I know how to enable soft delete (https://docs.microsoft.com/en-us/azure/key-vault/key-vault-ovw-soft-delete) via template deployment when creating a KeyVault. How can I turn this feature on on an existing KeyVault that has been deployed without soft delete being enabled?
3
votes
1 Answers
4
votes
It is of course possible to adjust the template to include the enablement of soft-delete by adding the key-value pair "enableSoftDelete": true to the properties section of the KeyVault resource (see also: Link).
If you want to enable it outside the scope of a template deployment it is possible via manipulating the resource e.g. by using PowerShell:
$vaultName = "keyVaultName1"
($resource = Get-AzureRmResource -ResourceId (Get-AzureRmKeyVault -VaultName $vaultName).ResourceId).Properties | Add-Member -MemberType "NoteProperty" -Name "enableSoftDelete" -Value "true"
Set-AzureRmResource -resourceid $resource.ResourceId -Properties $resource.Properties
Found here: Link
