Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Question
Thursday, January 17, 2019 3:02 PM
Hi,
I am unable to find a way to permanent deletion of Soft deleted key Vault or disable soft delete for the key vault.
Could someone help me with the command or doc for disabling the Soft delete?
All replies (5)
Thursday, January 17, 2019 6:51 PM âś…Answered
Hi Pardhasaradhi ,
Once soft delete is enabled for Azure Key Vault you cannot disable the soft-delete as it's implemented as a one-way operation and cannot be changed back once enabled. However, You can use the PowerShell cmdlet Remove-AzureRmKeyVault command with the option -InRemovedState and by specifying the location of the deleted key vault with the -Location argument to permanently delete or purge the Azure Key Vault. If you want to permanently delete a key or secret you need to use Remove-AzureKeyVaultKey and Remove-AzureKeyVaultSecret with -InRemovedState parameter. Please refer to How to use Key Vault soft-delete with PowerShell for details.
You can also achieve the same using the Azure CLI. Refer to How to use Key Vault soft-delete with CLI for details.
Friday, January 18, 2019 12:11 PM
Thanks, Saurabh.
It's working but how can I remove the one which is enabled with vaultPurge.
Wednesday, January 23, 2019 6:55 AM
sorry but what do you mean by vaultpurge ?
Wednesday, February 6, 2019 6:27 PM
I mean EnablePurgeProtection
Wednesday, August 28, 2019 1:17 PM
I have an issue permanently deleting a protected key vault. As a test I created several vaults with soft delete and purge protection enabled. Now, I need to test the script more but I am unable to provision the key vault because it says it already exists. Additionally I try to remove the vault but get this error. How do I rectify?
VERBOSE: Performing the operation "Purge vault" on target "S1TestVault.
Remove-azkeyvault : Operation 'DeletedVaultPurge' is not allowed.
At line:1 char:34
- ... ovedState | Remove-azkeyvault -InRemovedState -Location 'East US' -Co ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : CloseError: (:) [Remove-AzKeyVault], CloudException
+ FullyQualifiedErrorId : Microsoft.Azure.Commands.KeyVault.RemoveAzureKeyVault