Package com.azure.security.keyvault.administration

Class KeyVaultBackupClient

java.lang.Object
com.azure.security.keyvault.administration.KeyVaultBackupClient
public final class KeyVaultBackupClient extends Object
The KeyVaultBackupClient provides synchronous methods to perform backup and restore operations of an Azure Key Vault.

Instances of this client are obtained by calling the KeyVaultBackupClientBuilder.buildClient() method on a KeyVaultBackupClientBuilder object.

Samples to construct a sync client

 KeyVaultBackupClient keyVaultBackupClient = new KeyVaultBackupClientBuilder()
     .vaultUrl("https://myaccount.managedhsm.azure.net/")
     .credential(new DefaultAzureCredentialBuilder().build())
     .buildClient();
See Also:

  • Method Details

    • getVaultUrl

      public String getVaultUrl()
      Get the vault endpoint URL.
      Returns:
      The vault endpoint URL.

    • beginBackup

      public SyncPoller<KeyVaultBackupOperation,String> beginBackup(String blobStorageUrl, String sasToken)
      Initiates a full backup of the Key Vault.

      Code Samples

      Starts a backup operation, polls for its status and waits for it to complete. Prints out the details of the operation's final result in case of success or prints out error details in case the operation fails.

       String blobStorageUrl = "https://myaccount.blob.core.windows.net/myContainer";
 String sasToken = "sv=2020-02-10&ss=b&srt=o&sp=rwdlactfx&se=2021-06-17T07:13:07Z&st=2021-06-16T23:13:07Z"
     + "&spr=https&sig=n5V6fnlkViEF9b7ij%2FttTHNwO2BdFIHKHppRxGAyJdc%3D";

 SyncPoller<KeyVaultBackupOperation, String> backupPoller = client.beginBackup(blobStorageUrl, sasToken);

 PollResponse<KeyVaultBackupOperation> pollResponse = backupPoller.poll();

 System.out.printf("The current status of the operation is: %s.%n", pollResponse.getStatus());

 PollResponse<KeyVaultBackupOperation> finalPollResponse = backupPoller.waitForCompletion();

 if (finalPollResponse.getStatus() == LongRunningOperationStatus.SUCCESSFULLY_COMPLETED) {
     String folderUrl = backupPoller.getFinalResult();

     System.out.printf("Backup completed. The storage location of this backup is: %s.%n", folderUrl);
 } else {
     KeyVaultBackupOperation operation = backupPoller.poll().getValue();

     System.out.printf("Backup failed with error: %s.%n", operation.getError().getMessage());
 }
      Parameters:
      blobStorageUrl - The URL for the Blob Storage resource where the backup will be located.
      sasToken - A Shared Access Signature (SAS) token to authorize access to the blob.
      Returns:
      A SyncPoller polling on the backup operation status.
      Throws:
      KeyVaultAdministrationException - If the given blobStorageUrl or sasToken are invalid.
      NullPointerException - If the blobStorageUrl or sasToken are null.

    • beginRestore

      public SyncPoller<KeyVaultRestoreOperation,KeyVaultRestoreResult> beginRestore(String folderUrl, String sasToken)
      Initiates a full restore of the Key Vault.

      Code Samples

      Starts a restore operation, polls for its status and waits for it to complete. Prints out error details in case the operation fails.

       String blobStorageUrl = "https://myaccount.blob.core.windows.net/myContainer";
 String sasToken = "sv=2020-02-10&ss=b&srt=o&sp=rwdlactfx&se=2021-06-17T07:13:07Z&st=2021-06-16T23:13:07Z"
     + "&spr=https&sig=n5V6fnlkViEF9b7ij%2FttTHNwO2BdFIHKHppRxGAyJdc%3D";

 SyncPoller<KeyVaultBackupOperation, String> backupPoller = client.beginBackup(blobStorageUrl, sasToken);

 PollResponse<KeyVaultBackupOperation> pollResponse = backupPoller.poll();

 System.out.printf("The current status of the operation is: %s.%n", pollResponse.getStatus());

 PollResponse<KeyVaultBackupOperation> finalPollResponse = backupPoller.waitForCompletion();

 if (finalPollResponse.getStatus() == LongRunningOperationStatus.SUCCESSFULLY_COMPLETED) {
     String folderUrl = backupPoller.getFinalResult();

     System.out.printf("Backup completed. The storage location of this backup is: %s.%n", folderUrl);
 } else {
     KeyVaultBackupOperation operation = backupPoller.poll().getValue();

     System.out.printf("Backup failed with error: %s.%n", operation.getError().getMessage());
 }
      Parameters:
      folderUrl - The URL for the Blob Storage resource where the backup is located, including the path to the blob container where the backup resides. This would be the exact value that is returned as the result of a backup operation. An example of such a URL may look like the following: https://contoso.blob.core.windows.net/backup/mhsm-contoso-2020090117323313.
      sasToken - A Shared Access Signature (SAS) token to authorize access to the blob.
      Returns:
      A SyncPoller to poll on the restore operation status.
      Throws:
      KeyVaultAdministrationException - If the given folderUrl or sasToken are invalid.
      NullPointerException - If the folderUrl or sasToken are null.

    • beginSelectiveKeyRestore

      public SyncPoller<KeyVaultSelectiveKeyRestoreOperation,KeyVaultSelectiveKeyRestoreResult> beginSelectiveKeyRestore(String keyName, String folderUrl, String sasToken)
      Restores all versions of a given key using the supplied SAS token pointing to a previously stored Azure Blob storage backup folder.

      Code Samples

      Starts a selective key restore operation, polls for its status and waits for it to complete. Prints out error details in case the operation fails.

       String folderUrl = "https://myaccount.blob.core.windows.net/myContainer/mhsm-myaccount-2020090117323313";
 String sasToken = "sv=2020-02-10&ss=b&srt=o&sp=rwdlactfx&se=2021-06-17T07:13:07Z&st=2021-06-16T23:13:07Z"
     + "&spr=https&sig=n5V6fnlkViEF9b7ij%2FttTHNwO2BdFIHKHppRxGAyJdc%3D";
 String keyName = "myKey";

 SyncPoller<KeyVaultSelectiveKeyRestoreOperation, KeyVaultSelectiveKeyRestoreResult> backupPoller =
     client.beginSelectiveKeyRestore(folderUrl, sasToken, keyName);

 PollResponse<KeyVaultSelectiveKeyRestoreOperation> pollResponse = backupPoller.poll();

 System.out.printf("The current status of the operation is: %s.%n", pollResponse.getStatus());

 PollResponse<KeyVaultSelectiveKeyRestoreOperation> finalPollResponse = backupPoller.waitForCompletion();

 if (finalPollResponse.getStatus() == LongRunningOperationStatus.SUCCESSFULLY_COMPLETED) {
     System.out.printf("Key restored successfully.%n");
 } else {
     KeyVaultSelectiveKeyRestoreOperation operation = backupPoller.poll().getValue();

     System.out.printf("Key restore failed with error: %s.%n", operation.getError().getMessage());
 }
      Parameters:
      keyName - The name of the key to be restored.
      folderUrl - The URL for the Blob Storage resource where the backup is located, including the path to the blob container where the backup resides. This would be the exact value that is returned as the result of a backup operation. An example of such a URL may look like the following: https://contoso.blob.core.windows.net/backup/mhsm-contoso-2020090117323313.
      sasToken - A Shared Access Signature (SAS) token to authorize access to the blob.
      Returns:
      A SyncPoller to poll on the restore operation status.
      Throws:
      KeyVaultAdministrationException - If the given folderUrl or sasToken are invalid.
      NullPointerException - If the keyName, folderUrl or sasToken are null.