Forum Discussion
Solved
Azure Key Vault Secret Versions
Hi Team, As I know, Key Vault does not support deleting specific versions of secrets. I am worry about performance: Key Vault does not restrict the number of versions on a secret, key or certi...
- Hello ugryczan
According to the official documention:
"Key Vault does not support the ability to backup more than 500 past versions of a key, secret, or certificate object."
So for my understanding the limit of 500 versons is by object ( a key, a secret, ...) but , they also mentioned potential consequences:
"Also consider the following consequences:
Backing up secrets that have multiple versions might cause time-out errors.
A backup creates a point-in-time snapshot. Secrets might renew during a backup, causing a mismatch of encryption keys.
If you exceed key vault service limits for requests per second, your key vault will be throttled, and the backup will fail."
As today, the backup mechanism for a KV is done by object and not for an entire KV, in my point of view, you can be impacted by the number of concurrent backup jobs that will be launched to backup all your objects with their incoming versions.
It's my understanding, maybe not the reality.
Hello ugryczan
According to the official documention:
"Key Vault does not support the ability to backup more than 500 past versions of a key, secret, or certificate object."
So for my understanding the limit of 500 versons is by object ( a key, a secret, ...) but , they also mentioned potential consequences:
"Also consider the following consequences:
Backing up secrets that have multiple versions might cause time-out errors.
A backup creates a point-in-time snapshot. Secrets might renew during a backup, causing a mismatch of encryption keys.
If you exceed key vault service limits for requests per second, your key vault will be throttled, and the backup will fail."
As today, the backup mechanism for a KV is done by object and not for an entire KV, in my point of view, you can be impacted by the number of concurrent backup jobs that will be launched to backup all your objects with their incoming versions.
It's my understanding, maybe not the reality.
According to the official documention:
"Key Vault does not support the ability to backup more than 500 past versions of a key, secret, or certificate object."
So for my understanding the limit of 500 versons is by object ( a key, a secret, ...) but , they also mentioned potential consequences:
"Also consider the following consequences:
Backing up secrets that have multiple versions might cause time-out errors.
A backup creates a point-in-time snapshot. Secrets might renew during a backup, causing a mismatch of encryption keys.
If you exceed key vault service limits for requests per second, your key vault will be throttled, and the backup will fail."
As today, the backup mechanism for a KV is done by object and not for an entire KV, in my point of view, you can be impacted by the number of concurrent backup jobs that will be launched to backup all your objects with their incoming versions.
It's my understanding, maybe not the reality.