public final class KeyAsyncClient extends Object
keys
in the Azure Key Vault. The client
supports creating, retrieving, updating, deleting, purging, backing up, restoring and listing the keys
.
The client also supports listing deleted keys
for a soft-delete enabled Azure Key Vault.
Samples to construct the async client
KeyAsyncClient keyAsyncClient = new KeyClientBuilder() .vaultUrl("https://myvault.azure.net/") .credential(new DefaultAzureCredentialBuilder().build()) .buildAsyncClient();
KeyClientBuilder
,
PagedFlux
Modifier and Type | Method and Description |
---|---|
Mono<byte[]> |
backupKey(String name)
Requests a backup of the specified key be downloaded to the client.
|
Mono<com.azure.core.http.rest.Response<byte[]>> |
backupKeyWithResponse(String name)
Requests a backup of the specified key be downloaded to the client.
|
com.azure.core.util.polling.PollerFlux<DeletedKey,Void> |
beginDeleteKey(String name)
Deletes a key of any type from the key vault.
|
com.azure.core.util.polling.PollerFlux<KeyVaultKey,Void> |
beginRecoverDeletedKey(String name)
Recovers the deleted key in the key vault to its latest version and can only be performed on a soft-delete
enabled vault.
|
Mono<KeyVaultKey> |
createEcKey(CreateEcKeyOptions createEcKeyOptions)
Creates a new Ec key and stores it in the key vault.
|
Mono<com.azure.core.http.rest.Response<KeyVaultKey>> |
createEcKeyWithResponse(CreateEcKeyOptions createEcKeyOptions)
Creates a new Ec key and stores it in the key vault.
|
Mono<KeyVaultKey> |
createKey(CreateKeyOptions createKeyOptions)
Creates a new key and stores it in the key vault.
|
Mono<KeyVaultKey> |
createKey(String name,
KeyType keyType)
Creates a new key and stores it in the key vault.
|
Mono<com.azure.core.http.rest.Response<KeyVaultKey>> |
createKeyWithResponse(CreateKeyOptions createKeyOptions)
Creates a new key and stores it in the key vault.
|
Mono<KeyVaultKey> |
createRsaKey(CreateRsaKeyOptions createRsaKeyOptions)
Creates a new Rsa key and stores it in the key vault.
|
Mono<com.azure.core.http.rest.Response<KeyVaultKey>> |
createRsaKeyWithResponse(CreateRsaKeyOptions createRsaKeyOptions)
Creates a new Rsa key and stores it in the key vault.
|
Mono<DeletedKey> |
getDeletedKey(String name)
Gets the public part of a deleted key.
|
Mono<com.azure.core.http.rest.Response<DeletedKey>> |
getDeletedKeyWithResponse(String name)
Gets the public part of a deleted key.
|
Mono<KeyVaultKey> |
getKey(String name)
Get the public part of the latest version of the specified key from the key vault.
|
Mono<KeyVaultKey> |
getKey(String name,
String version)
Gets the public part of the specified key and key version.
|
Mono<com.azure.core.http.rest.Response<KeyVaultKey>> |
getKeyWithResponse(String name,
String version)
Gets the public part of the specified key and key version.
|
String |
getVaultUrl()
Get the vault endpoint url to which service requests are sent to.
|
Mono<KeyVaultKey> |
importKey(ImportKeyOptions importKeyOptions)
Imports an externally created key and stores it in key vault.
|
Mono<KeyVaultKey> |
importKey(String name,
JsonWebKey keyMaterial)
Imports an externally created key and stores it in key vault.
|
Mono<com.azure.core.http.rest.Response<KeyVaultKey>> |
importKeyWithResponse(ImportKeyOptions importKeyOptions)
Imports an externally created key and stores it in key vault.
|
com.azure.core.http.rest.PagedFlux<DeletedKey> |
listDeletedKeys()
Lists
deleted keys of the key vault. |
com.azure.core.http.rest.PagedFlux<KeyProperties> |
listPropertiesOfKeys()
List keys in the key vault.
|
com.azure.core.http.rest.PagedFlux<KeyProperties> |
listPropertiesOfKeyVersions(String name)
List all versions of the specified key.
|
Mono<Void> |
purgeDeletedKey(String name)
Permanently deletes the specified key without the possibility of recovery.
|
Mono<com.azure.core.http.rest.Response<Void>> |
purgeDeletedKeyWithResponse(String name)
Permanently deletes the specified key without the possibility of recovery.
|
Mono<KeyVaultKey> |
restoreKeyBackup(byte[] backup)
Restores a backed up key to a vault.
|
Mono<com.azure.core.http.rest.Response<KeyVaultKey>> |
restoreKeyBackupWithResponse(byte[] backup)
Restores a backed up key to a vault.
|
Mono<KeyVaultKey> |
updateKeyProperties(KeyProperties keyProperties,
KeyOperation... keyOperations)
Updates the attributes and key operations associated with the specified key, but not the cryptographic key
material of the specified key in the key vault.
|
Mono<com.azure.core.http.rest.Response<KeyVaultKey>> |
updateKeyPropertiesWithResponse(KeyProperties keyProperties,
KeyOperation... keyOperations)
Updates the attributes and key operations associated with the specified key, but not the cryptographic key
material of the specified key in the key vault.
|
public String getVaultUrl()
public Mono<KeyVaultKey> createKey(String name, KeyType keyType)
keys/create
permission.
The keyType
indicates the type of key to create. Possible values include: EC
, EC-HSM
, RSA
, RSA-HSM
and
OCT
.
Code Samples
Creates a new EC key. Subscribes to the call asynchronously and prints out the newly created key details when a response has been received.
keyAsyncClient.createKey("keyName", KeyType.EC) .subscriberContext(Context.of(key1, value1, key2, value2)) .subscribe(keyResponse -> System.out.printf("Key is created with name %s and id %s %n", keyResponse.getName(), keyResponse.getId()));
name
- The name of the key being created.keyType
- The type of key to create. For valid values, see KeyType
.Mono
containing the created key
.com.azure.core.exception.ResourceModifiedException
- if name
or keyType
is null.com.azure.core.exception.HttpResponseException
- if name
is empty string.public Mono<com.azure.core.http.rest.Response<KeyVaultKey>> createKeyWithResponse(CreateKeyOptions createKeyOptions)
keys/create
permission.
The keyType
indicates the type of key to create. Possible values include: EC
, EC-HSM
, RSA
, RSA-HSM
and
OCT
.
Code Samples
Creates a new EC key. Subscribes to the call asynchronously and prints out the newly created key details when a response has been received.
CreateKeyOptions createKeyOptions = new CreateKeyOptions("keyName", KeyType.RSA) .setNotBefore(OffsetDateTime.now().plusDays(1)) .setExpiresOn(OffsetDateTime.now().plusYears(1)); keyAsyncClient.createKeyWithResponse(createKeyOptions) .subscriberContext(Context.of(key1, value1, key2, value2)) .subscribe(keyResponse -> System.out.printf("Key is created with name %s and id %s %n", keyResponse.getValue().getName(), keyResponse.getValue().getId()));
createKeyOptions
- The key configuration object containing information about the key being created.Mono
containing a Response
whose value
contains the created key
.com.azure.core.exception.ResourceModifiedException
- if name
or keyType
is null.com.azure.core.exception.HttpResponseException
- if name
is empty string.public Mono<KeyVaultKey> createKey(CreateKeyOptions createKeyOptions)
keys/create
permission.
The CreateKeyOptions
is required. The expires
and notBefore
values are optional. The enabled
field is set to true by Azure Key Vault, if not specified.
The keyType
indicates the type of key to create. Possible values include:
EC
, EC-HSM
, RSA
, RSA-HSM
and OCT
.
Code Samples
Creates a new Rsa key which activates in one day and expires in one year. Subscribes to the call asynchronously and prints out the newly created key details when a response has been received.
CreateKeyOptions createKeyOptions = new CreateKeyOptions("keyName", KeyType.RSA) .setNotBefore(OffsetDateTime.now().plusDays(1)) .setExpiresOn(OffsetDateTime.now().plusYears(1)); keyAsyncClient.createKey(createKeyOptions) .subscriberContext(Context.of(key1, value1, key2, value2)) .subscribe(keyResponse -> System.out.printf("Key is created with name %s and id %s %n", keyResponse.getName(), keyResponse.getId()));
createKeyOptions
- The key configuration object containing information about the key being created.Mono
containing the created key
.NullPointerException
- if keyCreateOptions
is null
.com.azure.core.exception.ResourceModifiedException
- if keyCreateOptions
is malformed.public Mono<KeyVaultKey> createRsaKey(CreateRsaKeyOptions createRsaKeyOptions)
keys/create
permission.
The CreateRsaKeyOptions
is required. The keySize
can be
optionally specified. The expires
and
notBefore
values are optional. The
enabled
field is set to true by Azure Key Vault, if not specified.
The keyType
indicates the type of key to create. Possible values
include: RSA
and RSA-HSM
.
Code Samples
Creates a new RSA key with size 2048 which activates in one day and expires in one year. Subscribes to the call asynchronously and prints out the newly created key details when a response has been received.
CreateRsaKeyOptions createRsaKeyOptions = new CreateRsaKeyOptions("keyName") .setKeySize(2048) .setNotBefore(OffsetDateTime.now().plusDays(1)) .setExpiresOn(OffsetDateTime.now().plusYears(1)); keyAsyncClient.createRsaKey(createRsaKeyOptions) .subscriberContext(Context.of(key1, value1, key2, value2)) .subscribe(keyResponse -> System.out.printf("Key is created with name %s and id %s %n", keyResponse.getName(), keyResponse.getId()));
createRsaKeyOptions
- The key configuration object containing information about the rsa key being
created.Mono
containing the created key
.NullPointerException
- if rsaKeyCreateOptions
is null
.com.azure.core.exception.ResourceModifiedException
- if rsaKeyCreateOptions
is malformed.public Mono<com.azure.core.http.rest.Response<KeyVaultKey>> createRsaKeyWithResponse(CreateRsaKeyOptions createRsaKeyOptions)
keys/create
permission.
The CreateRsaKeyOptions
is required. The keySize
can be
optionally specified. The expires
and
notBefore
values are optional. The enabled
field is set to true by Azure Key Vault, if not specified.
The keyType
indicates the type of key to create. Possible values
include: RSA
and RSA-HSM
.
CreateRsaKeyOptions createRsaKeyOptions = new CreateRsaKeyOptions("keyName") .setKeySize(2048) .setNotBefore(OffsetDateTime.now().plusDays(1)) .setExpiresOn(OffsetDateTime.now().plusYears(1)); keyAsyncClient.createRsaKeyWithResponse(createRsaKeyOptions) .subscriberContext(Context.of(key1, value1, key2, value2)) .subscribe(keyResponse -> System.out.printf("Key is created with name %s and id %s %n", keyResponse.getValue().getName(), keyResponse.getValue().getId()));
createRsaKeyOptions
- The key configuration object containing information about the rsa key being
created.Mono
containing a Response
whose value
contains the created key
.NullPointerException
- if rsaKeyCreateOptions
is null
.com.azure.core.exception.ResourceModifiedException
- if rsaKeyCreateOptions
is malformed.public Mono<KeyVaultKey> createEcKey(CreateEcKeyOptions createEcKeyOptions)
keys/create
permission.
The CreateEcKeyOptions
parameter is required. The key curve
can be
optionally specified. If not specified, default value of P-256
is used by Azure Key
Vault. The expires
and notBefore
values are optional. The enabled
field is set to true by Azure Key Vault,
if not specified.
The keyType
indicates the type of key to create. Possible values include:
EC
and EC-HSM
.
Code Samples
Creates a new EC key with P-384 web key curve. The key activates in one day and expires in one year. Subscribes to the call asynchronously and prints out the newly created ec key details when a response has been received.
CreateEcKeyOptions createEcKeyOptions = new CreateEcKeyOptions("keyName") .setCurveName(KeyCurveName.P_384) .setNotBefore(OffsetDateTime.now().plusDays(1)) .setExpiresOn(OffsetDateTime.now().plusYears(1)); keyAsyncClient.createEcKey(createEcKeyOptions) .subscriberContext(Context.of(key1, value1, key2, value2)) .subscribe(keyResponse -> System.out.printf("Key is created with name %s and id %s %n", keyResponse.getName(), keyResponse.getId()));
createEcKeyOptions
- The key options object containing information about the ec key being created.Mono
containing the created key
.NullPointerException
- if ecKeyCreateOptions
is null
.com.azure.core.exception.ResourceModifiedException
- if ecKeyCreateOptions
is malformed.public Mono<com.azure.core.http.rest.Response<KeyVaultKey>> createEcKeyWithResponse(CreateEcKeyOptions createEcKeyOptions)
keys/create
permission.
The CreateEcKeyOptions
parameter is required. The key curve
can be
optionally specified. If not specified, default value of P-256
is used by Azure Key
Vault. The expires
and notBefore
values are optional. The enabled
field is set to true by Azure Key Vault, if
not specified.
The keyType
indicates the type of key to create. Possible values include:
EC
and EC-HSM
.
Code Samples
Creates a new EC key with P-384 web key curve. The key activates in one day and expires in one year. Subscribes to the call asynchronously and prints out the newly created ec key details when a response has been received.
CreateEcKeyOptions createEcKeyOptions = new CreateEcKeyOptions("keyName") .setCurveName(KeyCurveName.P_384) .setNotBefore(OffsetDateTime.now().plusDays(1)) .setExpiresOn(OffsetDateTime.now().plusYears(1)); keyAsyncClient.createEcKeyWithResponse(createEcKeyOptions) .subscriberContext(Context.of(key1, value1, key2, value2)) .subscribe(keyResponse -> System.out.printf("Key is created with name %s and id %s %n", keyResponse.getValue().getName(), keyResponse.getValue().getId()));
createEcKeyOptions
- The key options object containing information about the ec key being created.Mono
containing a Response
whose value
contains the created key
.NullPointerException
- if ecKeyCreateOptions
is null
.com.azure.core.exception.ResourceModifiedException
- if ecKeyCreateOptions
is malformed.public Mono<KeyVaultKey> importKey(String name, JsonWebKey keyMaterial)
keys/import
permission.
Code Samples
Imports a new key into key vault. Subscribes to the call asynchronously and prints out the newly imported key details when a response has been received.
keyAsyncClient.importKey("keyName", jsonWebKeyToImport).subscribe(keyResponse -> System.out.printf("Key is imported with name %s and id %s \n", keyResponse.getName(), keyResponse.getId()));
name
- The name for the imported key.keyMaterial
- The Json web key being imported.Mono
containing a Response
whose value
contains the imported key
.com.azure.core.exception.HttpResponseException
- if name
is empty string.public Mono<KeyVaultKey> importKey(ImportKeyOptions importKeyOptions)
keys/import
permission.
The keyImportOptions
is required and its fields name
and key material
cannot be null. The expires
and
notBefore
values in keyImportOptions
are optional. If not specified,
no values are set for the fields. The enabled
field is set to true and the
hsm
field is set to false by Azure Key Vault, if they are not specified.
Code Samples
Imports a new key into key vault. Subscribes to the call asynchronously and prints out the newly imported key details when a response has been received.
ImportKeyOptions options = new ImportKeyOptions("keyName", jsonWebKeyToImport) .setHardwareProtected(false); keyAsyncClient.importKey(options).subscribe(keyResponse -> System.out.printf("Key is imported with name %s and id %s \n", keyResponse.getName(), keyResponse.getId()));
importKeyOptions
- The key import configuration object containing information about the json web key
being imported.Mono
containing the imported key
.NullPointerException
- if keyImportOptions
is null
.public Mono<com.azure.core.http.rest.Response<KeyVaultKey>> importKeyWithResponse(ImportKeyOptions importKeyOptions)
keys/import
permission.
The keyImportOptions
is required and its fields name
and key material
cannot be null. The expires
and
notBefore
values in keyImportOptions
are optional. If not specified,
no values are set for the fields. The enabled
field is set to true and the hsm
field is set to false by Azure Key Vault, if they
are not specified.
Code Samples
Imports a new key into key vault. Subscribes to the call asynchronously and prints out the newly imported key details when a response has been received.
ImportKeyOptions importKeyOptions = new ImportKeyOptions("keyName", jsonWebKeyToImport) .setHardwareProtected(false); keyAsyncClient.importKeyWithResponse(importKeyOptions).subscribe(keyResponse -> System.out.printf("Key is imported with name %s and id %s \n", keyResponse.getValue().getName(), keyResponse.getValue().getId()));
importKeyOptions
- The key import configuration object containing information about the json web key
being imported.Mono
containing a Response
whose value
contains the imported key
.NullPointerException
- if keyImportOptions
is null
.public Mono<KeyVaultKey> getKey(String name, String version)
keys/get
permission.
Code Samples
Gets a specific version of the key in the key vault. Subscribes to the call asynchronously and prints out the returned key details when a response has been received.
String keyVersion = "6A385B124DEF4096AF1361A85B16C204"; keyAsyncClient.getKey("keyName", keyVersion) .subscriberContext(Context.of(key1, value1, key2, value2)) .subscribe(keyResponse -> System.out.printf("Key is created with name %s and id %s %n", keyResponse.getName(), keyResponse.getId()));
name
- The name of the key, cannot be nullversion
- The version of the key to retrieve. If this is an empty String or null, this call is
equivalent to calling KeyAsyncClient.getKey(String)
, with the latest version being retrieved.Mono
containing the requested key
.
The content of the key is null if both name
and version
are null or empty.com.azure.core.exception.ResourceNotFoundException
- when a key with name
doesn't exist in the key vault or
an empty/null name
and a non null/empty version
is provided.com.azure.core.exception.HttpResponseException
- if a valid name
and a non null/empty version
is specified.public Mono<com.azure.core.http.rest.Response<KeyVaultKey>> getKeyWithResponse(String name, String version)
keys/get
permission.
Code Samples
Gets a specific version of the key in the key vault. Subscribes to the call asynchronously and prints out the returned key details when a response has been received.
String keyVersion = "6A385B124DEF4096AF1361A85B16C204"; keyAsyncClient.getKeyWithResponse("keyName", keyVersion) .subscriberContext(Context.of(key1, value1, key2, value2)) .subscribe(keyResponse -> System.out.printf("Key is created with name %s and id %s %n", keyResponse.getValue().getName(), keyResponse.getValue().getId()));
name
- The name of the key, cannot be nullversion
- The version of the key to retrieve. If this is an empty String or null, this call is
equivalent to calling KeyAsyncClient.getKey(String)
, with the latest version being retrieved.Mono
containing a Response
whose value
contains the requested
key
. The content of the key is null if both name
and version
are null or empty.com.azure.core.exception.ResourceNotFoundException
- when a key with name
doesn't exist in the key vault or
an empty/null name
and a non null/empty version
is provided.com.azure.core.exception.HttpResponseException
- if a valid name
and a non null/empty version
is specified.public Mono<KeyVaultKey> getKey(String name)
keys/get
permission.
Code Samples
Gets latest version of the key in the key vault. Subscribes to the call asynchronously and prints out the returned key details when a response has been received.
keyAsyncClient.getKey("keyName") .subscriberContext(Context.of(key1, value1, key2, value2)) .subscribe(keyResponse -> System.out.printf("Key is created with name %s and id %s %n", keyResponse.getName(), keyResponse.getId()));
name
- The name of the key.Mono
containing the requested key
. The content of the key is null
if name
is null or empty.com.azure.core.exception.ResourceNotFoundException
- when a key with non null/empty name
doesn't exist in the key vault.com.azure.core.exception.HttpResponseException
- if a non null/empty and an invalid name
is specified.public Mono<com.azure.core.http.rest.Response<KeyVaultKey>> updateKeyPropertiesWithResponse(KeyProperties keyProperties, KeyOperation... keyOperations)
keys/set
permission.
Code Samples
Gets latest version of the key, changes its notBefore time and then updates it in the Azure Key Vault. Subscribes to the call asynchronously and prints out the returned key details when a response has been received.
keyAsyncClient.getKey("keyName") .subscribe(keyResponse -> { //Update the not before time of the key. keyResponse.getProperties().setNotBefore(OffsetDateTime.now().plusDays(50)); keyAsyncClient.updateKeyPropertiesWithResponse(keyResponse.getProperties(), KeyOperation.ENCRYPT, KeyOperation.DECRYPT) .subscriberContext(Context.of(key1, value1, key2, value2)) .subscribe(updatedKeyResponse -> System.out.printf("Key's updated not before time %s %n", updatedKeyResponse.getValue().getProperties().getNotBefore().toString())); });
keyProperties
- The key properties
object with updated properties.keyOperations
- The updated key operations to associate with the key.Mono
containing a Response
whose value
contains the updated key
.NullPointerException
- if key
is null
.com.azure.core.exception.ResourceNotFoundException
- when a key with name
and version
doesn't exist in the key vault.com.azure.core.exception.HttpResponseException
- if name
or version
is empty
string.public Mono<KeyVaultKey> updateKeyProperties(KeyProperties keyProperties, KeyOperation... keyOperations)
keys/set
permission.
Code Samples
Gets latest version of the key, changes its notBefore time and then updates it in the Azure Key Vault. Subscribes to the call asynchronously and prints out the returned key details when a response has been received.
keyAsyncClient.getKey("keyName") .subscribe(keyResponse -> { //Update the not before time of the key. keyResponse.getProperties().setNotBefore(OffsetDateTime.now().plusDays(50)); keyAsyncClient.updateKeyProperties(keyResponse.getProperties(), KeyOperation.ENCRYPT, KeyOperation.DECRYPT) .subscriberContext(Context.of(key1, value1, key2, value2)) .subscribe(updatedKeyResponse -> System.out.printf("Key's updated not before time %s %n", updatedKeyResponse.getProperties().getNotBefore().toString())); });
keyProperties
- The key properties
object with updated properties.keyOperations
- The updated key operations to associate with the key.Mono
containing the updated key
.NullPointerException
- if key
is null
.com.azure.core.exception.ResourceNotFoundException
- when a key with name
and version
doesn't exist in the key vault.com.azure.core.exception.HttpResponseException
- if name
or version
is empty
string.public com.azure.core.util.polling.PollerFlux<DeletedKey,Void> beginDeleteKey(String name)
keys/delete
permission.
Code Samples
Deletes the key in the Azure Key Vault. Subscribes to the call asynchronously and prints out the deleted key details when a response has been received.
keyAsyncClient.beginDeleteKey("keyName") .subscribe(pollResponse -> { System.out.println("Delete Status: " + pollResponse.getStatus().toString()); System.out.println("Delete Key Name: " + pollResponse.getValue().getName()); System.out.println("Key Delete Date: " + pollResponse.getValue().getDeletedOn().toString()); });
name
- The name of the key to be deleted.PollerFlux
to poll on the deleted key
status.com.azure.core.exception.ResourceNotFoundException
- when a key with name
doesn't exist in the key vault.com.azure.core.exception.HttpResponseException
- when a key with name
is empty string.public Mono<DeletedKey> getDeletedKey(String name)
keys/get
permission.
Code Samples
Gets the deleted key from the key vault enabled for soft-delete. Subscribes to the call asynchronously and prints out the deleted key details when a response has been received.
//Assuming key is deleted on a soft-delete enabled vault.keyAsyncClient.getDeletedKey("keyName") .subscriberContext(Context.of(key1, value1, key2, value2)) .subscribe(keyResponse -> System.out.printf("Deleted Key's Recovery Id %s", keyResponse.getRecoveryId()));
name
- The name of the deleted key.Mono
containing the deleted key
.com.azure.core.exception.ResourceNotFoundException
- when a key with name
doesn't exist in the key vault.com.azure.core.exception.HttpResponseException
- when a key with name
is empty string.public Mono<com.azure.core.http.rest.Response<DeletedKey>> getDeletedKeyWithResponse(String name)
keys/get
permission.
Code Samples
Gets the deleted key from the key vault enabled for soft-delete. Subscribes to the call asynchronously and prints out the deleted key details when a response has been received.
//Assuming key is deleted on a soft-delete enabled vault.keyAsyncClient.getDeletedKeyWithResponse("keyName") .subscriberContext(Context.of(key1, value1, key2, value2)) .subscribe(deletedKeyResponse -> System.out.printf("Deleted Key's Recovery Id %s", deletedKeyResponse.getValue().getRecoveryId()));
name
- The name of the deleted key.Mono
containing a Response
whose value
contains the deleted key
.com.azure.core.exception.ResourceNotFoundException
- when a key with name
doesn't exist in the key vault.com.azure.core.exception.HttpResponseException
- when a key with name
is empty string.public Mono<Void> purgeDeletedKey(String name)
keys/purge
permission.
Code Samples
Purges the deleted key from the key vault enabled for soft-delete. Subscribes to the call asynchronously and prints out the status code from the server response when a response has been received.
//Assuming key is deleted on a soft-delete enabled vault.keyAsyncClient.purgeDeletedKey("deletedKeyName") .subscribe(purgeResponse -> System.out.println("Successfully Purged deleted Key"));
name
- The name of the deleted key.Mono
.com.azure.core.exception.ResourceNotFoundException
- when a key with name
doesn't exist in the key vault.com.azure.core.exception.HttpResponseException
- when a key with name
is empty string.public Mono<com.azure.core.http.rest.Response<Void>> purgeDeletedKeyWithResponse(String name)
keys/purge
permission.
Code Samples
Purges the deleted key from the key vault enabled for soft-delete. Subscribes to the call asynchronously and prints out the status code from the server response when a response has been received.
//Assuming key is deleted on a soft-delete enabled vault.keyAsyncClient.purgeDeletedKeyWithResponse("deletedKeyName") .subscriberContext(Context.of(key1, value1, key2, value2)) .subscribe(purgeResponse -> System.out.printf("Purge Status response %d %n", purgeResponse.getStatusCode()));
name
- The name of the deleted key.Mono
containing a Response containing status code and HTTP headers.com.azure.core.exception.ResourceNotFoundException
- when a key with name
doesn't exist in the key vault.com.azure.core.exception.HttpResponseException
- when a key with name
is empty string.public com.azure.core.util.polling.PollerFlux<KeyVaultKey,Void> beginRecoverDeletedKey(String name)
keys/recover
permission.
Code Samples
Recovers the deleted key from the key vault enabled for soft-delete. Subscribes to the call asynchronously and prints out the recovered key details when a response has been received.
//Assuming key is deleted on a soft-delete enabled vault.keyAsyncClient.beginRecoverDeletedKey("deletedKeyName") .subscribe(pollResponse -> { System.out.println("Recovery Status: " + pollResponse.getStatus().toString()); System.out.println("Recover Key Name: " + pollResponse.getValue().getName()); System.out.println("Recover Key Type: " + pollResponse.getValue().getKeyType()); });
name
- The name of the deleted key to be recovered.PollerFlux
to poll on the recovered key
status.com.azure.core.exception.ResourceNotFoundException
- when a key with name
doesn't exist in the key vault.com.azure.core.exception.HttpResponseException
- when a key with name
is empty string.public Mono<byte[]> backupKey(String name)
key/backup
permission.
Code Samples
Backs up the key from the key vault. Subscribes to the call asynchronously and prints out the length of the key's backup byte array returned in the response.
keyAsyncClient.backupKey("keyName") .subscriberContext(Context.of(key1, value1, key2, value2)) .subscribe(keyBackupResponse -> System.out.printf("Key's Backup Byte array's length %s %n", keyBackupResponse.length));
name
- The name of the key.Mono
containing the backed up key blob.com.azure.core.exception.ResourceNotFoundException
- when a key with name
doesn't exist in the key vault.com.azure.core.exception.HttpResponseException
- when a key with name
is empty string.public Mono<com.azure.core.http.rest.Response<byte[]>> backupKeyWithResponse(String name)
key/backup
permission.
Code Samples
Backs up the key from the key vault. Subscribes to the call asynchronously and prints out the length of the key's backup byte array returned in the response.
keyAsyncClient.backupKeyWithResponse("keyName") .subscriberContext(Context.of(key1, value1, key2, value2)) .subscribe(keyBackupResponse -> System.out.printf("Key's Backup Byte array's length %s %n", keyBackupResponse.getValue().length));
name
- The name of the key.Mono
containing a Response
whose value
contains the backed up
key blob.com.azure.core.exception.ResourceNotFoundException
- when a key with name
doesn't exist in the key vault.com.azure.core.exception.HttpResponseException
- when a key with name
is empty string.public Mono<KeyVaultKey> restoreKeyBackup(byte[] backup)
keys/restore
permission.
Code Samples
Restores the key in the key vault from its backup. Subscribes to the call asynchronously and prints out the restored key details when a response has been received.
//Pass the Key Backup Byte array to the restore operation.byte[] keyBackupByteArray = {}; keyAsyncClient.restoreKeyBackup(keyBackupByteArray) .subscriberContext(Context.of(key1, value1, key2, value2)) .subscribe(keyResponse -> System.out.printf("Restored Key with name %s and id %s %n", keyResponse.getName(), keyResponse.getId()));
backup
- The backup blob associated with the key.Mono
containing the restored key
.com.azure.core.exception.ResourceModifiedException
- when backup
blob is malformed.public Mono<com.azure.core.http.rest.Response<KeyVaultKey>> restoreKeyBackupWithResponse(byte[] backup)
keys/restore
permission.
Code Samples
Restores the key in the key vault from its backup. Subscribes to the call asynchronously and prints out the restored key details when a response has been received.
//Pass the Key Backup Byte array to the restore operation.byte[] keyBackupByteArray = {}; keyAsyncClient.restoreKeyBackupWithResponse(keyBackupByteArray) .subscriberContext(Context.of(key1, value1, key2, value2)) .subscribe(keyResponse -> System.out.printf("Restored Key with name %s and id %s %n", keyResponse.getValue().getName(), keyResponse.getValue().getId()));
backup
- The backup blob associated with the key.Mono
containing a Response
whose value
contains the restored key
.com.azure.core.exception.ResourceModifiedException
- when backup
blob is malformed.public com.azure.core.http.rest.PagedFlux<KeyProperties> listPropertiesOfKeys()
KeyProperties
as only the key identifier, attributes and tags are
provided in the response. The key material and individual key versions are not listed in the response. This
operation requires the keys/list
permission.
It is possible to get full keys with key material from this information. Convert the Flux
containing
key properties
to Flux
containing key
using
KeyAsyncClient.getKey(String, String)
within Flux.flatMap(Function)
.
keyAsyncClient.listPropertiesOfKeys() .subscriberContext(Context.of(key1, value1, key2, value2)) .subscribe(keyProperties -> keyAsyncClient.getKey(keyProperties.getName(), keyProperties.getVersion()) .subscribe(keyResponse -> System.out.printf("Received key with name %s and type %s", keyResponse.getName(), keyResponse.getKeyType())));
PagedFlux
containing key
of all the keys in the vault.public com.azure.core.http.rest.PagedFlux<DeletedKey> listDeletedKeys()
deleted keys
of the key vault. The deleted keys are retrieved as JSON Web Key structures
that contain the public part of a deleted key. The Get Deleted Keys operation is applicable for vaults enabled
for soft-delete. This operation requires the keys/list
permission.
Code Samples
Lists the deleted keys in the key vault. Subscribes to the call asynchronously and prints out the recovery id of each deleted key when a response has been received.
keyAsyncClient.listDeletedKeys() .subscriberContext(Context.of(key1, value1, key2, value2)) .subscribe(deletedKey -> System.out.printf("Deleted key's recovery Id %s", deletedKey.getRecoveryId()));
PagedFlux
containing all of the deleted keys
in the vault.public com.azure.core.http.rest.PagedFlux<KeyProperties> listPropertiesOfKeyVersions(String name)
KeyProperties
as only the key identifier, attributes and tags are provided in the response. The key material values are
not provided in the response. This operation requires the keys/list
permission.
It is possible to get the keys with key material of all the versions from this information. Convert the Flux
containing key properties
to Flux
containing key
using
KeyAsyncClient.getKey(String, String)
within Flux.flatMap(Function)
.
keyAsyncClient.listPropertiesOfKeyVersions("keyName") .subscriberContext(Context.of(key1, value1, key2, value2)) .subscribe(keyProperties -> keyAsyncClient.getKey(keyProperties.getName(), keyProperties.getVersion()) .subscribe(keyResponse -> System.out.printf("Received key's version with name %s, type %s and version %s", keyResponse.getName(), keyResponse.getKeyType(), keyResponse.getProperties().getVersion())));
name
- The name of the key.PagedFlux
containing key
of all the versions of the specified key in the vault.
Flux is empty if key with name
does not exist in key vault.com.azure.core.exception.ResourceNotFoundException
- when a given key name
is null or an empty string.Copyright © 2020 Microsoft Corporation. All rights reserved.