CODEWITHSUNDEEP
powershellazure-devopsazure-keyvaultazure-cliterraform-provider-azure
Mukteswar Patnaik
Mukteswar Patnaik

Reputation: 113

Disabling Older Versions of Secrets in Azure KeyVault

Is there a way to Disable the Older Versions of Secrets , leaving only the latest version of secret enabled in a Azure keyVault.

I have huge number of secrets and every secret has multiple older version still enabled.

Can someone suggest a way or a #PowerShell / #AzureCLI / #Terraform way to do it in one go.

Upvotes: 1

Views: 4065

Answers (3)

Tony
Tony

Reputation: 2754

This works in PowerShell 7 with module Az.KeyVault v4.10.2.

Firstly, it creates a list of secrets in the vault. Secondly, it looks for prior versions for each secret. It skips the most recent version and then disables any older ones.

$vault = 'vaultname'
$secrets = ( Get-AzKeyVaultSecret -vaultName $vault | Select-Object Name ).Name

ForEach ( $secret in $secrets ) {
   Get-AzKeyVaultSecret -vaultName $vault -name $secret -IncludeVersions | 
      Sort-Object Created -Descending | 
      Select-Object -Skip 1 | 
         ForEach-Object { 
            Set-AzKeyVaultSecretAttribute -vaultName $_.VaultName -name $_.Name -Version $_.Version -Enable $False 
         }
}

Upvotes: 2

Cristina Carrasco
Cristina Carrasco

Reputation: 713

This can be done selenium style using vanilla JavaScript. You can run this code in the browser console:

(
    () => {
            var intervalId = setInterval(()=>{
            var enableList = $('span:contains("Enabled")');
            console.log(enableList);
            if(enableList.length > 1){
                var secondEelement = enableList[1];
                console.log(secondEelement);
                secondEelement.dispatchEvent(new MouseEvent('contextmenu', { bubbles : true }));
                setTimeout(()=>{
                    $('li[role="menuitem"]').click();
                },1000);
            }
            else
            {
                clearInterval(intervalId);
            }
        },1500);
    }
)();

Time interval can be modified if you want it to run faster.

Give it a try if you want.

Upvotes: 0

ShrutiJoshi-MT
ShrutiJoshi-MT

Reputation: 1823

On workarounds you can disable the older version of secrets through the azure portal only

1) Go to the portal select the your key vault and select the secret

enter image description here

enter image description here

2) After selecting secret -> right click on secret --> disable

enter image description here

Upvotes: 3

Related Questions