AZURE KEY VAULT PORTAL - ManageDeletedSecrets is not visible on portal

Question

Hi All,

We are using Azure key vaults to store our application secrets but have suddenly stopped getting the option to purge the deleted secrets "ManageDeletedSecrets" on Azure Portal.

We have soft delete enabled and access policy as well have the purge level access for users.

Appreciate any help.

Answer 1

Hi @Simmy Kamboj
Thank you for reaching Microsoft Q&A Forum!

If I understand correctly, you noticed that manage Deleted Secrets option is missing in your keyvault. May I know have the soft-delete protection enabled on the key vault? you can check this in keyvault overview page

Can you please share the location where the Key Vault has been created. In order to get this option user needs the following permissions (at subscription level) to perform operations on soft-deleted vaults: If you are still unable to see the manage deleted secrets option you can use Azure CLI (secrets) as a workaround.

Answer 2

Hi, hope you're all doing well! So, I’ve hit a bit of a snag with Azure Key Vault. Suddenly, the option to purge deleted secrets (Manage Deleted Secrets) has gone MIA on the Azure Portal. We’ve got soft delete enabled, and the access policies are set up with purge-level access for users, so this is kinda weird.

So lets see what we have now - feature missing: the "Purge" option for deleted secrets is no longer visible in the Azure Portal.

if current Setup soft delete is enabled. Access policies include purge permissions for users.

Portal UI Glitch, sometimes the Azure Portal UI can act up and hide options.

Try clearing your browser cache or using a different browser/incognito mode. If that doesn’t work, use Azure CLI or PowerShell to purge the secrets. Even though you’ve set purge permissions, there might be a misconfiguration or role assignment issue. Check the access policies or role assignments: Go to Key Vault > Access Policies and ensure the user/group has the Purge permission.

Alternatively, assign the Key Vault Contributor or Key Vault Administrator role to the user.

If soft delete was accidentally disabled, the purge option won’t be available.Verify that soft delete is enabled:

Go to Key Vault > Properties and ensure Soft Delete is turned on.

If it’s disabled, you’ll need to re-enable it ....this requires a support ticket if it was previously disabled

Deleted secrets are retained for a minimum of 7 days (up to 90 days). If the secret was deleted very recently, the purge option might not show up until the retention period is over wait for the retention period to elapse or use Azure CLI/PS to force purge.

Azure CLI /PS workaround,if the portal isn’t cooperating, you can use CLI or PowerShell to purge deleted secrets:

for Azure CLI:

az keyvault secret purge --vault-name <vault-name> --name <secret-name>

for PS:

Remove-AzKeyVaultSecret -VaultName <vault-name> -Name <secret-name> -InRemovedState -Force

Try to clear your browser cache or try a different browser. Verify soft delete is enabled and purge permissions are correctly assigned. Azure CLI or PS to purge the secrets if the portal option is still missing.

If none of this works, it might be worth raising a support ticket with Azure to investigate further. Let me know how it goes!

rgds

alex

Answer 3

I had the same issue, but the "Manage deleted secrets" button has now returned (Feb 18).