Restoring Deleted Azure Secrets
Use the post /v1/cckm/azure/secrets/{id}/restore
to restore a purged Azure secret from backup. Only Azure secrets with the status DELETED can be restored from backup.
Syntax
curl -k '<IP>/api/v1/cckm/azure/secrets/{id}/restore' -X POST -H 'Authorization: Bearer AUTHTOKEN' -H 'Content-Type: application/json' -H 'accept: application/json' --data-binary $'{\n "key_vault": "<key-vault>"\n}' --compressed
Here, {id}
is the resource ID of the secret on the CipherTrust Manager.
Request Parameter
Parameter | Type | Description |
---|---|---|
AUTHTOKEN | string | Authorization token. |
key_vault | string | Name or ID of the Azure vault where the secret will be restored. By default, the secret will be restored to the vault from where it was deleted. |
Example Request
curl -k 'https://127.0.0.1/api/v1/cckm/azure/secrets/ad3d61f4-c627-41dd-a4f1-40e3d51b5ad2/restore' -X POST -H 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiI1MDIzNTY1Yy0xOWI3LTQyY2UtODZmMi1jNWI3MTA1MTJhZjMiLCJzdWIiOiJsb2NhbHwwMWI4M2EwZS1mY2U1LTQ5MjgtODhiNi0zNTNkMmQ3ZTBiNDMiLCJpc3MiOiJreWxvIiwiYWNjIjoia3lsbyIsInByZWZlcnJlZF91c2VybmFtZSI6ImFkbWluIiwiY3VzdCI6eyJkb21haW5faWQiOiIwMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMDAwMDAwMDAwMDAiLCJncm91cHMiOlsiYWRtaW4iXSwic2lkIjoiZGJlNzU2MWYtZDVhOS00ZGEzLWJiZTEtNjlhMTg0Y2U3YzEzIiwiem9uZV9pZCI6IjAwMDAwMDAwLTAwMDAtMDAwMC0wMDAwLTAwMDAwMDAwMDAwMCJ9LCJqd3RpZCI6IjRmMGExN2Y0LWQxOGUtNGE5YS04ZWM2LTU1ZjI2ZjJjNTMzMiIsImlhdCI6MTYwMTQ2MTEwNiwiZXhwIjoxNjAxNDYxNDA2fQ.P_d2ngOq_AlxqXhfG-saEvQRYZCSzQbzR2S6Jzv6Ogs' -H 'Content-Type: application/json' -H 'accept: application/json' --data-binary $'{\n "key_vault": "CCKM-Soft-Delete::260ecbe7-777b-4d3c-84ea-887620498863"\n}' --compressed
Example Response
{
"id": "ad3d61f4-c627-41dd-a4f1-40e3d51b5ad2",
"uri": "kylo:kylo:cckm:azure-secret:secret-05-may-04-ad3d61f4-c627-41dd-a4f1-40e3d51b5ad2",
"account": "kylo:kylo:admin:accounts:kylo",
"createdAt": "2022-05-05T08:31:46.39672Z",
"updatedAt": "2022-05-05T08:32:29.708827Z",
"key_vault": "CCKM-Soft-Delete::260ecbe7-777b-4d3c-84ea-887620498863",
"key_vault_id": "1b8b4131-f5fe-4cb8-a312-9c5c2b67ab16",
"region": "northcentralus",
"deleted": false,
"backup_at": "2022-05-05T08:31:50.840044Z",
"soft_delete_enabled": true,
"secret_soft_deleted_in_azure": false,
"syncedAt": "2022-05-05T08:31:45Z",
"created_by": "a8f38993-aa49-4281-888c-52afd80af6b1",
"modified_by": "a8f38993-aa49-4281-888c-52afd80af6b1",
"version": "1a0dcc14166c4ba79438d5b4a1e46781",
"backup": "8a3cae5c4c74417084523804e2b1acc3ef10ad60bfe54d0593972cbc6921b6e5",
"secret_name": "test-secret",
"cloud_name": "AzureCloud",
"azure_created_at": "2022-05-05T08:31:45Z",
"azure_updated_at": "2022-05-05T08:31:45Z",
"tenant": "d27d849e-e487-4b0e-a54c-a71e67687d10",
"status": "AVAILABLE",
"gone": false,
"azure_param": {
"value": "dummy value",
"id": "https://cckm-soft-delete.vault.azure.net/secrets/test-secret/1a0dcc14166c4ba79438d5b4a1e46781",
"attributes": {
"recoveryLevel": "Recoverable+Purgeable",
"enabled": true,
"created": 1651739505,
"updated": 1651739505
}
}
}
The sample output shows that the parameter status
becomes AVAILABLE
. This indicates that the secret is restored.
Response Codes
Response Code | Description |
---|---|
2xx | Success |
4xx | Client errors |
5xx | Server errors |
Refer to HTTP status codes for details.