVaultManagedHsm -Name $hsmName -ResourceGroupName $resourceGroupName -EnablePurgeProtection | Format-List

Managed HSM Name                    : testmhsm
Resource Group Name                 : test-rg
Location                            : eastus
Resource ID                         : /subscriptions/a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1/resourceGroups/test-rg/provide
                                      rs/Microsoft.KeyVault/managedHSMs/testmhsm
HSM Pool URI                        :
Tenant ID                           : aaaabbbb-0000-cccc-1111-dddd2222eeee
Initial Admin Object Ids            : {xxxxxx9e-5be9-4f43-abd2-xxxxxxxxxxxx}
SKU                                 : StandardB1
Soft Delete Enabled?                : True
Enabled Purge Protection?           : True
Soft Delete Retention Period (days) : 70
Provisioning State                  : Succeeded
Status Message                      : The Managed HSM is provisioned and ready to use.
Tags                                :

Enables purge protection for the managed Hsm named $hsmName in resource group $resourceGroupName.

Example 4: Update user assigned identity for a managed Hsm

Update-AzKeyVaultManagedHsm -Name testmhsm -ResourceGroupName test-rg -UserAssignedIdentity /subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/bez-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/bez-id02 | Format-List

Managed HSM Name                        : testmshm
Resource Group Name                     : test-rg
Location                                : eastus2euap
Resource ID                             : /subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/test-rg/pro
                                          viders/Microsoft.KeyVault/managedHSMs/testmhsm
HSM Pool URI                            :
Tenant ID                               : xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
Initial Admin Object Ids                : {xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx}
SKU                                     : StandardB1
Soft Delete Enabled?                    : True
Enabled Purge Protection?               : False
Soft Delete Retention Period (days)     : 70
Public Network Access                   : Enabled
IdentityType                            : UserAssigned
UserAssignedIdentities                  : /subscriptions/xxxx/resourceGroups/xxxx/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identityName
Provisioning State                      : Succeeded
Status Message                          : The Managed HSM is provisioned and ready to use.
Security Domain ActivationStatus        : Active
Security Domain ActivationStatusMessage : Your HSM has been activated and can be used for cryptographic operations.
Regions                                 : 
Tags

This command adds an user assigned identity for the managed Hsm named testmshm in resource group test-rg.

Parameters

-Confirm

Prompts you for confirmation before running the cmdlet.

Type:SwitchParameter
Aliases:cf
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-DefaultProfile

The credentials, account, tenant, and subscription used for communication with Azure.

Type:IAzureContextContainer
Aliases:AzContext, AzureRmContext, AzureCredential
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-EnablePurgeProtection

specifying whether protection against purge is enabled for this managed HSM pool. The setting is effective only if soft delete is also enabled. Enabling this functionality is irreversible.

Type:SwitchParameter
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-InputObject

Managed HSM object.

Type:PSManagedHsm
Position:Named
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-Name

Name of the managed HSM.

Type:String
Aliases:HsmName
Position:Named
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False

-PublicNetworkAccess

Controls permission for data plane traffic coming from public networks while private endpoint is enabled.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-ResourceGroupName

Name of the resource group.

Type:String
Position:Named
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False

-ResourceId

Resource ID of the managed HSM.

Type:String
Position:Named
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-SubscriptionId

The ID of the subscription. By default, cmdlets are executed in the subscription that is set in the current context. If the user specifies another subscription, the current cmdlet is executed in the subscription specified by the user. Overriding subscriptions only take effect during the lifecycle of the current cmdlet. It does not change the subscription in the context, and does not affect subsequent cmdlets.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-Tag

A hash table which represents resource tags.

Type:Hashtable
Aliases:Tags
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-UserAssignedIdentity

The set of user assigned identities associated with the managed HSM. Its value will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.

Type:String[]
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-WhatIf

Shows what would happen if the cmdlet runs. The cmdlet is not run.

Type:SwitchParameter
Aliases:wi
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

Inputs

PSManagedHsm

String

Hashtable

Outputs

PSManagedHsm