Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Updating KeyVault fails due to missing SoftDelete setting

See original GitHub issue

It appears the examples that update KeyVault fail at https://github.com/Azure/azure-libraries-for-net/tree/master/Samples/Sql fail due to SoftDelete not set. More precisely, the error message is

“The provided Key Vault uri ‘https://tenant.vault.azure.net/keys/database/guid’ is not valid. Please ensure the vault has the right Recovery Level other than ‘Purgeable’.'”,

as describred at http://www.bradleyschacht.com/bring-your-own-key-to-azure-sql-database-tde/ in section Troubleshooting. It doesn’t appear there is currently a setting for this.

The libraries and their versions:

Microsoft.Azure.KeyVault, version 2.3.2
Microsoft.Azure.Management.Fluent, version 1.9.1
WindowsAzure.Storage, version 9.1.1

Issue Analytics

State:
Created 5 years ago
Comments:5 (2 by maintainers)

Top GitHub Comments

1reaction

milismsftcommented, May 11, 2018

@veikkoeeva I’m glad to hear it helped 😃 The full fix is in code review and should be part of the next release.

1reaction

milismsftcommented, May 9, 2018

@veikkoeeva Thank you so much for reporting this issue. I have a fix for this and we will release it in the next couple weeks.

Meanwhile if you are looking for a work around after the Lay vault is created you can try to set the “soft delete” property via the “Inner” property then call “Update()” on the Key Vault object. Here’s the simplified code sequence:

IVault vault = await azure.Vaults.Define(VaultName) ..... .Create(); vault.Inner.Properties.EnableSoftDelete = true; vault.Update() .Apply();