New-AzDataProtectionBackupVault
Creates or updates a BackupVault resource belonging to a resource group.
Syntax
Default (Default)
New-AzDataProtectionBackupVault
-ResourceGroupName <String>
-VaultName <String>
-Location <String>
-StorageSetting <IStorageSetting[]>
[-SubscriptionId <String>]
[-ETag <String>]
[-IdentityType <String>]
[-AzureMonitorAlertsForAllJobFailure <AlertsState>]
[-ImmutabilityState <ImmutabilityState>]
[-CrossRegionRestoreState <CrossRegionRestoreState>]
[-CrossSubscriptionRestoreState <CrossSubscriptionRestoreState>]
[-SoftDeleteRetentionDurationInDay <Double>]
[-SoftDeleteState <SoftDeleteState>]
[-Tag <Hashtable>]
[-IdentityUserAssignedIdentity <Hashtable>]
[-CmkEncryptionState <EncryptionState>]
[-CmkInfrastructureEncryption <InfrastructureEncryptionState>]
[-CmkIdentityType <IdentityType>]
[-CmkUserAssignedIdentityId <String>]
[-CmkEncryptionKeyUri <String>]
[-DefaultProfile <PSObject>]
[-AsJob]
[-NoWait]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
Description
Creates or updates a BackupVault resource belonging to a resource group.
Examples
Example 1: Create a new backup vault
$sub = "xxxx-xxxx-xxxxx"
$storagesetting = New-AzDataProtectionBackupVaultStorageSettingObject -DataStoreType VaultStore -Type LocallyRedundant
New-AzDataProtectionBackupVault -SubscriptionId $sub -ResourceGroupName sarath-rg -VaultName "MyVault" -StorageSetting $storagesetting -Location westus
ETag IdentityPrincipalId IdentityTenantId IdentityType Location Name Type
---- ------------------- ---------------- ------------ -------- ---- ----
westus MyVault Microsoft.DataProtection/backupVaults
This command creates a new backup vault.
Example 2: Create a new backup vault with ImmutabilityState, CrossSubscriptionRestoreState, soft delete settings
$sub = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
$storagesetting = New-AzDataProtectionBackupVaultStorageSettingObject -DataStoreType VaultStore -Type LocallyRedundant
New-AzDataProtectionBackupVault -SubscriptionId $sub -ResourceGroupName "resourceGroupName" -VaultName "vaultName" -Location westus -StorageSetting $storagesetting -CrossSubscriptionRestoreState Enabled -ImmutabilityState Unlocked -SoftDeleteRetentionDurationInDay 100 -SoftDeleteState On
ETag IdentityPrincipalId IdentityTenantId IdentityType Location Name Type
---- ------------------- ---------------- ------------ -------- ---- ----
westus MyVault Microsoft.DataProtection/backupVaults
This command creates a new backup vault while setting Immutability state, cross subscription restore state, soft delete settings of the vault at creation time.
Example 3: Create a Backup Vault with CMK
$storagesetting = New-AzDataProtectionBackupVaultStorageSettingObject -DataStoreType VaultStore -Type LocallyRedundant
$userAssignedIdentity = @{
"/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourcegroups/samplerg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/sampleuami" = @{
clientId = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
principalId = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
}
"/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourcegroups/samplerg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/sampleuami2" = @{
clientId = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
principalId = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
}
}
$cmkIdentityId = "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourcegroups/samplerg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/sampleuami"
$cmkKeyUri = "https://samplekvazbckp.vault.azure.net/keys/testkey/3cd5235ad6ac4c11b40a6f35444bcbe1"
New-AzDataProtectionBackupVault -SubscriptionId xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx -ResourceGroupName "resourceGroupName" -VaultName "vaultName" -Location "___location" -StorageSetting $storagesetting -IdentityType UserAssigned -UserAssignedIdentity $userAssignedIdentity -CmkEncryptionState Enabled -CmkIdentityType UserAssigned -CmkUserAssignedIdentityId $cmkIdentityId -CmkEncryptionKeyUri $cmkKeyUri -CmkInfrastructureEncryption Enabled
Name Location IdentityType
-------- -------- ------------
vaultName ___location UserAssigned
This command creates a backup vault with CMK encryption enabled
Parameters
-AsJob
Creates or updates a BackupVault resource belonging to a resource group.
Parameter properties
Type: SwitchParameter
Default value: None Supports wildcards: False DontShow: False
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-AzureMonitorAlertsForAllJobFailure
Parameter to Enable or Disable built-in azure monitor alerts for job failures.
Security alerts cannot be disabled.
Parameter properties
Type: AlertsState
Default value: None Supports wildcards: False DontShow: False
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-CmkEncryptionKeyUri
The Key URI of the CMK key to be used for encryption.
To enable auto-rotation of keys, exclude the version component from the Key URI.
Parameter properties
Type: String
Default value: None Supports wildcards: False DontShow: False
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-CmkEncryptionState
Enable CMK encryption state for a Backup Vault.
Parameter properties
Type: EncryptionState
Default value: None Supports wildcards: False DontShow: False
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-CmkIdentityType
The identity type to be used for CMK encryption - SystemAssigned or UserAssigned Identity.
Parameter properties
Type: IdentityType
Default value: None Supports wildcards: False DontShow: False
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-CmkInfrastructureEncryption
Enable infrastructure encryption with CMK on this vault.
Infrastructure encryption must be configured only when creating the vault.
Parameter properties
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-CmkUserAssignedIdentityId
This parameter is required if the identity type is UserAssigned.
Add the user assigned managed identity id to be used which has access permissions to the Key Vault.
Parameter properties
Type: String
Default value: None Supports wildcards: False DontShow: False
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-Confirm
Prompts you for confirmation before running the cmdlet.
Parameter properties
Type: SwitchParameter
Default value: None Supports wildcards: False DontShow: False Aliases: cf
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-CrossRegionRestoreState
Cross region restore state of the vault.
Allowed values are Disabled, Enabled.
Parameter properties
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-CrossSubscriptionRestoreState
Cross subscription restore state of the vault.
Allowed values are Disabled, Enabled, PermanentlyDisabled.
Parameter properties
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-DefaultProfile
Creates or updates a BackupVault resource belonging to a resource group.
Parameter properties
Type: PSObject
Default value: None Supports wildcards: False DontShow: False Aliases: AzureRMContext, AzureCredential
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-ETag
Optional ETag.
Parameter properties
Type: String
Default value: None Supports wildcards: False DontShow: False
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-IdentityType
The identityType can take values - "SystemAssigned", "UserAssigned", "SystemAssigned,UserAssigned", "None".
Parameter properties
Type: String
Default value: None Supports wildcards: False DontShow: False
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-IdentityUserAssignedIdentity
Gets or sets the user assigned identities.
Parameter properties
Type: Hashtable
Default value: None Supports wildcards: False DontShow: False Aliases: UserAssignedIdentity, AssignUserIdentity
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-ImmutabilityState
Immutability state of the vault.
Allowed values are Disabled, Unlocked, Locked.
Parameter properties
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-Location
Resource ___location.
Parameter properties
Type: String
Default value: None Supports wildcards: False DontShow: False
Parameter sets
(All)
Position: Named Mandatory: True Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-NoWait
Creates or updates a BackupVault resource belonging to a resource group.
Parameter properties
Type: SwitchParameter
Default value: None Supports wildcards: False DontShow: False
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-ResourceGroupName
Resource Group Name of the backup vault
Parameter properties
Type: String
Default value: None Supports wildcards: False DontShow: False
Parameter sets
(All)
Position: Named Mandatory: True Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-SoftDeleteRetentionDurationInDay
Soft delete retention duration in days
Parameter properties
Type: Double
Default value: None Supports wildcards: False DontShow: False
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-SoftDeleteState
Soft delete state of the vault.
Allowed values are Off, On, AlwaysOn
Parameter properties
Type: SoftDeleteState
Default value: None Supports wildcards: False DontShow: False
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-StorageSetting
Storage Settings of the vault.
Use New-AzDataProtectionBackupVaultStorageSetting Cmdlet to Create.
To construct, see NOTES section for STORAGESETTING properties and create a hash table.
Parameter properties
Type: IStorageSetting [ ]
Default value: None Supports wildcards: False DontShow: False
Parameter sets
(All)
Position: Named Mandatory: True Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-SubscriptionId
Subscription Id of the vault
Parameter properties
Type: String
Default value: None Supports wildcards: False DontShow: False
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-Tag
Resource tags.
Parameter properties
Type: Hashtable
Default value: None Supports wildcards: False DontShow: False
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-VaultName
Name of the backup vault
Parameter properties
Type: String
Default value: None Supports wildcards: False DontShow: False
Parameter sets
(All)
Position: Named Mandatory: True Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-WhatIf
Shows what would happen if the cmdlet runs.
The cmdlet is not run.
Parameter properties
Type: SwitchParameter
Default value: None Supports wildcards: False DontShow: False Aliases: wi
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
CommonParameters
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable,
-InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable,
-ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see
about_CommonParameters .
Outputs
