< Back
Remove-AzureKeyVaultKey
Post
NAME Remove-AzureKeyVaultKey
SYNOPSIS
Deletes a key in a key vault.
SYNTAX
Remove-AzureKeyVaultKey [-InputObject] <PSKeyVaultKeyIdentityItem> [-DefaultProfile <IAzureContextContainer>] [-Force] [-InRemovedState]
[-PassThru] [-Confirm] [-WhatIf] [<CommonParameters>]
Remove-AzureKeyVaultKey [-VaultName] <String> [-Name] <String> [-DefaultProfile <IAzureContextContainer>] [-Force] [-InRemovedState] [-PassThru]
[-Confirm] [-WhatIf] [<CommonParameters>]
DESCRIPTION
The Remove-AzureKeyVaultKey cmdlet deletes a key in a key vault. If the key was accidentally deleted the key can be recovered using
Undo-AzureKeyVaultKeyRemoval by a user with special 'recover' permissions. This cmdlet has a value of high for the ConfirmImpact property.
PARAMETERS
-DefaultProfile <IAzureContextContainer>
The credentials, account, tenant, and subscription used for communication with azure
Required? false
Position? named
Default value None
Accept pipeline input? False
Accept wildcard characters? false
-Force [<SwitchParameter>]
Forces the command to run without asking for user confirmation.
Required? false
Position? named
Default value False
Accept pipeline input? False
Accept wildcard characters? false
-InputObject <PSKeyVaultKeyIdentityItem>
KeyBundle Object
Required? true
Position? 0
Default value None
Accept pipeline input? True (ByValue)
Accept wildcard characters? false
-InRemovedState [<SwitchParameter>]
Remove the previously deleted key permanently.
Required? false
Position? named
Default value False
Accept pipeline input? False
Accept wildcard characters? false
-Name <String>
Specifies the name of the key to remove. This cmdlet constructs the fully qualified domain name (FQDN) of a key based on the name that this
parameter specifies, the name of the key vault, and your current environment.
Required? true
Position? 1
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-PassThru [<SwitchParameter>]
Indicates that this cmdlet returns a Microsoft.Azure.Commands.KeyVault.Models.KeyBundle object. By default, this cmdlet does not generate any
output.
Required? false
Position? named
Default value False
Accept pipeline input? False
Accept wildcard characters? false
-VaultName <String>
Specifies the name of the key vault from which to remove the key. This cmdlet constructs the FQDN of a key vault based on the name that this
parameter specifies and your current environment.
Required? true
Position? 0
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-Confirm [<SwitchParameter>]
Prompts you for confirmation before running the cmdlet.
Required? false
Position? named
Default value False
Accept pipeline input? False
Accept wildcard characters? false
-WhatIf [<SwitchParameter>]
Shows what would happen if the cmdlet runs. The cmdlet is not run.Shows what would happen if the cmdlet runs. The cmdlet is not run.
Required? false
Position? named
Default value False
Accept pipeline input? False
Accept wildcard characters? false
<CommonParameters>
This cmdlet supports the common parameters: Verbose, Debug,
ErrorAction, ErrorVariable, WarningAction, WarningVariable,
OutBuffer, PipelineVariable, and OutVariable. For more information, see
about_CommonParameters (http://go.microsoft.com/fwlink/?LinkID=113216).
INPUTS
String
OUTPUTS
Microsoft.Azure.Commands.KeyVault.Models.PSDeletedKeyVaultKey
This cmdlet returns a value only if you specify the PassThru parameter.
NOTES
Example 1: Remove a key from a key vault
PS C:\\>Remove-AzureKeyVaultKey -VaultName 'Contoso' -Name 'ITSoftware'
This command removes the key named ITSoftware from the key vault named Contoso.
Example 2: Remove a key without user confirmation
PS C:\\>Remove-AzureKeyVaultKey -VaultName 'Contoso' -Name 'ITSoftware' -Force -Confirm:$False
This command removes the key named ITSoftware from the key vault named Contoso. The command specifies the Force and Confirm parameters, and,
therefore, the cmdlet does not prompt you for confirmation.
Example 3: Purge a deleted key from the key vault permanently
PS C:\\>Remove-AzureKeyVaultKey -VaultName 'Contoso' -Name 'ITSoftware' -InRemovedState
This command removes the key named ITSoftware from the key vault named Contoso permanently. Executing this cmdlet requires the 'purge' permission,
which must have been previously and explicitly granted to the user for this key vault.
Example 4: Remove keys by using the pipeline operator
PS C:\\>Get-AzureKeyVaultKey -VaultName 'Contoso' | Where-Object {$_.Attributes.Enabled -eq $False} | Remove-AzureKeyVaultKey
This command gets all the keys in the key vault named Contoso, and passes them to the Where-Object cmdlet by using the pipeline operator. That
cmdlet passes the keys that have a value of $False for the Enabled attribute to the current cmdlet. That cmdlet removes those keys.
RELATED LINKS
Online Version: https://docs.microsoft.com/en-us/powers ... eyvaultkey
Add-AzureKeyVaultKey
Get-AzureKeyVaultKey
Set-AzureKeyVaultKeyAttribute
Undo-AzureKeyVaultKeyRemoval
SYNOPSIS
Deletes a key in a key vault.
SYNTAX
Remove-AzureKeyVaultKey [-InputObject] <PSKeyVaultKeyIdentityItem> [-DefaultProfile <IAzureContextContainer>] [-Force] [-InRemovedState]
[-PassThru] [-Confirm] [-WhatIf] [<CommonParameters>]
Remove-AzureKeyVaultKey [-VaultName] <String> [-Name] <String> [-DefaultProfile <IAzureContextContainer>] [-Force] [-InRemovedState] [-PassThru]
[-Confirm] [-WhatIf] [<CommonParameters>]
DESCRIPTION
The Remove-AzureKeyVaultKey cmdlet deletes a key in a key vault. If the key was accidentally deleted the key can be recovered using
Undo-AzureKeyVaultKeyRemoval by a user with special 'recover' permissions. This cmdlet has a value of high for the ConfirmImpact property.
PARAMETERS
-DefaultProfile <IAzureContextContainer>
The credentials, account, tenant, and subscription used for communication with azure
Required? false
Position? named
Default value None
Accept pipeline input? False
Accept wildcard characters? false
-Force [<SwitchParameter>]
Forces the command to run without asking for user confirmation.
Required? false
Position? named
Default value False
Accept pipeline input? False
Accept wildcard characters? false
-InputObject <PSKeyVaultKeyIdentityItem>
KeyBundle Object
Required? true
Position? 0
Default value None
Accept pipeline input? True (ByValue)
Accept wildcard characters? false
-InRemovedState [<SwitchParameter>]
Remove the previously deleted key permanently.
Required? false
Position? named
Default value False
Accept pipeline input? False
Accept wildcard characters? false
-Name <String>
Specifies the name of the key to remove. This cmdlet constructs the fully qualified domain name (FQDN) of a key based on the name that this
parameter specifies, the name of the key vault, and your current environment.
Required? true
Position? 1
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-PassThru [<SwitchParameter>]
Indicates that this cmdlet returns a Microsoft.Azure.Commands.KeyVault.Models.KeyBundle object. By default, this cmdlet does not generate any
output.
Required? false
Position? named
Default value False
Accept pipeline input? False
Accept wildcard characters? false
-VaultName <String>
Specifies the name of the key vault from which to remove the key. This cmdlet constructs the FQDN of a key vault based on the name that this
parameter specifies and your current environment.
Required? true
Position? 0
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-Confirm [<SwitchParameter>]
Prompts you for confirmation before running the cmdlet.
Required? false
Position? named
Default value False
Accept pipeline input? False
Accept wildcard characters? false
-WhatIf [<SwitchParameter>]
Shows what would happen if the cmdlet runs. The cmdlet is not run.Shows what would happen if the cmdlet runs. The cmdlet is not run.
Required? false
Position? named
Default value False
Accept pipeline input? False
Accept wildcard characters? false
<CommonParameters>
This cmdlet supports the common parameters: Verbose, Debug,
ErrorAction, ErrorVariable, WarningAction, WarningVariable,
OutBuffer, PipelineVariable, and OutVariable. For more information, see
about_CommonParameters (http://go.microsoft.com/fwlink/?LinkID=113216).
INPUTS
String
OUTPUTS
Microsoft.Azure.Commands.KeyVault.Models.PSDeletedKeyVaultKey
This cmdlet returns a value only if you specify the PassThru parameter.
NOTES
Example 1: Remove a key from a key vault
PS C:\\>Remove-AzureKeyVaultKey -VaultName 'Contoso' -Name 'ITSoftware'
This command removes the key named ITSoftware from the key vault named Contoso.
Example 2: Remove a key without user confirmation
PS C:\\>Remove-AzureKeyVaultKey -VaultName 'Contoso' -Name 'ITSoftware' -Force -Confirm:$False
This command removes the key named ITSoftware from the key vault named Contoso. The command specifies the Force and Confirm parameters, and,
therefore, the cmdlet does not prompt you for confirmation.
Example 3: Purge a deleted key from the key vault permanently
PS C:\\>Remove-AzureKeyVaultKey -VaultName 'Contoso' -Name 'ITSoftware' -InRemovedState
This command removes the key named ITSoftware from the key vault named Contoso permanently. Executing this cmdlet requires the 'purge' permission,
which must have been previously and explicitly granted to the user for this key vault.
Example 4: Remove keys by using the pipeline operator
PS C:\\>Get-AzureKeyVaultKey -VaultName 'Contoso' | Where-Object {$_.Attributes.Enabled -eq $False} | Remove-AzureKeyVaultKey
This command gets all the keys in the key vault named Contoso, and passes them to the Where-Object cmdlet by using the pipeline operator. That
cmdlet passes the keys that have a value of $False for the Enabled attribute to the current cmdlet. That cmdlet removes those keys.
RELATED LINKS
Online Version: https://docs.microsoft.com/en-us/powers ... eyvaultkey
Add-AzureKeyVaultKey
Get-AzureKeyVaultKey
Set-AzureKeyVaultKeyAttribute
Undo-AzureKeyVaultKeyRemoval