如何禁用密钥库中的清除保护? [英] How can we disable Purge Protection in Key vault?

问题描述

我已经启用了密钥库的清除保护和软删除功能，现在我想禁用它.有什么方法可以禁用清除保护吗?

I have enabled the purge protection and soft delete on key vault, now i want to disable it . Is there any way to disable purge protection ?

我已经通过Terraform创建了密钥库

I have created the key vault through terraform

推荐答案

无法禁用清除保护

按设计，吹扫保护是不可逆的.否则黑客无需删除即可恢复您的密钥库.

It is as designed, purge protection is irreversible. Otherwise hacker would be able to delete your key vault without option to recover.

参考: https://github.com/Azure/azure-rest-api-specs/issues/8075

还请注意，默认情况下，软删除将在明年开始启用

Also make note that soft delete will be enabled by default starting next year

突破性变化:选择退出软删除的能力为到年底已弃用，软删除保护将自动为所有关键文件库打开.Azure Key Vault用户管理员应对其密钥库启用软删除立即.

Breaking Change: The ability to opt out of soft-delete will be deprecated by the end of the year and soft-delete protection will automatically be turned on for all key vaults. Azure Key Vault users and administrators should enable soft-delete on their key vaults immediately.

引用: https://docs.microsoft.com/en-us/azure/key-vault/general/soft-delete-change

这篇关于如何禁用密钥库中的清除保护?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！