Cmdlets

Choose a cmdlet from the list on the left or search for a specific cmdlet. Choose a cmdlet from the list or search for a specific cmdlet.
About Help  Providers
 

Set-AzureKeyVaultSecretAttribute

Set-AzureKeyVaultSecretAttribute

microsoft.azure.commands.keyvault.dll

Synopsis

Updates attributes of a secret in a vault.

Syntax

Set-AzureKeyVaultSecretAttribute [-VaultName] [-Name] [-Version] [-ContentType] [-Enable] [-Expires] [-NotBefore] [-PassThru] [-Profile] [-Tags] [<CommonParameters>]

Detailed Description

The Set-AzureKeyVaultSecretAttribute cmdlet updates editable attributes of a secret in an Azure Key Vault.

Parameters

-ContentType <String>

Specifies the content type of a secret. If you do not specify this parameter, there is no change to the current secret's content type. To remove the existing content type, specify an empty string.

Aliases

none

Required?

false

Position

named

Default value

none

Accept pipeline input?

true(ByPropertyName)

Accept wildcard characters?

false

-Enable <Boolean>

Indicates whether to enable a secret. Specify $False to disable a secret, or $True to enable a secret. If you do not specify this parameter, there is no change to the current secret’s enabled or disabled state.

Aliases

none

Required?

false

Position

named

Default value

none

Accept pipeline input?

false

Accept wildcard characters?

false

-Expires <DateTime>

Specifies the date and time that a secret expires.

Aliases

none

Required?

false

Position

named

Default value

none

Accept pipeline input?

true(ByPropertyName)

Accept wildcard characters?

false

-Name <String>

Specifies the name of a secret. This cmdlet constructs the fully qualified domain name (FQDN) of a secret based on the name that this parameter specifies, the name of the vault, and your current environment.

Aliases

SecretName

Required?

true

Position

2

Default value

none

Accept pipeline input?

true(ByPropertyName)

Accept wildcard characters?

false

-NotBefore <DateTime>

Specifies the Coordinated Universal Time (UTC) before which the secret can't be used. If you do not specify this parameter, there is no change to the current secret's NotBefore attribute.

Aliases

none

Required?

false

Position

named

Default value

none

Accept pipeline input?

true(ByPropertyName)

Accept wildcard characters?

false

-PassThru <SwitchParameter>

Returns an object representing the item with which you are working. By default, this cmdlet does not generate any output.

Aliases

none

Required?

false

Position

named

Default value

none

Accept pipeline input?

false

Accept wildcard characters?

false

-Profile <AzureProfile>

Specifies the Azure profile from which this cmdlet reads. If you do not specify a profile, this cmdlet reads from the local default profile.

Aliases

none

Required?

false

Position

named

Default value

none

Accept pipeline input?

false

Accept wildcard characters?

false

-Tags <Hashtable>

Specifies a hash table that represents tags for a secret. If you do not specify this parameter, there is no change to the current secret's tags. To remove a tag, specify an empty hash table. For more information about resource tags, see Using tags to organize your Azure resources (http://go.microsoft.com/fwlink/?LinkId=613624).

Aliases

none

Required?

false

Position

named

Default value

none

Accept pipeline input?

true(ByPropertyName)

Accept wildcard characters?

false

-VaultName <String>

Specifies the name of the vault to modify. This cmdlet constructs the FQDN of a vault based on the name that this parameter specifies, and your currently selected environment.

Aliases

none

Required?

true

Position

1

Default value

none

Accept pipeline input?

true(ByPropertyName)

Accept wildcard characters?

false

-Version <String>

Specifies the version of a secret. This cmdlet constructs the FQDN of a secret based on the vault name, your currently selected environment, the secret name, and the secret version.

Aliases

SecretVersion

Required?

false

Position

3

Default value

none

Accept pipeline input?

true(ByPropertyName)

Accept wildcard characters?

false

Input Type

string, bool?, DateTime?, string[], Hashtable, SwitchParameter

Return Type

Return Microsoft.Azure.Commands.KeyVault.Models.Secret object if PassThru is specified. Otherwise, return nothing.

Notes

None

Examples

Example 1: Modify the attributes of a secret

The first four commands define attributes for the expiry date, the NotBefore date, tags, and context type, and store the attributes in variables.

The final command modifies the attributes for the secret named HR in the vault named ContosoVault, using the stored variables.

PS C:\>$Expires = (Get-Date).AddYears(2).ToUniversalTime()
PS C:\> $Nbf = (Get-Date).ToUniversalTime()
PS C:\> $Tags = @{ "Severity" = "medium"; "HR" = null}
PS C:\> $ContentType= "xml"  
PS C:\> Set-AzureKeyVaultSecretAttribute -VaultName "ContosoVault" -Name "HR" -Expires $Expires -NotBefore $Nbf -ContentType $ContentType -Enable $True -Tags $Tags -PassThru

Example 2: Delete the tags and content type for a secret

This command deletes the tags and the content type for the specified version of the secret named HR in the vault named Contoso.

PS C:\>Set-AzureKeyVaultSecretAttribute -VaultName "ContosoVault" -Name "HR" -Version "9EEA45C6EE50490B9C3176A80AC1A0DF" -ContentType "" -Tags -@{}

Example 3: Disable the current version of secrets whose name begins with IT

The first command stores the string value Contoso in the $Vault variable.

The second command stores the string value IT in the $Prefix variable.

The third command uses the Get-AzureKeyVaultSecret cmdlet to get the secrets in the specified vault, and then passes those secrets to the Where-Object cmdlet. The Where-Object cmdlet filters the secrets for names that begin with the characters IT. The command pipes the secrets that match the filter to the Set-AzureKeyVaultSecretAttribute cmdlet, which disables them.

PS C:\>$Vault = "ContosoVault"
PS C:\> $Prefix = "IT"
PS C:\> Get-AzureKeyVaultSecret $Vault | Where-Object {$_.Name -like $Prefix + '*'} | Set-AzureKeyVaultSecretAttribute -Enable $False

Example 4: Set the ContentType for all versions of a secret

The first three commands define string variables to use for the VaultName, Name, and ContentType parameters. The fourth command uses the Get-AzureKeyVaultKey cmdlet to get the specified keys, and pipes the keys to the Set-AzureKeyVaultSecretAttribute cmdlet to set their content type to XML.

PS C:\>$VaultName = "ContosoVault"
PS C:\> $Name = "HR"
PS C:\> $ContentType = "xml"
PS C:\> Get-AzureKeyVaultKey -VaultName $VaultName -Name $Name -IncludeVersions | Set-AzureKeyVaultSecretAttribute -ContentType $ContentType

Online Version
Get-AzureKeyVaultKey
Get-AzureKeyVaultSecret
Remove-AzureKeyVaultSecret
Set-AzureKeyVaultSecretAttribute