create_key_vault: Create Azure key vault

Description Usage Arguments Details Value See Also Examples

Description

Method for the AzureRMR::az_resource_group class.

Usage

1
2
create_key_vault(name, location = self$location, initial_access = default_access(),
                 sku = "Standard", ..., wait = TRUE)

Arguments

Details

This method deploys a new key vault resource, with parameters given by the arguments. A key vault is a secure facility for storing and managing encryption keys, certificates, storage account keys, and generic secrets.

A new key vault will have access granted to the user or service principal used to sign in to the Azure Resource Manager client. To manage access policies after creation, use the add_principal, list_principals and remove_principal methods of the key vault object.

Key Vault's soft delete feature allows recovery of the deleted vaults and vault objects, known as soft-delete. Specifically, it addresses the following scenarios:

With this feature, the delete operation on a key vault or key vault object is a soft-delete, effectively holding the resources for a given retention period (90 days), while giving the appearance that the object is deleted. The service further provides a mechanism for recovering the deleted object, essentially undoing the deletion.

Soft-deleted vaults can be purged (permanently removed) by calling the purge_key_vault method for the resource group or subscription classes. The purge protection optional feature provides an additional layer of protection by forbidding manual purges; when this is on, a vault or an object in deleted state cannot be purged until the retention period of 90 days has passed.

To see what soft-deleted key vaults exist, call the list_deleted_key_vaults method. To recover a soft-deleted key vault, call the create_key_vault method from the vault's original resource group, with the vault name. To purge (permanently delete) it, call the purge_key_vault method.

Value

An object of class az_key_vault representing the created key vault.

See Also

get_key_vault, delete_key_vault, purge_key_vault, az_key_vault, vault_access_policy

Azure Key Vault documentation, Azure Key Vault API reference

Examples

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
## Not run: 

rg <- AzureRMR::get_azure_login()$
    get_subscription("subscription_id")$
    get_resource_group("rgname")

# create a new key vault
rg$create_key_vault("mykeyvault")

# create a new key vault, and grant access to a service principal
gr <- AzureGraph::get_graph_login()
svc <- gr$get_service_principal("app_id")
rg$create_key_vault("mykeyvault",
    initial_access=list(vault_access_policy(svc, tenant=NULL)))


## End(Not run)

cloudyr/AzureKeyVault documentation built on Sept. 19, 2021, 8:49 a.m.