Reputation: 23
Azure Key Vault: Secret versions lifetime
Im currently implementing a solution where we are going to store secrets once an hour. It will be the same secret that is updated, or rather we will call SetSecret, since UpdateSecret wont allow us to update the value of the secret. Since Seting a secret with an existing name creates a new version of the same, they will all have an expiry date.
The questions i got is as follows:
- Are there any native retention logic for versions. Ex, removed after a certain time if expired/Removed when there is x amount of versions?
- If not, is there any max count for versions?
- Does it count towards some storage limit?
Manually deleting versions is not possible, so a possible solution will ofcource be to sometimes remove the secret. But this is a step i would like to skip since it will add more complexity if native retention of secrets is supported.
Cheers!
Upvotes: 1
Views: 5213
Answers (1)
Reputation: 326
There is no native retention logic within key vault and all the versions will remain in key vault.
There is no limit on the maximum number of versions of a particular secret.
No, it will not be counted towards any storage limit as well.
Upvotes: 3
Related Questions
- Is there a way to restore or promote an older version of a secret?
- TLS version used in Azure key vault
- Azure key vault license
- Azure Key vault basic
- Azure Key Vault - How to update the secrets
- Azure Key Vault Secrets Query
- Access Azure Key Vault secret without a SecretVersion
- How to clear expiration date from Azure Key Vault secret?
- Azure key vault key/secret versioning
- Azure Key-vault Encryption