[BUG] SecretClient.GetPropertiesOfSecrets() returns deleted secrets
See original GitHub issueDescribe the bug
We’re using the Azure.Security.KeyVault.Certificates
v4.0.0 SDK to retrieve secrets from Azure Key Vault and find deleted managed secrets in the result. The SecretProperties
class doesn’t provide any properties that relate to the deletion status of the secret.
Also, we find it quite confusing that the SecretClient.GetPropertiesOfSecrets()
API considers certificate entries as managed secrets; it isn’t obvious from the documentation either and caught us off guard.
Expected behavior
We’re expecting the SecretClient.GetPropertiesOfSecrets()
API to return a list of secrets (managed and unmanaged) without deleted entries; alternatively, the SecretProperties
class sould provide properties that relate to the deletion status of the secret.
Actual behavior (include Exception or Stack Trace) Deleted entries are included in the result.
To Reproduce Create and soft delete a managed certificate in Azure Key Vault, then run the following code snippet:
var client = new SecretClient(vaultUri, new ClientSecretCredential(tenantID, clientID, clientSecret));
var properties = client.GetPropertiesOfSecrets(token).OrderBy(p => p.Name).ToList();
Environment:
- Azure.Security.KeyVault.Certificates v4.0.0
- Windows 10, Azure AppService
- Visual Studio 16.4.5, .NET 4.7.2
Issue Analytics
- State:
- Created 4 years ago
- Comments:13 (4 by maintainers)
Top GitHub Comments
Solution is deployed.
akv engineering team will triage