Update-AzKeyVaultNetworkRuleSet

Module:: Az.KeyVault Module

Updates the network rule set on a key vault.

Syntax

ByVaultName (Default)

Update-AzKeyVaultNetworkRuleSet
    [-VaultName] <String>
    [[-ResourceGroupName] <String>]
    [-DefaultAction <PSKeyVaultNetworkRuleDefaultActionEnum>]
    [-Bypass <PSKeyVaultNetworkRuleBypassEnum>]
    [-IpAddressRange <String[]>]
    [-VirtualNetworkResourceId <String[]>]
    [-PassThru]
    [-DefaultProfile <IAzureContextContainer>]
    [-WhatIf]
    [-Confirm]
    [-SubscriptionId <String>]
    [<CommonParameters>]

ByInputObject

Update-AzKeyVaultNetworkRuleSet
    [-InputObject] <PSKeyVault>
    [-DefaultAction <PSKeyVaultNetworkRuleDefaultActionEnum>]
    [-Bypass <PSKeyVaultNetworkRuleBypassEnum>]
    [-IpAddressRange <String[]>]
    [-VirtualNetworkResourceId <String[]>]
    [-PassThru]
    [-DefaultProfile <IAzureContextContainer>]
    [-WhatIf]
    [-Confirm]
    [-SubscriptionId <String>]
    [<CommonParameters>]

ByResourceId

Update-AzKeyVaultNetworkRuleSet
    [-ResourceId] <String>
    [-DefaultAction <PSKeyVaultNetworkRuleDefaultActionEnum>]
    [-Bypass <PSKeyVaultNetworkRuleBypassEnum>]
    [-IpAddressRange <String[]>]
    [-VirtualNetworkResourceId <String[]>]
    [-PassThru]
    [-DefaultProfile <IAzureContextContainer>]
    [-WhatIf]
    [-Confirm]
    [-SubscriptionId <String>]
    [<CommonParameters>]

Description

The Update-AzKeyVaultNetworkRuleSet command updates the network rules in effect on the specified key vault.

Examples

Example 1

$frontendSubnet = New-AzVirtualNetworkSubnetConfig -Name frontendSubnet -AddressPrefix "10.0.1.0/24" -ServiceEndpoint Microsoft.KeyVault
$virtualNetwork = New-AzVirtualNetwork -Name myVNet -ResourceGroupName myRG -Location westus -AddressPrefix "10.0.0.0/16" -Subnet $frontendSubnet
$myNetworkResId = (Get-AzVirtualNetwork -Name myVNet -ResourceGroupName myRG).Subnets[0].Id
Update-AzKeyVaultNetworkRuleSet -VaultName 'myVault' -ResourceGroupName myRG -Bypass AzureServices -IpAddressRange "10.0.1.0/24" -VirtualNetworkResourceId $myNetworkResId -PassThru

Vault Name                       : myVault
Resource Group Name              : myRG
Location                         : West US
Resource ID                      : /subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxxx/resourceGroups/myrg/providers
                                   /Microsoft.KeyVault/vaults/myvault
Vault URI                        : https://myvault.vault.azure.net/
Tenant ID                        : xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxxx
SKU                              : Standard
Enabled For Deployment?          : False
Enabled For Template Deployment? : False
Enabled For Disk Encryption?     : False
Soft Delete Enabled?             :
Access Policies                  :
                                   Tenant ID                                  : xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxxx
                                   Object ID                                  : xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxxx
                                   Application ID                             :
                                   Display Name                               : User Name (username@microsoft.com)
                                   Permissions to Keys                        : get, create, delete, list, update,
                                   import, backup, restore, recover
                                   Permissions to Secrets                     : get, list, set, delete, backup,
                                   restore, recover
                                   Permissions to Certificates                : get, delete, list, create, import,
                                   update, deleteissuers, getissuers, listissuers, managecontacts, manageissuers,
                                   setissuers, recover, backup, restore
                                   Permissions to (Key Vault Managed) Storage : delete, deletesas, get, getsas, list,
                                   listsas, regeneratekey, set, setsas, update, recover, backup, restore


Network Rule Set                 :
                                   Default Action                             : Allow
                                   Bypass                                     : AzureServices
                                   IP Rules                                   : 10.0.1.0/24
                                   Virtual Network Rules                      : /subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-
                                   xxxxxxxxxxxxx/resourcegroups/myrg/providers/microsoft.network/virtualnetworks/myvn
                                   et/subnets/frontendsubnet

Tags                             :

This command updates the network ruleset on the vault named 'myVault' for the specified IP range and the virtual network, allowing bypassing of the network rule for Azure services.

Example 2

Updates the network rule set on a key vault. (autogenerated)

Update-AzKeyVaultNetworkRuleSet -DefaultAction Allow -VaultName 'myVault'

Parameters

-Bypass

Specifies bypass of network rule.

Parameter properties

Type:	Nullable<T>[PSKeyVaultNetworkRuleBypassEnum]
Default value:	None
Accepted values:	None, AzureServices
Supports wildcards:	False
DontShow:	False

Parameter sets

(All)

Position:	Named
Mandatory:	False
Value from pipeline:	False
Value from pipeline by property name:	True
Value from remaining arguments:	False

-Confirm

Prompts you for confirmation before running the cmdlet.

Parameter properties

Type:	SwitchParameter
Default value:	None
Supports wildcards:	False
DontShow:	False
Aliases:	cf

Parameter sets

(All)

Position:	Named
Mandatory:	False
Value from pipeline:	False
Value from pipeline by property name:	False
Value from remaining arguments:	False

-DefaultAction

Specifies default action of network rule.

Parameter properties

Type:	Nullable<T>[PSKeyVaultNetworkRuleDefaultActionEnum]
Default value:	None
Accepted values:	Allow, Deny
Supports wildcards:	False
DontShow:	False

Parameter sets

(All)

Position:	Named
Mandatory:	False
Value from pipeline:	False
Value from pipeline by property name:	True
Value from remaining arguments:	False

-DefaultProfile

The credentials, account, tenant, and subscription used for communication with Azure.

Parameter properties

Type:	IAzureContextContainer
Default value:	None
Supports wildcards:	False
DontShow:	False
Aliases:	AzContext, AzureRmContext, AzureCredential

Parameter sets

(All)

Position:	Named
Mandatory:	False
Value from pipeline:	False
Value from pipeline by property name:	False
Value from remaining arguments:	False

-InputObject

KeyVault object

Parameter properties

Type:	PSKeyVault
Default value:	None
Supports wildcards:	False
DontShow:	False

Parameter sets

ByInputObject

Position:	0
Mandatory:	True
Value from pipeline:	True
Value from pipeline by property name:	False
Value from remaining arguments:	False

-IpAddressRange

Specifies allowed network IP address range of network rule.

Parameter properties

Type:	String[]
Default value:	None
Supports wildcards:	False
DontShow:	False

Parameter sets

(All)

Position:	Named
Mandatory:	False
Value from pipeline:	False
Value from pipeline by property name:	False
Value from remaining arguments:	False

-PassThru

This Cmdlet does not return an object by default. If this switch is specified, it returns the updated key vault object.

Parameter properties

Type:	SwitchParameter
Default value:	None
Supports wildcards:	False
DontShow:	False

Parameter sets

(All)

Position:	Named
Mandatory:	False
Value from pipeline:	False
Value from pipeline by property name:	False
Value from remaining arguments:	False

-ResourceGroupName

Specifies the name of the resource group associated with the key vault whose network rule is being modified.

Parameter properties

Type:	String
Default value:	None
Supports wildcards:	False
DontShow:	False

Parameter sets

ByVaultName

Position:	1
Mandatory:	False
Value from pipeline:	False
Value from pipeline by property name:	False
Value from remaining arguments:	False

-ResourceId

KeyVault Resource Id

Parameter properties

Type:	String
Default value:	None
Supports wildcards:	False
DontShow:	False

Parameter sets

ByResourceId

Position:	0
Mandatory:	True
Value from pipeline:	False
Value from pipeline by property name:	True
Value from remaining arguments:	False

-SubscriptionId

The ID of the subscription. By default, cmdlets are executed in the subscription that is set in the current context. If the user specifies another subscription, the current cmdlet is executed in the subscription specified by the user. Overriding subscriptions only take effect during the lifecycle of the current cmdlet. It does not change the subscription in the context, and does not affect subsequent cmdlets.

Parameter properties

Type:	String
Default value:	None
Supports wildcards:	False
DontShow:	False

Parameter sets

(All)

Position:	Named
Mandatory:	False
Value from pipeline:	False
Value from pipeline by property name:	True
Value from remaining arguments:	False

-VaultName

Specifies the name of a key vault whose network rule is being modified.

Parameter properties

Type:	String
Default value:	None
Supports wildcards:	False
DontShow:	False

Parameter sets

ByVaultName

Position:	0
Mandatory:	True
Value from pipeline:	False
Value from pipeline by property name:	False
Value from remaining arguments:	False

-VirtualNetworkResourceId

Specifies allowed virtual network resource identifier of network rule.

Parameter properties

Type:	String[]
Default value:	None
Supports wildcards:	False
DontShow:	False

Parameter sets

(All)

Position:	Named
Mandatory:	False
Value from pipeline:	False
Value from pipeline by property name:	False
Value from remaining arguments:	False

-WhatIf

Shows what would happen if the cmdlet runs. The cmdlet is not run.

Parameter properties

Type:	SwitchParameter
Default value:	None
Supports wildcards:	False
DontShow:	False
Aliases:	wi

Parameter sets

(All)

Position:	Named
Mandatory:	False
Value from pipeline:	False
Value from pipeline by property name:	False
Value from remaining arguments:	False

CommonParameters

This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable, -ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.

Share via

Update-AzKeyVaultNetworkRuleSet

Syntax

ByVaultName (Default)

ByInputObject

ByResourceId

Description

Examples

Example 1

Example 2

Parameters

-Bypass

Parameter properties

Parameter sets

-Confirm

Parameter properties

Parameter sets

-DefaultAction

Parameter properties

Parameter sets

-DefaultProfile

Parameter properties

Parameter sets

-InputObject

Parameter properties

Parameter sets

-IpAddressRange

Parameter properties

Parameter sets

-PassThru

Parameter properties

Parameter sets

-ResourceGroupName

Parameter properties

Parameter sets

-ResourceId

Parameter properties

Parameter sets

-SubscriptionId

Parameter properties

Parameter sets

-VaultName

Parameter properties

Parameter sets

-VirtualNetworkResourceId

Parameter properties

Parameter sets

-WhatIf

Parameter properties

Parameter sets

CommonParameters

Inputs

PSKeyVault

String

Nullable<T>

Nullable<T>

Outputs

PSKeyVault

Feedback