Note
Access to this page requires authorization. You can try signing in or .
Access to this page requires authorization. You can try .
az keyvault key rotation-policy
Manage key's rotation policy.
Commands
| Name | Description | Type | Status |
|---|---|---|---|
| az keyvault key rotation-policy show |
Get the rotation policy of a Key Vault key. |
Core | GA |
| az keyvault key rotation-policy update |
Update the rotation policy of a Key Vault key. |
Core | GA |
az keyvault key rotation-policy show
Get the rotation policy of a Key Vault key.
az keyvault key rotation-policy show [--hsm-name]
[--id]
[--name]
[--vault-name]Optional Parameters
The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.
Name of the HSM. (--hsm-name and --vault-name are mutually exclusive, please specify just one of them).
| Property | Value |
|---|---|
| Parameter group: | Id Arguments |
Id of the key. If specified all other 'Id' arguments should be omitted.
| Property | Value |
|---|---|
| Parameter group: | Id Arguments |
Name of the key. Required if --id is not specified.
Name of the Vault.
| Property | Value |
|---|---|
| Parameter group: | Id Arguments |
az keyvault key rotation-policy update
Update the rotation policy of a Key Vault key.
az keyvault key rotation-policy update --value
[--acquire-policy-token]
[--change-reference]
[--hsm-name]
[--id]
[--name]
[--vault-name]Examples
Set rotation policy using json file
az keyvault key rotation-policy update -n mykey --vault-name mykeyvault --value path/to/policy.json
A valid example for policy.json is:
{
"lifetimeActions": [
{
"trigger": {
"timeAfterCreate": "P90D", // ISO 8601 duration. For example: 90 days is "P90D", 3 months is "P3M", and 48 hours is "PT48H".
"timeBeforeExpiry" : null
},
"action": {
"type": "Rotate"
}
},
{
"trigger": {
"timeBeforeExpiry" : "P30D" // ISO 8601 duration.
},
"action": {
"type": "Notify"
}
}
],
"attributes": {
"expiryTime": "P2Y" // ISO 8601 duration.
}
}Required Parameters
The rotation policy file definition as JSON, or a path to a file containing JSON policy definition.
Optional Parameters
The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.
Acquiring an Azure Policy token automatically for this resource operation.
| Property | Value |
|---|---|
| Parameter group: | Global Policy Arguments |
The related change reference ID for this resource operation.
| Property | Value |
|---|---|
| Parameter group: | Global Policy Arguments |
Name of the HSM. (--hsm-name and --vault-name are mutually exclusive, please specify just one of them).
| Property | Value |
|---|---|
| Parameter group: | Id Arguments |
Id of the key. If specified all other 'Id' arguments should be omitted.
| Property | Value |
|---|---|
| Parameter group: | Id Arguments |
Name of the key. Required if --id is not specified.
Name of the Vault.
| Property | Value |
|---|---|
| Parameter group: | Id Arguments |
Feedback
Was this page helpful?