| services | platforms | author |
|---|---|---|
key-vault |
java |
tiffanyachen |
This sample repo includes sample code demonstrating how to utilize the soft delete and backup restore features of Azure Key Vault to backup, restore, recover, and purge deleted vaults, secrets, keys and certificates using the Azure Java SDK. Some common scenarios this repo intends to target are:
- Backing up and restoring key vault secrets and keys
- Enabling soft delete when creating a new key vault
- Enabling soft delete on an existing key vault
- Recovering or purging deleted vaults
- Recovering or purging of key vault secrets, keys, and certificates
BackupRestoreSample.java:
backupRestoreKey -- backs up a key vault key and restores it to another key vault
backupRestoreSecret -- backs up a key vault secret and restores it to another key vault
SoftDeleteSample.java:
createSoftDeleteEnabledVault -- creates a key vault which has soft delete enabled so that the vault as well as all of its keys,
certificates and secrets are recoverable
enableSoftDeleteOnExistingVault -- enables soft delete on an existing vault
deletedVaultRecovery -- a sample of enumerating, retrieving, recovering and purging deleted key vaults
deletedCertificateRecovery -- a sample of enumerating, retrieving, recovering and purging deleted certificates from a key vault
deletedKeyRecovery -- a sample of enumerating, retrieving, recovering and purging deleted keys from a key vault
deletedSecretRecovery -- a sample of enumerating, retrieving, recovering and purging deleted secrets from a key vault
- Java 1.7+
- An Azure Service Principal, through Azure CLI, PowerShell or Azure Portal.
-
If not installed, install Java.
-
Clone the repository.
git clone https://github.com/Azure-Samples/key-vault-java-authentication.git
-
Create an Azure service principal, using Azure CLI, PowerShell or Azure Portal. Note that if you wish to authenticate with the certificate authenticator the certificate should be saved locally.
-
Add the following values to the pom.xml in the configurations for the exec-maven-plugin.
<systemProperties>
<systemProperty>
<key>AZURE_TENANT_ID</key>
<value>{AZURE_TENANT_ID}</value>
</systemProperty>
<systemProperty>
<key>AZURE_CLIENT_ID</key>
<value>{AZURE_CLIENT_ID}</value>
</systemProperty>
<systemProperty>
<key>AZURE_CLIENT_SECRET</key>
<value>{AZURE_CLIENT_SECRET}</value>
</systemProperty>
<systemProperty>
<key>AZURE_OBJECT_ID</key>
<value>{AZURE_OBJECT_ID}</value>
</systemProperty>
<systemProperty>
<key>AZURE_RESOURCE_GROUP</key>
<value>{AZURE_RESOURCE_GROUP}</value>
</systemProperty>
<systemProperties>
AZURE_TENANT_ID, AZURE_CLIENT_ID, and AZURE_CLIENT_SECRET must be set for general Azure authentication.
- Run
mvn clean compile exec:javafor a full run-through.