16 строки
9.7 KiB
YAML
16 строки
9.7 KiB
YAML
### YamlMime:JavaPackage
|
|
uid: "com.azure.security.keyvault.keys"
|
|
fullName: "com.azure.security.keyvault.keys"
|
|
name: "com.azure.security.keyvault.keys"
|
|
summary: "[Azure Key Vault][] is a cloud-based service provided by Microsoft Azure that allows users to securely store and manage cryptographic keys used for encrypting and decrypting data.\n\n\n[Azure Key Vault]: https://learn.microsoft.com/azure/key-vault/general/"
|
|
classes:
|
|
- "com.azure.security.keyvault.keys.KeyAsyncClient"
|
|
- "com.azure.security.keyvault.keys.KeyClient"
|
|
- "com.azure.security.keyvault.keys.KeyClientBuilder"
|
|
enums:
|
|
- "com.azure.security.keyvault.keys.KeyServiceVersion"
|
|
desc: "[Azure Key Vault][] is a cloud-based service provided by Microsoft Azure that allows users to securely store and manage cryptographic keys used for encrypting and decrypting data. It is a part of Azure Key Vault, which is a cloud-based service for managing cryptographic keys, secrets, and certificates.\n\nAzure Key Vault Keys provides a centralized and highly secure key management solution, allowing you to protect your keys and control access to them. It eliminates the need for storing keys in code or configuration files, reducing the risk of exposure and unauthorized access.\n\nWith Azure Key Vault Keys, you can perform various operations on cryptographic keys, such as creating keys, importing existing keys, generating key pairs, encrypting data using keys, and decrypting data using keys. The service supports various key types and algorithms, including symmetric keys, asymmetric keys, and Elliptic Curve Cryptography (ECC) keys.\n\nThe Azure Key Vault Keys client library allows developers to interact with the Azure Key Vault service from their applications. The library provides a set of APIs that enable developers to securely create keys, import existing keys, delete keys, retrieving key metadata, encrypting and decrypting data using keys, and signing and verifying signatures using keys.\n\n**Key Concepts:**\n\nWhat is a Key Client?\n\nThe key client performs the interactions with the Azure Key Vault service for getting, setting, updating, deleting, and listing keys and its versions. Asynchronous (\\`KeyAsyncClient\\`) and synchronous (\\`KeyClient\\`) clients exist in the SDK allowing for the selection of a client based on an application's use case. Once you have initialized a key, you can interact with the primary resource types in Key Vault.\n\nWhat is an Azure Key Vault Key ?\n\nAzure Key Vault supports multiple key types (RSA and EC) and algorithms, and enables the use of Hardware Security Modules (HSM) for high value keys. In addition to the key material, the following attributes may be specified:\n\n * enabled: Specifies whether the key is enabled and usable for cryptographic operations.\n * notBefore: Identifies the time before which the key must not be used for cryptographic operations.\n * expires: Identifies the expiration time on or after which the key MUST NOT be used for cryptographic operations.\n * created: Indicates when this version of the key was created.\n * updated: Indicates when this version of the key was updated.\n\n## Getting Started ##\n\nIn order to interact with the Azure Key Vault service, you will need to create an instance of the <xref uid=\"com.azure.security.keyvault.keys.KeyClient\" data-throw-if-not-resolved=\"false\" data-raw-source=\"com.azure.security.keyvault.keys.KeyClient\"></xref> class, a vault url and a credential object.\n\nThe examples shown in this document use a credential object named DefaultAzureCredential for authentication, which is appropriate for most scenarios, including local development and production environments. Additionally, we recommend using a [ managed identity][managed identity] for authentication in production environments. You can find more information on different ways of authenticating and their corresponding credential types in the [ Azure Identity documentation\"][Azure Identity documentation].\n\n**Sample: Construct Synchronous Key Client**\n\nThe following code sample demonstrates the creation of a <xref uid=\"com.azure.security.keyvault.keys.KeyClient\" data-throw-if-not-resolved=\"false\" data-raw-source=\"com.azure.security.keyvault.keys.KeyClient\"></xref>, using the <xref uid=\"com.azure.security.keyvault.keys.KeyClientBuilder\" data-throw-if-not-resolved=\"false\" data-raw-source=\"com.azure.security.keyvault.keys.KeyClientBuilder\"></xref> to configure it.\n\n```java\nKeyClient keyClient = new KeyClientBuilder()\n .vaultUrl(\"<your-key-vault-url>\")\n .credential(new DefaultAzureCredentialBuilder().build())\n .buildClient();\n```\n\n**Sample: Construct Asynchronous Key Client**\n\nThe following code sample demonstrates the creation of a <xref uid=\"com.azure.security.keyvault.keys.KeyClient\" data-throw-if-not-resolved=\"false\" data-raw-source=\"com.azure.security.keyvault.keys.KeyClient\"></xref>, using the <xref uid=\"com.azure.security.keyvault.keys.KeyClientBuilder\" data-throw-if-not-resolved=\"false\" data-raw-source=\"com.azure.security.keyvault.keys.KeyClientBuilder\"></xref> to configure it.\n\n```java\nKeyAsyncClient keyAsyncClient = new KeyClientBuilder()\n .vaultUrl(\"<your-key-vault-url>\")\n .credential(new DefaultAzureCredentialBuilder().build())\n .buildAsyncClient();\n```\n\n\n--------------------\n\n## Create a Cryptographic Key ##\n\nThe <xref uid=\"com.azure.security.keyvault.keys.KeyClient\" data-throw-if-not-resolved=\"false\" data-raw-source=\"com.azure.security.keyvault.keys.KeyClient\"></xref> or <xref uid=\"com.azure.security.keyvault.keys.KeyAsyncClient\" data-throw-if-not-resolved=\"false\" data-raw-source=\"com.azure.security.keyvault.keys.KeyAsyncClient\"></xref> can be used to create a key in the key vault.\n\n**Synchronous Code Sample:**\n\nThe following code sample demonstrates how to synchronously create a cryptographic key in the key vault, using the <xref uid=\"com.azure.security.keyvault.keys.KeyClient.createKey(java.lang.String,com.azure.security.keyvault.keys.models.KeyType)\" data-throw-if-not-resolved=\"false\" data-raw-source=\"com.azure.security.keyvault.keys.KeyClient#createKey(java.lang.String, com.azure.security.keyvault.keys.models.KeyType)\"></xref> API.\n\n```java\nKeyVaultKey key = keyClient.createKey(\"keyName\", KeyType.EC);\n System.out.printf(\"Created key with name: %s and id: %s%n\", key.getName(), key.getId());\n```\n\n**Note:** For the asynchronous sample, refer to <xref uid=\"com.azure.security.keyvault.keys.KeyAsyncClient\" data-throw-if-not-resolved=\"false\" data-raw-source=\"com.azure.security.keyvault.keys.KeyAsyncClient\"></xref>.\n\n\n--------------------\n\n## Get a Cryptographic Key ##\n\nThe <xref uid=\"com.azure.security.keyvault.keys.KeyClient\" data-throw-if-not-resolved=\"false\" data-raw-source=\"com.azure.security.keyvault.keys.KeyClient\"></xref> or <xref uid=\"com.azure.security.keyvault.keys.KeyAsyncClient\" data-throw-if-not-resolved=\"false\" data-raw-source=\"com.azure.security.keyvault.keys.KeyAsyncClient\"></xref> can be used to retrieve a key from the key vault.\n\n**Synchronous Code Sample:**\n\nThe following code sample demonstrates how to synchronously retrieve a key from the key vault, using the <xref uid=\"com.azure.security.keyvault.keys.KeyClient.getKey(java.lang.String)\" data-throw-if-not-resolved=\"false\" data-raw-source=\"com.azure.security.keyvault.keys.KeyClient#getKey(java.lang.String)\"></xref> API.\n\n```java\nKeyVaultKey keyWithVersionValue = keyClient.getKey(\"keyName\");\n\n System.out.printf(\"Retrieved key with name: %s and: id %s%n\", keyWithVersionValue.getName(),\n keyWithVersionValue.getId());\n```\n\n**Note:** For the asynchronous sample, refer to <xref uid=\"com.azure.security.keyvault.keys.KeyAsyncClient\" data-throw-if-not-resolved=\"false\" data-raw-source=\"com.azure.security.keyvault.keys.KeyAsyncClient\"></xref>.\n\n\n--------------------\n\n## Delete a Cryptographic Key ##\n\nThe <xref uid=\"com.azure.security.keyvault.keys.KeyClient\" data-throw-if-not-resolved=\"false\" data-raw-source=\"com.azure.security.keyvault.keys.KeyClient\"></xref> or <xref uid=\"com.azure.security.keyvault.keys.KeyAsyncClient\" data-throw-if-not-resolved=\"false\" data-raw-source=\"com.azure.security.keyvault.keys.KeyAsyncClient\"></xref> can be used to delete a key from the key vault.\n\n**Synchronous Code Sample:**\n\nThe following code sample demonstrates how to synchronously delete a key from the key vault, using the <xref uid=\"com.azure.security.keyvault.keys.KeyClient.beginDeleteKey(java.lang.String)\" data-throw-if-not-resolved=\"false\" data-raw-source=\"com.azure.security.keyvault.keys.KeyClient#beginDeleteKey(java.lang.String)\"></xref> API.\n\n```java\nSyncPoller<DeletedKey, Void> deleteKeyPoller = keyClient.beginDeleteKey(\"keyName\");\n PollResponse<DeletedKey> deleteKeyPollResponse = deleteKeyPoller.poll();\n\n // Deleted date only works for SoftDelete Enabled Key Vault.\n DeletedKey deletedKey = deleteKeyPollResponse.getValue();\n\n System.out.printf(\"Key delete date: %s%n\", deletedKey.getDeletedOn());\n System.out.printf(\"Deleted key's recovery id: %s%n\", deletedKey.getRecoveryId());\n\n // Key is being deleted on the server.\n deleteKeyPoller.waitForCompletion();\n // Key is deleted\n```\n\n**Note:** For the asynchronous sample, refer to <xref uid=\"com.azure.security.keyvault.keys.KeyAsyncClient\" data-throw-if-not-resolved=\"false\" data-raw-source=\"com.azure.security.keyvault.keys.KeyAsyncClient\"></xref>.\n\n\n[Azure Key Vault]: https://learn.microsoft.com/azure/key-vault/general/\n[managed identity]: https://learn.microsoft.com/azure/active-directory/managed-identities-azure-resources/\n[Azure Identity documentation]: https://learn.microsoft.com/java/api/overview/azure/identity-readme?view=azure-java-stable"
|
|
metadata: {}
|
|
package: "com.azure.security.keyvault.keys"
|
|
artifact: com.azure:azure-security-keyvault-keys:4.8.7
|