Options
All
  • Public
  • Public/Protected
  • All
Menu

Class KeyVaultBackupClient

Package version

The KeyVaultBackupClient provides methods to generate backups and restore backups of any given Azure Key Vault instance. This client supports generating full backups, selective restores of specific keys and full restores of Key Vault instances.

Hierarchy

  • KeyVaultBackupClient

Index

Constructors

Properties

Methods

Constructors

constructor

  • Creates an instance of the KeyVaultBackupClient.

    Example usage:

    import { KeyVaultBackupClient } from "@azure/keyvault-admin";
import { DefaultAzureCredential } from "@azure/identity";

let vaultUrl = `https://<MY KEY VAULT HERE>.vault.azure.net`;
let credentials = new DefaultAzureCredential();

let client = new KeyVaultBackupClient(vaultUrl, credentials);

    Parameters

    • vaultUrl: string

      the URL of the Key Vault. It should have this shape: https://${your-key-vault-name}.vault.azure.net

    • credential: TokenCredential

      An object that implements the TokenCredential interface used to authenticate requests to the service. Use the @azure/identity package to create a credential that suits your needs.

    • Default value pipelineOptions: BackupClientOptions = {}

      Pipeline options used to configure Key Vault API requests. Omit this parameter to use the default pipeline configuration.

    Returns KeyVaultBackupClient

Properties

vaultUrl

vaultUrl: string

The base URL to the vault

Methods

beginBackup

  • Starts generating a backup of an Azure Key Vault on the specified Storage Blob account.

    This function returns a Long Running Operation poller that allows you to wait indefinitely until the Key Vault backup is generated.

    Example usage:

    const client = new KeyVaultBackupClient(url, credentials);

const blobStorageUri = "<blob-storage-uri>"; // <Blob storage URL>/<folder name>
const sasToken = "<sas-token>";
const poller = await client.beginBackup(blobStorageUri, sasToken);

// Serializing the poller
//
//   const serialized = poller.toString();
//
// A new poller can be created with:
//
//   await client.beginBackup(blobStorageUri, sasToken, { resumeFrom: serialized });
//

// Waiting until it's done
const backupUri = await poller.pollUntilDone();
console.log(backupUri);

    Starts a full backup operation.

    Parameters

    • blobStorageUri: string

      The URL of the blob storage resource, including the path to the container where the backup will end up being stored.

    • sasToken: string

      The SAS token.

    • Default value options: BeginBackupOptions = {}

      The optional parameters.

    Returns Promise<PollerLike<BackupOperationState, BackupResult>>

beginRestore

  • Starts restoring all key materials using the SAS token pointing to a previously stored Azure Blob storage backup folder.

    This function returns a Long Running Operation poller that allows you to wait indefinitely until the Key Vault restore operation is complete.

    Example usage:

    const client = new KeyVaultBackupClient(url, credentials);

const blobStorageUri = "<blob-storage-uri>"; // <Blob storage URL>/<folder name>
const sasToken = "<sas-token>";
const folderName = "<folder-name>";
const poller = await client.beginRestore(blobStorageUri, sasToken, folderName);

// The poller can be serialized with:
//
//   const serialized = poller.toString();
//
// A new poller can be created with:
//
//   await client.beginRestore(blobStorageUri, sasToken, folderName, { resumeFrom: serialized });
//

// Waiting until it's done
const backupUri = await poller.pollUntilDone();
console.log(backupUri);

    Starts a full restore operation.

    Parameters

    • blobStorageUri: string

      The URL of the blob storage resource where the previous successful full backup was stored.

    • sasToken: string

      The SAS token.

    • folderName: string

      The folder name of the blob where the previous successful full backup was stored. The URL segment after the container name.

    • Default value options: BeginRestoreOptions = {}

      The optional parameters.

    Returns Promise<PollerLike<RestoreOperationState, RestoreResult>>

beginSelectiveRestore

  • Starts restoring all key versions of a given key using user supplied SAS token pointing to a previously stored Azure Blob storage backup folder.

    This function returns a Long Running Operation poller that allows you to wait indefinitely until the Key Vault selective restore is complete.

    Example usage:

    const client = new KeyVaultBackupClient(url, credentials);

const blobStorageUri = "<blob-storage-uri>";
const sasToken = "<sas-token>";
const folderName = "<folder-name>";
const keyName = "<key-name>";
const poller = await client.beginSelectiveRestore(blobStorageUri, sasToken, folderName, keyName);

// Serializing the poller
//
//   const serialized = poller.toString();
//
// A new poller can be created with:
//
//   await client.beginSelectiveRestore(blobStorageUri, sasToken, folderName, keyName, { resumeFrom: serialized });
//

// Waiting until it's done
await poller.pollUntilDone();

    Creates a new role assignment.

    Parameters

    • blobStorageUri: string

      The URL of the blob storage resource, with the folder name of the blob where the previous successful full backup was stored.

    • sasToken: string

      The SAS token.

    • folderName: string

      The Folder name of the blob where the previous successful full backup was stored. The URL segment after the container name.

    • keyName: string

      The name of the key that wants to be restored.

    • Default value options: BeginBackupOptions = {}

      The optional parameters.

    Returns Promise<PollerLike<SelectiveRestoreOperationState, RestoreResult>>

Generated using TypeDoc