Azure Keyvault is a well known component among which can be used to store secrets and certificates in a secure way.This post discusses the special feature called soft delete available with Azure Keyvault and how to purge soft deleted key vaults permanently.
Soft delete is a feature of Azure key vault which allows users recover the deleted -vaults or vault objects such as keys,secrets and certificates for the specified retention period. Minimum retention is 7 days and maximum is 90 and can be only set once for a key vault..Assume a situation where you have enabled the soft delete feature of the key vault and you deleted the vault. After that when you try to create a vault with the same name it gives an error mentioning soft deleted vault is available with the same name. Hence, you cannot create a new vault with the same name.
ERROR: Exist soft deleted vault with the same name
ERROR: Exist soft deleted vault with the same name
To overcome this issue, we need to purge the soft deleted vaults if you want to create a key vault in same name. Let's dicuss how to purge soft deleted vaults using Azure CLI commands. In this blog sample we are going to purge kv-proj2-test soft deleted key vault.
- Open PowerShell editor and login to the azure account using az login cli command
- If you have multiple subscriptions, select the relevant subscription using az account set --subscription <subscription name or id>
- List the soft deleted vaults to verify deleted key vault available in the soft deleted list using az keyvault list-deleted command
- We can see the vault kv-proj2-test available in the soft deleted list. Now let's try to purge it.
- Use az keyvault purge --name <name of the vault> command to purge the key vault.
After that you can check the soft deleted list to verify purged key vault no longer available in the soft deleted list. If the key vault successfully purged, you can create the key vault with the same name in azure.
In this blog, we have learned that if there is a soft deleted key vault, new key vault cannot be created with the same name. Hence, you need to purge the soft delete vault before create the new one with the same name. Further, we have learned how to permanently delete the soft deleted key vault using the Azure cli commands.
No comments:
Post a Comment