Creates an instance of the KeyVaultBackupClient.
Example usage:
import { KeyVaultBackupClient } from "@azure/keyvault-admin";
import { DefaultAzureCredential } from "@azure/identity";
let vaultUrl = `https://<MY KEY VAULT HERE>.vault.azure.net`;
let credentials = new DefaultAzureCredential();
let client = new KeyVaultBackupClient(vaultUrl, credentials);
the URL of the Key Vault. It should have this shape: https://${your-key-vault-name}.vault.azure.net
An object that implements the TokenCredential
interface used to authenticate requests to the service. Use the @azure/identity package to create a credential that suits your needs.
options used to configure Key Vault API requests.
The base URL to the vault
Starts generating a backup of an Azure Key Vault on the specified Storage Blob account.
This function returns a Long Running Operation poller that allows you to wait indefinitely until the Key Vault backup is generated.
Example usage:
const client = new KeyVaultBackupClient(url, credentials);
const blobStorageUri = "<blob-storage-uri>"; // <Blob storage URL>/<folder name>
const sasToken = "<sas-token>";
const poller = await client.beginBackup(blobStorageUri, sasToken);
// Serializing the poller
//
// const serialized = poller.toString();
//
// A new poller can be created with:
//
// await client.beginBackup(blobStorageUri, sasToken, { resumeFrom: serialized });
//
// Waiting until it's done
const backupUri = await poller.pollUntilDone();
console.log(backupUri);
Starts a full backup operation.
The URL of the blob storage resource, including the path to the container where the backup will end up being stored.
The SAS token.
The optional parameters.
Starts restoring all key materials using the SAS token pointing to a previously stored Azure Blob storage backup folder.
This function returns a Long Running Operation poller that allows you to wait indefinitely until the Key Vault restore operation is complete.
Example usage:
const client = new KeyVaultBackupClient(url, credentials);
const blobStorageUri = "<blob-storage-uri>"; // <Blob storage URL>/<folder name>
const sasToken = "<sas-token>";
const poller = await client.beginRestore(blobStorageUri, sasToken);
// The poller can be serialized with:
//
// const serialized = poller.toString();
//
// A new poller can be created with:
//
// await client.beginRestore(blobStorageUri, sasToken, { resumeFrom: serialized });
//
// Waiting until it's done
const backupUri = await poller.pollUntilDone();
console.log(backupUri);
Starts a full restore operation.
The URL of the blob storage resource where the previous successful full backup was stored.
The SAS token.
The optional parameters.
Starts restoring all key versions of a given key using user supplied SAS token pointing to a previously stored Azure Blob storage backup folder.
This function returns a Long Running Operation poller that allows you to wait indefinitely until the Key Vault selective restore is complete.
Example usage:
const client = new KeyVaultBackupClient(url, credentials);
const blobStorageUri = "<blob-storage-uri>";
const sasToken = "<sas-token>";
const keyName = "<key-name>";
const poller = await client.beginSelectiveKeyRestore(keyName, blobStorageUri, sasToken);
// Serializing the poller
//
// const serialized = poller.toString();
//
// A new poller can be created with:
//
// await client.beginSelectiveKeyRestore(keyName, blobStorageUri, sasToken, { resumeFrom: serialized });
//
// Waiting until it's done
await poller.pollUntilDone();
Creates a new role assignment.
The name of the key that wants to be restored.
The URL of the blob storage resource, with the folder name of the blob where the previous successful full backup was stored.
The SAS token.
The optional parameters.
Generated using TypeDoc
The KeyVaultBackupClient provides methods to generate backups and restore backups of any given Azure Key Vault instance. This client supports generating full backups, selective restores of specific keys and full restores of Key Vault instances.