Updating KeyVault fails due to missing SoftDelete setting
See original GitHub issueIt appears the examples that update KeyVault fail at https://github.com/Azure/azure-libraries-for-net/tree/master/Samples/Sql fail due to SoftDelete
not set. More precisely, the error message is
“The provided Key Vault uri ‘https://tenant.vault.azure.net/keys/database/guid’ is not valid. Please ensure the vault has the right Recovery Level other than ‘Purgeable’.'”,
as describred at http://www.bradleyschacht.com/bring-your-own-key-to-azure-sql-database-tde/ in section Troubleshooting
. It doesn’t appear there is currently a setting for this.
Related to https://github.com/Azure/azure-libraries-for-net/issues/309.
The libraries and their versions:
- Microsoft.Azure.KeyVault, version 2.3.2
- Microsoft.Azure.Management.Fluent, version 1.9.1
- WindowsAzure.Storage, version 9.1.1
Issue Analytics
- State:
- Created 5 years ago
- Comments:5 (2 by maintainers)
Top Results From Across the Web
Common key vault errors in Azure Application Gateway
This article identifies key vault-related problems, and helps you resolve them for smooth operations of Application Gateway.
Read more >Disable soft delete on Azure key vault - Microsoft Q&A
Hi, 1- How can we disable SOFT DELETE on key vault which is enabled automatically? 2- How can we change the retention period...
Read more >Unable to enable soft delete on Key Vault via ARM Template
I'm attempting to enable soft delete on a pre-existing Key Vault via a ARM template (The KV was provisioned using ARM).
Read more >how to disable soft delete in key vault terraform
If a secret is deleted and the key vault does not have soft-delete protection, it is deleted permanently. Although users can currently opt...
Read more >Permanently delete a Key Vault in Azure using PowerShell
Soft-delete is a Key Vault feature that allows us to recover deleted keys, secrets, and certificates, as well as the entire set of...
Read more >Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start FreeTop Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Top GitHub Comments
@veikkoeeva I’m glad to hear it helped 😃 The full fix is in code review and should be part of the next release.
@veikkoeeva Thank you so much for reporting this issue. I have a fix for this and we will release it in the next couple weeks.
Meanwhile if you are looking for a work around after the Lay vault is created you can try to set the “soft delete” property via the “Inner” property then call “Update()” on the Key Vault object. Here’s the simplified code sequence:
IVault vault = await azure.Vaults.Define(VaultName) ..... .Create(); vault.Inner.Properties.EnableSoftDelete = true; vault.Update() .Apply();