import type { TokenCredential } from "@azure/core-auth"; import { logger } from "./logger.js"; import type { PageSettings, PagedAsyncIterableIterator } from "@azure/core-paging"; import type { PollOperationState, PollerLike } from "@azure/core-lro"; import type { DeletionRecoveryLevel } from "./models/models.js"; import { KnownDeletionRecoveryLevel } from "./models/models.js"; import type { BackupKeyOptions, BeginDeleteKeyOptions, BeginRecoverDeletedKeyOptions, CreateEcKeyOptions, CreateKeyOptions, CreateOctKeyOptions, CreateRsaKeyOptions, CryptographyClientOptions, CryptographyOptions, DeletedKey, GetCryptographyClientOptions, GetDeletedKeyOptions, GetKeyAttestationOptions, GetKeyOptions, GetKeyRotationPolicyOptions, GetRandomBytesOptions, ImportKeyOptions, JsonWebKey, KeyAttestation, KeyClientOptions, KeyExportEncryptionAlgorithm, KeyOperation, KeyPollerOptions, KeyProperties, KeyReleasePolicy, KeyRotationLifetimeAction, KeyRotationPolicy, KeyRotationPolicyAction, KeyRotationPolicyProperties, KeyType, KeyVaultKey, ListDeletedKeysOptions, ListPropertiesOfKeyVersionsOptions, ListPropertiesOfKeysOptions, PurgeDeletedKeyOptions, ReleaseKeyOptions, ReleaseKeyResult, RestoreKeyBackupOptions, RotateKeyOptions, UpdateKeyPropertiesOptions, UpdateKeyRotationPolicyOptions } from "./keysModels.js"; import { KnownKeyOperations } from "./keysModels.js"; import { CryptographyClient } from "./cryptographyClient.js"; import type { AesCbcDecryptParameters, AesCbcEncryptParameters, AesCbcEncryptionAlgorithm, AesGcmDecryptParameters, AesGcmEncryptParameters, AesGcmEncryptionAlgorithm, DecryptOptions, DecryptParameters, DecryptResult, EncryptOptions, EncryptParameters, EncryptResult, EncryptionAlgorithm, KeyCurveName, KeyWrapAlgorithm, RsaDecryptParameters, RsaEncryptParameters, RsaEncryptionAlgorithm, SignOptions, SignResult, SignatureAlgorithm, UnwrapKeyOptions, UnwrapResult, VerifyDataOptions, VerifyOptions, VerifyResult, WrapKeyOptions, WrapResult } from "./cryptographyClientModels.js"; import { KnownKeyExportEncryptionAlgorithm, KnownEncryptionAlgorithms, KnownKeyTypes, KnownKeyCurveNames, KnownSignatureAlgorithms } from "./cryptographyClientModels.js"; import type { KeyVaultKeyIdentifier } from "./identifier.js"; import { parseKeyVaultKeyIdentifier } from "./identifier.js"; export { type CryptographyClientOptions, type KeyClientOptions, type BackupKeyOptions, type CreateEcKeyOptions, type CreateKeyOptions, type CreateRsaKeyOptions, type CreateOctKeyOptions, CryptographyClient, type CryptographyOptions, type RsaEncryptionAlgorithm, type RsaDecryptParameters, type AesGcmEncryptionAlgorithm, type AesGcmDecryptParameters, type AesCbcEncryptionAlgorithm, type AesCbcDecryptParameters, type DecryptParameters, type DecryptOptions, type DecryptResult, type DeletedKey, type DeletionRecoveryLevel, KnownDeletionRecoveryLevel, type RsaEncryptParameters, type AesGcmEncryptParameters, type AesCbcEncryptParameters, type EncryptParameters, type EncryptOptions, type EncryptResult, type GetDeletedKeyOptions, type GetKeyAttestationOptions, type GetKeyOptions, type GetRandomBytesOptions, type ImportKeyOptions, type JsonWebKey, type KeyAttestation, type KeyCurveName, KnownKeyCurveNames, KnownKeyExportEncryptionAlgorithm, type EncryptionAlgorithm, KnownEncryptionAlgorithms, type KeyOperation, KnownKeyOperations, type KeyType, KnownKeyTypes, type KeyPollerOptions, type BeginDeleteKeyOptions, type BeginRecoverDeletedKeyOptions, type KeyProperties, type SignatureAlgorithm, KnownSignatureAlgorithms, type KeyVaultKey, type KeyWrapAlgorithm, type ListPropertiesOfKeysOptions, type ListPropertiesOfKeyVersionsOptions, type ListDeletedKeysOptions, type PageSettings, type PagedAsyncIterableIterator, type KeyVaultKeyIdentifier, parseKeyVaultKeyIdentifier, type PollOperationState, type PollerLike, type PurgeDeletedKeyOptions, type RestoreKeyBackupOptions, type RotateKeyOptions, type SignOptions, type SignResult, type UnwrapKeyOptions, type UnwrapResult, type UpdateKeyPropertiesOptions, type VerifyOptions, type VerifyDataOptions, type VerifyResult, type WrapKeyOptions, type WrapResult, type ReleaseKeyOptions, type ReleaseKeyResult, type KeyReleasePolicy, type KeyExportEncryptionAlgorithm, type GetCryptographyClientOptions, type KeyRotationPolicyAction, type KeyRotationPolicyProperties, type KeyRotationPolicy, type KeyRotationLifetimeAction, type UpdateKeyRotationPolicyOptions, type GetKeyRotationPolicyOptions, logger, }; /** * The KeyClient provides methods to manage {@link KeyVaultKey} in the * Azure Key Vault. The client supports creating, retrieving, updating, * deleting, purging, backing up, restoring and listing KeyVaultKeys. The * client also supports listing {@link DeletedKey} for a soft-delete enabled Azure Key * Vault. */ export declare class KeyClient { /** * The base URL to the vault */ readonly vaultUrl: string; /** * A reference to the auto-generated Key Vault HTTP client. */ private readonly client; /** * A reference to the credential that was used to construct this client. * Later used to instantiate a {@link CryptographyClient} with the same credential. */ private readonly credential; /** * Creates an instance of KeyClient. * * Example usage: * ```ts snippet:ReadmeSampleCreateClient * import { DefaultAzureCredential } from "@azure/identity"; * import { KeyClient } from "@azure/keyvault-keys"; * * const credential = new DefaultAzureCredential(); * * // Build the URL to reach your key vault * const vaultName = ""; * const url = `https://${vaultName}.vault.azure.net`; // or `https://${vaultName}.managedhsm.azure.net` for managed HSM. * * // Lastly, create our keys client and connect to the service * const client = new KeyClient(url, credential); * ``` * @param vaultUrl - the URL of the Key Vault. It should have this shape: `https://${your-key-vault-name}.vault.azure.net`. You should validate that this URL references a valid Key Vault or Managed HSM resource. See https://aka.ms/azsdk/blog/vault-uri for details. * @param credential - An object that implements the `TokenCredential` interface used to authenticate requests to the service. Use the \@azure/identity package to create a credential that suits your needs. * @param pipelineOptions - Pipeline options used to configure Key Vault API requests. Omit this parameter to use the default pipeline configuration. */ constructor(vaultUrl: string, credential: TokenCredential, pipelineOptions?: KeyClientOptions); /** * The create key operation can be used to create any key type in Azure Key Vault. If the named key * already exists, Azure Key Vault creates a new version of the key. It requires the keys/create * permission. * * Example usage: * ```ts snippet:ReadmeSampleCreateKey * import { DefaultAzureCredential } from "@azure/identity"; * import { KeyClient } from "@azure/keyvault-keys"; * * const credential = new DefaultAzureCredential(); * * const vaultName = ""; * const url = `https://${vaultName}.vault.azure.net`; * * const client = new KeyClient(url, credential); * * const keyName = "MyKeyName"; * const result = await client.createKey(keyName, "RSA"); * console.log("result: ", result); * ``` * Creates a new key, stores it, then returns key parameters and properties to the client. * @param name - The name of the key. * @param keyType - The type of the key. One of the following: 'EC', 'EC-HSM', 'RSA', 'RSA-HSM', 'oct'. * @param options - The optional parameters. */ createKey(name: string, keyType: KeyType, options?: CreateKeyOptions): Promise; /** * The createEcKey method creates a new elliptic curve key in Azure Key Vault. If the named key * already exists, Azure Key Vault creates a new version of the key. It requires the keys/create * permission. * * Example usage: * ```ts snippet:ReadmeSampleCreateEcKey * import { DefaultAzureCredential } from "@azure/identity"; * import { KeyClient } from "@azure/keyvault-keys"; * * const credential = new DefaultAzureCredential(); * * const vaultName = ""; * const url = `https://${vaultName}.vault.azure.net`; * * const client = new KeyClient(url, credential); * * const keyName = "MyKeyName"; * const result = await client.createEcKey(keyName, { curve: "P-256" }); * console.log("result: ", result); * ``` * Creates a new key, stores it, then returns key parameters and properties to the client. * @param name - The name of the key. * @param options - The optional parameters. */ createEcKey(name: string, options?: CreateEcKeyOptions): Promise; /** * The createRSAKey method creates a new RSA key in Azure Key Vault. If the named key * already exists, Azure Key Vault creates a new version of the key. It requires the keys/create * permission. * * Example usage: * ```ts snippet:ReadmeSampleCreateRsaKey * import { DefaultAzureCredential } from "@azure/identity"; * import { KeyClient } from "@azure/keyvault-keys"; * * const credential = new DefaultAzureCredential(); * * const vaultName = ""; * const url = `https://${vaultName}.vault.azure.net`; * * const client = new KeyClient(url, credential); * * const keyName = "MyKeyName"; * const result = await client.createRsaKey("MyKey", { keySize: 2048 }); * console.log("result: ", result); * ``` * Creates a new key, stores it, then returns key parameters and properties to the client. * @param name - The name of the key. * @param options - The optional parameters. */ createRsaKey(name: string, options?: CreateRsaKeyOptions): Promise; /** * The createOctKey method creates a new OCT key in Azure Key Vault. If the named key * already exists, Azure Key Vault creates a new version of the key. It requires the keys/create * permission. * * Example usage: * ```ts snippet:ReadmeSampleCreateOctKey * import { DefaultAzureCredential } from "@azure/identity"; * import { KeyClient } from "@azure/keyvault-keys"; * * const credential = new DefaultAzureCredential(); * * const vaultName = ""; * const url = `https://${vaultName}.vault.azure.net`; * * const client = new KeyClient(url, credential); * * const keyName = "MyKeyName"; * const result = await client.createOctKey("MyKey", { hsm: true }); * console.log("result: ", result); * ``` * Creates a new key, stores it, then returns key parameters and properties to the client. * @param name - The name of the key. * @param options - The optional parameters. */ createOctKey(name: string, options?: CreateOctKeyOptions): Promise; /** * The import key operation may be used to import any key type into an Azure Key Vault. If the * named key already exists, Azure Key Vault creates a new version of the key. This operation * requires the keys/import permission. * * Example usage: * ```ts snippet:ReadmeSampleImportKey * import { DefaultAzureCredential } from "@azure/identity"; * import { KeyClient } from "@azure/keyvault-keys"; * * const credential = new DefaultAzureCredential(); * * const vaultName = ""; * const url = `https://${vaultName}.vault.azure.net`; * * const client = new KeyClient(url, credential); * * const jsonWebKey = { * kty: "RSA", * kid: "test-key-123", * use: "sig", * alg: "RS256", * n: new Uint8Array([112, 34, 56, 98, 123, 244, 200, 99]), * e: new Uint8Array([1, 0, 1]), * d: new Uint8Array([45, 67, 89, 23, 144, 200, 76, 233]), * p: new Uint8Array([34, 89, 100, 77, 204, 56, 29, 77]), * q: new Uint8Array([78, 99, 201, 45, 188, 34, 67, 90]), * dp: new Uint8Array([23, 45, 78, 56, 200, 144, 32, 67]), * dq: new Uint8Array([12, 67, 89, 144, 99, 56, 23, 45]), * qi: new Uint8Array([78, 90, 45, 201, 34, 67, 120, 55]), * }; * * const result = await client.importKey("MyKey", jsonWebKey); * ``` * Imports an externally created key, stores it, and returns key parameters and properties * to the client. * @param name - Name for the imported key. * @param key - The JSON web key. * @param options - The optional parameters. */ importKey(name: string, key: JsonWebKey, options?: ImportKeyOptions): Promise; /** * Gets a {@link CryptographyClient} for the given key. * * Example usage: * ```ts snippet:ReadmeSampleGetCryptographyClient * import { DefaultAzureCredential } from "@azure/identity"; * import { KeyClient } from "@azure/keyvault-keys"; * * const credential = new DefaultAzureCredential(); * * const vaultName = ""; * const url = `https://${vaultName}.vault.azure.net`; * * const client = new KeyClient(url, credential); * * // Get a cryptography client for a given key * const cryptographyClient = client.getCryptographyClient("MyKey"); * ``` * @param name - The name of the key used to perform cryptographic operations. * @param version - Optional version of the key used to perform cryptographic operations. * @returns - A {@link CryptographyClient} using the same options, credentials, and http client as this {@link KeyClient} */ getCryptographyClient(keyName: string, options?: GetCryptographyClientOptions): CryptographyClient; /** * The delete operation applies to any key stored in Azure Key Vault. Individual versions * of a key can not be deleted, only all versions of a given key at once. * * This function returns a Long Running Operation poller that allows you to wait indefinitely until the key is deleted. * * This operation requires the keys/delete permission. * * Example usage: * ```ts snippet:ReadmeSampleDeleteKey * import { DefaultAzureCredential } from "@azure/identity"; * import { KeyClient } from "@azure/keyvault-keys"; * * const credential = new DefaultAzureCredential(); * * const vaultName = ""; * const url = `https://${vaultName}.vault.azure.net`; * * const client = new KeyClient(url, credential); * * const keyName = "MyKeyName"; * * const poller = await client.beginDeleteKey(keyName); * await poller.pollUntilDone(); * ``` * Deletes a key from a specified key vault. * @param name - The name of the key. * @param options - The optional parameters. */ beginDeleteKey(name: string, options?: BeginDeleteKeyOptions): Promise, DeletedKey>>; /** * The updateKeyProperties method changes specified properties of an existing stored key. Properties that * are not specified in the request are left unchanged. The value of a key itself cannot be * changed. This operation requires the keys/set permission. * * Example usage: * ```ts snippet:ReadmeSampleUpdateKeyProperties * import { DefaultAzureCredential } from "@azure/identity"; * import { KeyClient } from "@azure/keyvault-keys"; * * const credential = new DefaultAzureCredential(); * * const vaultName = ""; * const url = `https://${vaultName}.vault.azure.net`; * * const client = new KeyClient(url, credential); * * const keyName = "MyKeyName"; * * const result = await client.createKey(keyName, "RSA"); * await client.updateKeyProperties(keyName, result.properties.version, { * enabled: false, * }); * ``` * Updates the properties associated with a specified key in a given key vault. * @param name - The name of the key. * @param keyVersion - The version of the key. * @param options - The optional parameters. */ updateKeyProperties(name: string, keyVersion: string, options?: UpdateKeyPropertiesOptions): Promise; /** * The updateKeyProperties method changes specified properties of the latest version of an existing stored key. Properties that * are not specified in the request are left unchanged. The value of a key itself cannot be * changed. This operation requires the keys/set permission. * * Example usage: * ```ts snippet:ReadmeSampleUpdateKeyProperties * import { DefaultAzureCredential } from "@azure/identity"; * import { KeyClient } from "@azure/keyvault-keys"; * * const credential = new DefaultAzureCredential(); * * const vaultName = ""; * const url = `https://${vaultName}.vault.azure.net`; * * const client = new KeyClient(url, credential); * * const keyName = "MyKeyName"; * * const result = await client.createKey(keyName, "RSA"); * await client.updateKeyProperties(keyName, result.properties.version, { * enabled: false, * }); * ``` * Updates the properties associated with a specified key in a given key vault. * @param name - The name of the key. * @param keyVersion - The version of the key. * @param options - The optional parameters. */ updateKeyProperties(name: string, options?: UpdateKeyPropertiesOptions): Promise; /** * Standardizes an overloaded arguments collection for the updateKeyProperties method. * * @param args - The arguments collection. * @returns - The standardized arguments collection. */ private disambiguateUpdateKeyPropertiesArgs; /** * The getKey method gets a specified key and is applicable to any key stored in Azure Key Vault. * This operation requires the keys/get permission. * * Example usage: * ```ts snippet:ReadmeSampleGetKey * import { DefaultAzureCredential } from "@azure/identity"; * import { KeyClient } from "@azure/keyvault-keys"; * * const credential = new DefaultAzureCredential(); * * const vaultName = ""; * const url = `https://${vaultName}.vault.azure.net`; * * const client = new KeyClient(url, credential); * * const keyName = "MyKeyName"; * * const latestKey = await client.getKey(keyName); * console.log(`Latest version of the key ${keyName}: `, latestKey); * * const specificKey = await client.getKey(keyName, { version: latestKey.properties.version! }); * console.log(`The key ${keyName} at the version ${latestKey.properties.version!}: `, specificKey); * ``` * Get a specified key from a given key vault. * @param name - The name of the key. * @param options - The optional parameters. */ getKey(name: string, options?: GetKeyOptions): Promise; /** * The getKeyAttestation method gets a specified key and its attestation blob and is applicable to any key stored in Azure Key Vault Managed HSM. * This operation requires the keys/get permission. * * Example usage: * ```ts snippet:ReadmeSampleGetKeyAttestation * import { DefaultAzureCredential } from "@azure/identity"; * import { KeyClient } from "@azure/keyvault-keys"; * * const credential = new DefaultAzureCredential(); * * const vaultName = ""; * const url = `https://${vaultName}.managedhsm.azure.net`; * * const client = new KeyClient(url, credential); * * const keyName = "MyKeyName"; * * const latestKey = await client.getKeyAttestation(keyName); * console.log(`Latest version of the key ${keyName}: `, latestKey); * * const specificKey = await client.getKeyAttestation(keyName, { * version: latestKey.properties.version!, * }); * console.log(`The key ${keyName} at the version ${latestKey.properties.version!}: `, specificKey); * ``` * Get a specified key from a given key vault. * @param name - The name of the key. * @param options - The optional parameters. */ getKeyAttestation(name: string, options?: GetKeyAttestationOptions): Promise; /** * The getDeletedKey method returns the specified deleted key along with its properties. * This operation requires the keys/get permission. * * Example usage: * ```ts snippet:ReadmeSampleGetDeletedKey * import { DefaultAzureCredential } from "@azure/identity"; * import { KeyClient } from "@azure/keyvault-keys"; * * const credential = new DefaultAzureCredential(); * * const vaultName = ""; * const url = `https://${vaultName}.vault.azure.net`; * * const client = new KeyClient(url, credential); * * const keyName = "MyKeyName"; * * await client.getDeletedKey(keyName); * ``` * Gets the specified deleted key. * @param name - The name of the key. * @param options - The optional parameters. */ getDeletedKey(name: string, options?: GetDeletedKeyOptions): Promise; /** * The purge deleted key operation removes the key permanently, without the possibility of * recovery. This operation can only be enabled on a soft-delete enabled vault. This operation * requires the keys/purge permission. * * Example usage: * ```ts snippet:ReadmeSamplePurgeDeletedKey * import { DefaultAzureCredential } from "@azure/identity"; * import { KeyClient } from "@azure/keyvault-keys"; * * const credential = new DefaultAzureCredential(); * * const vaultName = ""; * const url = `https://${vaultName}.vault.azure.net`; * * const client = new KeyClient(url, credential); * * const keyName = "MyKeyName"; * * const deletePoller = await client.beginDeleteKey(keyName); * await deletePoller.pollUntilDone(); * * await client.purgeDeletedKey(keyName); * ``` * Permanently deletes the specified key. * @param name - The name of the key. * @param options - The optional parameters. */ purgeDeletedKey(name: string, options?: PurgeDeletedKeyOptions): Promise; /** * Recovers the deleted key in the specified vault. This operation can only be performed on a * soft-delete enabled vault. * * This function returns a Long Running Operation poller that allows you to wait indefinitely until the deleted key is recovered. * * This operation requires the keys/recover permission. * * Example usage: * ```ts snippet:ReadmeSampleRecoverDeletedKey * import { DefaultAzureCredential } from "@azure/identity"; * import { KeyClient } from "@azure/keyvault-keys"; * * const credential = new DefaultAzureCredential(); * * const vaultName = ""; * const url = `https://${vaultName}.vault.azure.net`; * * const client = new KeyClient(url, credential); * * const keyName = "MyKeyName"; * * const deletePoller = await client.beginDeleteKey(keyName); * await deletePoller.pollUntilDone(); * * const recoverPoller = await client.beginRecoverDeletedKey(keyName); * const recoveredKey = await recoverPoller.pollUntilDone(); * ``` * Recovers the deleted key to the latest version. * @param name - The name of the deleted key. * @param options - The optional parameters. */ beginRecoverDeletedKey(name: string, options?: BeginRecoverDeletedKeyOptions): Promise, DeletedKey>>; /** * Requests that a backup of the specified key be downloaded to the client. All versions of the * key will be downloaded. This operation requires the keys/backup permission. * * Example usage: * ```ts snippet:ReadmeSampleBackupKey * import { DefaultAzureCredential } from "@azure/identity"; * import { KeyClient } from "@azure/keyvault-keys"; * * const credential = new DefaultAzureCredential(); * * const vaultName = ""; * const url = `https://${vaultName}.vault.azure.net`; * * const client = new KeyClient(url, credential); * * const keyName = "MyKeyName"; * * const backupContents = await client.backupKey(keyName); * ``` * Backs up the specified key. * @param name - The name of the key. * @param options - The optional parameters. */ backupKey(name: string, options?: BackupKeyOptions): Promise; /** * Restores a backed up key, and all its versions, to a vault. This operation requires the * keys/restore permission. * * Example usage: * ```ts snippet:ReadmeSampleRestoreKeyBackup * import { DefaultAzureCredential } from "@azure/identity"; * import { KeyClient } from "@azure/keyvault-keys"; * * const credential = new DefaultAzureCredential(); * * const vaultName = ""; * const url = `https://${vaultName}.vault.azure.net`; * * const client = new KeyClient(url, credential); * * const keyName = "MyKeyName"; * * const backupContents = await client.backupKey(keyName); * * const key = await client.restoreKeyBackup(backupContents); * ``` * Restores a backed up key to a vault. * @param backup - The backup blob associated with a key bundle. * @param options - The optional parameters. */ restoreKeyBackup(backup: Uint8Array, options?: RestoreKeyBackupOptions): Promise; /** * Gets the requested number of bytes containing random values from a managed HSM. * This operation requires the managedHsm/rng permission. * * Example usage: * ```ts snippet:ReadmeSampleGetRandomBytes * import { DefaultAzureCredential } from "@azure/identity"; * import { KeyClient } from "@azure/keyvault-keys"; * * const credential = new DefaultAzureCredential(); * * const vaultName = ""; * const url = `https://${vaultName}.vault.azure.net`; * * const client = new KeyClient(url, credential); * * const bytes = await client.getRandomBytes(10); * ``` * @param count - The number of bytes to generate between 1 and 128 inclusive. * @param options - The optional parameters. */ getRandomBytes(count: number, options?: GetRandomBytesOptions): Promise; /** * Rotates the key based on the key policy by generating a new version of the key. This operation requires the keys/rotate permission. * * Example usage: * ```ts snippet:ReadmeSampleKeyRotation * import { DefaultAzureCredential } from "@azure/identity"; * import { KeyClient } from "@azure/keyvault-keys"; * * const credential = new DefaultAzureCredential(); * * const vaultName = ""; * const url = `https://${vaultName}.vault.azure.net`; * * const client = new KeyClient(url, credential); * * const keyName = "MyKeyName"; * * // Set the key's automated rotation policy to rotate the key 30 days before expiry. * const policy = await client.updateKeyRotationPolicy(keyName, { * lifetimeActions: [ * { * action: "Rotate", * timeBeforeExpiry: "P30D", * }, * ], * // You may also specify the duration after which any newly rotated key will expire. * // In this case, any new key versions will expire after 90 days. * expiresIn: "P90D", * }); * * // You can get the current key rotation policy of a given key by calling the getKeyRotationPolicy method. * const currentPolicy = await client.getKeyRotationPolicy(keyName); * * // Finally, you can rotate a key on-demand by creating a new version of the given key. * const rotatedKey = await client.rotateKey(keyName); * ``` * * @param name - The name of the key to rotate. * @param options - The optional parameters. */ rotateKey(name: string, options?: RotateKeyOptions): Promise; /** * Releases a key from a managed HSM. * * The release key operation is applicable to all key types. The operation requires the key to be marked exportable and the keys/release permission. * * Example usage: * ```ts snippet:ReadmeSampleReleaseKey * import { DefaultAzureCredential } from "@azure/identity"; * import { KeyClient } from "@azure/keyvault-keys"; * * const credential = new DefaultAzureCredential(); * * const vaultName = ""; * const url = `https://${vaultName}.vault.azure.net`; * * const client = new KeyClient(url, credential); * * const keyName = "MyKeyName"; * * const result = await client.releaseKey("myKey", ""); * ``` * * @param name - The name of the key. * @param targetAttestationToken - The attestation assertion for the target of the key release. * @param options - The optional parameters. */ releaseKey(name: string, targetAttestationToken: string, options?: ReleaseKeyOptions): Promise; /** * Gets the rotation policy of a Key Vault Key. * By default, all keys have a policy that will notify 30 days before expiry. * * This operation requires the keys/get permission. * Example usage: * ```ts snippet:ReadmeSampleGetKeyRotationPolicy * import { DefaultAzureCredential } from "@azure/identity"; * import { KeyClient } from "@azure/keyvault-keys"; * * const credential = new DefaultAzureCredential(); * * const vaultName = ""; * const url = `https://${vaultName}.vault.azure.net`; * * const client = new KeyClient(url, credential); * * const keyName = "MyKeyName"; * * const result = await client.getKeyRotationPolicy(keyName); * ``` * * @param keyName - The name of the key. * @param options - The optional parameters. */ getKeyRotationPolicy(keyName: string, options?: GetKeyRotationPolicyOptions): Promise; /** * Updates the rotation policy of a Key Vault Key. * This operation requires the keys/update permission. * * Example usage: * ```ts snippet:ReadmeSampleUpdateKeyRotationPolicy * import { DefaultAzureCredential } from "@azure/identity"; * import { KeyClient } from "@azure/keyvault-keys"; * * const credential = new DefaultAzureCredential(); * * const vaultName = ""; * const url = `https://${vaultName}.vault.azure.net`; * * const client = new KeyClient(url, credential); * * const keyName = "MyKeyName"; * * const myPolicy = await client.getKeyRotationPolicy(keyName); * * const setPolicy = await client.updateKeyRotationPolicy(keyName, myPolicy); * ``` * * @param keyName - The name of the key. * @param policyProperties - The {@link KeyRotationPolicyProperties} for the policy. * @param options - The optional parameters. */ updateKeyRotationPolicy(keyName: string, policy: KeyRotationPolicyProperties, options?: UpdateKeyRotationPolicyOptions): Promise; /** * Iterates all versions of the given key in the vault. The full key identifier, properties, and tags are provided * in the response. This operation requires the keys/list permission. * * Example usage: * ```ts snippet:ReadmeSampleListKeys * import { DefaultAzureCredential } from "@azure/identity"; * import { KeyClient } from "@azure/keyvault-keys"; * * const credential = new DefaultAzureCredential(); * * const vaultName = ""; * const url = `https://${vaultName}.vault.azure.net`; * * const client = new KeyClient(url, credential); * * const keyName = "MyKeyName"; * * for await (const keyProperties of client.listPropertiesOfKeys()) { * console.log("Key properties: ", keyProperties); * } * * for await (const deletedKey of client.listDeletedKeys()) { * console.log("Deleted: ", deletedKey); * } * * for await (const versionProperties of client.listPropertiesOfKeyVersions(keyName)) { * console.log("Version properties: ", versionProperties); * } * ``` * @param name - Name of the key to fetch versions for * @param options - The optional parameters. */ listPropertiesOfKeyVersions(name: string, options?: ListPropertiesOfKeyVersionsOptions): PagedAsyncIterableIterator; /** * Iterates the latest version of all keys in the vault. The full key identifier and properties are provided * in the response. No values are returned for the keys. This operations requires the keys/list permission. * * Example usage: * ```ts snippet:ReadmeSampleListKeys * import { DefaultAzureCredential } from "@azure/identity"; * import { KeyClient } from "@azure/keyvault-keys"; * * const credential = new DefaultAzureCredential(); * * const vaultName = ""; * const url = `https://${vaultName}.vault.azure.net`; * * const client = new KeyClient(url, credential); * * const keyName = "MyKeyName"; * * for await (const keyProperties of client.listPropertiesOfKeys()) { * console.log("Key properties: ", keyProperties); * } * * for await (const deletedKey of client.listDeletedKeys()) { * console.log("Deleted: ", deletedKey); * } * * for await (const versionProperties of client.listPropertiesOfKeyVersions(keyName)) { * console.log("Version properties: ", versionProperties); * } * ``` * List all keys in the vault * @param options - The optional parameters. */ listPropertiesOfKeys(options?: ListPropertiesOfKeysOptions): PagedAsyncIterableIterator; /** * Iterates the deleted keys in the vault. The full key identifier and properties are provided * in the response. No values are returned for the keys. This operations requires the keys/list permission. * * Example usage: * ```ts snippet:ReadmeSampleListKeys * import { DefaultAzureCredential } from "@azure/identity"; * import { KeyClient } from "@azure/keyvault-keys"; * * const credential = new DefaultAzureCredential(); * * const vaultName = ""; * const url = `https://${vaultName}.vault.azure.net`; * * const client = new KeyClient(url, credential); * * const keyName = "MyKeyName"; * * for await (const keyProperties of client.listPropertiesOfKeys()) { * console.log("Key properties: ", keyProperties); * } * * for await (const deletedKey of client.listDeletedKeys()) { * console.log("Deleted: ", deletedKey); * } * * for await (const versionProperties of client.listPropertiesOfKeyVersions(keyName)) { * console.log("Version properties: ", versionProperties); * } * ``` * List all keys in the vault * @param options - The optional parameters. */ listDeletedKeys(options?: ListDeletedKeysOptions): PagedAsyncIterableIterator; } //# sourceMappingURL=index.d.ts.map