Purging Azure Secrets
Use the post /v1/cckm/azure/secrets/{id}/hard-delete
to delete an Azure secret permanently.
Note
This operation can only be performed on the soft-deleted secrets residing in the soft-enabled vaults.
Syntax
curl -k '<IP>/api/v1/cckm/azure/secrets/{id}/hard-delete' -X POST -H 'Authorization: Bearer AUTHTOKEN' -H 'accept: application/json' --compressed
Here, {id}
is the resource ID of the secret on the CipherTrust Manager.
Request Parameter
Parameter | Type | Description |
---|---|---|
AUTHTOKEN | string | Authorization token. |
Example Request
curl -k 'https://127.0.0.1/api/v1/cckm/azure/secrets/beb06ea5-47a0-4d47-85c0-0a0e4f1a9531/hard-delete' -X POST -H 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiI1MDIzNTY1Yy0xOWI3LTQyY2UtODZmMi1jNWI3MTA1MTJhZjMiLCJzdWIiOiJsb2NhbHwwMWI4M2EwZS1mY2U1LTQ5MjgtODhiNi0zNTNkMmQ3ZTBiNDMiLCJpc3MiOiJreWxvIiwiYWNjIjoia3lsbyIsInByZWZlcnJlZF91c2VybmFtZSI6ImFkbWluIiwiY3VzdCI6eyJkb21haW5faWQiOiIwMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMDAwMDAwMDAwMDAiLCJncm91cHMiOlsiYWRtaW4iXSwic2lkIjoiZGJlNzU2MWYtZDVhOS00ZGEzLWJiZTEtNjlhMTg0Y2U3YzEzIiwiem9uZV9pZCI6IjAwMDAwMDAwLTAwMDAtMDAwMC0wMDAwLTAwMDAwMDAwMDAwMCJ9LCJqd3RpZCI6IjRmMGExN2Y0LWQxOGUtNGE5YS04ZWM2LTU1ZjI2ZjJjNTMzMiIsImlhdCI6MTYwMTQ2MTEwNiwiZXhwIjoxNjAxNDYxNDA2fQ.P_d2ngOq_AlxqXhfG-saEvQRYZCSzQbzR2S6Jzv6Ogs' -H 'accept: application/json' --compressed
Example Response
{
"id": "a5c277fc-16bb-4662-b6b6-29e76a1faa9b",
"uri": "kylo:kylo:cckm:azure-secret:secret-13-apr-01-a5c277fc-16bb-4662-b6b6-29e76a1faa9b",
"account": "kylo:kylo:admin:accounts:kylo",
"createdAt": "2022-04-13T05:04:16.337973Z",
"updatedAt": "2022-04-13T05:04:53.869535Z",
"key_vault": "secret-vault::260ecbe7-777b-4d3c-84ea-678820491234",
"key_vault_id": "62478c30-7b33-4ad1-92aa-62145af3f399",
"region": "northcentralus",
"deleted": true,
"backup_at": "2022-04-13T05:04:16.335995Z",
"soft_delete_enabled": true,
"secret_soft_deleted_in_azure": true,
"syncedAt": "2022-04-13T05:04:16Z",
"created_by": "a8f38993-aa49-4281-888c-52afd80af6b1",
"modified_by": "a8f38993-aa49-4281-888c-52afd80af6b1",
"version": "e4c3ec7abcda43158d1234b9d1bbfd62",
"backup": "ac796b0ce3ee491c92c2e9e84ea4e2bb789b1c780b6742f882aa318e1aac0b5c",
"secret_name": "secret-13-apr-01",
"cloud_name": "AzureCloud",
"azure_created_at": "2022-04-13T05:04:16Z",
"azure_updated_at": "2022-04-13T05:04:16Z",
"tenant": "d27e139e-e487-4b0e-abcd-a71e64567d10",
"status": "DELETED",
"gone": false,
"azure_param": {
"value": "secret value",
"id": "https://secret-vault.vault.azure.net/secrets/secret-13-apr-01/e4c3ec7abcda43158d1234b9d1bbfd62",
"attributes": {
"recoveryLevel": "Recoverable+Purgeable",
"enabled": true,
"created": 1649826256,
"updated": 1649826256
}
}
}
The sample output shows that the parameter status becomes DELETED
. This indicates that the secret is permanently deleted from the Azure vault.
Response Codes
Response Code | Description |
---|---|
2xx | Success |
4xx | Client errors |
5xx | Server errors |
Refer to HTTP status codes for details.