Reputation: 23
Im currently implementing a solution where we are going to store secrets once an hour. It will be the same secret that is updated, or rather we will call SetSecret, since UpdateSecret wont allow us to update the value of the secret. Since Seting a secret with an existing name creates a new version of the same, they will all have an expiry date.
The questions i got is as follows:
Manually deleting versions is not possible, so a possible solution will ofcource be to sometimes remove the secret. But this is a step i would like to skip since it will add more complexity if native retention of secrets is supported.
Cheers!
Upvotes: 1
Views: 5213
Reputation: 326
There is no native retention logic within key vault and all the versions will remain in key vault.
There is no limit on the maximum number of versions of a particular secret.
No, it will not be counted towards any storage limit as well.
Upvotes: 3