< Back
New-AzureRmKeyVault
Post
NAME New-AzureRmKeyVault
SYNOPSIS
Creates a key vault.
SYNTAX
New-AzureRmKeyVault [-Name] <String> [-ResourceGroupName] <String> [-Location] <String> [-DefaultProfile <IAzureContextContainer>]
[-EnabledForDeployment] [-EnabledForDiskEncryption] [-EnabledForTemplateDeployment] [-EnableSoftDelete] [-Sku {Standard | Premium}] [-Tag
<Hashtable>] [-Confirm] [-WhatIf] [<CommonParameters>]
DESCRIPTION
The New-AzureRmKeyVault cmdlet creates a key vault in the specified resource group. This cmdlet also grants permissions to the currently logged on
user to add, remove, or list keys and secrets in the key vault.
Note: If you see the error **The subscription is not registered to use namespace 'Microsoft.KeyVault'** when you try to create your new key vault,
run Register-AzureRmResourceProvider -ProviderNamespace "Microsoft.KeyVault" and then rerun your New-AzureRmKeyVault command. For more
information, see Register-AzureRmResourceProvider.
PARAMETERS
-DefaultProfile <IAzureContextContainer>
The credentials, account, tenant, and subscription used for communication with azure
Required? false
Position? named
Default value None
Accept pipeline input? False
Accept wildcard characters? false
-EnabledForDeployment [<SwitchParameter>]
Enables the Microsoft.Compute resource provider to retrieve secrets from this key vault when this key vault is referenced in resource
creation, for example when creating a virtual machine.
Required? false
Position? named
Default value False
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-EnabledForDiskEncryption [<SwitchParameter>]
Enables the Azure disk encryption service to get secrets and unwrap keys from this key vault.
Required? false
Position? named
Default value False
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-EnabledForTemplateDeployment [<SwitchParameter>]
Enables Azure Resource Manager to get secrets from this key vault when this key vault is referenced in a template deployment.
Required? false
Position? named
Default value False
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-EnableSoftDelete [<SwitchParameter>]
Specifies that the soft-delete functionality is enabled for this key vault. When soft-delete is enabled, for a grace period, you can recover
this key vault and its contents after it is deleted.
For more information about this functionality, see Azure Key Vault soft-delete overview
(https://docs.microsoft.com/azure/key-va ... oft-delete). For how-to instructions, see [How to use Key Vault soft-delete with
PowerShell](https://docs.microsoft.com/azure/key-va ... powershell).
Required? false
Position? named
Default value False
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-Location <String>
Specifies the Azure region in which to create the key vault. Use the command Get-AzureLocation
(https://docs.microsoft.com/powershell/m ... reLocation)to see your choices.
Required? true
Position? 2
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-Name <String>
Specifies a name of the key vault to create. The name can be any combination of letters, digits, or hyphens. The name must start and end with
a letter or digit. The name must be universally unique.
Required? true
Position? 0
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-ResourceGroupName <String>
Specifies the name of an existing resource group in which to create the key vault.
Required? true
Position? 1
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-Sku <SkuName>
Specifies the SKU of the key vault instance. For information about which features are available for each SKU, see the Azure Key Vault Pricing
website (https://go.microsoft.com/fwlink/?linkid=512521).
Required? false
Position? named
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-Tag <Hashtable>
Key-value pairs in the form of a hash table. For example:
@{key0="value0";key1=$null;key2="value2"}
Required? false
Position? named
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-Confirm [<SwitchParameter>]
Prompts you for confirmation before running the cmdlet.
Required? false
Position? named
Default value False
Accept pipeline input? False
Accept wildcard characters? false
-WhatIf [<SwitchParameter>]
Shows what would happen if the cmdlet runs. The cmdlet is not run.
Required? false
Position? named
Default value False
Accept pipeline input? False
Accept wildcard characters? false
<CommonParameters>
This cmdlet supports the common parameters: Verbose, Debug,
ErrorAction, ErrorVariable, WarningAction, WarningVariable,
OutBuffer, PipelineVariable, and OutVariable. For more information, see
about_CommonParameters (http://go.microsoft.com/fwlink/?LinkID=113216).
INPUTS
None
This cmdlet does not accept any input.
OUTPUTS
Microsoft.Azure.Commands.KeyVault.Models.PSKeyVault
NOTES
Example 1: Create a Standard key vault
PS C:\\>New-AzureRmKeyVault -VaultName 'Contoso03Vault' -ResourceGroupName 'Group14' -Location 'East US'
This command creates a key vault named Contoso03Vault, in the Azure region East US. The command adds the key vault to the resource group named
Group14. Because the command does not specify a value for the SKU parameter, it creates a Standard key vault.
Example 2: Create a Premium key vault
PS C:\\>New-AzureRmKeyVault -VaultName 'Contoso03Vault' -ResourceGroupName 'Group14' -Location 'East US' -Sku 'Premium'
This command creates a key vault, just like the previous example. However, it specifies a value of Premium for the SKU parameter to create a
Premium key vault.
RELATED LINKS
Online Version: https://docs.microsoft.com/en-us/powers ... rmkeyvault
Get-AzureRmKeyVault
Remove-AzureRmKeyVault
SYNOPSIS
Creates a key vault.
SYNTAX
New-AzureRmKeyVault [-Name] <String> [-ResourceGroupName] <String> [-Location] <String> [-DefaultProfile <IAzureContextContainer>]
[-EnabledForDeployment] [-EnabledForDiskEncryption] [-EnabledForTemplateDeployment] [-EnableSoftDelete] [-Sku {Standard | Premium}] [-Tag
<Hashtable>] [-Confirm] [-WhatIf] [<CommonParameters>]
DESCRIPTION
The New-AzureRmKeyVault cmdlet creates a key vault in the specified resource group. This cmdlet also grants permissions to the currently logged on
user to add, remove, or list keys and secrets in the key vault.
Note: If you see the error **The subscription is not registered to use namespace 'Microsoft.KeyVault'** when you try to create your new key vault,
run Register-AzureRmResourceProvider -ProviderNamespace "Microsoft.KeyVault" and then rerun your New-AzureRmKeyVault command. For more
information, see Register-AzureRmResourceProvider.
PARAMETERS
-DefaultProfile <IAzureContextContainer>
The credentials, account, tenant, and subscription used for communication with azure
Required? false
Position? named
Default value None
Accept pipeline input? False
Accept wildcard characters? false
-EnabledForDeployment [<SwitchParameter>]
Enables the Microsoft.Compute resource provider to retrieve secrets from this key vault when this key vault is referenced in resource
creation, for example when creating a virtual machine.
Required? false
Position? named
Default value False
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-EnabledForDiskEncryption [<SwitchParameter>]
Enables the Azure disk encryption service to get secrets and unwrap keys from this key vault.
Required? false
Position? named
Default value False
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-EnabledForTemplateDeployment [<SwitchParameter>]
Enables Azure Resource Manager to get secrets from this key vault when this key vault is referenced in a template deployment.
Required? false
Position? named
Default value False
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-EnableSoftDelete [<SwitchParameter>]
Specifies that the soft-delete functionality is enabled for this key vault. When soft-delete is enabled, for a grace period, you can recover
this key vault and its contents after it is deleted.
For more information about this functionality, see Azure Key Vault soft-delete overview
(https://docs.microsoft.com/azure/key-va ... oft-delete). For how-to instructions, see [How to use Key Vault soft-delete with
PowerShell](https://docs.microsoft.com/azure/key-va ... powershell).
Required? false
Position? named
Default value False
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-Location <String>
Specifies the Azure region in which to create the key vault. Use the command Get-AzureLocation
(https://docs.microsoft.com/powershell/m ... reLocation)to see your choices.
Required? true
Position? 2
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-Name <String>
Specifies a name of the key vault to create. The name can be any combination of letters, digits, or hyphens. The name must start and end with
a letter or digit. The name must be universally unique.
Required? true
Position? 0
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-ResourceGroupName <String>
Specifies the name of an existing resource group in which to create the key vault.
Required? true
Position? 1
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-Sku <SkuName>
Specifies the SKU of the key vault instance. For information about which features are available for each SKU, see the Azure Key Vault Pricing
website (https://go.microsoft.com/fwlink/?linkid=512521).
Required? false
Position? named
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-Tag <Hashtable>
Key-value pairs in the form of a hash table. For example:
@{key0="value0";key1=$null;key2="value2"}
Required? false
Position? named
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-Confirm [<SwitchParameter>]
Prompts you for confirmation before running the cmdlet.
Required? false
Position? named
Default value False
Accept pipeline input? False
Accept wildcard characters? false
-WhatIf [<SwitchParameter>]
Shows what would happen if the cmdlet runs. The cmdlet is not run.
Required? false
Position? named
Default value False
Accept pipeline input? False
Accept wildcard characters? false
<CommonParameters>
This cmdlet supports the common parameters: Verbose, Debug,
ErrorAction, ErrorVariable, WarningAction, WarningVariable,
OutBuffer, PipelineVariable, and OutVariable. For more information, see
about_CommonParameters (http://go.microsoft.com/fwlink/?LinkID=113216).
INPUTS
None
This cmdlet does not accept any input.
OUTPUTS
Microsoft.Azure.Commands.KeyVault.Models.PSKeyVault
NOTES
Example 1: Create a Standard key vault
PS C:\\>New-AzureRmKeyVault -VaultName 'Contoso03Vault' -ResourceGroupName 'Group14' -Location 'East US'
This command creates a key vault named Contoso03Vault, in the Azure region East US. The command adds the key vault to the resource group named
Group14. Because the command does not specify a value for the SKU parameter, it creates a Standard key vault.
Example 2: Create a Premium key vault
PS C:\\>New-AzureRmKeyVault -VaultName 'Contoso03Vault' -ResourceGroupName 'Group14' -Location 'East US' -Sku 'Premium'
This command creates a key vault, just like the previous example. However, it specifies a value of Premium for the SKU parameter to create a
Premium key vault.
RELATED LINKS
Online Version: https://docs.microsoft.com/en-us/powers ... rmkeyvault
Get-AzureRmKeyVault
Remove-AzureRmKeyVault