Note
Access to this page requires authorization. You can try signing in or .
Access to this page requires authorization. You can try .
Update-AzKeyVaultNetworkRuleSet
- Module:
- Az.KeyVault Module
Updates the network rule set on a key vault.
Syntax
ByVaultName (Default)
Update-AzKeyVaultNetworkRuleSet
[-VaultName] <String>
[[-ResourceGroupName] <String>]
[-DefaultAction <PSKeyVaultNetworkRuleDefaultActionEnum>]
[-Bypass <PSKeyVaultNetworkRuleBypassEnum>]
[-IpAddressRange <String[]>]
[-VirtualNetworkResourceId <String[]>]
[-PassThru]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[-SubscriptionId <String>]
[<CommonParameters>]
ByInputObject
Update-AzKeyVaultNetworkRuleSet
[-InputObject] <PSKeyVault>
[-DefaultAction <PSKeyVaultNetworkRuleDefaultActionEnum>]
[-Bypass <PSKeyVaultNetworkRuleBypassEnum>]
[-IpAddressRange <String[]>]
[-VirtualNetworkResourceId <String[]>]
[-PassThru]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[-SubscriptionId <String>]
[<CommonParameters>]
ByResourceId
Update-AzKeyVaultNetworkRuleSet
[-ResourceId] <String>
[-DefaultAction <PSKeyVaultNetworkRuleDefaultActionEnum>]
[-Bypass <PSKeyVaultNetworkRuleBypassEnum>]
[-IpAddressRange <String[]>]
[-VirtualNetworkResourceId <String[]>]
[-PassThru]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[-SubscriptionId <String>]
[<CommonParameters>]
Description
The Update-AzKeyVaultNetworkRuleSet command updates the network rules in effect on the specified key vault.
Examples
Example 1
$frontendSubnet = New-AzVirtualNetworkSubnetConfig -Name frontendSubnet -AddressPrefix "10.0.1.0/24" -ServiceEndpoint Microsoft.KeyVault
$virtualNetwork = New-AzVirtualNetwork -Name myVNet -ResourceGroupName myRG -Location westus -AddressPrefix "10.0.0.0/16" -Subnet $frontendSubnet
$myNetworkResId = (Get-AzVirtualNetwork -Name myVNet -ResourceGroupName myRG).Subnets[0].Id
Update-AzKeyVaultNetworkRuleSet -VaultName 'myVault' -ResourceGroupName myRG -Bypass AzureServices -IpAddressRange "10.0.1.0/24" -VirtualNetworkResourceId $myNetworkResId -PassThru
Vault Name : myVault
Resource Group Name : myRG
Location : West US
Resource ID : /subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxxx/resourceGroups/myrg/providers
/Microsoft.KeyVault/vaults/myvault
Vault URI : https://myvault.vault.azure.net/
Tenant ID : xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxxx
SKU : Standard
Enabled For Deployment? : False
Enabled For Template Deployment? : False
Enabled For Disk Encryption? : False
Soft Delete Enabled? :
Access Policies :
Tenant ID : xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxxx
Object ID : xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxxx
Application ID :
Display Name : User Name (username@microsoft.com)
Permissions to Keys : get, create, delete, list, update,
import, backup, restore, recover
Permissions to Secrets : get, list, set, delete, backup,
restore, recover
Permissions to Certificates : get, delete, list, create, import,
update, deleteissuers, getissuers, listissuers, managecontacts, manageissuers,
setissuers, recover, backup, restore
Permissions to (Key Vault Managed) Storage : delete, deletesas, get, getsas, list,
listsas, regeneratekey, set, setsas, update, recover, backup, restore
Network Rule Set :
Default Action : Allow
Bypass : AzureServices
IP Rules : 10.0.1.0/24
Virtual Network Rules : /subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-
xxxxxxxxxxxxx/resourcegroups/myrg/providers/microsoft.network/virtualnetworks/myvn
et/subnets/frontendsubnet
Tags :
This command updates the network ruleset on the vault named 'myVault' for the specified IP range and the virtual network, allowing bypassing of the network rule for Azure services.
Example 2
Updates the network rule set on a key vault. (autogenerated)
Update-AzKeyVaultNetworkRuleSet -DefaultAction Allow -VaultName 'myVault'
Parameters
-Bypass
Specifies bypass of network rule.
Parameter properties
| Type: | |
| Default value: | None |
| Accepted values: | None, AzureServices |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-Confirm
Prompts you for confirmation before running the cmdlet.
Parameter properties
| Type: | SwitchParameter |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
| Aliases: | cf |
Parameter sets
-DefaultAction
Specifies default action of network rule.
Parameter properties
| Type: | |
| Default value: | None |
| Accepted values: | Allow, Deny |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-DefaultProfile
The credentials, account, tenant, and subscription used for communication with Azure.
Parameter properties
| Type: | IAzureContextContainer |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
| Aliases: | AzContext, AzureRmContext, AzureCredential |
Parameter sets
-InputObject
KeyVault object
Parameter properties
| Type: | PSKeyVault |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-IpAddressRange
Specifies allowed network IP address range of network rule.
Parameter properties
| Type: | String[] |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-PassThru
This Cmdlet does not return an object by default. If this switch is specified, it returns the updated key vault object.
Parameter properties
| Type: | SwitchParameter |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-ResourceGroupName
Specifies the name of the resource group associated with the key vault whose network rule is being modified.
Parameter properties
| Type: | String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-ResourceId
KeyVault Resource Id
Parameter properties
| Type: | String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-SubscriptionId
The ID of the subscription. By default, cmdlets are executed in the subscription that is set in the current context. If the user specifies another subscription, the current cmdlet is executed in the subscription specified by the user. Overriding subscriptions only take effect during the lifecycle of the current cmdlet. It does not change the subscription in the context, and does not affect subsequent cmdlets.
Parameter properties
| Type: | String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-VaultName
Specifies the name of a key vault whose network rule is being modified.
Parameter properties
| Type: | String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-VirtualNetworkResourceId
Specifies allowed virtual network resource identifier of network rule.
Parameter properties
| Type: | String[] |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-WhatIf
Shows what would happen if the cmdlet runs. The cmdlet is not run.
Parameter properties
| Type: | SwitchParameter |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
| Aliases: | wi |
Parameter sets
CommonParameters
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable, -ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.
Inputs
PSKeyVault
String
Nullable<T>
Nullable<T>
Outputs
PSKeyVault
Azure PowerShell
Feedback
Was this page helpful?