Update-AzDataProtectionBackupVault
Updates a BackupVault resource belonging to a resource group. For example, updating tags for a resource.
Syntax
Update-AzDataProtectionBackupVault
[-Token <String>]
[-AzureMonitorAlertsForAllJobFailure <AlertsState>]
[-CrossRegionRestoreState <CrossRegionRestoreState>]
[-CrossSubscriptionRestoreState <CrossSubscriptionRestoreState>]
[-IdentityType <String>]
[-IdentityUserAssignedIdentity <Hashtable>]
[-ImmutabilityState <ImmutabilityState>]
[-ResourceGuardOperationRequest <String[]>]
[-SoftDeleteRetentionDurationInDay <Double>]
[-SoftDeleteState <SoftDeleteState>]
[-Tag <Hashtable>]
[-DefaultProfile <PSObject>]
[-AsJob]
[-NoWait]
-ResourceGroupName <String>
-VaultName <String>
[-SubscriptionId <String>]
[-CmkEncryptionState <EncryptionState>]
[-CmkIdentityType <IdentityType>]
[-CmkUserAssignedIdentityId <String>]
[-CmkEncryptionKeyUri <String>]
[-SecureToken <SecureString>]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
Update-AzDataProtectionBackupVault
-InputObject <IDataProtectionIdentity>
[-Token <String>]
[-AzureMonitorAlertsForAllJobFailure <AlertsState>]
[-CrossRegionRestoreState <CrossRegionRestoreState>]
[-CrossSubscriptionRestoreState <CrossSubscriptionRestoreState>]
[-EncryptionSetting <IEncryptionSettings>]
[-IdentityType <String>]
[-IdentityUserAssignedIdentity <Hashtable>]
[-ImmutabilityState <ImmutabilityState>]
[-ResourceGuardOperationRequest <String[]>]
[-SoftDeleteRetentionDurationInDay <Double>]
[-SoftDeleteState <SoftDeleteState>]
[-Tag <Hashtable>]
[-DefaultProfile <PSObject>]
[-AsJob]
[-NoWait]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
Description
Updates a BackupVault resource belonging to a resource group. For example, updating tags for a resource.
Examples
Example 1: Add tags to an existing backup vault
$tag = @{"Owner"="sarath";"Purpose"="AzureBackupTesting"}
Update-AzDataProtectionBackupVault -SubscriptionId "xxx-xxx-xxx" -ResourceGroupName sarath-rg -VaultName sarath-vault -Tag $tag
ETag IdentityPrincipalId IdentityTenantId IdentityType Location Name Type
---- ------------------- ---------------- ------------ -------- ---- ----
2ca1d5f7-38b3-4b61-aa45-8147d7e0edbc 72f988bf-86f1-41af-91ab-2d7cd011db47 SystemAssigned centraluseuap sarath-vault Microsoft.DataProtection/backupVaults
The first command creates a new tag hashtable with tags and their values. The second command adds the given tags to the backup vault.
Example 2: Disable Azure monitor alerts for job failures
Update-AzDataProtectionBackupVault -ResourceGroupName "rgName" -VaultName "vaultName" -SubscriptionId "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" -AzureMonitorAlertsForAllJobFailure 'Disabled'
Name Location Type IdentityType
---- -------- ---- ------------
vaultName southeastasia Microsoft.DataProtection/backupVaults SystemAssigned
This command disables the monitor alerts for all the job failures for the backup vault. Allowed values are: Enabled, Disabled. Note that by default this setting is enabled.
Example 3: Update vault ImmutabilityState, CrossSubscriptionRestoreState, soft delete settings
Update-AzDataProtectionBackupVault -SubscriptionId "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" -ResourceGroupName "resourceGroupName" -VaultName "vaultName" -CrossSubscriptionRestoreState Disabled -ImmutabilityState Disabled -SoftDeleteRetentionDurationInDay 99 -SoftDeleteState Off
Name Location Type IdentityType
---- -------- ---- ------------
vaultName southeastasia Microsoft.DataProtection/backupVaults SystemAssigned
This command is used to modify Immutability state, cross subscription restore state, soft delete settings of the vault. These parameters are optional and can be used independently.
Example 4: Update vault CmkIdentityType from UserAssignedManagedIdentity to SystemAssignedManagedIdentity and CmkEncryptionKeyUri
$cmkKeyUri = "https://samplekvazbckp.vault.azure.net/keys/testkey/3cd5235ad6ac4c11b40a6f35444bcbe1"
Update-AzDataProtectionBackupVault -SubscriptionId "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" -ResourceGroupName "resourceGroupName" -VaultName "vaultName" -CmkIdentityType SystemAssigned -CmkEncryptionKeyUri $cmkKeyUri
Name Location Type IdentityType
---- -------- ---- ------------
vaultName southeastasia Microsoft.DataProtection/backupVaults SystemAssigned
This command is used to modify CmkIdentityType and CmkEncryptionKeyUri. These parameters are optional and can be used independently.
Example 5: Update vault CmkIdentityType from SystemAssignedManagedIdentity to UserAssignedManagedIdentity
$cmkIdentityId = "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourcegroups/samplerg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/sampleuami"
Update-AzDataProtectionBackupVault -SubscriptionId "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" -ResourceGroupName "resourceGroupName" -VaultName "vaultName" -CmkIdentityType UserAssigned -CmkUserAssignedIdentityId $cmkIdentityId
Name Location Type IdentityType
---- -------- ---- ------------
vaultName southeastasia Microsoft.DataProtection/backupVaults UserAssigned
This command is used to change CmkIdentityType from SystemAssigned to UserAssgined. CmkIdenityId is a required parameter.
Parameters
-AsJob
Run the command as a job
Type: | SwitchParameter |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-AzureMonitorAlertsForAllJobFailure
Parameter to Enable or Disable built-in azure monitor alerts for job failures. Security alerts cannot be disabled.
Type: | AlertsState |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-CmkEncryptionKeyUri
The Key URI of the CMK key to be used for encryption. To enable auto-rotation of keys, exclude the version component from the Key URI.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-CmkEncryptionState
Enable CMK encryption state for a Backup Vault.
Type: | EncryptionState |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-CmkIdentityType
The identity type to be used for CMK encryption - SystemAssigned or UserAssigned Identity.
Type: | IdentityType |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-CmkUserAssignedIdentityId
This parameter is required if the identity type is UserAssigned. Add the user assigned managed identity id to be used which has access permissions to the Key Vault.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-Confirm
Prompts you for confirmation before running the cmdlet.
Type: | SwitchParameter |
Aliases: | cf |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-CrossRegionRestoreState
Cross region restore state of the vault. Allowed values are Disabled, Enabled.
Type: | CrossRegionRestoreState |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-CrossSubscriptionRestoreState
Cross subscription restore state of the vault. Allowed values are Disabled, Enabled, PermanentlyDisabled.
Type: | CrossSubscriptionRestoreState |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-DefaultProfile
The DefaultProfile parameter is not functional. Use the SubscriptionId parameter when available if executing the cmdlet against a different subscription.
Type: | PSObject |
Aliases: | AzureRMContext, AzureCredential |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-EncryptionSetting
Customer Managed Key details of the resource. To construct, see NOTES section for ENCRYPTIONSETTING properties and create a hash table.
Type: | IEncryptionSettings |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-IdentityType
The identityType which can be either SystemAssigned, UserAssigned, 'SystemAssigned,UserAssigned' or None
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-IdentityUserAssignedIdentity
Gets or sets the user assigned identities.
Type: | Hashtable |
Aliases: | UserAssignedIdentity |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-ImmutabilityState
Immutability state of the vault. Allowed values are Disabled, Unlocked, Locked.
Type: | ImmutabilityState |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-InputObject
Identity Parameter To construct, see NOTES section for INPUTOBJECT properties and create a hash table.
Type: | IDataProtectionIdentity |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-NoWait
Run the command asynchronously
Type: | SwitchParameter |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-ResourceGroupName
The name of the resource group. The name is case insensitive.
Type: | String |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-ResourceGuardOperationRequest
ResourceGuardOperationRequests on which LAC check will be performed
Type: | String[] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-SecureToken
Parameter to authorize operations protected by cross tenant resource guard. Use command (Get-AzAccessToken -TenantId "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx -AsSecureString").Token to fetch authorization token for different tenant.
Type: | SecureString |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-SoftDeleteRetentionDurationInDay
Soft delete retention duration in days.
Type: | Double |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-SoftDeleteState
Soft delete state of the vault. Allowed values are Off, On, AlwaysOn.
Type: | SoftDeleteState |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-SubscriptionId
The ID of the target subscription. The value must be an UUID.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-Tag
Resource tags.
Type: | Hashtable |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-Token
Parameter to authorize operations protected by cross tenant resource guard. Use command (Get-AzAccessToken -TenantId "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx").Token to fetch authorization token for different tenant.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-VaultName
The name of the backup vault.
Type: | String |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-WhatIf
Shows what would happen if the cmdlet runs. The cmdlet is not run.
Type: | SwitchParameter |
Aliases: | wi |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Inputs
Outputs
Azure PowerShell