Forum Discussion

nirmalmcse02's avatar
nirmalmcse02
Copper Contributor
Jan 27, 2021
Solved

Azure Policy for Key Vault Soft Delete Retention

Hi All,   Is there any Custom Azure Policy which we can use to enforce Azure Key vault Soft deletion retention period as per our Requirement.  By default its 90 days but we want to set as 10 for al...
  • ibnmbodji's avatar
    ibnmbodji
    Jan 29, 2021

    nirmalmcse02 

     

    There is no  builtin policy to do that and i would suggest to automate this in a declarative or imperative way ( Powershell or  Arm or another Infra as Code tool) . 

    By doing that  you will have config files with the right values and minimize the remediation tasks ( which are not applicable every time ) and the management overhead . Once you have done that you will simply customize a builtin policy to ensure that every deployment which have a value different from 10 will be denied . 

     

ibnmbodji's avatar
ibnmbodji
Steel Contributor
Jan 29, 2021

nirmalmcse02 

 

There is no  builtin policy to do that and i would suggest to automate this in a declarative or imperative way ( Powershell or  Arm or another Infra as Code tool) . 

By doing that  you will have config files with the right values and minimize the remediation tasks ( which are not applicable every time ) and the management overhead . Once you have done that you will simply customize a builtin policy to ensure that every deployment which have a value different from 10 will be denied .